/* user_online flag=md5(game_id+server_id+platform_id+time+key); user_role_info flag=md5(start_time+end_time+game_id+server_id+platform_id+time+key); user_upgrade flag=md5(start_time+end_time+game_id+server_id+platform_id+time+key); */ const string get_md5_str_user_online(map<string, string> & dictParams) { string ret; ret += get_dict_field(dictParams, "game_id"); ret += get_dict_field(dictParams, "server_id"); ret += get_dict_field(dictParams, "platform_id"); ret += get_dict_field(dictParams, "time"); return ret; }
bool CPlatApi::check_md5(const char* key, const char* pszReq, const char* apiName) { //pszReq: //port=123&suid=xxx×tamp=12345&sign=xxx&platid=111&plataccount=xxx&token=xxx map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); string str = make_md5_str(dictParams, apiName, key); //得到各自的md5 字符串 用于计算md5 const string& flag = get_dict_field(dictParams, "flag");//发过来的flag //检查md5是否匹配 //flag=md5("$suid&$timestamp&%key") { enum{ SIZE16 = 16,}; unsigned char szMd5[SIZE16]; MD5((unsigned char*)str.c_str(), str.size(), szMd5); char szKey[64]; memset(szKey, 0, sizeof(szKey)); for (int i=0; i<SIZE16; ++i) { char_to_sz(szMd5[i], szKey+2*i); } if (strcasecmp(szKey, flag.c_str()) != 0 ) { //md5签名不匹配,错误的请求 LogWarning("CPlatApi::check_md5", "apiName[%s], pszReq[%s], md5_str[%S],md5[%s],flag[%s]", apiName, pszReq, str.c_str(),szKey, flag.c_str()); return false; } } return true; }
const string get_md5_str_user_role_info(map<string, string> & dictParams) { string ret; ret += get_dict_field(dictParams, "start_time"); ret += get_dict_field(dictParams, "end_time"); ret += get_dict_field(dictParams, "game_id"); ret += get_dict_field(dictParams, "server_id"); ret += get_dict_field(dictParams, "platform_id"); ret += get_dict_field(dictParams, "time"); return ret; }
//校验请求是否正确 int CLogin4399::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { // if ( m_str_plat_name != (string)plat_name) // { // LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); // return ENUM_LOGIN_PLAT_NAME_ERROR; // } //port=123&suid=xxx×tamp=12345&sign=xxx&platid=111&plataccount=xxx&token=xxx //解析登录是否合法 map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); //校验客户端发来的loginapp端口是否在合法 //uLoginappPort = (uint16_t)atoi(get_dict_field(dictParams, "port").c_str()); //if(uLoginappPort < LOGINAPP_MIN_PORT || uLoginappPort > LOGINAPP_MAX_PORT) //{ // LogError("login_porterr", "req=%s", pszReq); // return ENUM_LOGIN_INNER_ERR; //} //loginapp端口改为读配置 //uint16_t unPortFromClient = (uint16_t)atoi(get_dict_field(dictParams, "port").c_str()); //平台的时间戳 const string& strTime = get_dict_field(dictParams, "timestamp"); int nTimestamp = atoi(strTime.c_str()); int nTimeNow = time(NULL); //比服务器时间滞后超过20分钟,或者超前多于5分钟算时间无效 if(nTimeNow > nTimestamp + 1200 || nTimestamp > nTimeNow + 300) { LogError("login_timeout", "req=%s", pszReq); return ENUM_LOGIN_TIME_ILLEGAL; } const string& strSuid = get_dict_field(dictParams, "suid"); const string& strSign = get_dict_field(dictParams, "sign"); //检查md5是否匹配 //flag=md5("$suid&$timestamp&%key") { std::ostringstream oss; oss << strSuid << '&' << strTime << '&' << this->get_cfg_value("key", sg_szLoginKey); const string& strOss = oss.str(); string __md5 = getmd5(strOss); if(strcasecmp(__md5.c_str(), strSign.c_str()) != 0 ) { //md5签名不匹配,错误的请求 return ENUM_LOGIN_SIGN_ILLEGAL; } } //到平台验证tocken是否正确 const string& strTocken = get_dict_field(dictParams, "tocken"); const string& strAccount = get_dict_field(dictParams, "plataccount"); { string resp = ""; string strUrl = this->get_cfg_value("url", sg_szVerifyUrl).append(strTocken); int ret = GetUrl_new(strUrl.c_str(), resp); if (ret != CURLE_OK) { LogWarning("login_urlerr", "ret=%d;req=%s", ret, pszReq); return ENUM_LOGIN_SERVER_BUSY; } Trim(resp); JsonHelper jsonhp(resp); int rst = 0; if (!jsonhp.GetJsonItem("code", rst)) { //平台返回字符串解析失败 LogWarning("login_jsonfailed", "json=%s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } if (rst != 1) { //结果码为1表示验证成功,其他值都是失败 LogWarning("login_verifyfailed", "rst=%d;req=%s", rst, pszReq); return ENUM_LOGIN_SDK_VERIFY_FAILED; } } //需要返回的参数值 strAccountGot.assign(strSuid); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }
//校验请求是否正确 int CLoginUC::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { if ( m_str_plat_name != (string)plat_name) { LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); return ENUM_LOGIN_PLAT_NAME_ERROR; } map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); const string& strSuid = get_dict_field(dictParams, "suid"); //账号 //到平台验证tocken是否正确 const string& strTocken = get_dict_field(dictParams, "tocken"); const string& strAccount = get_dict_field(dictParams, "plataccount"); string cfg_url = this->get_cfg_value("url", ""); string cfg_cpId = this->get_cfg_value("cpId", ""); string cfg_gameId = this->get_cfg_value("gameId", ""); string cfg_apiKey = this->get_cfg_value("apiKey", ""); string cfg_severId = this->get_cfg_value("severId", ""); string cfg_channelId = this->get_cfg_value("channelId", ""); { string resp = ""; ostringstream url_params; ostringstream pre_md5; //MD5(cpId+sid=...+apiKey) pre_md5 <<cfg_cpId.c_str() << "sid=" << strTocken.c_str() << cfg_apiKey.c_str(); string req_sign = getmd5(pre_md5.str()); url_params << "{\r\n"; url_params <<"\"id\":"<<time(NULL)<<",\r\n"; url_params <<"\"service\":\"ucid.user.sidInfo\",\r\n"; url_params <<"\"data\":{\"sid\":\""<< strTocken.c_str() << "\"},\r\n"; url_params <<"\"game\":{\"cpId\":"<< cfg_cpId.c_str() << ",\"gameId\":"<< cfg_gameId.c_str() <<",\"channelId\":\""<<cfg_channelId.c_str()<<"\",\"serverId\":"<<cfg_severId.c_str()<<"},\r\n"; url_params <<"\"sign\":\""<<req_sign.c_str()<<"\"\r\n"; url_params <<"}"; string req_url = cfg_url; int ret = http_post(req_url.c_str(), url_params.str().c_str(), resp); //这里是post请求 if (ret != CURLE_OK) { LogWarning("check_login", "ret=%d;req=%s, params=%s", ret, req_url.c_str(),url_params.str().c_str() ); return ENUM_LOGIN_SERVER_BUSY; } LogDebug("check_login", "http_post ok ret = %s, params=%s", resp.c_str(),url_params.str().c_str()); Trim(resp); JsonHelper jsonhp(resp); int state = 0; if (!jsonhp.GetJsonItem2("state", "code", state)) { LogWarning("parse json", "state.code not found in %s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } if (state != 1 ) { LogWarning("parse json", "state.code(%d) != 1 ", state); return ENUM_LOGIN_SDK_VERIFY_FAILED; } int ucid = 0; if (!jsonhp.GetJsonItem2("data", "ucid", ucid)) { LogWarning("parse json error", "data.ucid not found in %s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } ostringstream oss_ucid; oss_ucid<<ucid; //需要返回的参数值 strAccountGot.assign(oss_ucid.str()); } //strAccountGot.assign(oss_ucid.str()); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }
//校验请求是否正确 int CLoginDangle::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { if ( m_str_plat_name != (string)plat_name) { LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); return ENUM_LOGIN_PLAT_NAME_ERROR; } map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); const string& strSuid = get_dict_field(dictParams, "suid"); //账号 //到平台验证tocken是否正确 const string& strTocken = get_dict_field(dictParams, "tocken"); const string& strAccount = get_dict_field(dictParams, "plataccount"); string cfg_url = this->get_cfg_value("url", ""); string app_key = this->get_cfg_value("key", ""); int app_id = this->get_cfg_value("app_id", 0); { string resp = ""; string req_url = cfg_url; stringstream ss_pre_md5; stringstream ss_url_params; //MD5(token|mid) ss_pre_md5 << strTocken.c_str() << "|" <<app_key.c_str(); string req_sign = getmd5(ss_pre_md5.str().c_str()); //params ss_url_params << "?app_id=" << app_id << "&mid=" <<strSuid.c_str()<< "&token=" <<strTocken.c_str()<<"&sig="<< req_sign.c_str(); req_url += ss_url_params.str().c_str(); LogDebug("check_login", "plat :%s post url:%s params:%s", m_str_plat_name.c_str(), req_url.c_str(), ss_url_params.str().c_str()); int ret = GetUrl_new(req_url.c_str(), resp); //这里是get请求 if (ret != CURLE_OK) { LogWarning("check_login", "ret=%d;req=%s", ret, req_url.c_str()); return ENUM_LOGIN_SERVER_BUSY; } LogDebug("check_login", "http_post ok ret = %s", resp.c_str()); Trim(resp); JsonHelper jsonhp(resp); int rst = 0; if (!jsonhp.GetJsonItem("error_code", rst)) { //平台返回字符串解析失败 LogWarning("login_jsonfailed", "json=%s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } if (rst != 0) { //结果码为0表示验证成功,其他值都是失败 LogWarning("login_verifyfailed", "rst=%d;req=%s", rst, pszReq); return ENUM_LOGIN_SDK_VERIFY_FAILED; } } //需要返回的参数值 strAccountGot.assign(strSuid); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }
//校验请求是否正确 int CLogin91::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { if ( m_str_plat_name != (string)plat_name) { LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); return ENUM_LOGIN_PLAT_NAME_ERROR; } map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); const string& strSuid = get_dict_field(dictParams, "suid"); //账号 //到平台验证tocken是否正确 const string& strTocken = get_dict_field(dictParams, "tocken"); const string& strAccount = get_dict_field(dictParams, "plataccount"); string key_91 = this->get_cfg_value("key", ""); string cfg_url = this->get_cfg_value("url", ""); int app_id_91 = this->get_cfg_value("app_id", 1078); { string resp = ""; string req_url = cfg_url; stringstream ss_pre_md5; stringstream ss_url_params; int nAct = 4; //MD5(Act=3&AppId=1078&SessionId=d891b6f03f361128b10c69d440c92c34&Uin=1326&Version=1.07a123456789b123456789c123456789d1) //ss_pre_md5 << "Act=4&AppId=" << app_id_91 << "&SessionId=" <<strTocken.c_str() << "&Uin=" <<strSuid.c_str()<<"&Version=1.07"<< key_91.c_str(); ss_pre_md5 << app_id_91 << nAct << strSuid.c_str() << strTocken.c_str() << key_91.c_str(); string req_sign = getmd5(ss_pre_md5.str().c_str()); //?Act=3&AppId=1078&SessionId=d891b6f03f361128b10c69d440c92c34&Uin=1326&Version=1.07&Sign=090868eeaaf9ba3d8fcfecdeb1e6bc2e ss_url_params << "AppId=" << app_id_91 << "&Act="<<nAct << "&Uin=" <<strSuid.c_str() <<"&Sign="<< req_sign.c_str() << "&SessionId=" <<strTocken.c_str() ; LogDebug("check_login", "plat :%s post url:%s params:%s", m_str_plat_name.c_str(), req_url.c_str(), ss_url_params.str().c_str()); int ret = http_post(req_url.c_str(), ss_url_params.str().c_str(), resp); //这里是post请求 if (ret != CURLE_OK) { LogWarning("check_login", "ret=%d;req=%s, params=%s", ret, req_url.c_str(), ss_url_params.str().c_str()); return ENUM_LOGIN_SERVER_BUSY; } LogDebug("check_login", "http_post ok ret = %s", resp.c_str()); Trim(resp); JsonHelper jsonhp(resp); string rst ; if (!jsonhp.GetJsonItem("ErrorCode", rst)) { //平台返回字符串解析失败 LogWarning("login_jsonfailed", "json=%s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } if (rst != "1") { //结果码为"1"表示验证成功,其他值都是失败 LogWarning("login_verifyfailed", "rst=%s;req=%s", rst.c_str(), pszReq); return ENUM_LOGIN_SDK_VERIFY_FAILED; } } //需要返回的参数值 strAccountGot.assign(strSuid); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }
//校验请求是否正确 int CLoginDuokoo::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { if ( m_str_plat_name != (string)plat_name) { LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); return ENUM_LOGIN_PLAT_NAME_ERROR; } map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); const string& strSuid = get_dict_field(dictParams, "suid"); //账号 //到平台验证tocken是否正确 const string& strTocken = get_dict_field(dictParams, "tocken"); const string& strAccount = get_dict_field(dictParams, "plataccount"); string cfg_url = this->get_cfg_value("url", ""); int cfg_appid = this->get_cfg_value("appid", 0); string cfg_appkey = this->get_cfg_value("appkey", ""); string cfg_appsecret = this->get_cfg_value("appsecret", ""); { string resp = ""; string req_url = cfg_url; stringstream ss_pre_md5; stringstream ss_url_params; //strtolower(md5($appid$appkey$uid$sessionid$AppSecret)); ss_pre_md5 << cfg_appid << cfg_appkey.c_str() << strSuid.c_str() << cfg_appsecret.c_str(); string req_sign = getmd5(ss_pre_md5.str().c_str()); //?appid=3&AppId=1078&SessionId=d891b6f03f361128b10c69d440c92c34&Uin=1326&Version=1.07&Sign=090868eeaaf9ba3d8fcfecdeb1e6bc2e ss_url_params << "?appid=" << cfg_appid << "&appkey=" <<cfg_appkey.c_str() << "&uid=" <<strSuid.c_str()<<"&sessionid="<< strTocken.c_str() <<"&clientsecret=" <<req_sign.c_str(); req_url += ss_url_params.str(); LogDebug("check_login", "plat :%s post url:%s params:%s", m_str_plat_name.c_str(), req_url.c_str(), ss_url_params.str().c_str()); int ret = GetUrl_new(req_url.c_str(), resp); //这里是get请求 也可以post if (ret != CURLE_OK) { LogWarning("check_login", "ret=%d;req=%s, params=%s", ret, req_url.c_str(), ss_url_params.str().c_str()); return ENUM_LOGIN_SERVER_BUSY; } LogDebug("check_login", "get_url ok ret = %s", resp.c_str()); Trim(resp); int rst = 0; JsonHelper jsonhp(resp); if (!jsonhp.GetJsonItem("error_code", rst)) { LogWarning("login_jsonfailed", "json=%s", resp.c_str()); return ENUM_LOGIN_SDK_VERIFY_FAILED; } if (rst != 0) { //结果码为0表示验证成功,其他值都是失败 LogWarning("login_verifyfailed", "rst=%d;req=%s", rst, pszReq); return ENUM_LOGIN_SDK_VERIFY_FAILED; } } //需要返回的参数值 strAccountGot.assign(strSuid); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }
//校验请求是否正确 int CLoginPPS::check_login(const char* plat_name, const char* pszReq, string& strAccountGot) { if ( m_str_plat_name != (string)plat_name) { LogWarning("check_login", "plat :%s != %s", plat_name, m_str_plat_name.c_str()); return ENUM_LOGIN_PLAT_NAME_ERROR; } map<string, string> dictParams; SplitStringToMap(pszReq, '&', '=', dictParams); const string& strSuid = get_dict_field(dictParams, "suid"); //账号 //到平台验证tocken是否正确 // const string& strTocken = get_dict_field(dictParams, "tocken"); // const string& strAccount = get_dict_field(dictParams, "plataccount"); // // string key_91 = this->get_cfg_value("key", ""); // int app_id_91 = this->get_cfg_value("app_id", 1078); // // { // string resp = ""; // string req_url = "http://pay.mdong.com.cn/phone/index.php/DeveloperServer/Index"; // // stringstream ss_pre_md5; // stringstream ss_url_params; // // //MD5(Act=3&AppId=1078&SessionId=d891b6f03f361128b10c69d440c92c34&Uin=1326&Version=1.07a123456789b123456789c123456789d1) // ss_pre_md5 << "Act=3&AppId=" << app_id_91 << "&SessionId=" <<strTocken.c_str() << "&Uin=" <<strSuid.c_str()<<"&Version=1.07"<< key_91.c_str(); // // string req_sign = getmd5(ss_pre_md5.str().c_str()); // // //?Act=3&AppId=1078&SessionId=d891b6f03f361128b10c69d440c92c34&Uin=1326&Version=1.07&Sign=090868eeaaf9ba3d8fcfecdeb1e6bc2e // ss_url_params << "Act=3&AppId=" << app_id_91 << "&SessionId=" <<strTocken.c_str() << "&Uin=" <<strSuid.c_str()<<"&Version=1.07&Sign="<< req_sign.c_str(); // // // LogDebug("check_login", "plat :%s post url:%s params:%s", m_str_plat_name.c_str(), req_url.c_str(), ss_url_params.str().c_str()); // int ret = http_post(req_url.c_str(), ss_url_params.str().c_str(), resp); //这里是post请求 // if (ret != CURLE_OK) // { // LogWarning("check_login", "ret=%d;req=%s, params=%s", ret, req_url.c_str(), ss_url_params.str().c_str()); // return ENUM_LOGIN_SERVER_BUSY; // } // // LogDebug("check_login", "http_post ok ret = %s", resp.c_str()); // // Trim(resp); // cJSON* json = cJSON_Parse(resp.c_str()); // if(json == NULL) // { // //平台返回字符串解析失败 // LogWarning("login_jsonfailed", "json=%s", resp.c_str()); // return ENUM_LOGIN_SDK_VERIFY_FAILED; // } // //cJSON* childJs = cJSON_GetObjectItem(json, "code"); // int rst = cJSON_GetObjectItem(json, "Error_Code")->valueint; // cJSON_Delete(json); // //rst = 1;//test // // if (rst != 0) // { // //结果码为0表示验证成功,其他值都是失败 // LogWarning("login_verifyfailed", "rst=%d;req=%s", rst, pszReq); // return ENUM_LOGIN_SDK_VERIFY_FAILED; // } // } //需要返回的参数值 strAccountGot.assign(strSuid); LogInfo("login_req", "%s", pszReq); return ENUM_LOGIN_SUCCESS; }