From b37d547359b255c56af15c60883d19294b83bd64 Mon Sep 17 00:00:00 2001
From: "jinling.yang" <jinling.yang@jikimo.com>
Date: Mon, 22 Jan 2024 15:41:20 +0800
Subject: [PATCH] =?UTF-8?q?http=E9=AA=8C=E8=AF=81=E4=BB=A3=E7=A0=81?=
 =?UTF-8?q?=E8=BF=98=E5=8E=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 sf_bf_connect/models/http.py | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/sf_bf_connect/models/http.py b/sf_bf_connect/models/http.py
index b911c999..8f546c88 100644
--- a/sf_bf_connect/models/http.py
+++ b/sf_bf_connect/models/http.py
@@ -24,23 +24,23 @@ class Http(models.AbstractModel):
         if 'HTTP_TOKEN' in datas:
             _logger.info('token:%s' % datas['HTTP_TOKEN'])
             # 查询密钥
-            # factory_secret = request.env['res.partner'].sudo().search(
-            #     [('sf_token', '=', datas['HTTP_TOKEN'])], limit=1)
-            # if not factory_secret:
-            #     raise AuthenticationError('无效的token')
-            # # 设置API接口请求时间,不能超过5秒
-            # # deltime = datetime.timedelta(seconds=30)
-            # # if abs(int(datas['HTTP_TIMESTAMP']) - timestamp_str) > deltime.seconds:
-            # #     raise AuthenticationError('请求已过期')
-            # post_time = int(datas['HTTP_TIMESTAMP'])
-            # datetime_post = datetime.fromtimestamp(post_time)
-            # datetime_now = datetime.now().replace(microsecond=0)
-            # datetime_del = datetime_now + timedelta(seconds=5)
-            # if datetime_post > datetime_del:
+            factory_secret = request.env['res.partner'].sudo().search(
+                [('sf_token', '=', datas['HTTP_TOKEN'])], limit=1)
+            if not factory_secret:
+                raise AuthenticationError('无效的token')
+            # 设置API接口请求时间,不能超过5秒
+            # deltime = datetime.timedelta(seconds=30)
+            # if abs(int(datas['HTTP_TIMESTAMP']) - timestamp_str) > deltime.seconds:
             #     raise AuthenticationError('请求已过期')
-            # check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
-            # check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
-            # if check_sf_str != datas['HTTP_CHECKSTR']:
-            #     raise AuthenticationError('数据校验不通过')
+            post_time = int(datas['HTTP_TIMESTAMP'])
+            datetime_post = datetime.fromtimestamp(post_time)
+            datetime_now = datetime.now().replace(microsecond=0)
+            datetime_del = datetime_now + timedelta(seconds=5)
+            if datetime_post > datetime_del:
+                raise AuthenticationError('请求已过期')
+            check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
+            check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
+            if check_sf_str != datas['HTTP_CHECKSTR']:
+                raise AuthenticationError('数据校验不通过')
         else:
             raise AuthenticationError('请求参数中无token')