http验证代码还原

2024-01-22 15:41:20 +08:00
parent daa7c467f9
commit b37d547359
1 changed files with 17 additions and 17 deletions
--- a/sf_bf_connect/models/http.py
+++ b/sf_bf_connect/models/http.py
@@ -24,23 +24,23 @@ class Http(models.AbstractModel):
        if 'HTTP_TOKEN' in datas:
            _logger.info('token:%s' % datas['HTTP_TOKEN'])
            # 查询密钥
-            # factory_secret = request.env['res.partner'].sudo().search(
+            factory_secret = request.env['res.partner'].sudo().search(
-            #     [('sf_token', '=', datas['HTTP_TOKEN'])], limit=1)
+                [('sf_token', '=', datas['HTTP_TOKEN'])], limit=1)
-            # if not factory_secret:
+            if not factory_secret:
-            #     raise AuthenticationError('无效的token')
+                raise AuthenticationError('无效的token')
-            # # 设置API接口请求时间,不能超过5秒
+            # 设置API接口请求时间,不能超过5秒
-            # # deltime = datetime.timedelta(seconds=30)
+            # deltime = datetime.timedelta(seconds=30)
-            # # if abs(int(datas['HTTP_TIMESTAMP']) - timestamp_str) > deltime.seconds:
+            # if abs(int(datas['HTTP_TIMESTAMP']) - timestamp_str) > deltime.seconds:
            # #     raise AuthenticationError('请求已过期')
            # post_time = int(datas['HTTP_TIMESTAMP'])
            # datetime_post = datetime.fromtimestamp(post_time)
            # datetime_now = datetime.now().replace(microsecond=0)
            # datetime_del = datetime_now + timedelta(seconds=5)
            # if datetime_post > datetime_del:
            #     raise AuthenticationError('请求已过期')
-            # check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
+            post_time = int(datas['HTTP_TIMESTAMP'])
-            # check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
+            datetime_post = datetime.fromtimestamp(post_time)
-            # if check_sf_str != datas['HTTP_CHECKSTR']:
+            datetime_now = datetime.now().replace(microsecond=0)
-            #     raise AuthenticationError('数据校验不通过')
+            datetime_del = datetime_now + timedelta(seconds=5)
            if datetime_post > datetime_del:
                raise AuthenticationError('请求已过期')
            check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
            check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
            if check_sf_str != datas['HTTP_CHECKSTR']:
                raise AuthenticationError('数据校验不通过')
        else:
            raise AuthenticationError('请求参数中无token')