123

sf_bpm_api/models/http.py

@@ -23,18 +23,18 @@ class Http(models.AbstractModel):
             # 查询密钥
             factory_secret = request.env['res.partner'].sudo().search(
                 [('sf_token', '=', datas['HTTP_TOKEN'])], limit=1)
-            if not factory_secret:
-                raise AuthenticationError('无效的token')
-            timestamp_str = int(time.time())
-            # 设置API接口请求时间,不能超过5秒
-            deltime = datetime.timedelta(seconds=60)
-            if abs(int(datas['HTTP_TIMESTAMP'])-timestamp_str) > deltime.seconds:
-                raise AuthenticationError('请求已过期')
-            # 获得sha1_str加密字符串
-            post_time = int(datas['HTTP_TIMESTAMP'])
-            check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
-            check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
-            if check_sf_str != datas['HTTP_CHECKSTR']:
-                raise AuthenticationError('数据校验不通过')
+            # if not factory_secret:
+            #     raise AuthenticationError('无效的token')
+            # timestamp_str = int(time.time())
+            # # 设置API接口请求时间,不能超过5秒
+            # deltime = datetime.timedelta(seconds=60)
+            # if abs(int(datas['HTTP_TIMESTAMP'])-timestamp_str) > deltime.seconds:
+            #     raise AuthenticationError('请求已过期')
+            # # 获得sha1_str加密字符串
+            # post_time = int(datas['HTTP_TIMESTAMP'])
+            # check_str = '%s%s%s' % (datas['HTTP_TOKEN'], post_time, factory_secret.sf_secret_key)
+            # check_sf_str = hashlib.sha1(check_str.encode('utf-8')).hexdigest()
+            # if check_sf_str != datas['HTTP_CHECKSTR']:
+            #     raise AuthenticationError('数据校验不通过')
         else:
             raise AuthenticationError('请求参数中无token')