def custom_check(self, verify_field_value): req = self.get_request() mobile = req.p('mobile') vcode = verify_field_value cached_vcode = cache.get(mobile) if not cached_vcode: raise ApiException(Verify_Code_Resend) if vcode == cached_vcode: cache.delete(mobile) else: raise ApiException(Verify_Code_Wrong)
def _inner(request, *args, **kwargs): # 获取Request请求Headers中的token字段 token = request.headers.get('Access-Token') if not token: # 没有token参数,抛出异常 raise ApiException(Parameter_Missing, suffix='token') user = cache.get(token) if user: pass else: # 缓存中找不到token,抛出异常 raise ApiException(Wrong_Token) return function(request, *args, **kwargs)
def decrypt(self, text): """对解密后的明文进行补位删除 @param text: 密文 @return: 删除填充补位后的明文 """ try: cryptor = AES.new(self.key, self.mode, self.iv) # 使用BASE64对密文进行解码,然后AES-CBC解密 plain_text = cryptor.decrypt(base64.b64decode(text)) except Exception as e: raise ApiException(Crypt_DecryptAES_Error, suffix=str(e)) try: decrypt_text = str(self.pkcs7.decode(plain_text), 'utf-8')[16:] except Exception as e: raise ApiException(Crypt_IllegalBuffer, suffix=str(e)) return decrypt_text
def extract(cls, jsontext): """提取出json数据包中的加密消息 @param jsontext: 待提取的json字符串 @return: 提取出的加密消息字符串 """ try: json_dict = json.loads(jsontext) return json_dict except Exception as e: return ApiException(Crypt_ParseJson_Error, suffix=str(e))
def get_sha1(*args): """SHA1算法生成签名""" sortlist = list(args) sortlist.sort() # print(sortlist) try: sha = hashlib.sha1("".join(sortlist).encode('utf-8')) return sha.hexdigest() except Exception as e: # print(e) raise ApiException(Crypt_ComputeSignature_Error, suffix=str(e))
def _inner(request, *args, **kwargs): # 获取Request请求Headers中的token字段 token = request.headers.get('Access-Token') ts = request.p('timestamp') nonce = request.p('nonce') encrypt = request.p('encrypt') signature = request.p('signature') if not BizMsgCrypt.verify_url(signature, token, ts, nonce, encrypt, settings.SALT): # 校验失败抛出异常 raise ApiException(Wrong_Url) return function(request, *args, **kwargs)
def check_field(self, verify_field_value): """ 正则表达式验证字段 Args: verify_field_value: 待验证的字段值 Returns: 校验不通过,抛出异常;校验通过,无返回结果 """ if not re.match(self.__pattern, verify_field_value): raise ApiException(Parameter_Validate_Failed, prefix=self.verify_field_desc) # 调用自定义验证方法 self.custom_check(verify_field_value)
def _inner(request, *args, **kwargs): # params_dict = json.loads(request.body) # type(params_dict) --> <class 'dict'> for k, v in param_validate_dict.items(): verify_field_value = request.p(k) # 如果应当验证的参数在请求参数中不存在,抛出非法请求参数异常 if not verify_field_value: raise ApiException(Parameter_Missing, suffix=k) v.set_request(request) # 将请求传入验证对象 # 如果请求参数验证未通过,直接抛出异常 v.check_field(verify_field_value) return function(request, *args, **kwargs)
def encrypt(self, text): """对明文进行加密 @param text: 需要加密的明文 @return: 加密得到的字符串 """ # 16位随机字符串添加到明文开头 text = self.get_random_str() + text # 使用自定义的填充方式对明文进行补位填充 text = self.pkcs7.encode(text) # 加密 cryptor = AES.new(self.key, self.mode, self.iv) try: # 使用BASE64对加密后的字符串进行编码 ciphertext = base64.b64encode(cryptor.encrypt( text.encode('utf-8'))) return str(ciphertext, 'utf-8') except Exception as e: raise ApiException(Crypt_EncryptAES_Error, suffix=str(e))
def custom_check(self, verify_field_value): if len(verify_field_value) > 50: raise ApiException(Parameter_Validate_Failed, prefix=self.verify_field_desc, custom_msg='长度不能超过50位')