From 94d443675e19eb864dfb8b4301501dd3f36183fd Mon Sep 17 00:00:00 2001 From: xu Date: Mon, 11 Nov 2019 11:55:20 +0800 Subject: [PATCH] app-api 1. F 调整新的rsakey app-ht 1. 调整后台各个功能模块的顺序 2. 欢迎界面调整 common 1. F RSA 独立一下key 2. F 失败的授权接口重新授权时间调整 --- app-api/config/url-rules.php | 4 ++-- app-api/controllers/AuthDeviceController.php | 75 +++++++++++++++++++++++++++++++++++++++++---------------------------------- app-ht/modules/device/controllers/DeviceController.php | 4 ++-- app-ht/modules/device/views/device/delete-index.php | 8 ++++---- app-ht/modules/device/views/device/index.php | 8 ++++---- app-ht/modules/home/controllers/WelcomeController.php | 17 +++++++++++++++-- app-ht/modules/home/views/welcome/index.php | 2 +- app-ht/modules/project/controllers/ProjectController.php | 2 +- app-ht/views/dashboard/index.php | 15 +++++++++++++-- app-ht/views/layouts/routes.php | 50 +++++++++++++++++++++++++------------------------- common/config/params.php | 6 +++++- common/config/rsa/privateKey.php | 16 ++++++++++++++++ common/config/rsa/publicKey.php | 7 +++++++ common/exts/RSACrypt.php | 39 ++------------------------------------- domain/device/Device.php | 22 ++++++++++++++++++---- 15 files changed, 156 insertions(+), 119 deletions(-) create mode 100644 common/config/rsa/privateKey.php create mode 100644 common/config/rsa/publicKey.php diff --git a/app-api/config/url-rules.php b/app-api/config/url-rules.php index adc98ed..996efbe 100644 --- a/app-api/config/url-rules.php +++ b/app-api/config/url-rules.php @@ -5,13 +5,13 @@ return [ 'POST authDevice' => 'auth-device/index', - 'POST authDeviceT' => 'auth-device/indext', + //'POST authDeviceT' => 'auth-device/indext', 'POST checkOtaVersion' => 'upgrade/check-version', 'POST reportOtaUpgradeEvent' => 'upgrade/report-upgrade-event', 'POST checkAppVersion' => 'upgrade/check-app-version', 'POST reportAppUpgradeEvent' => 'upgrade/report-app-upgrade-event', 'POST reportDeviceVersion' => 'upgrade/report-device-version', - 'POST CryptTxt' => 'auth-device/crypt-txt', + //'POST CryptTxt' => 'auth-device/crypt-txt', 'GET errorPage' => 'site/error-page-info', 'GET minaQuery' => 'site/mina-query', ]; \ No newline at end of file diff --git a/app-api/controllers/AuthDeviceController.php b/app-api/controllers/AuthDeviceController.php index 49e0a99..e1f176b 100644 --- a/app-api/controllers/AuthDeviceController.php +++ b/app-api/controllers/AuthDeviceController.php @@ -31,6 +31,7 @@ use function time; class AuthDeviceController extends BaseController { private static $SIGN_SALT = '13456'; + private static $RANDOM_KEY_SALT = '12356'; private static function myLog($str) { @@ -38,10 +39,10 @@ class AuthDeviceController extends BaseController } /** - * 设备授权接口 + * 设备授权接口,未加密的 * @return stdClass */ - public function actionIndex() + private function indexNoEncode() { $getPostData = file_get_contents('php://input', 'r'); self::myLog('actionIndex postData:'.$getPostData); @@ -50,6 +51,40 @@ class AuthDeviceController extends BaseController } /** + * 设备授权接口加密过的 + * @return stdClass + */ + public function actionIndex() + { + $e = new stdClass(); + $e->content = ''; + + $getPostData = file_get_contents('php://input', 'r'); + self::myLog('actionIndext postData:'.$getPostData); + $getPostData = json_decode($getPostData, true); + $randomKey = $getPostData['randomKey']; + $content = $getPostData['content']; + $rsaKeys = Yii::$app->params['AUTH_DEVICE_RSA_PKCS_1']; + $rsa = new RSACrypt($rsaKeys['PRIVATE'], $rsaKeys['PUBLIC']); + $randKey = $rsa->decrypt($randomKey); + if (16 != strlen($randKey)) { + // 检查randKey,当前只是做长度判断 + $randKey = null; + } else { + $randKey = substr(md5($randKey. self::$RANDOM_KEY_SALT), 8, 16); + } + + $aes = new Aes($randKey); + $contentStr = $aes->decrypt($content); + $authResult = $this->authDevice($contentStr); + + $returnStr = json_encode($authResult, JSON_UNESCAPED_UNICODE); + $e->content = $aes->encrypt($returnStr); + + return $e; + } + + /** * @param $getPostData * @return stdClass */ @@ -70,7 +105,7 @@ class AuthDeviceController extends BaseController $manufactureNo = isset($getPostData['manufacture'])?$getPostData['manufacture']:''; $deviceId = isset($getPostData['device_id'])?$getPostData['device_id']:''; $projectNo = isset($getPostData['project'])?$getPostData['project']:''; - $modelNo = isset($getPostData['model'])?$getPostData['model']:''; + $modelNo = isset($getPostData['model'])?$getPostData['model']:''; $productionNo = isset($getPostData['production'])?$getPostData['production']:''; $timestamp = isset($getPostData['timestamp'])?$getPostData['timestamp']:''; $sign = isset($getPostData['sign'])?$getPostData['sign']:''; @@ -121,7 +156,9 @@ class AuthDeviceController extends BaseController $getPostData = json_decode($getPostDataTxt, true); $randomKey = $getPostData['randomKey']; $content = $getPostData['content']; - $rsa = new RSACrypt(); + $rsaKeys = Yii::$app->params['AUTH_DEVICE_RSA_PKCS_1']; + $rsa = new RSACrypt($rsaKeys['PRIVATE'], $rsaKeys['PUBLIC']); + $randKey = $rsa->decrypt($randomKey); $aes = new Aes($randKey); $contentStr = $aes->decrypt($content); @@ -137,34 +174,4 @@ class AuthDeviceController extends BaseController return $e; } - /** - * @return stdClass - */ - public function actionIndext() - { - $e = new stdClass(); - $e->content = ''; - - $getPostData = file_get_contents('php://input', 'r'); - self::myLog('actionIndext postData:'.$getPostData); - $getPostData = json_decode($getPostData, true); - $randomKey = $getPostData['randomKey']; - $content = $getPostData['content']; - $rsa = new RSACrypt(); - $randKey = $rsa->decrypt($randomKey); - if (16 != strlen($randKey)) { - // 检查randKey,当前只是做长度判断 - $randKey = null; - } - $aes = new Aes($randKey); - $contentStr = $aes->decrypt($content); - $authResult = $this->authDevice($contentStr); - - $returnStr = json_encode($authResult, JSON_UNESCAPED_UNICODE); - - $e->content = $aes->encrypt($returnStr); - - return $e; - } - } \ No newline at end of file diff --git a/app-ht/modules/device/controllers/DeviceController.php b/app-ht/modules/device/controllers/DeviceController.php index c703183..ad89553 100644 --- a/app-ht/modules/device/controllers/DeviceController.php +++ b/app-ht/modules/device/controllers/DeviceController.php @@ -716,7 +716,7 @@ class DeviceController extends BaseController $e->success = false; } elseif(DeviceStatus::NO_AUTH == $deviceModel->status) { $deviceModel->status = DeviceStatus::HAS_AUTH; - $deviceModel->auth_at = time(); + //$deviceModel->auth_at = time(); $deviceModel->save(); $e->message = '已经存在该授权设备'; $e->success = false; @@ -756,7 +756,7 @@ class DeviceController extends BaseController $newDeviceModel->device_id = $deviceId; $newDeviceModel->status = DeviceStatus::NO_AUTH; $newDeviceModel->apply_at = $tt ; - $newDeviceModel->auth_at = $tt; + //$newDeviceModel->auth_at = $tt; $newDeviceModel->save(); $deviceFailModel->is_delete = 1; diff --git a/app-ht/modules/device/views/device/delete-index.php b/app-ht/modules/device/views/device/delete-index.php index 8c7356d..2508e64 100644 --- a/app-ht/modules/device/views/device/delete-index.php +++ b/app-ht/modules/device/views/device/delete-index.php @@ -21,11 +21,11 @@ $this->params['breadcrumbs'][] = $this->title;
- +
- +
@@ -42,11 +42,11 @@ $this->params['breadcrumbs'][] = $this->title;
- +
- +
diff --git a/app-ht/modules/device/views/device/index.php b/app-ht/modules/device/views/device/index.php index 530529c..d24dad0 100644 --- a/app-ht/modules/device/views/device/index.php +++ b/app-ht/modules/device/views/device/index.php @@ -21,11 +21,11 @@ $this->params['breadcrumbs'][] = $this->title;
- +
- +
@@ -42,11 +42,11 @@ $this->params['breadcrumbs'][] = $this->title;
- +
- +
diff --git a/app-ht/modules/home/controllers/WelcomeController.php b/app-ht/modules/home/controllers/WelcomeController.php index 96abd29..6002b4c 100644 --- a/app-ht/modules/home/controllers/WelcomeController.php +++ b/app-ht/modules/home/controllers/WelcomeController.php @@ -2,8 +2,9 @@ namespace app\ht\modules\home\controllers; +use Yii; use app\ht\controllers\BaseController; - +use domain\manufacturer\ManufacturerRepository; class WelcomeController extends BaseController { /** @@ -11,6 +12,18 @@ class WelcomeController extends BaseController */ public function actionIndex() { - return $this->render("index"); + $user = Yii::$app->user->identity; + $username = $user->username; + if ($user->is_manufacture) { + $manufacturer = ManufacturerRepository::findOne(['sys_user_id' => $user->username]); + if ($manufacturer) { + $username = $manufacturer->name; + } + + } + $params = [ + 'username' => $username + ]; + return $this->render("index", $params); } } \ No newline at end of file diff --git a/app-ht/modules/home/views/welcome/index.php b/app-ht/modules/home/views/welcome/index.php index 1385326..457830f 100644 --- a/app-ht/modules/home/views/welcome/index.php +++ b/app-ht/modules/home/views/welcome/index.php @@ -28,6 +28,6 @@ $this->params['breadcrumbs'][] = '欢迎';
-

欢迎 user->identity->username ?> 使用管理后台

+

欢迎 使用管理后台

diff --git a/app-ht/modules/project/controllers/ProjectController.php b/app-ht/modules/project/controllers/ProjectController.php index d27e1e5..fb03108 100644 --- a/app-ht/modules/project/controllers/ProjectController.php +++ b/app-ht/modules/project/controllers/ProjectController.php @@ -184,7 +184,7 @@ class ProjectController extends BaseController } /** - * 导出厂商数据 + * 导出项目数据 * @return string */ public function actionExport() diff --git a/app-ht/views/dashboard/index.php b/app-ht/views/dashboard/index.php index fa46a88..3f4edc0 100644 --- a/app-ht/views/dashboard/index.php +++ b/app-ht/views/dashboard/index.php @@ -1,7 +1,7 @@ title = '欢迎'; $this->params['breadcrumbs'][] = '欢迎'; ?> @@ -28,6 +28,17 @@ $this->params['breadcrumbs'][] = '欢迎';
-

欢迎 user->identity->username ?> 使用OTA管理后台

+

欢迎 user->identity; + $username = $user->username; + if ($user->is_manufacture) { + $manufacturer = ManufacturerRepository::findOne(['sys_user_id' => $user->id]); + if ($manufacturer) { + $username = $manufacturer->name; + } + + } + echo $username; + ?> 使用OTA管理后台

diff --git a/app-ht/views/layouts/routes.php b/app-ht/views/layouts/routes.php index e594394..e1b2438 100644 --- a/app-ht/views/layouts/routes.php +++ b/app-ht/views/layouts/routes.php @@ -49,31 +49,6 @@ if (isset($user->is_manufacture) && $user->is_manufacture == 1) { ] ], [ - 'path' => '/device', - 'label' => '序列号', - 'routes' => [ - [ - 'path' => '/device', - 'redirect' => '/device/device/index' - ], - - ['label' => '序列号管理', 'path' => '/device/device/index'], - ['label' => '授权失败管理', 'path' => '/device/device/auth-fail-index'], - ['label' => '创建序列号', 'path' => '/device/device/create-device'], - ] - ], - [ - 'path' => '/upgrade', - 'label' => '版本', - 'routes' => [ - [ - 'path' => '/upgrade', - 'redirect' => '/upgrade/upgrade/index' - ], - ['label' => '版本管理', 'path'=> '/upgrade/upgrade/index'], - ] - ], - [ 'path' => '/project', 'label' => '项目', 'routes' => [ @@ -107,6 +82,31 @@ if (isset($user->is_manufacture) && $user->is_manufacture == 1) { ] ], [ + 'path' => '/device', + 'label' => '序列号', + 'routes' => [ + [ + 'path' => '/device', + 'redirect' => '/device/device/index' + ], + + ['label' => '序列号管理', 'path' => '/device/device/index'], + ['label' => '授权失败管理', 'path' => '/device/device/auth-fail-index'], + ['label' => '创建序列号', 'path' => '/device/device/create-device'], + ] + ], + [ + 'path' => '/upgrade', + 'label' => '版本', + 'routes' => [ + [ + 'path' => '/upgrade', + 'redirect' => '/upgrade/upgrade/index' + ], + ['label' => '版本管理', 'path'=> '/upgrade/upgrade/index'], + ] + ], + [ 'path' => '/datas', 'label' => '数据', 'routes' => [ diff --git a/common/config/params.php b/common/config/params.php index cf33723..50bccf9 100644 --- a/common/config/params.php +++ b/common/config/params.php @@ -11,5 +11,9 @@ return [ 'url' => 'https://kingboard-prod.oss-cn-shenzhen.aliyuncs.com', 'styleUrl' => 'https://kingboard-prod.oss-cn-shenzhen.aliyuncs.com' ], - 'UPGRADE_FILE_FROM' => 'FROM_ECS' + 'UPGRADE_FILE_FROM' => 'FROM_ECS', + 'AUTH_DEVICE_RSA_PKCS_1' => [ + 'PRIVATE' => require(__DIR__ . '/rsa/privateKey.php'), + 'PUBLIC' => require(__DIR__ . '/rsa/publicKey.php') + ] ]; diff --git a/common/config/rsa/privateKey.php b/common/config/rsa/privateKey.php new file mode 100644 index 0000000..572bf11 --- /dev/null +++ b/common/config/rsa/privateKey.php @@ -0,0 +1,16 @@ +privkey = openssl_pkey_get_private($_privateKey); - $this->pubkey = openssl_pkey_get_public($_publicKey); + $this->privkey = openssl_pkey_get_private($privateKey); + $this->pubkey = openssl_pkey_get_public($publicKey); } /** diff --git a/domain/device/Device.php b/domain/device/Device.php index c169471..1bb23dc 100644 --- a/domain/device/Device.php +++ b/domain/device/Device.php @@ -63,7 +63,7 @@ class Device 'status' => $status, 'has_re_auth' => $hasReAuth, 'apply_at' => $applyAt, - 'auth_at' => time(), + //'auth_at' => time(), ]; return self::create($item); @@ -140,7 +140,7 @@ class Device $e->message = '授权成功, 重复授权'; $e->success = true; $e->status = 4; - } else{ + } else { $deviceModel->status = DeviceStatus::HAS_AUTH; $deviceModel->auth_at = time(); if ($deviceModel->save()){ @@ -201,9 +201,15 @@ class Device $e->message = '授权失败,系统异常'; return $e; } + // 测试代码 + if (strpos($deviceId, 'FAILDEVICE') === false) { + $status = DeviceStatus::HAS_AUTH; + } else { + $status = DeviceStatus::FAIL_AUTH; + } $newDeviceModel->device_id = $deviceId; - $newDeviceModel->status = DeviceStatus::HAS_AUTH; - $newDeviceModel->apply_at = $tt ; + $newDeviceModel->status = $status; + $newDeviceModel->apply_at = $tt; $newDeviceModel->auth_at = $tt; if ($newDeviceModel->save()) { $e->message = '授权成功'; @@ -214,6 +220,14 @@ class Device $e->message = '授权失败,系统异常'; $e->status = 8; //系统异常 } + /* 测试代码*/ + if (DeviceStatus::FAIL_AUTH == $status) { + $e->message = '授权失败,系统异常'; + $e->success = false; + $e->serial_no = ''; + $e->status = 8; + $e->mac = ''; + } return $e; } -- libgit2 0.21.0