jy/src/jfw/filter/anonymousUser.go

package filter

import (
	util "app.yhyue.com/moapp/jybase/common"
	"app.yhyue.com/moapp/jybase/go-xweb/httpsession"
	"app.yhyue.com/moapp/jypkg/public"
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/base64"
	"encoding/json"
	"encoding/pem"
	"errors"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"time"
)

func initPrivatePublicKey() {
	// 读取私钥文件
	privateKeyBytes, err := ioutil.ReadFile("rsa_private_key.pem")
	if err != nil {
		log.Println("无法读取私钥文件：", err)
		return
	}

	// 解码私钥
	privateKeyBlock, _ := pem.Decode(privateKeyBytes)
	if privateKeyBlock == nil || privateKeyBlock.Type != "PRIVATE KEY" {
		log.Println("私钥文件格式错误")
		return
	}

	// 解析私钥
	privateKeys, err := x509.ParsePKCS8PrivateKey(privateKeyBlock.Bytes)
	if err != nil {
		log.Println("私钥解析失败：", err)
		return
	}

	// 转换为RSA类型的私钥
	rsaPrivateKey, ok := privateKeys.(*rsa.PrivateKey)
	if !ok {
		fmt.Println("无法转换为RSA类型的私钥")
		return
	}
	PrivateKey = rsaPrivateKey

	// 读取公钥文件
	publicKeyBytes, err := ioutil.ReadFile("rsa_public_key.pem")
	if err != nil {
		log.Println("无法读取公钥文件：", err)
		return
	}

	// 解码公钥
	publicKeyBlock, _ := pem.Decode(publicKeyBytes)
	if publicKeyBlock == nil || publicKeyBlock.Type != "PUBLIC KEY" {
		log.Println("公钥文件格式错误", publicKeyBlock.Type)
		return
	}

	// 解析公钥
	publicKeyInterface, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes)
	if err != nil {
		log.Println("公钥解析失败：", err.Error())
		return
	}

	// 转换为公钥类型
	rsaPublicKey, ok := publicKeyInterface.(*rsa.PublicKey)
	if !ok {
		log.Println("无法转换为公钥类型")
		return
	}
	PublicKey = rsaPublicKey
}

func AnonymousAuthentication(W http.ResponseWriter, R *http.Request, Session *httpsession.Session) {
	anonymousEid := Session.Get("anonymousEid")
	if anonymousEid != nil && anonymousEid != "" {
		return
	}
	fid, err := R.Cookie("fid")
	if err != nil {
		log.Println("匿名用户获取fid失败", err.Error())
		return
	}
	eid, err := R.Cookie("eid")
	if err != nil {
		log.Println("匿名用户获取eid失败", err.Error())
		return
	}
	if fid.Value != "" && eid.Value != "" {
		eData, err1 := Decryption(eid.Value)
		if err1 != nil {
			log.Printf("匿名用户eid:%s,fid:%s 解密失败err:%s", eid.Value, fid.Value, err1.Error())
			return
		}
		if fid.Value != eData {
			log.Printf("匿名用户身份验证不通过,eid:%s,fid:%s,eData:%s", eid.Value, fid.Value, eData)
			return
		}
		Session.Set("anonymousEid", eid.Value)
		//未登录用户增加匿名身份信息
		if Session.Get("mgoUserId") == nil || Session.Get("mgoUserId") == "" {
			log.Println("未登录用户增加匿名身份信息")
			agent := R.Header.Get("user-agent")
			md, _ := json.Marshal(R.Form)
			str := string(md)
			data := map[string]interface{}{
				"ip":            util.GetIp(R),
				"client":        agent,
				"os":            util.GetOS(agent),
				"browse":        util.GetBrowse(agent),
				"fid":           fid,
				"url":           R.RequestURI,
				"mdescribe":     str,
				"refer":         R.Referer(),
				"method":        R.Method,
				"creation_time": time.Now().Unix(),
			}
			public.BaseMysql.Insert("anonymous_identity", data)
		}
	} else {
		log.Println("无身份验证信息")
	}
}

// Encryption  加密
func Encryption(content string) (string, error) {
	if content == "" {
		return "", errors.New("加密内容为空")
	}
	plaintext := []byte(content)
	// 使用公钥加密数据
	ciphertext, err := rsa.EncryptPKCS1v15(rand.Reader, PublicKey, plaintext)
	if err != nil {
		log.Println("加密失败：", err)
		return "", err
	}
	return string(ciphertext), nil
}

func Decryption(content string) (string, error) {
	if content == "" {
		return "", errors.New("解密内容为空")
	}
	if PrivateKey == nil {
		return "", errors.New("无效私钥")
	}
	ciphertext, err := base64.StdEncoding.DecodeString(content)
	if err != nil {
		log.Println("密文解码失败：", err)
		return "", errors.New("密文解码失败")
	}

	// 使用私钥解密数据
	decryptedText, err := rsa.DecryptPKCS1v15(rand.Reader, PrivateKey, ciphertext)
	if err != nil {
		log.Println("解密失败：", err)
		return "", err
	}
	return string(decryptedText), nil
}