时间戳token校验封装成通用函数

Controller/IotCoreController.py

@@ -74,13 +74,9 @@ class IotCoreView(View):
         if not all([token, time_stamp, device_version, language]):
             return response.json(444, {'param': 'token, uid_code, time_stamp, device_version, language'})
 
-        # token时间戳校验
-        token = int(CommonService.decode_data(token))
-        time_stamp = int(time_stamp)
-        now_time = int(time.time())
-        distance = now_time - time_stamp
-        if token != time_stamp or distance > 60000 or distance < -60000:  # 为了全球化时间控制在一天内
-            return response.json(404)
+        # 时间戳token校验
+        if not CommonService.check_time_stamp_token(token, time_stamp):
+            return response.json(13)
 
         if not uid:
             # 使用序列号
@@ -120,7 +116,7 @@ class IotCoreView(View):
 
             iotClient = IOTClient(region_id)
             res = iotClient.create_keys_and_certificate(ThingNameSuffix, thingGroup, response)
-            token_iot_number = hashlib.md5((str(uuid.uuid1()) + str(now_time)).encode('utf-8')).hexdigest()
+            token_iot_number = hashlib.md5((str(uuid.uuid1()) + str(int(time.time()))).encode('utf-8')).hexdigest()
 
             iotdeviceInfoModel.objects.create(uid=uid,
                                               serial_number=serial,
@@ -164,13 +160,9 @@ class IotCoreView(View):
         if not all([token, language, time_stamp, device_version]):
             return response.json(444, {'param: token, language, time_stamp, device_version'})
 
-        # 封装token认证
-        token = int(CommonService.decode_data(token))
-        time_stamp = int(time_stamp)
-        now_time = int(time.time())
-        distance = now_time - time_stamp
-        if token != time_stamp or distance > 60000 or distance < -60000:  # 为了全球化时间控制在一天内
-            return response.json(404)
+        # 时间戳token校验
+        if not CommonService.check_time_stamp_token(token, time_stamp):
+            return response.json(13)
 
         ip = CommonService.get_ip_address(request)
         region_id = Device_Region().get_device_region(ip)

Object/ResponseObject.py

@@ -13,6 +13,7 @@ class ResponseObject(object):
             5: 'Please try again one minute later！',
             10: res,
             12: 'You are not the primary user of the device!',
+            13: 'Timestamp token verification failed',
             14: 'Device is not belong to you',
             15: 'Device has been bound',
             16: 'WeChat has been bound, please log in and unbind using WeChat',
@@ -109,6 +110,7 @@ class ResponseObject(object):
             5: '请一分钟后再尝试',
             10: res,
             12: '非设备主用户',
+            13: '时间戳token校验失败',
             14: '设备不属于您',
             15: '设备已被绑定',
             16: '微信已被绑定，请使用微信登录并解绑',

Service/CommonService.py

@@ -432,6 +432,21 @@ class CommonService:
     def encode_data_without_salt(content):
         return base64.b64encode(str(content).encode("utf-8")).decode('utf8')
 
+    @staticmethod
+    def check_time_stamp_token(token, time_stamp):
+        # 时间戳token校验
+        try:
+            token = int(CommonService.decode_data(token))
+            time_stamp = int(time_stamp)
+            now_time = int(time.time())
+            distance = now_time - time_stamp
+            if token != time_stamp or distance > 60000 or distance < -60000:  # 为了全球化时间控制在一天内
+                return False
+            return True
+        except Exception as e:
+            print(e)
+            return False
+
     @staticmethod
     def rsa_sign(Token):
         # 私钥签名Token