update

4c579f13 · szh · f3acae1c · 4c579f13 · 4c579f13
Commit 4c579f13 authored Nov 29, 2024 by szh
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 9 deletions

course_users.go server/api/v1/course/course_users.go +16 -2

verifySig.go server/utils/chain33/verifySig.go +8 -7

No files found.
--- a/server/api/v1/course/course_users.go
+++ b/server/api/v1/course/course_users.go
@@ -13,6 +13,7 @@ import (
 	twiReq "courseSign/server/model/twi/request"
 	"courseSign/server/service"
 	"courseSign/server/utils"
+	"courseSign/server/utils/chain33"
 	"github.com/33cn/chain33/common/address"
 	"github.com/gin-gonic/gin"
 	"github.com/go-redis/redis/v8"
@@ -265,11 +266,24 @@ func (courseUsersApi *CourseUsersApi) MetaMaskLogin(c *gin.Context) {
 		response.FailWithMessage(err.Error(), c)
 		return
 	}
-	if time.Now().Unix() - 1800 > signTime {
+	if time.Now().Unix()/1000 - 1800 > signTime {
 		response.FailWithMessage("签名时间已过期，请重新签名", c)
 		return
 	}
-
+	var eipSign chain33.EIP191
+	eipSign.Signature = loginUser.Signature
+	eipSign.Msg = loginUser.Msg
+	eipSign.Address = loginUser.Addr
+	pass,err := chain33.VerifyPersonalSign(eipSign)
+	if err != nil {
+		global.GVA_LOG.Error("VerifyPersonalSign",zap.Error(err))
+		response.FailWithMessage("验签失败", c)
+		return
+	}
+	if !pass {
+		response.FailWithMessage("验签未通过", c)
+		return
+	}
 	// device token
 	deviceCode := utils.CreateDeviceCode(loginUser.Addr)


--- a/server/utils/chain33/verifySig.go
+++ b/server/utils/chain33/verifySig.go
@@ -10,9 +10,9 @@ import (
 )

 type EIP191 struct {
-	msg       string
-	signature string
-	address   string
+	Msg       string
+	Signature string
+	Address   string
 }

 func check(e error) {
@@ -36,7 +36,7 @@ func signEIP191(message string) common.Hash {
 }

 func VerifyPersonalSign(eipChallenge EIP191) (bool,error) {
-	decodedSig, err := hexutil.Decode(eipChallenge.signature)
+	decodedSig, err := hexutil.Decode(eipChallenge.Signature)
 	if err != nil {
 		return false,err
 	}
@@ -50,7 +50,7 @@ func VerifyPersonalSign(eipChallenge EIP191) (bool,error) {
 		decodedSig[64] -= 27 // shift byte?
 	}

-	hash := signEIP191(eipChallenge.msg)
+	hash := signEIP191(eipChallenge.Msg)

 	recoveredPublicKey, err := crypto.Ecrecover(hash.Bytes(), decodedSig)
 	if err != nil {
@@ -64,7 +64,7 @@ func VerifyPersonalSign(eipChallenge EIP191) (bool,error) {

 	recoveredAddress := crypto.PubkeyToAddress(*secp256k1RecoveredPublicKey).Hex()

-	fmt.Println("Signature matches known address!","recover addr ",recoveredAddress ,"req addr",eipChallenge.address)
+	fmt.Println("Signature matches known address!","recover addr ",recoveredAddress ,"req addr",eipChallenge.Address)

-	return hasMatchingAddress(eipChallenge.address, recoveredAddress),nil
+	return hasMatchingAddress(eipChallenge.Address, recoveredAddress),nil
 }
\ No newline at end of file