web项目绑定固定电脑方案
场景:客户需求,在web端项目中加入视频播放功能,且限制只有门店的电脑可以观看
设计方案:使用mac地址校验
问题:只有ie可以获取mac地址,因此mac方案兼容性出现问题。
解决方案:
思路:
1.用户安装并启动一个本地服务的应用(127.0.0.1:5320)
2.web端通过jsonp进行跨域访问携带服务器生成的key调用本地服务。
3.本地服务获取key后,再获取mac地址。调用后台服务器
4.服务器根据key和mac生成加密key并返回给本地服务
5.浏览器得到本地服务的返回key和mac并传给后台服务器
6.查询门店绑定的mac和返回的mac是否匹配,如果匹配,则根据key和mac,已经服务器生成的加密key进行数据校验。校验通过,则该机器为指定机器。
上代码:
python写的本地服务(临时学了一点,代码未必规范)
#!/usr/bin/python
# -*- coding: UTF-8 -*-
from flask import Flask
from flask import request
import uuid,email.mime.message,email.mime.image,email.mime.text,email.mime.multipart,email.mime.audio,email.mime.base,email.mime.application,email.mime.nonmultipart
import json
import requests
app = Flask(__name__)
@app.route('/')
def index():
key = request.values.get("key")
node = uuid.getnode()
unique = uuid.UUID(int = node).hex[-12:]
github_url = 'http://a.b.com/check_machine/getSecret?unique='+unique+'&key='+key
data = json.dumps({})#'name':'test', 'description':'some test repo'
r = requests.post(github_url, data)
return r.content
if __name__ == '__main__':
app.run(debug=False,port=8320)
1.安装 pip install pyinstaller
2.在D:\Python27\Scripts目录下运行cmd:pyinstaller -F D:\python_workspace\key\key.py
3.运行key.py
服务器获取key及加密java代码
package *;
import lombok.extern.slf4j.Slf4j;
import net.linkedmall.eshop.common.util.Password;
import net.sf.json.JSONObject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.UUID;
@Controller
@Slf4j
@RequestMapping("/check_machine")
public class CheckMachineController {
@RequestMapping(value = "/to_demo")
public String demo(HttpServletRequest request, HttpServletResponse response,HttpSession session){
return "demo/check_machine_demo";
}
@RequestMapping(value = "/getSecret")
@ResponseBody
public String getSecret(HttpServletRequest request, HttpServletResponse response,HttpSession session){
String unique = request.getParameter("unique");
String key = request.getParameter("key");
String keyword = Password.encrypt(unique+"_"+key);//加密校验逻辑就不上代码了,可以自行替换
try {
} catch (Exception e) {
log.error("系统异常:{}", e);
}
return "callback({\"keyword\":\""+keyword+"\",\"unique\":\"" + unique + "\"})";
}
@RequestMapping(value = "/getKey")
@ResponseBody
public String getKey(HttpServletRequest request, HttpServletResponse response,HttpSession session){
String key = UUID.randomUUID().toString();
JSONObject result = new JSONObject();
result.put("success",true);
result.put("key",key);
session.setAttribute("machineKey",key);
try {
} catch (Exception e) {
log.error("系统异常:{}", e);
}
return result.toString();
}
@RequestMapping(value = "/check")
@ResponseBody
public String check(HttpServletRequest request, HttpServletResponse response,HttpSession session){
String key = (String)session.getAttribute("machineKey");
JSONObject result = new JSONObject();
result.put("success",false);
result.put("msg","校验无效*****");
//todo 校验门店是否绑定mac,未绑定则绑定,绑定则校验是否与绑定的相同
if(key !=null){
String keyword = request.getParameter("keyword");
String unique = request.getParameter("unique");
boolean flag = Password.match(unique+"_"+key,keyword );/加密校验逻辑就不上代码了,可以自行替换
if(flag){
session.setAttribute("machineCheck",true);
result.put("success",true);
result.put("msg","校验通过");
}
}
try {
} catch (Exception e) {
log.error("系统异常:{}", e);
}
return result.toString();
}
}
页面代码
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head th:replace="fragments/base :: basehead(~{::title},~{},~{},~{})">
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<mysctript th:include="fragments/base :: basescript(~{})"></mysctript>
<script type="text/javascript">
//可使用ajax替换
Jdev.post(Jdev.dynamicUrl + "/check_machine/getKey", {
}, function (data) {
console.log(data);
getSecret(data.key);
}, function () {
Jdev.alert("系统返回异常");
});
function getSecret(key){
$.ajax({
url: "http://127.0.0.1:8320/?key="+key,
type: "GET",
dataType: "jsonp", //指定服务器返回的数据类型
jsonpCallback: "callback",
success: function (data) {
var result = JSON.stringify(data); //json对象转成字符串
console.log(result);
check(data);
},
error:function (data) {
if(data.status=="404"){
Jdev.alert("请开启密保");
}else{
Jdev.alert("获取秘钥失败");
}
}
});
}
function check(data){
Jdev.post( Jdev.dynamicUrl + "/check_machine/check",data,
function (data) {
if (data.success === true) {
Jdev.alert(data.msg, function () {
})
} else {
Jdev.alert(data.msg, function () {
})
}
}, function () {
Jdev.alert("系统返回异常");
});
}
</script>
</body>
</html>