版本封存

2025-12-06 11:26:05 +08:00
parent 13949e1ba8
commit c0ae5e30c4
57 changed files with 2443 additions and 1428 deletions
--- a/cmii-uav-watchdog-center/services/auth_service.go
+++ b/cmii-uav-watchdog-center/services/auth_service.go
@@ -0,0 +1,64 @@
+package services
+
+import (
+	"cmii-uav-watchdog-common/models"
+	"cmii-uav-watchdog-common/totp_tier_one"
+	"cmii-uav-watchdog-common/utils"
+	"cmii-uav-watchdog-common/wdd_log"
+)
+
+func ProcessAuthorizationFile(authFile models.AuthorizationFile) (models.AuthorizationCode, error) {
+	// 解密项目NameSpace
+	projectNamespace, err := totp_tier_one.Decrypt(authFile.EncryptedNamespace, authFile.ProjectNamespace)
+	if err != nil {
+		wdd_log.Error("解密项目Name失败: %v", err)
+		return models.AuthorizationCode{}, err
+	}
+
+	// 获取项目信息
+	projectInfo, err := GetProjectInfo(projectNamespace)
+	if err != nil {
+		wdd_log.Error("获取项目信息失败: %v", err)
+		return models.AuthorizationCode{}, err
+	}
+
+	// 验证TOTP验证码
+	if !totp_tier_one.VerifyTierOneTOTPCode(authFile.TOTPCode, projectInfo.TierOneSecret) {
+		wdd_log.Warn("TOTP验证失败: %s", authFile.TOTPCode)
+		return models.AuthorizationCode{}, err
+	}
+
+	// 处理加密的主机信息
+
+	// 一级TOTP密钥
+	key := projectInfo.TierOneSecret
+
+	// 注意：由于我们无法解密主机信息（我们只需要验证其有效性），所以直接使用
+	authorizedHostMap := make(map[string]models.HostInfo)
+	for encryptedInfo, hostInfo := range authFile.EncryptedHostMap {
+		// 使用 DecryptHostInfo 验证主机信息是否被篡改
+		isOK, err := totp_tier_one.DecryptHostInfo(encryptedInfo, hostInfo, key)
+		if !isOK || err != nil {
+			wdd_log.Error("主机信息验证失败: %v", err)
+			continue
+		}
+
+		// 验证通过，将主机信息添加到授权列表
+		authorizedHostMap[encryptedInfo] = hostInfo
+	}
+
+	// 生成新的TOTP验证码
+	newTOTPCode, err := totp_tier_one.GenerateTierOneTOTPCode(projectInfo.TierOneSecret)
+	if err != nil {
+		wdd_log.Error("生成TOTP验证码失败: %v", err)
+		return models.AuthorizationCode{}, err
+	}
+
+	return models.AuthorizationCode{
+		TOTPCode:           newTOTPCode,
+		CurrentTime:        utils.CurentTimeString(),
+		EncryptedHostMap:   authorizedHostMap,
+		ProjectNamespace:   projectNamespace,
+		EncryptedNamespace: authFile.EncryptedNamespace,
+	}, nil
+}
--- a/cmii-uav-watchdog-center/services/project_service.go
+++ b/cmii-uav-watchdog-center/services/project_service.go
@@ -0,0 +1,101 @@
+package services
+
+import (
+	"cmii-uav-watchdog-common/models"
+	"cmii-uav-watchdog-common/utils"
+	"cmii-uav-watchdog-common/wdd_log"
+	"encoding/json"
+	"fmt"
+	"os"
+)
+
+const (
+	ProjectFilePath = "C:\\Users\\wddsh\\Documents\\IdeaProjects\\cmii-uav-watchdog-project\\cmii-uav-watchdog-center\\project_file\\"
+)
+
+func CreateProject(project *models.Project) (string, error) {
+
+	// 生成TierOneSecret
+	secret, err := GenerateTierOneTOTPSecret()
+	if err != nil {
+		wdd_log.Error("生成TierOneSecret失败: %v", err)
+		return "", err
+	}
+
+	project.TierOneSecret = secret
+	project.CreateTime = utils.CurentTimeString()
+
+	// 存储 project到file中
+	project.AuthFilePath = fmt.Sprintf("%s%s-%s.json", ProjectFilePath, project.Namespace, project.Name)
+
+	// 存储到file中
+	jsonData, err := json.Marshal(project)
+	if err != nil {
+		wdd_log.Error("序列化失败: %v", err)
+		return "", err
+	}
+
+	// 写入文件
+	err = os.WriteFile(project.AuthFilePath, jsonData, 0644)
+	if err != nil {
+		wdd_log.Error("写入文件失败: %v", err)
+		return "", err
+	}
+
+	return project.AuthFilePath, nil
+}
+
+// GetProjectList 获取项目列表
+func GetProjectList() ([]models.Project, error) {
+
+	// 获取项目列表
+	projectFileList, err := os.ReadDir(ProjectFilePath)
+	if err != nil {
+		wdd_log.Error("读取项目列表失败: %v", err)
+		return nil, err
+	}
+
+	projectList := make([]models.Project, 0)
+
+	// 遍历项目列表
+	for _, projectFilePath := range projectFileList {
+		// 读取项目文件
+		projectFile, err := os.ReadFile(fmt.Sprintf("%s%s", ProjectFilePath, projectFilePath.Name()))
+		if err != nil {
+			wdd_log.Error("读取项目文件失败: %v", err)
+			return nil, err
+		}
+
+		// 反序列化
+		var project models.Project
+		err = json.Unmarshal(projectFile, &project)
+		if err != nil {
+			wdd_log.Error("反序列化失败: %v", err)
+			return nil, err
+		}
+
+		// 添加到项目列表
+		projectList = append(projectList, project)
+	}
+
+	return projectList, nil
+}
+
+// GetProjectInfo 获取项目信息
+func GetProjectInfo(projectNamespace string) (models.Project, error) {
+	// 获取项目列表
+	projectList, err := GetProjectList()
+	if err != nil {
+		wdd_log.Error("获取项目列表失败: %v", err)
+		return models.Project{}, err
+	}
+
+	// 遍历项目列表
+	for _, project := range projectList {
+		if project.Namespace == projectNamespace {
+			return project, nil
+		}
+	}
+
+	return models.Project{}, fmt.Errorf("项目不存在")
+}
--- a/cmii-uav-watchdog-center/services/totp_service.go
+++ b/cmii-uav-watchdog-center/services/totp_service.go
@@ -0,0 +1,18 @@
+package services
+
+import (
+	"cmii-uav-watchdog-common/totp_tier_one"
+	"cmii-uav-watchdog-otp/totp"
+	"log"
+)
+
+// GenerateTierOneTOTPSecret 生成一级TOTP密钥 只能center调用
+func GenerateTierOneTOTPSecret() (string, error) {
+	secret, err := totp.Generate(totp_tier_one.TierOneTOTPSecretOpts)
+	if err != nil {
+		log.Printf("生成TOTP密钥失败: %v", err)
+		return "", err
+	}
+
+	return secret.Secret(), nil
+}