1
This commit is contained in:
aozhiwei
parent
9244aa93e4
commit
44675ca7b6
@ -27,6 +27,8 @@ const PRESALE_PREPARE = 1;
|
||||
const PRESALE_STARTED = 2;
|
||||
const PRESALE_SOLD_OUT = 3;
|
||||
|
||||
const TOKEN_SALT = 'B8E6BD4F-FD7B-E2B8-6688-80A2D8632064';
|
||||
|
||||
class MarketController extends BaseController {
|
||||
|
||||
private function isTestMode()
|
||||
@ -191,6 +193,7 @@ class MarketController extends BaseController {
|
||||
|
||||
public function buyBox()
|
||||
{
|
||||
$token = getReqVal('token', '');
|
||||
$type = getReqVal('type', '');
|
||||
$buyerAddress = getReqVal('buyer_address', '');
|
||||
$price = getReqVal('price', '');
|
||||
@ -199,6 +202,10 @@ class MarketController extends BaseController {
|
||||
$signature = getReqVal('signature', '');
|
||||
$gameId = 2006;
|
||||
$funcId = 1;
|
||||
if (!$this->isValidToken($buyerAddress, $token)) {
|
||||
myself()->_rspErr(100, 'invalid token');
|
||||
return;
|
||||
}
|
||||
$this->buyBoxVerifySignature(
|
||||
$buyerAddress,
|
||||
$type,
|
||||
@ -322,7 +329,14 @@ class MarketController extends BaseController {
|
||||
|
||||
public function queryOrder()
|
||||
{
|
||||
$token = getReqVal('token', '');
|
||||
$account = getReqVal('account', '');
|
||||
$orderId = getReqVal('order_id', '');
|
||||
if (!$this->isValidToken($account, $token)) {
|
||||
myself()->_rspErr(100, 'invalid token');
|
||||
return;
|
||||
}
|
||||
|
||||
$orderDb = BoxOrder::findByOrderId($orderId);
|
||||
if ($orderDb) {
|
||||
if (!$orderDb['done']) {
|
||||
@ -350,6 +364,11 @@ class MarketController extends BaseController {
|
||||
public function getNftList()
|
||||
{
|
||||
$account = getReqVal('account', '');
|
||||
$token = getReqVal('token', '');
|
||||
if (!$this->isValidToken($account, $token)) {
|
||||
myself()->_rspErr(100, 'invalid token');
|
||||
return;
|
||||
}
|
||||
$nftDbList = Nft::getNftList($account);
|
||||
$nftList = array();
|
||||
foreach ($nftDbList as $nftDb) {
|
||||
@ -364,7 +383,13 @@ class MarketController extends BaseController {
|
||||
public function getNftDetail()
|
||||
{
|
||||
$account = getReqVal('account', '');
|
||||
$token = getReqVal('token', '');
|
||||
$tokenId = getReqVal('token_id', '');
|
||||
if (!$this->isValidToken($account, $token)) {
|
||||
myself()->_rspErr(100, 'invalid token');
|
||||
return;
|
||||
}
|
||||
|
||||
$nftDb = Nft::getNft($tokenId);
|
||||
if (!$nftDb) {
|
||||
myself()->_rspErr(1, 'nft not exists');
|
||||
@ -507,7 +532,7 @@ class MarketController extends BaseController {
|
||||
return;
|
||||
} else {
|
||||
myself()->_rspData(array(
|
||||
'token' => ''
|
||||
'token' => $this->genToken($account, $nonce)
|
||||
));
|
||||
}
|
||||
}
|
||||
@ -527,4 +552,33 @@ class MarketController extends BaseController {
|
||||
return $web3ServiceCluster[rand() % count($web3ServiceCluster)];
|
||||
}
|
||||
|
||||
private function genToken($account, $nonce)
|
||||
{
|
||||
$data = array(
|
||||
'account' => $account,
|
||||
'rand' => uniqid(),
|
||||
'nonce' => $nonce,
|
||||
'createtime' => myself()->_getNowTime(),
|
||||
);
|
||||
$data['sign'] = md5(TOKEN_SALT . $data['account'] . $data['rand'] . $data['nonce'] . $data['createtime']);
|
||||
return base64_encode(json_encode($data));
|
||||
}
|
||||
|
||||
private function isValidToken($account, $token)
|
||||
{
|
||||
$deToken = base64_decode($token);
|
||||
if (empty($data)) {
|
||||
return false;
|
||||
}
|
||||
if (empty($account)) {
|
||||
return false;
|
||||
}
|
||||
$data = json_decode($deToken);
|
||||
$sign = md5(TOKEN_SALT . $data['account'] . $data['rand'] . $data['nonce'] . $data['createtime']);
|
||||
if ($sign == $data['sign']) {
|
||||
return phpcommon\isSameAccount($sign['account'], $account);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user