|
|
|
@ -12,7 +12,7 @@ class ApplicationController < ActionController::Base
|
|
|
|
|
|
|
|
|
|
|
|
protect_from_forgery prepend: true, unless: -> { request.format.json? }
|
|
|
|
protect_from_forgery prepend: true, unless: -> { request.format.json? }
|
|
|
|
|
|
|
|
|
|
|
|
# before_action :check_sign
|
|
|
|
before_action :check_sign
|
|
|
|
before_action :user_setup
|
|
|
|
before_action :user_setup
|
|
|
|
#before_action :check_account
|
|
|
|
#before_action :check_account
|
|
|
|
|
|
|
|
|
|
|
|
@ -23,21 +23,21 @@ class ApplicationController < ActionController::Base
|
|
|
|
|
|
|
|
|
|
|
|
# 所有请求必须合法签名
|
|
|
|
# 所有请求必须合法签名
|
|
|
|
def check_sign
|
|
|
|
def check_sign
|
|
|
|
Rails.logger.info("66666 #{params}")
|
|
|
|
# Rails.logger.info("66666 #{params}")
|
|
|
|
suffix = request.url.split(".").last
|
|
|
|
# suffix = request.url.split(".").last
|
|
|
|
suffix_arr = ["xls", "xlsx"] # excel文件先注释
|
|
|
|
# suffix_arr = ["xls", "xlsx"] # excel文件先注释
|
|
|
|
unless suffix_arr.include?(suffix)
|
|
|
|
# unless suffix_arr.include?(suffix)
|
|
|
|
if params[:client_key].present?
|
|
|
|
# if params[:client_key].present?
|
|
|
|
randomcode = params[:randomcode]
|
|
|
|
# randomcode = params[:randomcode]
|
|
|
|
tip_exception(501, "请求不合理") unless (Time.now.to_i - randomcode.to_i).between?(0,5)
|
|
|
|
# tip_exception(501, "请求不合理") unless (Time.now.to_i - randomcode.to_i).between?(0,5)
|
|
|
|
|
|
|
|
#
|
|
|
|
sign = Digest::MD5.hexdigest("#{OPENKEY}#{randomcode}")
|
|
|
|
# sign = Digest::MD5.hexdigest("#{OPENKEY}#{randomcode}")
|
|
|
|
Rails.logger.info("2222 #{sign}")
|
|
|
|
# Rails.logger.info("2222 #{sign}")
|
|
|
|
tip_exception(501, "请求不合理") if sign != params[:client_key]
|
|
|
|
# tip_exception(501, "请求不合理") if sign != params[:client_key]
|
|
|
|
else
|
|
|
|
# else
|
|
|
|
tip_exception(501, "请求不合理")
|
|
|
|
# tip_exception(501, "请求不合理")
|
|
|
|
end
|
|
|
|
# end
|
|
|
|
end
|
|
|
|
# end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
# 全局配置参数
|
|
|
|
# 全局配置参数
|
|
|
|
|
cxt
5 years ago