From 91ac335ac406f06992d332af38fbbd62d813d682 Mon Sep 17 00:00:00 2001 From: hailin Date: Fri, 13 Jun 2025 22:43:14 +0800 Subject: [PATCH] . --- license/service.go | 13 +++++++++++++ test_api_validate.sh | 3 ++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/license/service.go b/license/service.go index 2c4eef2..12bdc54 100644 --- a/license/service.go +++ b/license/service.go @@ -92,20 +92,33 @@ func ValidateLicenseHandler(db storage.Database) fiber.Handler { return fiber.NewError(fiber.StatusBadRequest, "Invalid base64 payload") } + // 1. 校验签名 if !VerifySignature(GetPublicKey(), payloadBytes, lf.Signature) { return fiber.NewError(fiber.StatusUnauthorized, "Invalid license signature") } + // 2. 解析 payload var req LicenseRequest if err := json.Unmarshal(payloadBytes, &req); err != nil { return fiber.NewError(fiber.StatusBadRequest, "Malformed payload") } + // 3. 验证是否过期 expiry, err := time.Parse("2006-01-02", req.Expiry) if err != nil || time.Now().After(expiry) { return fiber.NewError(fiber.StatusForbidden, "License expired") } + // ✅ 4. 关键补充:校验调用者的 MachineID 与 license 中一致 + // 从请求 Header 或 Body 读取实际设备 ID(假设从 Header 传) + clientMachineID := c.Get("X-Machine-ID") + if clientMachineID == "" { + return fiber.NewError(fiber.StatusBadRequest, "Missing machine ID in header") + } + if clientMachineID != req.MachineID { + return fiber.NewError(fiber.StatusForbidden, "Machine ID mismatch") + } + return c.JSON(fiber.Map{ "valid": true, "features": req.Features, diff --git a/test_api_validate.sh b/test_api_validate.sh index 0698eb1..2249dc2 100644 --- a/test_api_validate.sh +++ b/test_api_validate.sh @@ -1,6 +1,7 @@ curl -X POST http://localhost:13579/api/license/validate \ -H "Content-Type: application/json" \ + -H "X-Machine-ID: ABCDEF123456" \ -d '{ "payload": "eyJtYWNoaW5lX2lkIjoiQUJDREVGMTIzNDU2IiwiZXhwaXJ5IjoiMjAyNi0xMi0zMSIsImZlYXR1cmVzIjpbImdwdSIsIm9jciJdfQ==", "signature": "MEUCIQCIlcIopjSQE9UQpwnvZUn+GNNRuEHx2FzRdoLn50teNwIgHh5MXRWC36NEippKsSZoQjv2jE2ff3ihsbtRLYVFZ9Y=" - }' + }' \ No newline at end of file