hailin
/
license-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

.

This commit is contained in:
hailin 2025-06-13 22:43:14 +08:00
parent 8b8ddc2134
commit 91ac335ac4
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
license/service.go
View File

@ -92,20 +92,33 @@ func ValidateLicenseHandler(db storage.Database) fiber.Handler {
return fiber.NewError(fiber.StatusBadRequest, "Invalid base64 payload") return fiber.NewError(fiber.StatusBadRequest, "Invalid base64 payload")
} }
// 1. 校验签名
if !VerifySignature(GetPublicKey(), payloadBytes, lf.Signature) { if !VerifySignature(GetPublicKey(), payloadBytes, lf.Signature) {
return fiber.NewError(fiber.StatusUnauthorized, "Invalid license signature") return fiber.NewError(fiber.StatusUnauthorized, "Invalid license signature")
} }
// 2. 解析 payload
var req LicenseRequest var req LicenseRequest
if err := json.Unmarshal(payloadBytes, &req); err != nil { if err := json.Unmarshal(payloadBytes, &req); err != nil {
return fiber.NewError(fiber.StatusBadRequest, "Malformed payload") return fiber.NewError(fiber.StatusBadRequest, "Malformed payload")
} }
// 3. 验证是否过期
expiry, err := time.Parse("2006-01-02", req.Expiry) expiry, err := time.Parse("2006-01-02", req.Expiry)
if err != nil || time.Now().After(expiry) { if err != nil || time.Now().After(expiry) {
return fiber.NewError(fiber.StatusForbidden, "License expired") return fiber.NewError(fiber.StatusForbidden, "License expired")
} }
// ✅ 4. 关键补充:校验调用者的 MachineID 与 license 中一致
// 从请求 Header 或 Body 读取实际设备 ID假设从 Header 传)
clientMachineID := c.Get("X-Machine-ID")
if clientMachineID == "" {
return fiber.NewError(fiber.StatusBadRequest, "Missing machine ID in header")
}
if clientMachineID != req.MachineID {
return fiber.NewError(fiber.StatusForbidden, "Machine ID mismatch")
}
return c.JSON(fiber.Map{ return c.JSON(fiber.Map{
"valid": true, "valid": true,
"features": req.Features, "features": req.Features,

3
test_api_validate.sh
View File

@ -1,6 +1,7 @@
curl -X POST http://localhost:13579/api/license/validate \ curl -X POST http://localhost:13579/api/license/validate \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-H "X-Machine-ID: ABCDEF123456" \
-d '{ -d '{
"payload": "eyJtYWNoaW5lX2lkIjoiQUJDREVGMTIzNDU2IiwiZXhwaXJ5IjoiMjAyNi0xMi0zMSIsImZlYXR1cmVzIjpbImdwdSIsIm9jciJdfQ==", "payload": "eyJtYWNoaW5lX2lkIjoiQUJDREVGMTIzNDU2IiwiZXhwaXJ5IjoiMjAyNi0xMi0zMSIsImZlYXR1cmVzIjpbImdwdSIsIm9jciJdfQ==",
"signature": "MEUCIQCIlcIopjSQE9UQpwnvZUn+GNNRuEHx2FzRdoLn50teNwIgHh5MXRWC36NEippKsSZoQjv2jE2ff3ihsbtRLYVFZ9Y=" "signature": "MEUCIQCIlcIopjSQE9UQpwnvZUn+GNNRuEHx2FzRdoLn50teNwIgHh5MXRWC36NEippKsSZoQjv2jE2ff3ihsbtRLYVFZ9Y="
}' }'