From 42f1d7181ed389b2609144f094acf723446ea463 Mon Sep 17 00:00:00 2001
From: wuaho <wuaho@legu.cc>
Date: Sat, 17 Apr 2021 15:56:14 +0800
Subject: [PATCH] =?UTF-8?q?=E5=88=97=E8=A1=A8=E5=8A=A0=E7=AD=BE=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 common/verification.py | 15 +++++++++++----
 routers/point.py       | 13 +++++++++----
 2 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/common/verification.py b/common/verification.py
index 75569ea..1c72b53 100644
--- a/common/verification.py
+++ b/common/verification.py
@@ -1,18 +1,25 @@
 import hashlib
+from copy import deepcopy
 
 from settings import settings
 
 __all__ = 'restore_field', 'sort_kv', 'check_sign', 'check_preset'
 
 
-def restore_field(data: dict) -> dict:
+def restore_field(data: dict) -> tuple:
     res = dict()
+    sign_kv = dict()
     for k, v in data.items():
+        key = settings.FIELD_MAP.get(k) or k
         if isinstance(v, dict):
-            res[settings.FIELD_MAP.get(k) or k] = restore_field(v)
+            res[key], sign_kv[key] = restore_field(v)
         else:
-            res[settings.FIELD_MAP.get(k) or k] = v
-    return res
+            res[key] = v
+            if isinstance(v, list):
+                sign_kv[key] = ','.join(map(lambda x: str(x), v))
+            else:
+                sign_kv[key] = v
+    return res, sign_kv
 
 
 def check_preset(data: dict):
diff --git a/routers/point.py b/routers/point.py
index d2ff9ad..2987d87 100644
--- a/routers/point.py
+++ b/routers/point.py
@@ -13,7 +13,7 @@ router = APIRouter()
 @router.post("/")
 async def point(request: Request, items: DataModel):
     try:
-        public_data: dict = restore_field(items.public)
+        public_data, _ = restore_field(items.public)
         rdb = request.app.state.redis
         data_factory = request.app.state.data_factory
         output_factory = request.app.state.output_factory
@@ -24,10 +24,15 @@ async def point(request: Request, items: DataModel):
         if not output_factory.name:
             return {'code': -1, 'msg': '没有匹配到appid'}
         for item in items.data:
-            data: dict = restore_field(item)
-            sign = data.pop('sign')
+            data, sign_data = restore_field(item)
+            _ = data.pop('sign')
             properties = data.pop('properties')
-            if not check_sign(sign, settings.SALT.get(appid, ''), data, properties):
+
+            #
+            sign = sign_data.pop('sign')
+            sign_properties = sign_data.pop('properties')
+
+            if not check_sign(sign, settings.SALT.get(appid, ''), sign_data, sign_properties):
                 # continue
                 return {"code": -1, 'msg': '签名错误'}
             single_data = dict(**public_data, **data, properties=properties)