对称加密实现重要日志上报Openresty接口服务
生活随笔
收集整理的這篇文章主要介紹了
对称加密实现重要日志上报Openresty接口服务
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
記錄后端接收日志的流程;
由于記錄的是廣告數(shù)據(jù),單次計費數(shù)據(jù)都會上報,全國內約10幾萬終端上報。
?
終端上報:Android電視端Apk上報
接收終端:Openresty(Nginx+lua)利用nginx非阻塞io來緩解服務器壓力
數(shù)據(jù)處理:為了提高處理效率避免隊列寫死,采用go語言分析數(shù)據(jù)并入庫
?
貼代碼:生成uuid參數(shù),獲取客戶端訪問接口獲取uuid,帶著uuid參數(shù)上報
getuuid.lua:
--獲取body數(shù)據(jù),含get,post數(shù)據(jù) --獲取body數(shù)據(jù),含get,post數(shù)據(jù) local GET = {} local POST = {} ngx.req.read_body() local args_get= ngx.req.get_uri_args() local args_post = ngx.req.get_post_args() for k,v in pairs(args_get) doGET[k]=v end for k,v in pairs(args_post) doPOST[k]=v end --生成加密的密鑰 function unlock_mac (mac,password)local int_iv = 0local mac_len = string.len(mac)for i = 1,mac_len doint_iv = int_iv+string.byte(mac,i)endlocal mac_md5 = ngx.md5(mac)iv_byte = string.sub(mac_md5,1,1)..string.sub(mac_md5,3,5)..int_iv..ngx.md5(password)return string.sub(iv_byte,1,16) end--AES解密 function unaes(key,data)local aes = require "resty.aes"local str = require "resty.string"local hash = {iv = "fedcba9876543210",method = nil } local salt = "0123456789abcdef" local aes_128_cbc, err = aes:new(key, salt, aes.cipher(128,"cbc"), hash) return aes_128_cbc:decrypt(data) end--隨機數(shù) function CreateUUID()local template ="xxxxxxxxxxxx"d = io.open("/dev/urandom", "r"):read(4)math.randomseed(os.time() + d:byte(1) + (d:byte(2) * 256) + (d:byte(3) * 65536) + (d:byte(4) * 4294967296))return string.gsub(template, "x", function (c)local v = (c == "x") and math.random(0, 0xf) or math.random(8, 0xb)return string.format("%x", v)end) end--生成uuid function guid()local seed={'e','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}local tb={}for i=1,32 dotable.insert(tb,seed[math.random(1,16)])endlocal sid=table.concat(tb)return string.format('%s-%s-%s-%s-%s',string.sub(sid,1,8),string.sub(sid,9,12),string.sub(sid,13,16),string.sub(sid,17,20),string.sub(sid,21,32)) end--獲取解密key local mac = GET["mac"] local password = "(&*87-=KLJHuywe~s.,m-=" local key = unlock_mac(mac,password) --獲取post數(shù)據(jù)進行解析local post_val = POST["data"] local unaes_val,err = unaes(key,ngx.decode_base64(post_val)) if unaes_val == nil thenlocal json = require("cjson")json.encode_empty_table_as_object(false)local str = {code=10000,error_message="unaes err"}ngx.say(json.encode(str))ngx.log(ngx.ERR, " unaes_val:", unaes_val)return endif GET["type"] == "app" or GET["type"] == "cd"thenuidmac = GET["type"].."_uuid_"..mac elseuidmac = "uuid_"..mac endlocal redis = require "resty.redis_iresty" local red = redis:new() redis:auth("password") redis:del(uidmac)uidtable = {} local s=0 while s<50 dos=s+1print(CreateUUID())local uuid = guid()local ok, err = redis:hset(uidmac,uuid,"1")if not ok thenlocal str = {code=10000,error_message="failed to set lbs"}ngx.say(json.encode(str))ngx.log(ngx.ERR,"setuidmac:",err)returnenduidtable[s] = uuid end local json = require("cjson")--ngx.say(uidtable)datatable = {data = {list =uidtable},code = 20000}ngx.say(json.encode(datatable))ngx.exit(200)?
?
接收日志,存入隊列:
--獲取body數(shù)據(jù),get,post數(shù)據(jù) local GET = {} local POST = {} ngx.req.read_body() local args_get= ngx.req.get_uri_args() local args_post = ngx.req.get_post_args() for k,v in pairs(args_get) doGET[k]=v end for k,v in pairs(args_post) doPOST[k]=v end--生成加密的密鑰 function unlock_mac (mac,password)local int_iv = 0local mac_len = string.len(mac)for i = 1,mac_len doint_iv = int_iv+string.byte(mac,i)endlocal mac_md5 = ngx.md5(mac)iv_byte = string.sub(mac_md5,1,1)..string.sub(mac_md5,3,5)..int_iv..ngx.md5(password)return string.sub(iv_byte,1,16) end--AES解密 function unaes(key,data)local aes = require "resty.aes"local str = require "resty.string"local hash = {iv = "fedcba9876543210",method = nil } local salt = "0123456789abcdef" local aes_128_cbc, err = aes:new(key, salt, aes.cipher(128,"cbc"), hash) return aes_128_cbc:decrypt(data) end--獲取mac并驗證 if next(GET) ~=nil and string.len(GET["mac"]) == 12 thenmac = GET["mac"] elsengx.say("Mac illegal")return end local key = unlock_mac(mac,"(&*87-=KLJHuywe~s.,m-=")--驗證data數(shù)據(jù) if next(POST) ~= nil thendata = POST["data"] elsengx.say("data is nil")return end-- ngx.say(key) -- ngx.say(data) local json = require("cjson") local unaes_val,err = unaes(key,ngx.decode_base64(data)) --ngx.say(unaes_val) if unaes_val == nil thenlocal json = require("cjson")json.encode_empty_table_as_object(false)errdata = {data = {list ={}},code = 10000}ngx.say (json.encode(errdata))return elselocal dataObj = json.decode(unaes_val)local redis = require "resty.redis_iresty"local red = redis:new()redis:auth("password")uidmac = "uuid_"..macuuid = dataObj.uuidlocal ok= redis:hget(uidmac,uuid)if not ok thenngx.say("failed to get uidmac: ", err)ngx.log(ngx.ERR,"getuidmac:",err)returnelseStrmd5 = ngx.md5(dataObj.data)if "lbs" ~= dataObj.type thenreturnend--ngx.say(dataObj.data)if Strmd5 == dataObj.md5 thenlocal ok, err = redis:lpush('lbs_data_queue',unaes_val)if not ok thenngx.say("failed to push lbs_data_queue: ", err)ngx.log(ngx.ERR,"lbs_data_queue:",err)returnendngx.say("ok")elsengx.say("md5 check err")ngx.log(ngx.ERR,"checkmd5","lbs_data_queue")endend end
?
轉載于:https://www.cnblogs.com/liuquan/p/10417231.html
總結
以上是生活随笔為你收集整理的对称加密实现重要日志上报Openresty接口服务的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: webpackPlugin插件总结
- 下一篇: Nova 启动虚拟机流程解析