多媒体签名优化

Author: TruthHun88

controllers/DocumentController.go

@@ -300,7 +300,7 @@ func (this *DocumentController) Read() {
 					poster, _ := sel.Attr("poster")
 					src, _ := sel.Attr("src")
 					if !(strings.HasPrefix(src, "https://") || strings.HasPrefix(src, "http://")) {
-						sign, _ := utils.GenerateSign(src, time.Duration(utils.MediaDuration)*time.Second)
+						sign, _ := utils.GenerateMediaSign(src, time.Duration(utils.MediaDuration)*time.Second)
 						if strings.Contains(src, "?") {
 							src = src + "&sign=" + sign
 						} else {

controllers/StaticController.go

@@ -170,7 +170,7 @@ func (this *StaticController) isBookOwner() (yes bool) {
 
 // 是否是合法的签名（针对音频和视频，签名不可用的时候再验证用户有没有登录，用户登录了再验证用户是不是书籍所有人）
 func (this *StaticController) isValidSign(sign, path string) bool {
-	signPath, err := utils.ParseSign(sign)
+	signPath, err := utils.ParseMediaSign(sign)
 	if err != nil {
 		return false
 	}

controllers/api/CommonController.go

@@ -949,7 +949,7 @@ func (this *CommonController) handleReleaseV3(release, bookIdentify string) inte
 						}
 					}
 				} else {
-					if sign, err := utils.GenerateSign(src, time.Duration(utils.MediaDuration)); err == nil {
+					if sign, err := utils.GenerateMediaSign(src, time.Duration(utils.MediaDuration)); err == nil {
 						if strings.Contains(src, "?") {
 							src = src + "&sign=" + sign
 						} else {

utils/jwt.go

@@ -10,16 +10,16 @@ import (
 	"github.com/dgrijalva/jwt-go"
 )
 
-// CustomClaims CustomClaims
-type CustomClaims struct {
+// MediaClaims Media Claims
+type MediaClaims struct {
 	Path string
 	jwt.StandardClaims
 }
 
 var (
-	jwtSecret     = beego.AppConfig.DefaultString("jwt_secret", "bookstack.cn")
-	usedSign      sync.Map
-	MediaDuration int64 = beego.AppConfig.DefaultInt64("media_duration", 3600*5)
+	mediaJwtSecret = beego.AppConfig.DefaultString("jwt_secret", "bookstack.cn")
+	usedSign       sync.Map
+	MediaDuration  int64 = beego.AppConfig.DefaultInt64("media_duration", 3600*5)
 )
 
 func init() {
@@ -52,15 +52,15 @@ func IsSignUsed(sign string) bool {
 }
 
 // GenerateSign 生成token
-func GenerateSign(path string, expire ...time.Duration) (sign string, err error) {
+func GenerateMediaSign(path string, expire ...time.Duration) (sign string, err error) {
 	path = strings.TrimLeft(path, "/")
 	// 默认过期时间为一个月
 	expireDuration := time.Now().Add(30 * 24 * time.Hour)
 	if len(expire) > 0 {
 		expireDuration = time.Now().Add(expire[0])
 	}
 
-	customClaims := &CustomClaims{
+	customClaims := &MediaClaims{
 		path,
 		jwt.StandardClaims{
 			ExpiresAt: expireDuration.Unix(),
@@ -71,24 +71,24 @@ func GenerateSign(path string, expire ...time.Duration) (sign string, err error)
 	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, customClaims)
 
 	// secret 用于对用户数据进行签名，不能暴露
-	return jwtToken.SignedString([]byte(jwtSecret))
+	return jwtToken.SignedString([]byte(mediaJwtSecret))
 }
 
 // ParseSign 解析jwt token
-func ParseSign(sign string) (path string, err error) {
+func ParseMediaSign(sign string) (path string, err error) {
 	var token = &jwt.Token{}
-	token, err = jwt.ParseWithClaims(sign, &CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
+	token, err = jwt.ParseWithClaims(sign, &MediaClaims{}, func(token *jwt.Token) (interface{}, error) {
 		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
 			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
 		}
-		return []byte(jwtSecret), nil
+		return []byte(mediaJwtSecret), nil
 	})
 
 	if err != nil {
 		return
 	}
 
-	if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
+	if claims, ok := token.Claims.(*MediaClaims); ok && token.Valid {
 		return strings.TrimLeft(claims.Path, "/"), nil
 	}
 	return "", err