Patrick
/
wechat_hitxy
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
427 Коміти
1 Гілка
9.4MB
Дерево: e8df3cd802
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'e8df3cd802'
${ noResults }
wechat_hitxy/crmpixel.go

255 lines
6.1KB
Неформатований Blame Історія 

  1. package main

  2. 

  3. import (

  4. 	"encoding/base64"

  5. 	"encoding/json"

  6. 	"errors"

  7. 	"fmt"

  8. 	"log"

  9. 	"math/rand"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"strconv"

  13. 	"strings"

  14. 	"time"

  15. )

  16. 

  17. var cookLeadID = "biukop_cl"

  18. 

  19. func crmpixelImage() (pixel []byte, err error) {

  20. 	b64pixel := "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4QcIBzEJ3JY/6wAAAAh0RVh0Q29tbWVudAD2zJa/AAAADUlEQVQI12NgYGBgAAAABQABXvMqOgAAAABJRU5ErkJggg=="

  21. 	pixel, err = base64.StdEncoding.DecodeString(b64pixel)

  22. 	return

  23. }

  24. 

  25. func crmpixel(w http.ResponseWriter, r *http.Request) {

  26. 	cookie := crmpixelCookie(r)

  27. 	http.SetCookie(w, &cookie)

  28. 

  29. 	//send out pixel 1x1 transparent png file

  30. 	pixel, err := crmpixelImage()

  31. 	if err == nil {

  32. 		w.Write(pixel)

  33. 	} else {

  34. 		fmt.Fprint(w, "decodig pixel image wrong")

  35. 	}

  36. }

  37. 

  38. func crmpixelCookie(r *http.Request) (ret http.Cookie) {

  39. 	cookie, leadok := r.Cookie(cookLeadID) //crm lead

  40. 

  41. 	if leadok != nil {

  42. 		ret, _ = createNewCookie(r)

  43. 		return

  44. 	}

  45. 

  46. 	valid := isValidCookieBiukopCL(cookie.Value)

  47. 	if !valid {

  48. 		ret, _ = createNewCookie(r)

  49. 		return

  50. 	}

  51. 

  52. 	//refresh expiration

  53. 	ret = *cookie

  54. 	ret.Expires = time.Now().Add(10 * 365 * 24 * time.Hour)

  55. 

  56. 	return

  57. }

  58. 

  59. func getLeadIDFromCookie(r *http.Request) (leadID string, ok bool) {

  60. 	ok = false

  61. 	cookie, leadok := r.Cookie(cookLeadID) //crm lead

  62. 	if leadok != nil {

  63. 		return

  64. 	}

  65. 	valid := isValidCookieBiukopCL(cookie.Value)

  66. 	if !valid {

  67. 		return

  68. 	}

  69. 

  70. 	//correctly split string

  71. 	s := strings.Split(cookie.Value, "|")

  72. 	if len(s) != 4 || s[0] == "" {

  73. 		return

  74. 	}

  75. 	ok = true

  76. 	leadID = s[0]

  77. 	return

  78. }

  79. 

  80. func createNewCookie(r *http.Request) (ret http.Cookie, info crmdLead) {

  81. 	info = crmCreateNewAnonymousLeadByHTTPRequest(r)

  82. 	ret = cookieFromLeadID(info.ID)

  83. 	return

  84. }

  85. 

  86. func cookieFromLeadID(leadID string) (ret http.Cookie) {

  87. 	return cookieCreateLongTerm(cookLeadID, leadID)

  88. }

  89. 

  90. func cookieCreateLongTerm(name, value string) (ret http.Cookie) {

  91. 	expiration := time.Now().Add(10 * 365 * 24 * time.Hour)

  92. 	signedValue := cookieSignValue(value)

  93. 	ret = http.Cookie{Name: name, Value: signedValue, Expires: expiration}

  94. 	return

  95. }

  96. 

  97. func cookieCreate(name, value string, expireInSeconds int) (ret http.Cookie) {

  98. 	expiration := time.Now().Add(time.Duration(expireInSeconds) * time.Second)

  99. 	signedValue := cookieSignValue(value)

  100. 	ret = http.Cookie{Name: name, Value: signedValue, Expires: expiration}

  101. 	return

  102. }

  103. 

  104. func crmCreateNewAnonymousLeadByHTTPRequest(r *http.Request) (info crmdLead) {

  105. 	info.FirstName = "Anonymous"

  106. 	info.LastName = "User " + r.RemoteAddr

  107. 	info.Password = "Password"

  108. 	info.Status = "Anonymous"

  109. 	info.Description = "Anonymous user from " + r.RemoteAddr

  110. 	info.ForceDuplicate = true

  111. 	b, err := json.Marshal(info)

  112. 	if err != nil {

  113. 		return

  114. 	}

  115. 	entity, err := crmCreateEntity("Lead", b)

  116. 	if err == nil || isErrIndicateDuplicate(err) {

  117. 		info, _ = entity.(crmdLead)

  118. 	}

  119. 	return

  120. }

  121. 

  122. func isValidCookieBiukopCL(cookieValue string) (valid bool) {

  123. 	valid = false

  124. 

  125. 	//correctly split string

  126. 	s := strings.Split(cookieValue, "|")

  127. 	if len(s) != 4 || s[0] == "" {

  128. 		return

  129. 	}

  130. 	id, nonce, timestamp, signature := s[0], s[1], s[2], s[3]

  131. 

  132. 	//check signature

  133. 	combined := id + nonce

  134. 	expected := calculateSignature(timestamp, combined, IntraAPIConfig.CRMSecrete)

  135. 	if expected != signature {

  136. 		return

  137. 	}

  138. 

  139. 	ts, err := strconv.Atoi(timestamp)

  140. 	if err != nil {

  141. 		return

  142. 	}

  143. 

  144. 	if timestampOldThan(int32(ts), 86400) { //older than 1 day

  145. 		//find lead data

  146. 		_, err := crmpixelLead(id)

  147. 		if err != nil {

  148. 			return

  149. 		}

  150. 	}

  151. 	valid = true

  152. 	return

  153. }

  154. 

  155. func buildBiukopCLsignature(id, nonce string) (timestamp, signature string) {

  156. 	combined := id + nonce

  157. 	timestamp = fmt.Sprintf("%d", time.Now().Unix())

  158. 	signature = calculateSignature(timestamp, combined, IntraAPIConfig.CRMSecrete)

  159. 	return

  160. }

  161. 

  162. func cookieSignValue(id string) (ret string) {

  163. 	rand.Seed(time.Now().Unix())

  164. 	nonce := fmt.Sprintf("%d", rand.Intn(655352017))

  165. 	timestamp, signature := buildBiukopCLsignature(id, nonce)

  166. 	strs := []string{id, nonce, timestamp, signature} //order is very important

  167. 	ret = strings.Join(strs, "|")

  168. 	return

  169. }

  170. 

  171. func crmpixelLead(id string) (info crmdLead, err error) {

  172. 	entity, err := crmGetEntity("Lead", id)

  173. 	if err != nil {

  174. 		return

  175. 	}

  176. 

  177. 	info, ok := entity.(crmdLead)

  178. 	if !ok {

  179. 		err = errors.New("search lead, return a bad entity type")

  180. 	}

  181. 	return

  182. }

  183. 

  184. //for user's initial registration, especially for wechat users

  185. //they visit a url that is specifically designed for them to

  186. //auth and input their profile data.

  187. //the url's query string will contains a token and a signature

  188. //so that it's verified, by single get request, to allow people to

  189. //enter their details into the CRM system.

  190. //

  191. //this handler, check's the query sting ,set an auth cookie to the client

  192. //and serve angular app, through an URL "/profile/edit"

  193. //or if the user has already been registered,

  194. //redirect user to a URL "/pages/dashboard"

  195. //

  196. func setTrackingCookieAndRecirect(w http.ResponseWriter, r *http.Request) {

  197. 	m, err := url.ParseQuery(r.URL.RawQuery)

  198. 	if err != nil {

  199. 		response400Handler(w)

  200. 		return

  201. 	}

  202. 

  203. 	url, ok := m["url"]

  204. 	if !ok {

  205. 		response400Handler(w)

  206. 		return

  207. 	}

  208. 

  209. 	//check request leadID - lid and my cookie lead id

  210. 	leadID, ok := m["lid"]

  211. 	myLeadID, found := getLeadIDFromCookie(r) //existing cookie

  212. 

  213. 	expireInSeconds := 120                    //default 2minute

  214. 	if found && ok && myLeadID == leadID[0] { //our cookie match the request lid

  215. 		expireInSeconds = 86400 //extended to 1 day

  216. 	}

  217. 

  218. 	//check signature, prevent unauthorized request

  219. 	if !checkSignatureByTokenWithExpireSeconds(r, IntraAPIConfig.CRMSecrete, expireInSeconds) {

  220. 		response403Handler(w)

  221. 		return

  222. 	}

  223. 

  224. 	//set cookie if any

  225. 	if ok {

  226. 		log.Println("setlead cookie :" + leadID[0])

  227. 		cookie := cookieFromLeadID(leadID[0])

  228. 		http.SetCookie(w, &cookie)

  229. 	} else {

  230. 		cookie := crmpixelCookie(r)

  231. 		http.SetCookie(w, &cookie)

  232. 	}

  233. 

  234. 	//get expire settings if any

  235. 	expire := 7200 //2 hours

  236. 	expireTime, ok := m["expire"]

  237. 	if ok {

  238. 		expire, _ = strconv.Atoi(expireTime[0])

  239. 	}

  240. 

  241. 	//set all cookie from url

  242. 	for k, v := range m {

  243. 		if k == "lid" || k == "url" || k == "expire" { //skip lead id and URL and expire

  244. 			continue

  245. 		}

  246. 		log.Printf("set cookie %s=%s", k, v)

  247. 		cookie := cookieCreate(k, v[0], expire)

  248. 		http.SetCookie(w, &cookie)

  249. 	}

  250. 

  251. 	//perform redirect

  252. 	http.Redirect(w, r, url[0], 307) //302 temp redirect

  253. 	return

  254. }