diff --git a/Makefile b/Makefile index b13a6c2..2438da3 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ -all: ge build run +all: gen build gen: protoc -I./protos --go_out=./protos --go-grpc_out=./protos ./protos/*proto @@ -31,4 +31,4 @@ cert: -.PHONY: all build protos test \ No newline at end of file +.PHONY: all build protos test cert \ No newline at end of file diff --git a/actions/roleaction.go b/actions/roleaction.go index bf44153..d1c5eae 100644 --- a/actions/roleaction.go +++ b/actions/roleaction.go @@ -3,6 +3,7 @@ package actions import ( "context" "errors" + "fmt" "google.golang.org/grpc/metadata" "google.golang.org/protobuf/types/known/emptypb" "pro2d/conf" @@ -25,11 +26,16 @@ func (s *GameServer) HeartBeatHandler(ctx context.Context, empty *emptypb.Empty) } func (s *GameServer) CreateRoleHandler(ctx context.Context, in *pb.LoginReq) (*pb.RoleRsp, error) { - ok, role := models.RoleExistByUid(in.Uid) + account := utils.CheckAuth(ctx) + if account == nil { + return nil, fmt.Errorf("token error") + } + + ok, role := models.RoleExistByUid(account.Uid) if !ok { role = models.NewRole(conf.SnowFlack.NextVal()) role.Role.Device = in.Device - role.Role.Uid = in.Uid + role.Role.Uid = account.Uid role.Create() } return &pb.RoleRsp{ @@ -39,7 +45,12 @@ func (s *GameServer) CreateRoleHandler(ctx context.Context, in *pb.LoginReq) (* } func (s *GameServer) LoginHandler(ctx context.Context, in *pb.LoginReq) (*pb.RoleRsp, error) { - ok, role := models.RoleExistByUid(in.Uid) + account := utils.CheckAuth(ctx) + if account == nil { + return nil, fmt.Errorf("token error") + } + + ok, role := models.RoleExistByUid(account.Uid) if !ok { return &pb.RoleRsp{ Code: 1, diff --git a/actions/server.go b/actions/server.go index c9dcf19..8893e15 100644 --- a/actions/server.go +++ b/actions/server.go @@ -2,7 +2,6 @@ package actions import ( "context" - "fmt" "google.golang.org/grpc" "google.golang.org/grpc/credentials" "google.golang.org/grpc/reflection" @@ -41,13 +40,16 @@ func (s *LoginServer)Start() error { models.InitAccountServerModels() var opts []grpc.ServerOption - //TLS - creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key") - if err != nil { - utils.Sugar.Errorf("Failed to generate credentials %v", err) - return err + + if conf.GlobalConf.TLS.Status { + //TLS + creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key") + if err != nil { + utils.Sugar.Errorf("Failed to generate credentials %v", err) + return err + } + opts = append(opts, grpc.Creds(creds)) } - opts = append(opts, grpc.Creds(creds)) //拦截器 opts = append(opts, grpc.UnaryInterceptor(AccountServerInterceptor)) @@ -84,10 +86,6 @@ func GameServerInterceptor(ctx context.Context, req interface{}, info *grpc.Unar handler grpc.UnaryHandler) (interface{}, error) { //utils.Sugar.Debugf("gRPC method: %s, %v", info.FullMethod, req) - acc := utils.CheckAuth(ctx) - if acc == nil { - return nil, fmt.Errorf("token error") - } resp, err := handler(ctx, req) return resp, err @@ -103,12 +101,15 @@ func (s *GameServer)Start() error { var opts []grpc.ServerOption //TLS - creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key") - if err != nil { - utils.Sugar.Errorf("Failed to generate credentials %v", err) - return err + if conf.GlobalConf.TLS.Status { + //TLS + creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key") + if err != nil { + utils.Sugar.Errorf("Failed to generate credentials %v", err) + return err + } + opts = append(opts, grpc.Creds(creds)) } - opts = append(opts, grpc.Creds(creds)) //拦截器 opts = append(opts, grpc.UnaryInterceptor(GameServerInterceptor)) diff --git a/conf/conf.go b/conf/conf.go index 3f74c0d..885802f 100644 --- a/conf/conf.go +++ b/conf/conf.go @@ -29,6 +29,12 @@ type MongoConf struct { MaxNum int `yaml:"maxnum"` } +type TLS struct { + Status bool `yaml:"status"` + Key string `yaml:"key"` + Pem string `yaml:"pem"` +} + type SConf struct { ID string `yaml:"id"` Name string `yaml:"name"` @@ -43,6 +49,7 @@ type ServerConf struct { WorkerID int64 `yaml:"workerid"` DatacenterID int64 `yaml:"datacenterid"` MongoConf *MongoConf `yaml:"mongo"` + TLS *TLS `yaml:"tls"` AccountConf *SConf `yaml:"server_account"` GameConf *SConf `yaml:"server_game"` RedisConf *RedisConf `yaml:"redis"` diff --git a/conf/conf.yaml b/conf/conf.yaml index dc5ec44..5cb6edb 100644 --- a/conf/conf.yaml +++ b/conf/conf.yaml @@ -16,6 +16,11 @@ etcd: endpoints: - "192.168.0.206:2379" +TLS: + status: true + key: "keys/server.key" + pem: "keys/server.pem" + server_account: id: "1" name: "account" diff --git a/test/client.go b/test/client.go index a7bbbf9..4fcf435 100644 --- a/test/client.go +++ b/test/client.go @@ -56,7 +56,6 @@ func Login(loginUri, token, uid string) { client:= pb.NewGameClient(gameConn) var role *pb.Role loginRsp, err := client.LoginHandler(context.Background(), &pb.LoginReq{ - Uid: uid, Device: "111111", }) @@ -68,7 +67,7 @@ func Login(loginUri, token, uid string) { if loginRsp.Code != 0 { utils.Sugar.Debugf("login fail, role not exist") - createRole, err := client.CreateRoleHandler(context.Background(), &pb.LoginReq{Uid: uid, Device: "11111"}) + createRole, err := client.CreateRoleHandler(context.Background(), &pb.LoginReq{Device: "11111"}) if err != nil { utils.Sugar.Errorf("create role err: %v", err) return diff --git a/test/tlsclient.go b/test/tlsclient.go new file mode 100644 index 0000000..e4b7185 --- /dev/null +++ b/test/tlsclient.go @@ -0,0 +1,28 @@ +package main + +import ( + "context" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "log" + "pro2d/protos/pb" +) + +func main() { + var opts []grpc.DialOption + creds, err := credentials.NewClientTLSFromFile("keys/server.pem", "pro2d") + if err != nil { + log.Fatal(err) + return + } + opts = append(opts, grpc.WithTransportCredentials(creds)) + conn, err := grpc.Dial("localhost:8948", opts...) + + helloClient := pb.NewHelloClient(conn) + rsp, err := helloClient.SayHello(context.TODO(), &pb.HelloWorld{Msg: "hello world"}) + if err != nil { + log.Fatal(err) + } + + log.Printf("sayhello rsp: %v", rsp) +} diff --git a/test/tlsserver.go b/test/tlsserver.go new file mode 100644 index 0000000..fc0ab5f --- /dev/null +++ b/test/tlsserver.go @@ -0,0 +1,44 @@ +package main + +import ( + "context" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "log" + "net" + "pro2d/protos/pb" +) + +type Server struct { + pb.UnimplementedHelloServer +} + +func (s *Server) SayHello(ctx context.Context, in *pb.HelloWorld) (*pb.HelloWorld, error) { + return in, nil +} + +func main() { + // 监听本地端口 + listener, err := net.Listen("tcp", ":8948") + if err != nil { + log.Fatalf("net.Listen err: %v", err) + } + var opts []grpc.ServerOption + // 从输入证书文件和密钥文件为服务端构造TLS凭证 + creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key") + if err != nil { + log.Fatalf("Failed to generate credentials %v", err) + } + opts = append(opts, grpc.Creds(creds)) + // 新建gRPC服务器实例,并开启TLS认证 + grpcServer := grpc.NewServer(opts...) + + // 在gRPC服务器注册我们的服务 + pb.RegisterHelloServer(grpcServer, &Server{}) + log.Println(" net.Listing whth TLS") + //用服务器 Serve() 方法以及我们的端口信息区实现阻塞等待,直到进程被杀死或者 Stop() 被调用 + err = grpcServer.Serve(listener) + if err != nil { + log.Fatalf("grpcServer.Serve err: %v", err) + } +} \ No newline at end of file diff --git a/utils/common.go b/utils/common.go index 9fd1e1a..a05e74c 100644 --- a/utils/common.go +++ b/utils/common.go @@ -1,11 +1,7 @@ package utils const ( + APPID = "Pro2D" + APPKEY = "905c86c1ba58d2d7ea6e9d5549c709a7" //md5(Pro2DSecret) 32位 Pro2DTokenSignedString = "Pro2DSecret" - - ACCOUNTDB = "account" - ACCOUNT = "account" - - GAMEDB = "game" - ROLET = "role" ) diff --git a/utils/jwt.go b/utils/jwt.go index 0f69e83..4874bc1 100644 --- a/utils/jwt.go +++ b/utils/jwt.go @@ -3,6 +3,7 @@ package utils import ( "context" "fmt" + "pro2d/conf" "pro2d/protos/pb" "time" @@ -95,5 +96,5 @@ func (c AuthToken) GetRequestMetadata(ctx context.Context, uri ...string) (map[s } func (c AuthToken) RequireTransportSecurity() bool { - return false + return conf.GlobalConf.TLS.Status } \ No newline at end of file -- libgit2 0.21.2