update putHandle

node/common.go

@@ -4,7 +4,9 @@ import (
 	"net/http"
 
 	sutils "github.com/CESSProject/cess-go-sdk/core/utils"
+	"github.com/CESSProject/go-keyring"
 	jwt "github.com/dgrijalva/jwt-go"
+	"github.com/mr-tron/base58"
 	"github.com/pkg/errors"
 )
 
@@ -54,3 +56,39 @@ func (n *Node) verifyToken(token string, respmsg *RespMsg) (string, []byte, erro
 	respmsg.Err = nil
 	return account, pkey, nil
 }
+
+// VerifyToken is used to parse and verify token
+func (n *Node) verifySignature(account, message, signature string) ([]byte, error) {
+	pkey, err := sutils.ParsingPublickey(account)
+	if err != nil {
+		return nil, err
+	}
+
+	ss58, err := sutils.EncodePublicKeyAsSubstrateAccount(pkey)
+	if err != nil {
+		return nil, err
+	}
+
+	verkr, _ := keyring.FromURI(ss58, keyring.NetSubstrate{})
+
+	sign_bytes, err := base58.Decode(signature)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(sign_bytes) != 64 {
+		return nil, errors.New("invalid signature")
+	}
+
+	var sign_array [64]byte
+	for i := 0; i < 64; i++ {
+		sign_array[i] = sign_bytes[i]
+	}
+
+	// Verify signature
+	ok := verkr.Verify(verkr.SigningContext([]byte(message)), sign_array)
+	if ok {
+		return pkey, nil
+	}
+	return nil, errors.New("false")
+}

node/putHandle.go

@@ -51,9 +51,15 @@ func (n *Node) putHandle(c *gin.Context) {
 	token := c.Request.Header.Get(HTTPHeader_Authorization)
 	account, pkey, err = n.verifyToken(token, respMsg)
 	if err != nil {
-		n.Upfile("info", fmt.Sprintf("[%v] %v", clientIp, err))
-		c.JSON(respMsg.Code, err.Error())
-		return
+		account = c.Request.Header.Get(HTTPHeader_Account)
+		message := c.Request.Header.Get(HTTPHeader_Message)
+		signature := c.Request.Header.Get(HTTPHeader_Signature)
+		pkey, err = n.verifySignature(account, message, signature)
+		if err != nil {
+			n.Upfile("info", fmt.Sprintf("[%v] %v", clientIp, err))
+			c.JSON(respMsg.Code, err.Error())
+			return
+		}
 	}
 
 	// verify the bucket name

node/types.go

@@ -19,6 +19,8 @@ const (
 	HTTPHeader_Account       = "Account"
 	HTTPHeader_Digest        = "Digest"
 	HTTPHeader_Operation     = "Operation"
+	HTTPHeader_Message       = "Message"
+	HTTPHeader_Signature     = "Signature"
 )
 
 const (