box-server/common/utils/tokenUtil.lua

local crypt = require "crypt"

local DES_SECRET = "8RD8SxJx"

local root = {}

function root.create(uid, password)
    local timestamp = os.time()
    local s = string.format("%s:%s:%s", uid, timestamp, password)
    s = crypt.base64encode(crypt.desencode(DES_SECRET, s))
    return s:gsub("[+/]", function (c)
        if c == '+' then
            return '-'
        else
            return '_'
        end
    end)
end

local function parseToken(token)
    token = token:gsub("[-_]", function (c)
        if c == '-' then
            return '+'
        else
            return '/'
        end
    end)
    local s = crypt.desdecode(DES_SECRET, crypt.base64decode(token))
    return s:match("([^:]+):([^:]+):(.+)")
end

function root.auth(uid, password, token)
    if not uid or not token then
        return false, "function:token_auth args illedge!"
    end

    local tuid, time, password = parseToken(token)
    if not tuid or not time or not password then
        return false, "token parse fail!"
    end

    tuid = tonumber(tuid) or 0
    if tuid ~= uid  then
        return false, string.format("uid not same, %d, %d", uid, tuid)
    end

    --检验时间
    local now = os.time()
    local time = tonumber(time) or 0
    if time + 86400 < now then
        return false, string.format("time expire, val %d", time)
    end

    return true
end

return root