chose: cancel the assignment and judge later (#1359)

Co-authored-by: charliecen <chq@abierr.com>
3 years ago · d5e493383a
parent 6f1d27354a
commit d5e493383a
1 changed files with 6 additions and 1 deletions
--- a/rest/internal/security/contentsecurity.go
+++ b/rest/internal/security/contentsecurity.go
@ -119,7 +119,7 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol
 	}, "\n")
 	actualSignature := codec.HmacBase64(securityHeader.Key, signContent)

-	passed := securityHeader.Signature == actualSignature
+	/*passed := securityHeader.Signature == actualSignature
 	if !passed {
 		logx.Infof("signature different, expect: %s, actual: %s",
 			securityHeader.Signature, actualSignature)
@ -127,7 +127,12 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol

 	if passed {
 		return httpx.CodeSignaturePass
+	}*/
+	if securityHeader.Signature == actualSignature {
+		return httpx.CodeSignaturePass
 	}
+	logx.Infof("signature different, expect: %s, actual: %s",
+		securityHeader.Signature, actualSignature)

 	return httpx.CodeSignatureInvalidToken
 }