148 lines
5.2 KiB
Go
148 lines
5.2 KiB
Go
|
package auth
|
||
|
|
|
||
|
|
import (
|
||
|
|
"context"
|
||
|
|
"database/sql"
|
||
|
|
"encoding/hex"
|
||
|
|
"fmt"
|
||
|
|
|
||
|
|
"qnc-server/app/user/cmd/api/internal/service"
|
||
|
|
"qnc-server/app/user/cmd/api/internal/svc"
|
||
|
|
"qnc-server/app/user/cmd/api/internal/types"
|
||
|
|
"qnc-server/app/user/model"
|
||
|
|
"qnc-server/common/xerr"
|
||
|
|
"qnc-server/pkg/lzkit/crypto"
|
||
|
|
|
||
|
|
"github.com/bytedance/sonic"
|
||
|
|
"github.com/pkg/errors"
|
||
|
|
"github.com/redis/go-redis/v9"
|
||
|
|
"github.com/zeromicro/go-zero/core/logx"
|
||
|
|
"github.com/zeromicro/go-zero/core/stores/sqlx"
|
||
|
|
)
|
||
|
|
|
||
|
|
type SmsAuthorizationLogic struct {
|
||
|
|
logx.Logger
|
||
|
|
ctx context.Context
|
||
|
|
svcCtx *svc.ServiceContext
|
||
|
|
}
|
||
|
|
|
||
|
|
func NewSmsAuthorizationLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SmsAuthorizationLogic {
|
||
|
|
return &SmsAuthorizationLogic{
|
||
|
|
Logger: logx.WithContext(ctx),
|
||
|
|
ctx: ctx,
|
||
|
|
svcCtx: svcCtx,
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func (l *SmsAuthorizationLogic) SmsAuthorization(req *types.SmsAuthorizationReq) (resp *types.SmsAuthorizationResp, err error) {
|
||
|
|
order, err := l.svcCtx.OrderModel.FindOneByOrderNo(l.ctx, req.OrderNo)
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询订单失败: %v", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
if order.Status != "paid" {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "订单未支付")
|
||
|
|
}
|
||
|
|
|
||
|
|
authorization, err := l.svcCtx.AuthorizationModel.FindOneByOrderId(l.ctx, order.Id)
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询授权信息失败: %v", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
if authorization.Status != "pending" {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "授权信息状态不正确")
|
||
|
|
}
|
||
|
|
key, decodeErr := hex.DecodeString(l.svcCtx.Config.Encrypt.SecretKey)
|
||
|
|
if decodeErr != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "查询授权信息失败: %v", decodeErr)
|
||
|
|
}
|
||
|
|
name, err := crypto.AesDecrypt(authorization.TargetName, key)
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密姓名失败: %v", err)
|
||
|
|
}
|
||
|
|
idCard, err := crypto.AesDecrypt(authorization.TargetIdcard, key)
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密身份证号失败: %v", err)
|
||
|
|
}
|
||
|
|
threeFactorVerificationResp, err := l.svcCtx.VerificationService.ThreeFactorVerification(service.ThreeFactorVerificationRequest{
|
||
|
|
Mobile: req.Mobile,
|
||
|
|
Name: string(name),
|
||
|
|
IDCard: string(idCard),
|
||
|
|
})
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "三要素验证失败: %v", err)
|
||
|
|
}
|
||
|
|
if !threeFactorVerificationResp.Passed {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrMsg("该手机号码不是被查询人的手机号"), "三要素验证失败")
|
||
|
|
}
|
||
|
|
secretKey := l.svcCtx.Config.Encrypt.SecretKey
|
||
|
|
encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "加密手机号失败: %v", err)
|
||
|
|
}
|
||
|
|
// 检查手机号是否在一分钟内已发送过验证码
|
||
|
|
redisKey := fmt.Sprintf("%s:%s", "authorization", encryptedMobile)
|
||
|
|
cacheCode, err := l.svcCtx.Redis.Get(redisKey)
|
||
|
|
if err != nil {
|
||
|
|
if errors.Is(err, redis.Nil) {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "验证码过期: %s", encryptedMobile)
|
||
|
|
}
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
|
||
|
|
}
|
||
|
|
if cacheCode != req.Code {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "验证码不正确: %s", encryptedMobile)
|
||
|
|
}
|
||
|
|
err = l.svcCtx.AuthorizationModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
|
||
|
|
|
||
|
|
order, err := l.svcCtx.OrderModel.FindOne(ctx, authorization.OrderId)
|
||
|
|
if err != nil {
|
||
|
|
return errors.Wrapf(err, "查询订单失败")
|
||
|
|
}
|
||
|
|
redisKey := fmt.Sprintf(types.QueryCacheKey, order.UserId, order.OrderNo)
|
||
|
|
cache, cacheErr := l.svcCtx.Redis.GetCtx(ctx, redisKey)
|
||
|
|
if cacheErr != nil {
|
||
|
|
return fmt.Errorf("获取缓存内容失败: %+v", cacheErr)
|
||
|
|
}
|
||
|
|
var data types.QueryCacheLoad
|
||
|
|
err = sonic.Unmarshal([]byte(cache), &data)
|
||
|
|
if err != nil {
|
||
|
|
return fmt.Errorf("解析缓存内容失败: %+v", err)
|
||
|
|
}
|
||
|
|
// 插入新queryModel
|
||
|
|
query := &model.Query{
|
||
|
|
OrderId: authorization.OrderId,
|
||
|
|
UserId: authorization.UserId,
|
||
|
|
ProductId: order.ProductId,
|
||
|
|
QueryParams: data.Params,
|
||
|
|
QueryState: "pending",
|
||
|
|
}
|
||
|
|
_, insertQueryErr := l.svcCtx.QueryModel.Insert(ctx, session, query)
|
||
|
|
if insertQueryErr != nil {
|
||
|
|
return errors.Wrapf(insertQueryErr, "保存查询失败")
|
||
|
|
}
|
||
|
|
|
||
|
|
authorization.GrantType = sql.NullString{
|
||
|
|
String: model.AuthorizationGrantTypeSms,
|
||
|
|
Valid: true,
|
||
|
|
}
|
||
|
|
// 更新主授权状态
|
||
|
|
authorization.Status = model.AuthorizationStatusSuccess
|
||
|
|
_, err = l.svcCtx.AuthorizationModel.Update(ctx, session, authorization)
|
||
|
|
if err != nil {
|
||
|
|
return errors.Wrapf(err, "更新授权状态失败")
|
||
|
|
}
|
||
|
|
if asyncErr := l.svcCtx.AsynqService.SendQueryTask(authorization.OrderId); asyncErr != nil {
|
||
|
|
logx.Errorf("异步任务调度失败: %v", asyncErr)
|
||
|
|
return asyncErr
|
||
|
|
}
|
||
|
|
return nil
|
||
|
|
})
|
||
|
|
if err != nil {
|
||
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "更新授权信息失败: %v", err)
|
||
|
|
}
|
||
|
|
return &types.SmsAuthorizationResp{
|
||
|
|
OrderID: authorization.OrderId,
|
||
|
|
Passed: true,
|
||
|
|
}, nil
|
||
|
|
}
|