1、新增后台面板

2、查询页改三要素
3、佣金冻结

app/main/api/internal/logic/auth/getfaceverifyresultlogic.go

@@ -0,0 +1,122 @@
+package auth
+
+import (
+	"context"
+	"fmt"
+	"qnc-server/common/xerr"
+
+	"github.com/bytedance/sonic"
+	"github.com/pkg/errors"
+
+	"qnc-server/app/user/cmd/api/internal/svc"
+	"qnc-server/app/user/cmd/api/internal/types"
+	"qnc-server/app/user/model"
+
+	"github.com/zeromicro/go-zero/core/logx"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+)
+
+type GetFaceVerifyResultLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewGetFaceVerifyResultLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetFaceVerifyResultLogic {
+	return &GetFaceVerifyResultLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *GetFaceVerifyResultLogic) GetFaceVerifyResult(req *types.GetFaceVerifyResultReq) (resp *types.GetFaceVerifyResultResp, err error) {
+	// 1. 查询认证明细
+	face, err := l.svcCtx.AuthorizationFaceModel.FindOneByCertifyId(l.ctx, req.CertifyId)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询认证明细失败: %v", err)
+	}
+	if face == nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询认证明细为空")
+	}
+
+	// 2. 查询主授权（如后续需要可用）
+	auth, err := l.svcCtx.AuthorizationModel.FindOne(l.ctx, face.AuthorizationId)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询授权主表失败: %v", err)
+	}
+
+	// 3. 判断人脸认证明细和主授权状态，若均已是"success"，则直接返回通过
+	if (face.Status == model.AuthorizationFaceStatusSuccess) && (auth.Status == model.AuthorizationStatusSuccess) {
+		return &types.GetFaceVerifyResultResp{
+			OrderID: auth.OrderId,
+			Passed:  true,
+		}, nil
+	}
+
+	// 4. 调用阿里云接口查询认证结果
+	describeResp, err := l.svcCtx.CloudAuthService.DescribeFaceVerify(req.CertifyId)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "校验人脸识别结果失败: %v", err)
+	}
+
+	// 5. 判断认证状态并更新（使用事务）
+	if describeResp.Passed {
+		// 使用事务更新状态
+		err = l.svcCtx.AuthorizationModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+			order, err := l.svcCtx.OrderModel.FindOne(ctx, auth.OrderId)
+			if err != nil {
+				return errors.Wrapf(err, "查询订单失败")
+			}
+			redisKey := fmt.Sprintf(types.QueryCacheKey, order.UserId, order.OrderNo)
+			cache, cacheErr := l.svcCtx.Redis.GetCtx(ctx, redisKey)
+			if cacheErr != nil {
+				return fmt.Errorf("获取缓存内容失败: %+v", cacheErr)
+			}
+			var data types.QueryCacheLoad
+			err = sonic.Unmarshal([]byte(cache), &data)
+			if err != nil {
+				return fmt.Errorf("解析缓存内容失败: %+v", err)
+			}
+			// 插入新queryModel
+			query := &model.Query{
+				OrderId:     auth.OrderId,
+				UserId:      auth.UserId,
+				ProductId:   order.ProductId,
+				QueryParams: data.Params,
+				QueryState:  "pending",
+			}
+			_, insertQueryErr := l.svcCtx.QueryModel.Insert(ctx, session, query)
+			if insertQueryErr != nil {
+				return errors.Wrapf(insertQueryErr, "保存查询失败")
+			}
+			// 更新主授权状态
+			auth.Status = model.AuthorizationStatusSuccess
+			_, err = l.svcCtx.AuthorizationModel.Update(ctx, session, auth)
+			if err != nil {
+				return errors.Wrapf(err, "更新授权状态失败")
+			}
+			// 更新人脸认证明细状态
+			face.Status = model.AuthorizationFaceStatusSuccess
+			_, err = l.svcCtx.AuthorizationFaceModel.Update(ctx, session, face)
+			if err != nil {
+				return errors.Wrapf(err, "更新人脸认证状态失败")
+			}
+			if asyncErr := l.svcCtx.AsynqService.SendQueryTask(auth.OrderId); asyncErr != nil {
+				logx.Errorf("异步任务调度失败: %v", asyncErr)
+				return asyncErr
+			}
+			return nil
+		})
+		if err != nil {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "更新认证状态失败: %v", err)
+		}
+	}
+	// 6. 返回resp（resp.Passed := describeResp.Passed）和err（如有）
+	resp = &types.GetFaceVerifyResultResp{
+		OrderID:  auth.OrderId,
+		Passed:   describeResp.Passed,
+		AuthType: auth.AuthType.Int64,
+	}
+	return resp, nil
+}

app/main/api/internal/logic/auth/initfaceverifylogic.go

@@ -0,0 +1,136 @@
+package auth
+
+import (
+	"context"
+	"database/sql"
+	"encoding/hex"
+	"math/rand"
+	"strconv"
+	"time"
+
+	"qnc-server/app/user/cmd/api/internal/svc"
+	"qnc-server/app/user/cmd/api/internal/types"
+	"qnc-server/app/user/model"
+	"qnc-server/common/xerr"
+	"qnc-server/pkg/core/aliyun/cloudauth"
+	"qnc-server/pkg/lzkit/crypto"
+
+	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/logx"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+)
+
+type InitFaceVerifyLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewInitFaceVerifyLogic(ctx context.Context, svcCtx *svc.ServiceContext) *InitFaceVerifyLogic {
+	return &InitFaceVerifyLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+// 生成带前缀的随机OuterOrderNo（阿里云人脸验证单号）
+func genOuterOrderNo() string {
+	prefix := "FACE_"
+	timestamp := time.Now().UnixNano()
+	randNum := rand.Intn(1000000)
+	return prefix + strconv.FormatInt(timestamp, 10) + strconv.Itoa(randNum)
+}
+
+func (l *InitFaceVerifyLogic) InitFaceVerify(req *types.InitFaceVerifyReq) (resp *types.InitFaceVerifyResp, err error) {
+	order, err := l.svcCtx.OrderModel.FindOneByOrderNo(l.ctx, req.OrderNo)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询订单失败: %v", err)
+	}
+
+	if order.Status != "paid" {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "订单未支付")
+	}
+
+	authorization, err := l.svcCtx.AuthorizationModel.FindOneByOrderId(l.ctx, order.Id)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询授权信息失败: %v", err)
+	}
+
+	if authorization.Status != "pending" {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "授权信息状态不正确")
+	}
+	key, decodeErr := hex.DecodeString(l.svcCtx.Config.Encrypt.SecretKey)
+	if decodeErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "查询授权信息失败: %v", decodeErr)
+	}
+	authorizationFaceBuilder := l.svcCtx.AuthorizationFaceModel.SelectBuilder().
+		Where("authorization_id = ? AND status = ? AND certify_id != '' AND certify_url != ''",
+			authorization.Id, model.AuthorizationStatusPending).
+		OrderBy("create_time DESC").
+		Limit(1)
+	existingFaces, err := l.svcCtx.AuthorizationFaceModel.FindAll(l.ctx, authorizationFaceBuilder, "")
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询人脸认证记录失败: %v", err)
+	}
+	if len(existingFaces) > 0 {
+		// 如果存在记录，直接返回最新的认证信息
+		return &types.InitFaceVerifyResp{
+			CertifyId:  existingFaces[0].CertifyId,
+			CertifyUrl: existingFaces[0].CertifyUrl,
+		}, nil
+	}
+
+	outerOrderNo := genOuterOrderNo()
+	name, err := crypto.AesDecrypt(authorization.TargetName, key)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密姓名失败: %v", err)
+	}
+	idCard, err := crypto.AesDecrypt(authorization.TargetIdcard, key)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密身份证号失败: %v", err)
+	}
+	initFaceVerifyResp, err := l.svcCtx.CloudAuthService.InitFaceVerify(cloudauth.InitFaceVerifyParam{
+		OuterOrderNo: outerOrderNo,
+		CertName:     string(name),
+		CertNo:       string(idCard),
+		MetaInfo:     req.MetaInfo,
+	})
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "初始化人脸认证失败: %v", err)
+	}
+	err = l.svcCtx.AuthorizationModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+		authorization.AuthType = sql.NullInt64{
+			Int64: req.AuthType,
+			Valid: true,
+		}
+		authorization.GrantType = sql.NullString{
+			String: model.AuthorizationGrantTypeFace,
+			Valid:  true,
+		}
+		_, err = l.svcCtx.AuthorizationModel.Update(l.ctx, session, authorization)
+		if err != nil {
+			return err
+		}
+		authorizationFace := &model.AuthorizationFace{
+			AuthorizationId:    authorization.Id,
+			CertifyId:          initFaceVerifyResp.CertifyId,
+			CertifyUrl:         initFaceVerifyResp.CertifyUrl,
+			Status:             model.AuthorizationStatusPending,
+			CertifyUrlExpireAt: time.Now().Add(time.Minute * 30),
+			OuterOrderNo:       outerOrderNo,
+		}
+		_, err = l.svcCtx.AuthorizationFaceModel.Insert(l.ctx, session, authorizationFace)
+		if err != nil {
+			return err
+		}
+		return nil
+	})
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "更新授权信息失败: %v", err)
+	}
+	return &types.InitFaceVerifyResp{
+		CertifyId:  initFaceVerifyResp.CertifyId,
+		CertifyUrl: initFaceVerifyResp.CertifyUrl,
+	}, nil
+}

app/main/api/internal/logic/auth/rejectauthorizationlogic.go

@@ -0,0 +1,30 @@
+package auth
+
+import (
+	"context"
+
+	"qnc-server/app/user/cmd/api/internal/svc"
+	"qnc-server/app/user/cmd/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type RejectAuthorizationLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewRejectAuthorizationLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RejectAuthorizationLogic {
+	return &RejectAuthorizationLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *RejectAuthorizationLogic) RejectAuthorization(req *types.RejectAuthorizationReq) (resp *types.RejectAuthorizationResp, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}

app/main/api/internal/logic/auth/sendsmslogic.go

@@ -0,0 +1,105 @@
+package auth
+
+import (
+	"context"
+	"fmt"
+	"math/rand"
+	"qnc-server/common/xerr"
+	"qnc-server/pkg/lzkit/crypto"
+	"time"
+
+	"github.com/pkg/errors"
+
+	"qnc-server/app/user/cmd/api/internal/svc"
+	"qnc-server/app/user/cmd/api/internal/types"
+
+	openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
+	dysmsapi "github.com/alibabacloud-go/dysmsapi-20170525/v3/client"
+	"github.com/alibabacloud-go/tea-utils/v2/service"
+	"github.com/alibabacloud-go/tea/tea"
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type SendSmsLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewSendSmsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SendSmsLogic {
+	return &SendSmsLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *SendSmsLogic) SendSms(req *types.SendSmsReq) error {
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 加密手机号失败: %v", err)
+	}
+	// 检查手机号是否在一分钟内已发送过验证码
+	limitCodeKey := fmt.Sprintf("limit:%s:%s", req.ActionType, encryptedMobile)
+	exists, err := l.svcCtx.Redis.Exists(limitCodeKey)
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 读取redis缓存失败: %s", encryptedMobile)
+	}
+
+	if exists {
+		// 如果 Redis 中已经存在标记，说明在 1 分钟内请求过，返回错误
+		return errors.Wrapf(xerr.NewErrMsg("一分钟内不能重复发送验证码"), "短信发送, 手机号1分钟内重复请求发送验证码: %s", encryptedMobile)
+	}
+
+	code := fmt.Sprintf("%06d", rand.New(rand.NewSource(time.Now().UnixNano())).Intn(1000000))
+
+	// 发送短信
+	smsResp, err := l.sendSmsRequest(req.Mobile, code)
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 调用阿里客户端失败: %v", err)
+	}
+	if *smsResp.Body.Code != "OK" {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 阿里客户端响应失败: %s", *smsResp.Body.Message)
+	}
+	codeKey := fmt.Sprintf("%s:%s", req.ActionType, encryptedMobile)
+	// 将验证码保存到 Redis，设置过期时间
+	err = l.svcCtx.Redis.Setex(codeKey, code, l.svcCtx.Config.VerifyCode.ValidTime) // 验证码有效期5分钟
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 验证码设置过期时间失败: %v", err)
+	}
+	// 在 Redis 中设置 1 分钟的标记，限制重复请求
+	err = l.svcCtx.Redis.Setex(limitCodeKey, code, 60) // 标记 1 分钟内不能重复请求
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "短信发送, 验证码设置限制重复请求失败: %v", err)
+	}
+	return nil
+}
+
+// CreateClient 创建阿里云短信客户端
+func (l *SendSmsLogic) CreateClient() (*dysmsapi.Client, error) {
+	config := &openapi.Config{
+		AccessKeyId:     &l.svcCtx.Config.VerifyCode.AccessKeyID,
+		AccessKeySecret: &l.svcCtx.Config.VerifyCode.AccessKeySecret,
+	}
+	config.Endpoint = tea.String(l.svcCtx.Config.VerifyCode.EndpointURL)
+	return dysmsapi.NewClient(config)
+}
+
+// sendSmsRequest 发送短信请求
+func (l *SendSmsLogic) sendSmsRequest(mobile, code string) (*dysmsapi.SendSmsResponse, error) {
+	// 初始化阿里云短信客户端
+	cli, err := l.CreateClient()
+	if err != nil {
+		return nil, err
+	}
+
+	request := &dysmsapi.SendSmsRequest{
+		SignName:      tea.String(l.svcCtx.Config.VerifyCode.SignName),
+		TemplateCode:  tea.String(l.svcCtx.Config.VerifyCode.TemplateCode),
+		PhoneNumbers:  tea.String(mobile),
+		TemplateParam: tea.String(fmt.Sprintf("{\"code\":\"%s\"}", code)),
+	}
+	runtime := &service.RuntimeOptions{}
+	return cli.SendSmsWithOptions(request, runtime)
+}

app/main/api/internal/logic/auth/smsauthorizationlogic.go

@@ -0,0 +1,147 @@
+package auth
+
+import (
+	"context"
+	"database/sql"
+	"encoding/hex"
+	"fmt"
+
+	"qnc-server/app/user/cmd/api/internal/service"
+	"qnc-server/app/user/cmd/api/internal/svc"
+	"qnc-server/app/user/cmd/api/internal/types"
+	"qnc-server/app/user/model"
+	"qnc-server/common/xerr"
+	"qnc-server/pkg/lzkit/crypto"
+
+	"github.com/bytedance/sonic"
+	"github.com/pkg/errors"
+	"github.com/redis/go-redis/v9"
+	"github.com/zeromicro/go-zero/core/logx"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+)
+
+type SmsAuthorizationLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewSmsAuthorizationLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SmsAuthorizationLogic {
+	return &SmsAuthorizationLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *SmsAuthorizationLogic) SmsAuthorization(req *types.SmsAuthorizationReq) (resp *types.SmsAuthorizationResp, err error) {
+	order, err := l.svcCtx.OrderModel.FindOneByOrderNo(l.ctx, req.OrderNo)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询订单失败: %v", err)
+	}
+
+	if order.Status != "paid" {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "订单未支付")
+	}
+
+	authorization, err := l.svcCtx.AuthorizationModel.FindOneByOrderId(l.ctx, order.Id)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询授权信息失败: %v", err)
+	}
+
+	if authorization.Status != "pending" {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "授权信息状态不正确")
+	}
+	key, decodeErr := hex.DecodeString(l.svcCtx.Config.Encrypt.SecretKey)
+	if decodeErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "查询授权信息失败: %v", decodeErr)
+	}
+	name, err := crypto.AesDecrypt(authorization.TargetName, key)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密姓名失败: %v", err)
+	}
+	idCard, err := crypto.AesDecrypt(authorization.TargetIdcard, key)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密身份证号失败: %v", err)
+	}
+	threeFactorVerificationResp, err := l.svcCtx.VerificationService.ThreeFactorVerification(service.ThreeFactorVerificationRequest{
+		Mobile: req.Mobile,
+		Name:   string(name),
+		IDCard: string(idCard),
+	})
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "三要素验证失败: %v", err)
+	}
+	if !threeFactorVerificationResp.Passed {
+		return nil, errors.Wrapf(xerr.NewErrMsg("该手机号码不是被查询人的手机号"), "三要素验证失败")
+	}
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "加密手机号失败: %v", err)
+	}
+	// 检查手机号是否在一分钟内已发送过验证码
+	redisKey := fmt.Sprintf("%s:%s", "authorization", encryptedMobile)
+	cacheCode, err := l.svcCtx.Redis.Get(redisKey)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "验证码过期: %s", encryptedMobile)
+		}
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+	if cacheCode != req.Code {
+		return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "验证码不正确: %s", encryptedMobile)
+	}
+	err = l.svcCtx.AuthorizationModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+
+		order, err := l.svcCtx.OrderModel.FindOne(ctx, authorization.OrderId)
+		if err != nil {
+			return errors.Wrapf(err, "查询订单失败")
+		}
+		redisKey := fmt.Sprintf(types.QueryCacheKey, order.UserId, order.OrderNo)
+		cache, cacheErr := l.svcCtx.Redis.GetCtx(ctx, redisKey)
+		if cacheErr != nil {
+			return fmt.Errorf("获取缓存内容失败: %+v", cacheErr)
+		}
+		var data types.QueryCacheLoad
+		err = sonic.Unmarshal([]byte(cache), &data)
+		if err != nil {
+			return fmt.Errorf("解析缓存内容失败: %+v", err)
+		}
+		// 插入新queryModel
+		query := &model.Query{
+			OrderId:     authorization.OrderId,
+			UserId:      authorization.UserId,
+			ProductId:   order.ProductId,
+			QueryParams: data.Params,
+			QueryState:  "pending",
+		}
+		_, insertQueryErr := l.svcCtx.QueryModel.Insert(ctx, session, query)
+		if insertQueryErr != nil {
+			return errors.Wrapf(insertQueryErr, "保存查询失败")
+		}
+
+		authorization.GrantType = sql.NullString{
+			String: model.AuthorizationGrantTypeSms,
+			Valid:  true,
+		}
+		// 更新主授权状态
+		authorization.Status = model.AuthorizationStatusSuccess
+		_, err = l.svcCtx.AuthorizationModel.Update(ctx, session, authorization)
+		if err != nil {
+			return errors.Wrapf(err, "更新授权状态失败")
+		}
+		if asyncErr := l.svcCtx.AsynqService.SendQueryTask(authorization.OrderId); asyncErr != nil {
+			logx.Errorf("异步任务调度失败: %v", asyncErr)
+			return asyncErr
+		}
+		return nil
+	})
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "更新授权信息失败: %v", err)
+	}
+	return &types.SmsAuthorizationResp{
+		OrderID: authorization.OrderId,
+		Passed:  true,
+	}, nil
+}