2025-07-28 01:46:39 +08:00
|
|
|
|
package entities
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"crypto/rand"
|
2025-12-04 16:17:27 +08:00
|
|
|
|
"database/sql/driver"
|
2025-07-28 01:46:39 +08:00
|
|
|
|
"encoding/hex"
|
2025-12-04 16:17:27 +08:00
|
|
|
|
"encoding/json"
|
2025-07-28 01:46:39 +08:00
|
|
|
|
"errors"
|
|
|
|
|
|
"io"
|
|
|
|
|
|
"net"
|
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
|
|
"github.com/google/uuid"
|
|
|
|
|
|
"gorm.io/gorm"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
// ApiUserStatus API用户状态
|
|
|
|
|
|
const (
|
|
|
|
|
|
ApiUserStatusNormal = "normal"
|
|
|
|
|
|
ApiUserStatusFrozen = "frozen"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2025-12-04 16:17:27 +08:00
|
|
|
|
// WhiteListItem 白名单项,包含IP地址、添加时间和备注
|
|
|
|
|
|
type WhiteListItem struct {
|
|
|
|
|
|
IPAddress string `json:"ip_address"` // IP地址
|
|
|
|
|
|
AddedAt time.Time `json:"added_at"` // 添加时间
|
|
|
|
|
|
Remark string `json:"remark"` // 备注
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// WhiteList 白名单类型,支持向后兼容(旧的字符串数组格式)
|
|
|
|
|
|
type WhiteList []WhiteListItem
|
|
|
|
|
|
|
|
|
|
|
|
// Value 实现 driver.Valuer 接口,用于数据库写入
|
|
|
|
|
|
func (w WhiteList) Value() (driver.Value, error) {
|
|
|
|
|
|
if w == nil {
|
|
|
|
|
|
return "[]", nil
|
|
|
|
|
|
}
|
|
|
|
|
|
data, err := json.Marshal(w)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
return string(data), nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Scan 实现 sql.Scanner 接口,用于数据库读取(支持向后兼容)
|
|
|
|
|
|
func (w *WhiteList) Scan(value interface{}) error {
|
|
|
|
|
|
if value == nil {
|
|
|
|
|
|
*w = WhiteList{}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var bytes []byte
|
|
|
|
|
|
switch v := value.(type) {
|
|
|
|
|
|
case []byte:
|
|
|
|
|
|
bytes = v
|
|
|
|
|
|
case string:
|
|
|
|
|
|
bytes = []byte(v)
|
|
|
|
|
|
default:
|
|
|
|
|
|
return errors.New("无法扫描 WhiteList 类型")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if len(bytes) == 0 || string(bytes) == "[]" || string(bytes) == "null" {
|
|
|
|
|
|
*w = WhiteList{}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 首先尝试解析为新格式(结构体数组)
|
|
|
|
|
|
var items []WhiteListItem
|
|
|
|
|
|
if err := json.Unmarshal(bytes, &items); err == nil {
|
|
|
|
|
|
// 成功解析为新格式
|
|
|
|
|
|
*w = WhiteList(items)
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 如果失败,尝试解析为旧格式(字符串数组)
|
|
|
|
|
|
var oldFormat []string
|
|
|
|
|
|
if err := json.Unmarshal(bytes, &oldFormat); err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 将旧格式转换为新格式
|
|
|
|
|
|
now := time.Now()
|
|
|
|
|
|
items = make([]WhiteListItem, 0, len(oldFormat))
|
|
|
|
|
|
for _, ip := range oldFormat {
|
|
|
|
|
|
items = append(items, WhiteListItem{
|
|
|
|
|
|
IPAddress: ip,
|
|
|
|
|
|
AddedAt: now, // 使用当前时间作为添加时间(因为旧数据没有时间信息)
|
|
|
|
|
|
Remark: "", // 旧数据没有备注信息
|
|
|
|
|
|
})
|
|
|
|
|
|
}
|
|
|
|
|
|
*w = WhiteList(items)
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-07-28 01:46:39 +08:00
|
|
|
|
// ApiUser API用户(聚合根)
|
|
|
|
|
|
type ApiUser struct {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
ID string `gorm:"primaryKey;type:varchar(64)" json:"id"`
|
|
|
|
|
|
UserId string `gorm:"type:varchar(36);not null;uniqueIndex" json:"user_id"`
|
|
|
|
|
|
AccessId string `gorm:"type:varchar(64);not null;uniqueIndex" json:"access_id"`
|
|
|
|
|
|
SecretKey string `gorm:"type:varchar(128);not null" json:"secret_key"`
|
|
|
|
|
|
Status string `gorm:"type:varchar(20);not null;default:'normal'" json:"status"`
|
|
|
|
|
|
WhiteList WhiteList `gorm:"type:json;default:'[]'" json:"white_list"` // 支持多个白名单,包含IP和添加时间,支持向后兼容
|
2025-09-12 01:15:09 +08:00
|
|
|
|
|
|
|
|
|
|
// 余额预警配置
|
|
|
|
|
|
BalanceAlertEnabled bool `gorm:"default:true" json:"balance_alert_enabled" comment:"是否启用余额预警"`
|
|
|
|
|
|
BalanceAlertThreshold float64 `gorm:"default:200.00" json:"balance_alert_threshold" comment:"余额预警阈值"`
|
|
|
|
|
|
AlertPhone string `gorm:"type:varchar(20)" json:"alert_phone" comment:"预警手机号"`
|
|
|
|
|
|
LastLowBalanceAlert *time.Time `json:"last_low_balance_alert" comment:"最后低余额预警时间"`
|
|
|
|
|
|
LastArrearsAlert *time.Time `json:"last_arrears_alert" comment:"最后欠费预警时间"`
|
|
|
|
|
|
|
2025-07-28 01:46:39 +08:00
|
|
|
|
CreatedAt time.Time `gorm:"autoCreateTime" json:"created_at"`
|
|
|
|
|
|
UpdatedAt time.Time `gorm:"autoUpdateTime" json:"updated_at"`
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// IsWhiteListed 校验IP/域名是否在白名单
|
|
|
|
|
|
func (u *ApiUser) IsWhiteListed(target string) bool {
|
|
|
|
|
|
for _, w := range u.WhiteList {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
if w.IPAddress == target {
|
2025-07-28 01:46:39 +08:00
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// IsActive 是否可用
|
|
|
|
|
|
func (u *ApiUser) IsActive() bool {
|
|
|
|
|
|
return u.Status == ApiUserStatusNormal
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// IsFrozen 是否冻结
|
|
|
|
|
|
func (u *ApiUser) IsFrozen() bool {
|
|
|
|
|
|
return u.Status == ApiUserStatusFrozen
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// NewApiUser 工厂方法
|
2025-09-12 01:15:09 +08:00
|
|
|
|
func NewApiUser(userId string, defaultAlertEnabled bool, defaultAlertThreshold float64) (*ApiUser, error) {
|
2025-07-28 01:46:39 +08:00
|
|
|
|
if userId == "" {
|
|
|
|
|
|
return nil, errors.New("用户ID不能为空")
|
|
|
|
|
|
}
|
|
|
|
|
|
accessId, err := GenerateSecretId()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
secretKey, err := GenerateSecretKey()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
return &ApiUser{
|
2025-09-12 01:15:09 +08:00
|
|
|
|
ID: uuid.New().String(),
|
|
|
|
|
|
UserId: userId,
|
|
|
|
|
|
AccessId: accessId,
|
|
|
|
|
|
SecretKey: secretKey,
|
|
|
|
|
|
Status: ApiUserStatusNormal,
|
2025-12-04 16:17:27 +08:00
|
|
|
|
WhiteList: WhiteList{},
|
2025-09-12 01:15:09 +08:00
|
|
|
|
BalanceAlertEnabled: defaultAlertEnabled,
|
|
|
|
|
|
BalanceAlertThreshold: defaultAlertThreshold,
|
2025-07-28 01:46:39 +08:00
|
|
|
|
}, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 领域行为
|
|
|
|
|
|
func (u *ApiUser) Freeze() {
|
|
|
|
|
|
u.Status = ApiUserStatusFrozen
|
|
|
|
|
|
}
|
|
|
|
|
|
func (u *ApiUser) Unfreeze() {
|
|
|
|
|
|
u.Status = ApiUserStatusNormal
|
|
|
|
|
|
}
|
2025-12-04 16:17:27 +08:00
|
|
|
|
func (u *ApiUser) UpdateWhiteList(list []WhiteListItem) {
|
|
|
|
|
|
u.WhiteList = WhiteList(list)
|
2025-07-28 01:46:39 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// AddToWhiteList 新增白名单项(防御性校验)
|
2025-12-04 16:17:27 +08:00
|
|
|
|
func (u *ApiUser) AddToWhiteList(entry string, remark string) error {
|
2025-07-28 01:46:39 +08:00
|
|
|
|
if len(u.WhiteList) >= 10 {
|
|
|
|
|
|
return errors.New("白名单最多只能有10个")
|
|
|
|
|
|
}
|
|
|
|
|
|
if net.ParseIP(entry) == nil {
|
|
|
|
|
|
return errors.New("非法IP")
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, w := range u.WhiteList {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
if w.IPAddress == entry {
|
2025-07-28 01:46:39 +08:00
|
|
|
|
return errors.New("白名单已存在")
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2025-12-04 16:17:27 +08:00
|
|
|
|
u.WhiteList = append(u.WhiteList, WhiteListItem{
|
|
|
|
|
|
IPAddress: entry,
|
|
|
|
|
|
AddedAt: time.Now(),
|
|
|
|
|
|
Remark: remark,
|
|
|
|
|
|
})
|
2025-07-28 01:46:39 +08:00
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// BeforeUpdate GORM钩子:更新前确保WhiteList不为nil
|
|
|
|
|
|
func (u *ApiUser) BeforeUpdate(tx *gorm.DB) error {
|
|
|
|
|
|
if u.WhiteList == nil {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
u.WhiteList = WhiteList{}
|
2025-07-28 01:46:39 +08:00
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// RemoveFromWhiteList 删除白名单项
|
|
|
|
|
|
func (u *ApiUser) RemoveFromWhiteList(entry string) error {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
newList := make([]WhiteListItem, 0, len(u.WhiteList))
|
2025-07-28 01:46:39 +08:00
|
|
|
|
for _, w := range u.WhiteList {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
if w.IPAddress != entry {
|
2025-07-28 01:46:39 +08:00
|
|
|
|
newList = append(newList, w)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(newList) == len(u.WhiteList) {
|
|
|
|
|
|
return errors.New("白名单不存在")
|
|
|
|
|
|
}
|
|
|
|
|
|
u.WhiteList = newList
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-09-12 01:15:09 +08:00
|
|
|
|
// 余额预警相关方法
|
|
|
|
|
|
|
|
|
|
|
|
// UpdateBalanceAlertSettings 更新余额预警设置
|
|
|
|
|
|
func (u *ApiUser) UpdateBalanceAlertSettings(enabled bool, threshold float64, phone string) error {
|
|
|
|
|
|
if threshold < 0 {
|
|
|
|
|
|
return errors.New("预警阈值不能为负数")
|
|
|
|
|
|
}
|
|
|
|
|
|
if phone != "" && len(phone) != 11 {
|
|
|
|
|
|
return errors.New("手机号格式不正确")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
u.BalanceAlertEnabled = enabled
|
|
|
|
|
|
u.BalanceAlertThreshold = threshold
|
|
|
|
|
|
u.AlertPhone = phone
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// ShouldSendLowBalanceAlert 是否应该发送低余额预警(24小时冷却期)
|
|
|
|
|
|
func (u *ApiUser) ShouldSendLowBalanceAlert(balance float64) bool {
|
|
|
|
|
|
if !u.BalanceAlertEnabled || u.AlertPhone == "" {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 余额低于阈值
|
|
|
|
|
|
if balance < u.BalanceAlertThreshold {
|
|
|
|
|
|
// 检查是否已经发送过预警(避免频繁发送)
|
|
|
|
|
|
if u.LastLowBalanceAlert != nil {
|
|
|
|
|
|
// 如果距离上次预警不足24小时,不发送
|
|
|
|
|
|
if time.Since(*u.LastLowBalanceAlert) < 24*time.Hour {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// ShouldSendArrearsAlert 是否应该发送欠费预警(不受冷却期限制)
|
|
|
|
|
|
func (u *ApiUser) ShouldSendArrearsAlert(balance float64) bool {
|
|
|
|
|
|
if !u.BalanceAlertEnabled || u.AlertPhone == "" {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 余额为负数(欠费)- 欠费预警不受冷却期限制
|
|
|
|
|
|
if balance < 0 {
|
|
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// MarkLowBalanceAlertSent 标记低余额预警已发送
|
|
|
|
|
|
func (u *ApiUser) MarkLowBalanceAlertSent() {
|
|
|
|
|
|
now := time.Now()
|
|
|
|
|
|
u.LastLowBalanceAlert = &now
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// MarkArrearsAlertSent 标记欠费预警已发送
|
|
|
|
|
|
func (u *ApiUser) MarkArrearsAlertSent() {
|
|
|
|
|
|
now := time.Now()
|
|
|
|
|
|
u.LastArrearsAlert = &now
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-07-28 01:46:39 +08:00
|
|
|
|
// Validate 校验ApiUser聚合根的业务规则
|
|
|
|
|
|
func (u *ApiUser) Validate() error {
|
|
|
|
|
|
if u.UserId == "" {
|
|
|
|
|
|
return errors.New("用户ID不能为空")
|
|
|
|
|
|
}
|
|
|
|
|
|
if u.AccessId == "" {
|
|
|
|
|
|
return errors.New("AccessId不能为空")
|
|
|
|
|
|
}
|
|
|
|
|
|
if u.SecretKey == "" {
|
|
|
|
|
|
return errors.New("SecretKey不能为空")
|
|
|
|
|
|
}
|
|
|
|
|
|
switch u.Status {
|
|
|
|
|
|
case ApiUserStatusNormal, ApiUserStatusFrozen:
|
|
|
|
|
|
// ok
|
|
|
|
|
|
default:
|
|
|
|
|
|
return errors.New("无效的用户状态")
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(u.WhiteList) > 10 {
|
|
|
|
|
|
return errors.New("白名单最多只能有10个")
|
|
|
|
|
|
}
|
2025-12-04 16:17:27 +08:00
|
|
|
|
for _, item := range u.WhiteList {
|
|
|
|
|
|
if net.ParseIP(item.IPAddress) == nil {
|
|
|
|
|
|
return errors.New("白名单项必须为合法IP地址: " + item.IPAddress)
|
2025-07-28 01:46:39 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 生成AES-128密钥的函数,符合市面规范
|
|
|
|
|
|
func GenerateSecretKey() (string, error) {
|
|
|
|
|
|
key := make([]byte, 16) // 16字节密钥
|
|
|
|
|
|
_, err := io.ReadFull(rand.Reader, key)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return "", err
|
|
|
|
|
|
}
|
|
|
|
|
|
return hex.EncodeToString(key), nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func GenerateSecretId() (string, error) {
|
|
|
|
|
|
// 创建一个字节数组,用于存储随机数据
|
|
|
|
|
|
bytes := make([]byte, 8) // 因为每个字节表示两个16进制字符
|
|
|
|
|
|
|
|
|
|
|
|
// 读取随机字节到数组中
|
|
|
|
|
|
_, err := rand.Read(bytes)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return "", err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 将字节数组转换为16进制字符串
|
|
|
|
|
|
return hex.EncodeToString(bytes), nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TableName 指定数据库表名
|
|
|
|
|
|
func (ApiUser) TableName() string {
|
|
|
|
|
|
return "api_users"
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// BeforeCreate GORM钩子:创建前自动生成UUID并确保WhiteList不为nil
|
|
|
|
|
|
func (c *ApiUser) BeforeCreate(tx *gorm.DB) error {
|
|
|
|
|
|
if c.ID == "" {
|
|
|
|
|
|
c.ID = uuid.New().String()
|
|
|
|
|
|
}
|
|
|
|
|
|
if c.WhiteList == nil {
|
2025-12-04 16:17:27 +08:00
|
|
|
|
c.WhiteList = WhiteList{}
|
2025-07-28 01:46:39 +08:00
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
2025-12-04 16:17:27 +08:00
|
|
|
|
|
|
|
|
|
|
// AfterFind GORM钩子:查询后处理数据,确保AddedAt不为零值
|
|
|
|
|
|
func (u *ApiUser) AfterFind(tx *gorm.DB) error {
|
|
|
|
|
|
// 如果 WhiteList 为空,初始化为空数组
|
|
|
|
|
|
if u.WhiteList == nil {
|
|
|
|
|
|
u.WhiteList = WhiteList{}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 确保所有项的AddedAt不为零值(处理可能从旧数据迁移的情况)
|
|
|
|
|
|
now := time.Now()
|
|
|
|
|
|
for i := range u.WhiteList {
|
|
|
|
|
|
if u.WhiteList[i].AddedAt.IsZero() {
|
|
|
|
|
|
u.WhiteList[i].AddedAt = now
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
