fix

internal/application/api/api_application_service.go

@@ -2,6 +2,7 @@ package api
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"tyapi-server/internal/application/api/commands"
 	"tyapi-server/internal/application/api/dto"
@@ -37,6 +38,12 @@ type ApiApplicationService interface {
 
 	// 管理端API调用记录
 	GetAdminApiCalls(ctx context.Context, filters map[string]interface{}, options interfaces.ListOptions) (*dto.ApiCallListResponse, error)
+
+	// 加密参数接口
+	EncryptParams(ctx context.Context, userID string, cmd *commands.EncryptCommand) (string, error)
+	
+	// 解密参数接口
+	DecryptParams(ctx context.Context, userID string, cmd *commands.DecryptCommand) (map[string]interface{}, error)
 }
 
 type ApiApplicationServiceImpl struct {
@@ -102,9 +109,13 @@ func (s *ApiApplicationServiceImpl) CallApi(ctx context.Context, cmd *commands.A
 			businessError = ErrFrozenAccount
 			return ErrFrozenAccount
 		}
-		// 在开发环境下跳过IP白名单校验
-		if s.config.App.IsDevelopment() {
-			s.logger.Info("开发环境跳过IP白名单校验", zap.String("userId", apiUser.UserId), zap.String("ip", cmd.ClientIP))
+		// 在开发环境或调试模式下跳过IP白名单校验
+		if s.config.App.IsDevelopment() || cmd.Options.IsDebug {
+			s.logger.Info("跳过IP白名单校验", 
+				zap.String("userId", apiUser.UserId), 
+				zap.String("ip", cmd.ClientIP),
+				zap.Bool("isDevelopment", s.config.App.IsDevelopment()),
+				zap.Bool("isDebug", cmd.Options.IsDebug))
 		} else {
 			if !apiUser.IsWhiteListed(cmd.ClientIP) {
 				s.logger.Error("IP不在白名单内", zap.String("userId", apiUser.UserId), zap.String("ip", cmd.ClientIP))
@@ -503,3 +514,42 @@ func (s *ApiApplicationServiceImpl) GetAdminApiCalls(ctx context.Context, filter
 		Size:  options.PageSize,
 	}, nil
 }
+
+// EncryptParams 加密参数
+func (s *ApiApplicationServiceImpl) EncryptParams(ctx context.Context, userID string, cmd *commands.EncryptCommand) (string, error) {
+	// 1. 将数据转换为JSON字节数组
+	jsonData, err := json.Marshal(cmd.Data)
+	if err != nil {
+		s.logger.Error("序列化参数失败", zap.Error(err))
+		return "", err
+	}
+	
+	// 2. 使用前端传来的SecretKey进行加密
+	encryptedData, err := crypto.AesEncrypt(jsonData, cmd.SecretKey)
+	if err != nil {
+		s.logger.Error("加密参数失败", zap.Error(err))
+		return "", err
+	}
+
+	return encryptedData, nil
+}
+
+// DecryptParams 解密参数
+func (s *ApiApplicationServiceImpl) DecryptParams(ctx context.Context, userID string, cmd *commands.DecryptCommand) (map[string]interface{}, error) {
+	// 1. 使用前端传来的SecretKey进行解密
+	decryptedData, err := crypto.AesDecrypt(cmd.EncryptedData, cmd.SecretKey)
+	if err != nil {
+		s.logger.Error("解密参数失败", zap.Error(err))
+		return nil, err
+	}
+	
+	// 2. 将解密后的JSON字节数组转换为map
+	var result map[string]interface{}
+	err = json.Unmarshal(decryptedData, &result)
+	if err != nil {
+		s.logger.Error("反序列化解密数据失败", zap.Error(err))
+		return nil, err
+	}
+
+	return result, nil
+}

internal/application/api/commands/api_call_commands.go

@@ -9,10 +9,18 @@ type ApiCallCommand struct {
 }
 
 type ApiCallOptions struct {
-	Json        bool `json:"json,omitempty"`        // 是否返回JSON格式
+	Json    bool `json:"json,omitempty"`     // 是否返回JSON格式
+	IsDebug bool `json:"is_debug,omitempty"` // 是否为调试调用
 }
 
 // EncryptCommand 加密命令
 type EncryptCommand struct {
-	Data map[string]interface{} `json:"data" binding:"required"`
+	Data      map[string]interface{} `json:"data" binding:"required"`
+	SecretKey string                 `json:"secret_key" binding:"required"`
+}
+
+// DecryptCommand 解密命令
+type DecryptCommand struct {
+	EncryptedData string `json:"encrypted_data" binding:"required"`
+	SecretKey     string `json:"secret_key" binding:"required"`
 }

internal/application/product/subscription_application_service_impl.go

@@ -214,13 +214,18 @@ func (s *SubscriptionApplicationServiceImpl) convertToSubscriptionInfoResponse(s
 		}
 	}
 
+	var productResponse *responses.ProductSimpleResponse
+	if subscription.Product != nil {
+		productResponse = s.convertToProductSimpleResponse(subscription.Product)
+	}
+
 	return &responses.SubscriptionInfoResponse{
 		ID:        subscription.ID,
 		UserID:    subscription.UserID,
 		ProductID: subscription.ProductID,
 		Price:     subscription.Price.InexactFloat64(),
 		User:      userInfo,
-		Product:   s.convertToProductSimpleResponse(subscription.Product),
+		Product:   productResponse,
 		APIUsed:   subscription.APIUsed,
 		CreatedAt: subscription.CreatedAt,
 		UpdatedAt: subscription.UpdatedAt,
@@ -229,6 +234,11 @@ func (s *SubscriptionApplicationServiceImpl) convertToSubscriptionInfoResponse(s
 
 // convertToProductSimpleResponse 转换为产品简单信息响应
 func (s *SubscriptionApplicationServiceImpl) convertToProductSimpleResponse(product *entities.Product) *responses.ProductSimpleResponse {
+	var categoryResponse *responses.CategorySimpleResponse
+	if product.Category != nil {
+		categoryResponse = s.convertToCategorySimpleResponse(product.Category)
+	}
+
 	return &responses.ProductSimpleResponse{
 		ID:          product.ID,
 		OldID:       product.OldID,
@@ -236,13 +246,17 @@ func (s *SubscriptionApplicationServiceImpl) convertToProductSimpleResponse(prod
 		Code:        product.Code,
 		Description: product.Description,
 		Price:       product.Price.InexactFloat64(),
-		Category:    s.convertToCategorySimpleResponse(product.Category),
+		Category:    categoryResponse,
 		IsPackage:   product.IsPackage,
 	}
 }
 
 // convertToCategorySimpleResponse 转换为分类简单信息响应
 func (s *SubscriptionApplicationServiceImpl) convertToCategorySimpleResponse(category *entities.ProductCategory) *responses.CategorySimpleResponse {
+	if category == nil {
+		return nil
+	}
+	
 	return &responses.CategorySimpleResponse{
 		ID:   category.ID,
 		Name: category.Name,