f
This commit is contained in:
@@ -1,6 +1,7 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
|
||||
"tyc-server/app/main/api/internal/logic/auth"
|
||||
@@ -23,7 +24,8 @@ func SendSmsHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||
result.ParamValidateErrorResult(r, w, err)
|
||||
return
|
||||
}
|
||||
l := auth.NewSendSmsLogic(r.Context(), svcCtx)
|
||||
ctx := context.WithValue(r.Context(), auth.UserAgentContextKey, r.Header.Get("User-Agent"))
|
||||
l := auth.NewSendSmsLogic(ctx, svcCtx)
|
||||
err := l.SendSms(&req)
|
||||
result.HttpResult(r, w, nil, err)
|
||||
}
|
||||
|
||||
@@ -35,15 +35,18 @@ func NewSendSmsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SendSmsLo
|
||||
}
|
||||
}
|
||||
|
||||
// UserAgentContextKey 用于从 context 读取 User-Agent(如判断是否微信)
|
||||
const UserAgentContextKey = "user_agent"
|
||||
|
||||
func (l *SendSmsLogic) SendSms(req *types.SendSmsReq) error {
|
||||
// 图形验证码校验(开发环境可跳过)
|
||||
userAgent, _ := l.ctx.Value(UserAgentContextKey).(string)
|
||||
cfg := l.svcCtx.Config.Captcha
|
||||
if err := captcha.Verify(captcha.Config{
|
||||
if err := captcha.VerifyWithUserAgent(captcha.Config{
|
||||
AccessKeyID: cfg.AccessKeyID,
|
||||
AccessKeySecret: cfg.AccessKeySecret,
|
||||
EndpointURL: cfg.EndpointURL,
|
||||
SceneID: cfg.SceneID,
|
||||
}, req.CaptchaVerifyParam); err != nil {
|
||||
}, req.CaptchaVerifyParam, userAgent); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
package captcha
|
||||
|
||||
import (
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"tyc-server/common/xerr"
|
||||
|
||||
captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client"
|
||||
@@ -18,11 +21,24 @@ type Config struct {
|
||||
SceneID string
|
||||
}
|
||||
|
||||
// isWeChatUserAgent 判断 User-Agent 是否为微信内置浏览器(含 MicroMessenger)。
|
||||
func isWeChatUserAgent(ua string) bool {
|
||||
return strings.Contains(ua, "MicroMessenger")
|
||||
}
|
||||
|
||||
// VerifyWithUserAgent 根据 User-Agent 与 captchaVerifyParam 校验。微信请求直接通过。
|
||||
func VerifyWithUserAgent(cfg Config, captchaVerifyParam string, userAgent string) error {
|
||||
if isWeChatUserAgent(userAgent) {
|
||||
return nil
|
||||
}
|
||||
return Verify(cfg, captchaVerifyParam)
|
||||
}
|
||||
|
||||
// Verify 校验前端传入的 captchaVerifyParam。异常时视为通过以保证业务可用。
|
||||
func Verify(cfg Config, captchaVerifyParam string) error {
|
||||
// if os.Getenv("ENV") == "development" {
|
||||
// return nil
|
||||
// }
|
||||
if os.Getenv("ENV") == "development" {
|
||||
return nil
|
||||
}
|
||||
if captchaVerifyParam == "" {
|
||||
return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user