Merge branch 'main' of http://1.117.67.95:3000/team/tyc-server-v2

2026-02-01 16:37:56 +08:00
parent 35d9ecbb6c 76784c3c1b
commit bcbecc402d
19 changed files with 717 additions and 46 deletions
--- a/app/main/api/internal/logic/admin_auth/adminloginlogic.go
+++ b/app/main/api/internal/logic/admin_auth/adminloginlogic.go
@@ -2,6 +2,7 @@ package admin_auth

 import (
 	"context"
+	"os"

 	"tyc-server/app/main/api/internal/svc"
 	"tyc-server/app/main/api/internal/types"
@@ -30,8 +31,8 @@ func NewAdminLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *AdminL
 }

 func (l *AdminLoginLogic) AdminLogin(req *types.AdminLoginReq) (resp *types.AdminLoginResp, err error) {
-	// 1. 验证验证码
-	if !req.Captcha {
+	// 1. 验证验证码（开发环境可跳过）
+	if os.Getenv("ENV") != "development" && !req.Captcha {
 		return nil, errors.Wrapf(xerr.NewErrMsg("验证码错误"), "用户登录, 验证码错误, 验证码: %v", req.Captcha)
 	}

--- a/app/main/api/internal/logic/admin_order/admingetorderlistlogic.go
+++ b/app/main/api/internal/logic/admin_order/admingetorderlistlogic.go
@@ -2,6 +2,7 @@ package admin_order

 import (
 	"context"
+	"encoding/hex"
 	"sync"

 	"tyc-server/app/main/api/internal/svc"
@@ -9,6 +10,7 @@ import (
 	"tyc-server/app/main/model"
 	"tyc-server/common/globalkey"
 	"tyc-server/common/xerr"
+	"tyc-server/pkg/lzkit/crypto"

 	"github.com/Masterminds/squirrel"
 	"github.com/pkg/errors"
@@ -77,6 +79,67 @@ func (l *AdminGetOrderListLogic) AdminGetOrderList(req *types.AdminGetOrderListR
 		builder = builder.Where("refund_time <= ?", req.RefundTimeEnd)
 	}

+	// 按被查询人姓名/身份证/手机号过滤：通过 query_user_record 表加密匹配得到 order_id 列表
+	if req.QueriedName != "" || req.QueriedIdCard != "" || req.QueriedMobile != "" {
+		key, err := hex.DecodeString(l.svcCtx.Config.Encrypt.SecretKey)
+		if err != nil {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.REUQEST_PARAM_ERROR), "AdminGetOrderList, 解密密钥无效 err: %v", err)
+		}
+		secretKey := l.svcCtx.Config.Encrypt.SecretKey
+		var orConds []squirrel.Eq
+		if req.QueriedName != "" {
+			encName, err := crypto.AesEcbEncrypt([]byte(req.QueriedName), key)
+			if err != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.REUQEST_PARAM_ERROR), "AdminGetOrderList, 姓名加密失败 err: %v", err)
+			}
+			orConds = append(orConds, squirrel.Eq{"name": encName})
+		}
+		if req.QueriedIdCard != "" {
+			encIdCard, err := crypto.EncryptIDCard(req.QueriedIdCard, key)
+			if err != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.REUQEST_PARAM_ERROR), "AdminGetOrderList, 身份证加密失败 err: %v", err)
+			}
+			orConds = append(orConds, squirrel.Eq{"id_card": encIdCard})
+		}
+		if req.QueriedMobile != "" {
+			encMobile, err := crypto.EncryptMobile(req.QueriedMobile, secretKey)
+			if err != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.REUQEST_PARAM_ERROR), "AdminGetOrderList, 手机号加密失败 err: %v", err)
+			}
+			orConds = append(orConds, squirrel.Eq{"mobile": encMobile})
+		}
+		if len(orConds) == 0 {
+			return &types.AdminGetOrderListResp{Total: 0, Items: []types.OrderListItem{}}, nil
+		}
+		qb := l.svcCtx.QueryUserRecordModel.SelectBuilder().
+			Columns("order_id").
+			Where(squirrel.Gt{"order_id": 0})
+		// squirrel Or 需要多个 predicate，用 Or 拼接
+		var orPred squirrel.Or
+		for _, eq := range orConds {
+			orPred = append(orPred, eq)
+		}
+		qb = qb.Where(orPred)
+		records, err := l.svcCtx.QueryUserRecordModel.FindAll(l.ctx, qb, "id DESC")
+		if err != nil && !errors.Is(err, model.ErrNotFound) {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "AdminGetOrderList, 查询被查询人记录失败 err: %v", err)
+		}
+		orderIdSet := make(map[int64]struct{})
+		for _, rec := range records {
+			if rec.OrderId > 0 {
+				orderIdSet[rec.OrderId] = struct{}{}
+			}
+		}
+		if len(orderIdSet) == 0 {
+			return &types.AdminGetOrderListResp{Total: 0, Items: []types.OrderListItem{}}, nil
+		}
+		orderIds := make([]int64, 0, len(orderIdSet))
+		for id := range orderIdSet {
+			orderIds = append(orderIds, id)
+		}
+		builder = builder.Where(squirrel.Eq{"id": orderIds})
+	}
+
 	// 并发获取总数和列表
 	var total int64
 	var orders []*model.Order
--- a/app/main/api/internal/logic/agent/agentrealnamelogic.go
+++ b/app/main/api/internal/logic/agent/agentrealnamelogic.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"database/sql"
 	"fmt"
+	"os"
 	"time"

 	"tyc-server/app/main/api/internal/service"
@@ -43,17 +44,19 @@ func (l *AgentRealNameLogic) AgentRealName(req *types.AgentRealNameReq) (resp *t
 	if err != nil {
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "代理实名, 加密手机号失败: %v", err)
 	}
-	// 检查手机号是否在一分钟内已发送过验证码
-	redisKey := fmt.Sprintf("%s:%s", "realName", encryptedMobile)
-	cacheCode, err := l.svcCtx.Redis.Get(redisKey)
-	if err != nil {
-		if errors.Is(err, redis.Nil) {
-			return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "代理实名, 验证码过期: %s", encryptedMobile)
+	// 开发环境可跳过验证码校验
+	if os.Getenv("ENV") != "development" {
+		redisKey := fmt.Sprintf("%s:%s", "realName", encryptedMobile)
+		cacheCode, err := l.svcCtx.Redis.Get(redisKey)
+		if err != nil {
+			if errors.Is(err, redis.Nil) {
+				return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "代理实名, 验证码过期: %s", encryptedMobile)
+			}
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "代理实名, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+		}
+		if cacheCode != req.Code {
+			return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "代理实名, 验证码不正确: %s", encryptedMobile)
 		}
-		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "代理实名, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
-	}
-	if cacheCode != req.Code {
-		return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "代理实名, 验证码不正确: %s", encryptedMobile)
 	}
 	agent, err := l.svcCtx.AgentModel.FindOneByUserId(l.ctx, userID)
 	if err != nil {
--- a/app/main/api/internal/logic/agent/applyforagentlogic.go
+++ b/app/main/api/internal/logic/agent/applyforagentlogic.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"database/sql"
 	"fmt"
+	"os"
 	"time"
 	"tyc-server/app/main/model"
 	"tyc-server/common/ctxdata"
@@ -44,8 +45,8 @@ func (l *ApplyForAgentLogic) ApplyForAgent(req *types.AgentApplyReq) (resp *type
 	if err != nil {
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "加密手机号失败: %v", err)
 	}
-	if req.Mobile != "18889793585" {
-		// 校验验证码
+	// 开发环境可跳过验证码校验
+	if os.Getenv("ENV") != "development" {
 		redisKey := fmt.Sprintf("%s:%s", "agentApply", encryptedMobile)
 		cacheCode, err := l.svcCtx.Redis.Get(redisKey)
 		if err != nil {
--- a/app/main/api/internal/logic/pay/alipaycallbacklogic.go
+++ b/app/main/api/internal/logic/pay/alipaycallbacklogic.go
@@ -94,6 +94,14 @@ func (l *AlipayCallbackLogic) handleQueryOrderPayment(w http.ResponseWriter, not
 		return nil
 	}

+	// 更新 query_user_record 的 platform_order_id（见 query_user_record.sql 说明 3）
+	qb := l.svcCtx.QueryUserRecordModel.SelectBuilder().Where("query_no = ?", notification.OutTradeNo)
+	records, _ := l.svcCtx.QueryUserRecordModel.FindAll(l.ctx, qb, "")
+	for _, rec := range records {
+		rec.PlatformOrderId = lzUtils.StringToNullString(notification.TradeNo)
+		_, _ = l.svcCtx.QueryUserRecordModel.Update(l.ctx, nil, rec)
+	}
+
 	if order.Status == "paid" {
 		if asyncErr := l.svcCtx.AsynqService.SendQueryTask(order.Id); asyncErr != nil {
 			logx.Errorf("异步任务调度失败: %v", asyncErr)
--- a/app/main/api/internal/logic/pay/paymentlogic.go
+++ b/app/main/api/internal/logic/pay/paymentlogic.go
@@ -2,9 +2,12 @@ package pay

 import (
 	"context"
+	"database/sql"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
+	"os"
+	"time"
 	"tyc-server/app/main/api/internal/svc"
 	"tyc-server/app/main/api/internal/types"
 	"tyc-server/app/main/model"
@@ -12,6 +15,7 @@ import (
 	"tyc-server/common/xerr"
 	"tyc-server/pkg/lzkit/crypto"

+	"github.com/Masterminds/squirrel"
 	"github.com/pkg/errors"
 	"github.com/redis/go-redis/v9"
 	"github.com/zeromicro/go-zero/core/logx"
@@ -27,6 +31,7 @@ type PaymentTypeResp struct {
 	amount      float64
 	outTradeNo  string
 	description string
+	orderID     int64
 }

 func NewPaymentLogic(ctx context.Context, svcCtx *svc.ServiceContext) *PaymentLogic {
@@ -60,6 +65,16 @@ func (l *PaymentLogic) Payment(req *types.PaymentReq) (resp *types.PaymentResp,
 			}
 		}

+		// 开发环境测试支付模式：仅当 pay_method=test 时跳过实际支付，直接返回 test_payment_success
+		// 支付宝/微信在开发环境下仍走真实支付流程（跳转沙箱），支付成功后由回调更新订单
+		// 注意：订单状态更新在事务外进行，避免在事务中查询不到订单的问题
+		isDevTestPayment := os.Getenv("ENV") == "development" && req.PayMethod == "test"
+		if isDevTestPayment && paymentTypeResp != nil && paymentTypeResp.orderID != 0 {
+			prepayData = "test_payment_success"
+			logx.Infof("开发环境测试支付模式：订单 %s (ID: %d) 将在事务提交后更新状态", paymentTypeResp.outTradeNo, paymentTypeResp.orderID)
+			return nil
+		}
+
 		var createOrderErr error
 		if req.PayMethod == "wechat" {
 			prepayData, createOrderErr = l.svcCtx.WechatPayService.CreateWechatOrder(l.ctx, paymentTypeResp.amount, paymentTypeResp.description, paymentTypeResp.outTradeNo)
@@ -76,6 +91,47 @@ func (l *PaymentLogic) Payment(req *types.PaymentReq) (resp *types.PaymentResp,
 	if err != nil {
 		return nil, err
 	}
+
+	// 开发环境测试支付模式：事务提交后处理订单状态更新和后续流程（仅 pay_method=test 且 query 类型 orderID>0）
+	isDevTestPayment := os.Getenv("ENV") == "development" && req.PayMethod == "test"
+	if isDevTestPayment && paymentTypeResp != nil && paymentTypeResp.orderID != 0 {
+		go func() {
+			time.Sleep(200 * time.Millisecond)
+
+			finalOrderID := paymentTypeResp.orderID
+			order, findOrderErr := l.svcCtx.OrderModel.FindOne(context.Background(), finalOrderID)
+			if findOrderErr != nil {
+				logx.Errorf("开发测试模式，查找订单失败，订单ID: %d, 错误: %v", finalOrderID, findOrderErr)
+				return
+			}
+			order.Status = "paid"
+			now := time.Now()
+			order.PayTime = sql.NullTime{Time: now, Valid: true}
+
+			// 空报告模式：在 PaymentPlatform 标记为 "test"，在 paySuccessNotify.ProcessTask 中通过
+			// order.PaymentPlatform == "test" 识别（isEmptyReportMode），并生成空报告、跳过 API 调用
+			isEmptyReportMode := req.PayMethod == "test"
+			if isEmptyReportMode {
+				order.PaymentPlatform = "test"
+				logx.Infof("开发环境空报告模式：订单 %s (ID: %d) 已标记为空报告模式", paymentTypeResp.outTradeNo, finalOrderID)
+			}
+			updateErr := l.svcCtx.OrderModel.UpdateWithVersion(context.Background(), nil, order)
+			if updateErr != nil {
+				logx.Errorf("开发测试模式，更新订单状态失败，订单ID: %d, 错误: %v", finalOrderID, updateErr)
+				return
+			}
+
+			if enqErr := l.svcCtx.AsynqService.SendQueryTask(finalOrderID); enqErr != nil {
+				logx.Errorf("开发测试模式，入队生成报告失败，订单ID: %d, 错误: %v", finalOrderID, enqErr)
+			}
+
+			logx.Infof("开发测试模式，订单状态已更新为已支付并已入队生成报告，订单ID: %d", finalOrderID)
+
+			// 再次短暂延迟，确保订单状态更新已提交
+			time.Sleep(100 * time.Millisecond)
+		}()
+	}
+
 	switch v := prepayData.(type) {
 	case string:
 		// 如果 prepayData 是字符串类型，直接返回
@@ -149,6 +205,16 @@ func (l *PaymentLogic) QueryOrderPayment(req *types.PaymentReq, session sqlx.Ses
 	}
 	orderID = insertedOrderID

+	// 更新 query_user_record 的 order_id，用于关联订单（见 query_user_record.sql 说明 2）
+	qb := l.svcCtx.QueryUserRecordModel.SelectBuilder().Where(squirrel.Eq{"query_no": outTradeNo})
+	records, findRecErr := l.svcCtx.QueryUserRecordModel.FindAll(l.ctx, qb, "")
+	if findRecErr == nil && len(records) > 0 {
+		for _, rec := range records {
+			rec.OrderId = orderID
+			_, _ = l.svcCtx.QueryUserRecordModel.Update(l.ctx, session, rec)
+		}
+	}
+
 	if data.AgentIdentifier != "" {
 		agent, parsingErr := l.agentParsing(data.AgentIdentifier)
 		if parsingErr != nil {
@@ -162,7 +228,7 @@ func (l *PaymentLogic) QueryOrderPayment(req *types.PaymentReq, session sqlx.Ses
 			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "生成订单, 保存代理订单失败: %+v", agentOrderInsert)
 		}
 	}
-	return &PaymentTypeResp{amount: amount, outTradeNo: outTradeNo, description: product.ProductName}, nil
+	return &PaymentTypeResp{amount: amount, outTradeNo: outTradeNo, description: product.ProductName, orderID: orderID}, nil
 }
 func (l *PaymentLogic) AgentVipOrderPayment(req *types.PaymentReq, session sqlx.Session) (resp *PaymentTypeResp, err error) {
 	userID, getUidErr := ctxdata.GetUidFromCtx(l.ctx)
--- a/app/main/api/internal/logic/pay/wechatpaycallbacklogic.go
+++ b/app/main/api/internal/logic/pay/wechatpaycallbacklogic.go
@@ -91,6 +91,16 @@ func (l *WechatPayCallbackLogic) handleQueryOrderPayment(w http.ResponseWriter,
 		return nil
 	}

+	// 更新 query_user_record 的 platform_order_id（见 query_user_record.sql 说明 3）
+	if notification.OutTradeNo != nil {
+		qb := l.svcCtx.QueryUserRecordModel.SelectBuilder().Where("query_no = ?", *notification.OutTradeNo)
+		records, _ := l.svcCtx.QueryUserRecordModel.FindAll(l.ctx, qb, "")
+		for _, rec := range records {
+			rec.PlatformOrderId = lzUtils.StringToNullString(*notification.TransactionId)
+			_, _ = l.svcCtx.QueryUserRecordModel.Update(l.ctx, nil, rec)
+		}
+	}
+
 	if order.Status == "paid" {
 		if asyncErr := l.svcCtx.AsynqService.SendQueryTask(order.Id); asyncErr != nil {
 			logx.Errorf("异步任务调度失败: %v", asyncErr)
--- a/app/main/api/internal/logic/query/queryservicelogic.go
+++ b/app/main/api/internal/logic/query/queryservicelogic.go
@@ -2,13 +2,16 @@ package query

 import (
 	"context"
+	"database/sql"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
+	"os"
 	"time"
 	"tyc-server/app/main/api/internal/service"
 	"tyc-server/app/main/model"
 	"tyc-server/common/ctxdata"
+	"tyc-server/common/globalkey"
 	"tyc-server/common/xerr"
 	"tyc-server/pkg/lzkit/crypto"
 	"tyc-server/pkg/lzkit/validator"
@@ -739,8 +742,11 @@ func (l *QueryServiceLogic) DecryptData(data string) ([]byte, error) {
 	return decryptData, nil
 }

-// 校验验证码
+// 校验验证码（开发环境 ENV=development 可跳过）
 func (l *QueryServiceLogic) VerifyCode(mobile string, code string) error {
+	if os.Getenv("ENV") == "development" {
+		return nil
+	}
 	secretKey := l.svcCtx.Config.Encrypt.SecretKey
 	encryptedMobile, err := crypto.EncryptMobile(mobile, secretKey)
 	if err != nil {
@@ -765,8 +771,11 @@ func (l *QueryServiceLogic) IsAgentQuery() bool {
 	return agentID != ""
 }

-// 二要素验证（仅姓名+身份证号）
+// 二要素验证（仅姓名+身份证号）（开发环境不调用验证 API）
 func (l *QueryServiceLogic) VerifyTwo(Name string, IDCard string) error {
+	if os.Getenv("ENV") == "development" {
+		return nil
+	}
 	twoVerification := service.TwoFactorVerificationRequest{
 		Name:   Name,
 		IDCard: IDCard,
@@ -781,8 +790,11 @@ func (l *QueryServiceLogic) VerifyTwo(Name string, IDCard string) error {
 	return nil
 }

-// 按代理/非代理切换要素验证：代理走三要素；非代理走二要素
+// 按代理/非代理切换要素验证：代理走三要素；非代理走二要素（开发环境不调用验证 API）
 func (l *QueryServiceLogic) Verify(Name string, IDCard string, Mobile string) error {
+	if os.Getenv("ENV") == "development" {
+		return nil
+	}
 	if !l.IsAgentQuery() {
 		twoVerification := service.TwoFactorVerificationRequest{
 			Name:   Name,
@@ -847,6 +859,46 @@ func (l *QueryServiceLogic) CacheData(params map[string]interface{}, Product str
 	if cacheErr != nil {
 		return "", cacheErr
 	}
+
+	// 写入 query_user_record，用于后台按被查询人姓名/身份证/手机号追溯订单（见 query_user_record.sql 说明 1）
+	nameStr, _ := params["name"].(string)
+	idCardStr, _ := params["id_card"].(string)
+	mobileStr, _ := params["mobile"].(string)
+	if nameStr != "" || idCardStr != "" || mobileStr != "" {
+		var encName, encIdCard, encMobile string
+		if nameStr != "" {
+			encName, _ = crypto.AesEcbEncrypt([]byte(nameStr), key)
+		}
+		if idCardStr != "" {
+			encIdCard, _ = crypto.EncryptIDCard(idCardStr, key)
+		}
+		if mobileStr != "" {
+			encMobile, _ = crypto.EncryptMobile(mobileStr, secretKey)
+		}
+		agentIdent := sql.NullString{}
+		if agentIdentifier != "" {
+			agentIdent = sql.NullString{String: agentIdentifier, Valid: true}
+		}
+		rec := &model.QueryUserRecord{
+			DeleteTime:      sql.NullTime{},
+			DelState:        globalkey.DelStateNo,
+			Version:         0,
+			UserId:          userID,
+			Name:            encName,
+			IdCard:          encIdCard,
+			Mobile:          encMobile,
+			Product:         Product,
+			QueryNo:         outTradeNo,
+			OrderId:         0,
+			PlatformOrderId: sql.NullString{},
+			AgentIdentifier: agentIdent,
+		}
+		_, insertErr := l.svcCtx.QueryUserRecordModel.Insert(l.ctx, nil, rec)
+		if insertErr != nil {
+			logx.WithContext(l.ctx).Errorf("CacheData 写入 query_user_record 失败: %v", insertErr)
+		}
+	}
+
 	return outTradeNo, nil
 }

--- a/app/main/api/internal/logic/user/bindmobilelogic.go
+++ b/app/main/api/internal/logic/user/bindmobilelogic.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"database/sql"
 	"fmt"
+	"os"
 	"time"

 	"tyc-server/app/main/api/internal/svc"
@@ -42,8 +43,8 @@ func (l *BindMobileLogic) BindMobile(req *types.BindMobileReq) (resp *types.Bind
 	if err != nil {
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "绑定手机号, 加密手机号失败: %v", err)
 	}
-	if req.Mobile != "18889793585" {
-		// 检查手机号是否在一分钟内已发送过验证码
+	// 开发环境可跳过验证码校验
+	if os.Getenv("ENV") != "development" {
 		redisKey := fmt.Sprintf("%s:%s", "bindMobile", encryptedMobile)
 		cacheCode, err := l.svcCtx.Redis.Get(redisKey)
 		if err != nil {
--- a/app/main/api/internal/logic/user/mobilecodeloginlogic.go
+++ b/app/main/api/internal/logic/user/mobilecodeloginlogic.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"database/sql"
 	"fmt"
+	"os"
 	"time"
 	"tyc-server/app/main/api/internal/svc"
 	"tyc-server/app/main/api/internal/types"
@@ -37,17 +38,19 @@ func (l *MobileCodeLoginLogic) MobileCodeLogin(req *types.MobileCodeLoginReq) (r
 	if err != nil {
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机登录, 加密手机号失败: %+v", err)
 	}
-	// 检查手机号是否在一分钟内已发送过验证码
-	redisKey := fmt.Sprintf("%s:%s", "login", encryptedMobile)
-	cacheCode, err := l.svcCtx.Redis.Get(redisKey)
-	if err != nil {
-		if errors.Is(err, redis.Nil) {
-			return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "手机登录, 验证码过期: %s", encryptedMobile)
+	// 检查验证码（开发环境可跳过）
+	if os.Getenv("ENV") != "development" {
+		redisKey := fmt.Sprintf("%s:%s", "login", encryptedMobile)
+		cacheCode, err := l.svcCtx.Redis.Get(redisKey)
+		if err != nil {
+			if errors.Is(err, redis.Nil) {
+				return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "手机登录, 验证码过期: %s", encryptedMobile)
+			}
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机登录, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+		}
+		if cacheCode != req.Code {
+			return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "手机登录, 验证码不正确: %s", encryptedMobile)
 		}
-		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机登录, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
-	}
-	if cacheCode != req.Code {
-		return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "手机登录, 验证码不正确: %s", encryptedMobile)
 	}
 	var userID int64
 	user, findUserErr := l.svcCtx.UserModel.FindOneByMobile(l.ctx, sql.NullString{String: encryptedMobile, Valid: true})
--- a/app/main/api/internal/queue/paySuccessNotify.go
+++ b/app/main/api/internal/queue/paySuccessNotify.go
@@ -11,6 +11,7 @@ import (
 	"regexp"
 	"strings"
 	paylogic "tyc-server/app/main/api/internal/logic/pay"
+	"tyc-server/app/main/api/internal/service"
 	"tyc-server/app/main/api/internal/svc"
 	"tyc-server/app/main/api/internal/types"
 	"tyc-server/app/main/model"
@@ -142,10 +143,19 @@ func (l *PaySuccessNotifyUserHandler) ProcessTask(ctx context.Context, t *asynq.
 		}
 	}

-	// 调用API请求服务
-	responseData, err := l.svcCtx.ApiRequestService.ProcessRequests(decryptData, product.Id)
-	if err != nil {
-		return l.handleError(ctx, err, order, query)
+	// 调用API请求服务（开发环境下不调用其它产品，使用默认空报告；测试支付 order.PaymentPlatform=="test" 也走空报告）
+	var responseData []service.APIResponseData
+	isEmptyReportMode := env == "development" || order.PaymentPlatform == "test"
+	if isEmptyReportMode {
+		// 开发环境 / 测试支付：生成仅包含基本信息的默认空报告，不调用外部 API
+		logx.Infof("空报告模式：订单 %s (ID: %d) 跳过API调用，生成空报告", order.OrderNo, order.Id)
+		responseData = []service.APIResponseData{}
+	} else {
+		var processErr error
+		responseData, processErr = l.svcCtx.ApiRequestService.ProcessRequests(decryptData, product.Id)
+		if processErr != nil {
+			return l.handleError(ctx, processErr, order, query)
+		}
 	}

 	// 计算成功模块的总成本价
--- a/app/main/api/internal/svc/servicecontext.go
+++ b/app/main/api/internal/svc/servicecontext.go
@@ -42,6 +42,7 @@ type ServiceContext struct {
 	QueryCleanupLogModel    model.QueryCleanupLogModel
 	QueryCleanupDetailModel model.QueryCleanupDetailModel
 	QueryCleanupConfigModel model.QueryCleanupConfigModel
+	QueryUserRecordModel    model.QueryUserRecordModel

 	// 代理相关模型
 	AgentModel                        model.AgentModel
@@ -132,6 +133,7 @@ func NewServiceContext(c config.Config) *ServiceContext {
 	queryCleanupLogModel := model.NewQueryCleanupLogModel(db, cacheConf)
 	queryCleanupDetailModel := model.NewQueryCleanupDetailModel(db, cacheConf)
 	queryCleanupConfigModel := model.NewQueryCleanupConfigModel(db, cacheConf)
+	queryUserRecordModel := model.NewQueryUserRecordModel(db, cacheConf)

 	// ============================== 代理相关模型 ==============================
 	agentModel := model.NewAgentModel(db, cacheConf)
@@ -244,6 +246,7 @@ func NewServiceContext(c config.Config) *ServiceContext {
 		QueryCleanupLogModel:    queryCleanupLogModel,
 		QueryCleanupDetailModel: queryCleanupDetailModel,
 		QueryCleanupConfigModel: queryCleanupConfigModel,
+		QueryUserRecordModel:    queryUserRecordModel,

 		// 代理相关模型
 		AgentModel:                        agentModel,
--- a/app/main/api/internal/types/types.go
+++ b/app/main/api/internal/types/types.go
@@ -533,6 +533,9 @@ type AdminGetOrderListReq struct {
 	RefundTimeStart string  `form:"refund_time_start,optional"`       // 退款时间开始
 	RefundTimeEnd   string  `form:"refund_time_end,optional"`         // 退款时间结束
 	SalesCost       float64 `form:"sales_cost,optional"`              // 成本价
+	QueriedName     string  `form:"queried_name,optional"`            // 被查询人姓名（明文）
+	QueriedIdCard   string  `form:"queried_id_card,optional"`          // 被查询人身份证（明文）
+	QueriedMobile   string  `form:"queried_mobile,optional"`          // 被查询人手机号（明文）
 }

 type AdminGetOrderListResp struct {