f
This commit is contained in:
@@ -2,11 +2,12 @@ package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"xingfucha-server/common/xerr"
|
||||
"xingfucha-server/pkg/lzkit/crypto"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"time"
|
||||
"xingfucha-server/common/xerr"
|
||||
"xingfucha-server/pkg/captcha"
|
||||
"xingfucha-server/pkg/lzkit/crypto"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
|
||||
@@ -35,6 +36,18 @@ func NewSendSmsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SendSmsLo
|
||||
}
|
||||
|
||||
func (l *SendSmsLogic) SendSms(req *types.SendSmsReq) error {
|
||||
// 1. 图形验证码校验
|
||||
cfg := l.svcCtx.Config.Captcha
|
||||
if err := captcha.Verify(captcha.Config{
|
||||
AccessKeyID: cfg.AccessKeyID,
|
||||
AccessKeySecret: cfg.AccessKeySecret,
|
||||
EndpointURL: cfg.EndpointURL,
|
||||
SceneID: cfg.SceneID,
|
||||
}, req.CaptchaVerifyParam); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// 2. 原有的手机号加密逻辑
|
||||
secretKey := l.svcCtx.Config.Encrypt.SecretKey
|
||||
encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
|
||||
if err != nil {
|
||||
|
||||
77
pkg/captcha/aliyun.go
Normal file
77
pkg/captcha/aliyun.go
Normal file
@@ -0,0 +1,77 @@
|
||||
package captcha
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"xingfucha-server/common/xerr"
|
||||
|
||||
captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client"
|
||||
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
"github.com/alibabacloud-go/tea-utils/v2/service"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// Config 验证码配置
|
||||
type Config struct {
|
||||
AccessKeyID string
|
||||
AccessKeySecret string
|
||||
EndpointURL string
|
||||
SceneID string
|
||||
EKey string // 加密模式用的 ekey
|
||||
}
|
||||
|
||||
// Verify 验证图形验证码
|
||||
func Verify(cfg Config, captchaVerifyParam string) error {
|
||||
// 开发环境跳过验证
|
||||
if os.Getenv("ENV") == "development" {
|
||||
return nil
|
||||
}
|
||||
|
||||
if captchaVerifyParam == "" {
|
||||
return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam")
|
||||
}
|
||||
|
||||
// 创建阿里云验证码客户端
|
||||
clientCfg := &openapi.Config{
|
||||
AccessKeyId: tea.String(cfg.AccessKeyID),
|
||||
AccessKeySecret: tea.String(cfg.AccessKeySecret),
|
||||
Endpoint: tea.String(cfg.EndpointURL),
|
||||
}
|
||||
client, err := captcha20230305.NewClient(clientCfg)
|
||||
if err != nil {
|
||||
// 阿里云服务异常时,记录日志但视为通过,不影响业务可用性
|
||||
fmt.Printf("captcha.NewClient error: %+v\n", err)
|
||||
return nil
|
||||
}
|
||||
|
||||
// 构建验证请求
|
||||
req := &captcha20230305.VerifyIntelligentCaptchaRequest{
|
||||
SceneId: tea.String(cfg.SceneID),
|
||||
CaptchaVerifyParam: tea.String(captchaVerifyParam),
|
||||
}
|
||||
|
||||
// 调用验证接口
|
||||
runtime := &service.RuntimeOptions{}
|
||||
resp, err := client.VerifyIntelligentCaptchaWithOptions(req, runtime)
|
||||
if err != nil {
|
||||
// 阿里云服务异常时,记录日志但视为通过,不影响业务可用性
|
||||
fmt.Printf("captcha.VerifyIntelligentCaptchaWithOptions error: %+v\n", err)
|
||||
return nil
|
||||
}
|
||||
|
||||
if resp == nil || resp.Body == nil || resp.Body.Result == nil {
|
||||
// 阿里云服务异常时,记录日志但视为通过,不影响业务可用性
|
||||
fmt.Printf("captcha response is nil or Body is nil or Result is nil\n")
|
||||
return nil
|
||||
}
|
||||
|
||||
// 检查验证结果
|
||||
if tea.BoolValue(resp.Body.Result.VerifyResult) {
|
||||
return nil
|
||||
}
|
||||
|
||||
// 验证失败
|
||||
return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "captcha verify failed")
|
||||
}
|
||||
46
pkg/captcha/encrypt_scene.go
Normal file
46
pkg/captcha/encrypt_scene.go
Normal file
@@ -0,0 +1,46 @@
|
||||
package captcha
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
lzcrypto "xingfucha-server/pkg/lzkit/crypto"
|
||||
)
|
||||
|
||||
// GenerateEncryptedSceneID 生成加密场景ID
|
||||
// sceneId: 场景ID
|
||||
// ekey: 加密密钥(Base64编码)
|
||||
// expireSeconds: 过期时间(秒)
|
||||
// 返回: 加密后的场景ID(Base64编码)
|
||||
func GenerateEncryptedSceneID(sceneId, ekey string, expireSeconds int) (string, error) {
|
||||
// 默认过期时间1小时
|
||||
if expireSeconds <= 0 || expireSeconds > 86400 {
|
||||
expireSeconds = 3600
|
||||
}
|
||||
|
||||
// 生成时间戳
|
||||
ts := time.Now().Unix()
|
||||
|
||||
// 构建明文: sceneId×tamp&expireTime
|
||||
plaintext := fmt.Sprintf("%s&%d&%d", sceneId, ts, expireSeconds)
|
||||
|
||||
// Base64解码ekey
|
||||
keyBytes, err := base64.StdEncoding.DecodeString(ekey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("decode ekey error: %w", err)
|
||||
}
|
||||
|
||||
// 检查密钥长度(必须是32字节)
|
||||
if len(keyBytes) != 32 {
|
||||
return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes))
|
||||
}
|
||||
|
||||
// 使用AES加密
|
||||
encrypted, err := lzcrypto.AesEncrypt([]byte(plaintext), keyBytes)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("aes encrypt error: %w", err)
|
||||
}
|
||||
|
||||
return encrypted, nil
|
||||
}
|
||||
Reference in New Issue
Block a user