From d630d847186b46dcde3033ce1f581cf3a49f9c96 Mon Sep 17 00:00:00 2001 From: Mrx <18278715334@163.com> Date: Sat, 28 Feb 2026 12:18:25 +0800 Subject: [PATCH] f --- .../internal/handler/auth/sendsmshandler.go | 4 ++- .../api/internal/logic/auth/sendsmslogic.go | 4 +-- pkg/captcha/aliyun.go | 33 ++++++++++++++++--- 3 files changed, 34 insertions(+), 7 deletions(-) diff --git a/app/main/api/internal/handler/auth/sendsmshandler.go b/app/main/api/internal/handler/auth/sendsmshandler.go index 0c0b4d1..20389cb 100644 --- a/app/main/api/internal/handler/auth/sendsmshandler.go +++ b/app/main/api/internal/handler/auth/sendsmshandler.go @@ -7,6 +7,7 @@ import ( "ycc-server/app/main/api/internal/svc" "ycc-server/app/main/api/internal/types" "ycc-server/common/result" + "ycc-server/pkg/captcha" "ycc-server/pkg/lzkit/validator" "github.com/zeromicro/go-zero/rest/httpx" @@ -23,7 +24,8 @@ func SendSmsHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { result.ParamValidateErrorResult(r, w, err) return } - l := auth.NewSendSmsLogic(r.Context(), svcCtx) + ctx := captcha.WithUserAgent(r.Context(), r.Header.Get("User-Agent")) + l := auth.NewSendSmsLogic(ctx, svcCtx) err := l.SendSms(&req) result.HttpResult(r, w, nil, err) } diff --git a/app/main/api/internal/logic/auth/sendsmslogic.go b/app/main/api/internal/logic/auth/sendsmslogic.go index fd9179a..09e394e 100644 --- a/app/main/api/internal/logic/auth/sendsmslogic.go +++ b/app/main/api/internal/logic/auth/sendsmslogic.go @@ -36,10 +36,10 @@ func NewSendSmsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SendSmsLo } func (l *SendSmsLogic) SendSms(req *types.SendSmsReq) error { - // 1. 阿里云滑块验证码校验(防盗刷) + // 1. 阿里云滑块验证码校验(防盗刷);微信环境会跳过 cfg := l.svcCtx.Config.Captcha if cfg.SceneID != "" { - if err := captcha.Verify(captcha.Config{ + if err := captcha.Verify(l.ctx, captcha.Config{ AccessKeyID: cfg.AccessKeyID, AccessKeySecret: cfg.AccessKeySecret, EndpointURL: cfg.EndpointURL, diff --git a/pkg/captcha/aliyun.go b/pkg/captcha/aliyun.go index 0ed3bef..519d3f3 100644 --- a/pkg/captcha/aliyun.go +++ b/pkg/captcha/aliyun.go @@ -1,7 +1,9 @@ package captcha import ( + "context" "os" + "strings" captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client" openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client" @@ -12,6 +14,24 @@ import ( "ycc-server/common/xerr" ) +// 用于在 context 中传递 User-Agent 的 key(仅本包读取) +type ctxKey struct{} + +var userAgentCtxKey = &ctxKey{} + +// WithUserAgent 将 User-Agent 写入 context,供 Verify 判断是否微信环境 +func WithUserAgent(ctx context.Context, userAgent string) context.Context { + if ctx == nil { + return ctx + } + return context.WithValue(ctx, userAgentCtxKey, userAgent) +} + +// isWechatUserAgent 判断是否为微信内置浏览器(含小程序、H5) +func isWechatUserAgent(ua string) bool { + return strings.Contains(ua, "MicroMessenger") +} + // Config 验证码配置 type Config struct { AccessKeyID string @@ -20,18 +40,23 @@ type Config struct { SceneID string } -// Verify 验证阿里云滑块验证码 -func Verify(cfg Config, captchaVerifyParam string) error { +// Verify 验证阿里云滑块验证码。若 ctx 中带有 User-Agent 且为微信环境则跳过验证(默认成功)。 +func Verify(ctx context.Context, cfg Config, captchaVerifyParam string) error { // 开发环境跳过验证 if os.Getenv("ENV") == "development" { logx.Info("[Captcha] 开发环境,跳过验证码校验") return nil } + // 微信环境(内置浏览器/小程序)跳过图形验证码,不要求 captchaVerifyParam + if ua, ok := ctx.Value(userAgentCtxKey).(string); ok && ua != "" && isWechatUserAgent(ua) { + logx.Info("[Captcha] 微信环境,跳过图形验证码校验") + return nil + } + // 检查参数 if captchaVerifyParam == "" { - logx.Info("[Captcha] 空参数,跳过验证码校验,兼容未做防盗刷验证码的场景") - return nil + return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam") } // 创建客户端配置