fix:加密数据

controllers/base_auth.go

@@ -27,7 +27,7 @@ func (c *BaseAuthController) Prepare() {
 		if method == "POST" || method == "GET" {
 			authorization := c.Ctx.Input.Header("authorization")
 			if authorization == "" {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "请重新授权！", ErrMsg: "请重新授权:Token is empty or account is empty"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "请重新授权！", ErrMsg: "请重新授权:Token is empty or account is empty"}, false, false)
 				c.StopRun()
 				return
 			}
@@ -38,61 +38,61 @@ func (c *BaseAuthController) Prepare() {
 			session, err := models.GetSysSessionByToken(token)
 			if err != nil {
 				if err == orm.ErrNoRows {
-					c.JSON(models.BaseResponse{Ret: 408, Msg: "信息已变更,请重新登陆！", ErrMsg: "Token 信息已变更:Token: " + token})
+					c.JSON(models.BaseResponse{Ret: 408, Msg: "信息已变更,请重新登陆！", ErrMsg: "Token 信息已变更:Token: " + token}, false, false)
 					c.StopRun()
 					return
 				}
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "获取用户信息异常，Eerr:" + err.Error()})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "获取用户信息异常，Eerr:" + err.Error()}, false, false)
 				c.StopRun()
 				return
 			}
 			if session == nil {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "sesson is empty "})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "sesson is empty "}, false, false)
 				c.StopRun()
 				return
 			}
 			account := utils.MD5(session.UserName)
 			if !utils.CheckToken(account, token) {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "鉴权失败，请重新登录！", ErrMsg: "登录失效，请重新登陆!,CheckToken Fail"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "鉴权失败，请重新登录！", ErrMsg: "登录失效，请重新登陆!,CheckToken Fail"}, false, false)
 				c.StopRun()
 				return
 			}
 			if time.Now().After(session.ExpiredTime) {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "请重新登录!", ErrMsg: "获取用户信息异常"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "请重新登录!", ErrMsg: "获取用户信息异常"}, false, false)
 				c.StopRun()
 				return
 			}
 			sysUser, err := models.GetSysUserById(session.SysUserId)
 			if err != nil {
 				if err == orm.ErrNoRows {
-					c.JSON(models.BaseResponse{Ret: 408, Msg: "信息已变更,请重新登陆！", ErrMsg: "获取sysUser信息失败: " + strconv.Itoa(session.SysUserId)})
+					c.JSON(models.BaseResponse{Ret: 408, Msg: "信息已变更,请重新登陆！", ErrMsg: "获取sysUser信息失败: " + strconv.Itoa(session.SysUserId)}, false, false)
 					c.StopRun()
 					return
 				}
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "获取sysUser信息异常，Err:" + err.Error()})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "获取sysUser信息异常，Err:" + err.Error()}, false, false)
 				c.StopRun()
 				return
 			}
 			if sysUser == nil {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "sysUser is empty"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "网络异常，请稍后重试!", ErrMsg: "sysUser is empty"}, false, false)
 				c.StopRun()
 				return
 			}
 			if !sysUser.IsEnabled {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "账户信息异常！", ErrMsg: "账户被禁用，不允许登陆!"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "账户信息异常！", ErrMsg: "账户被禁用，不允许登陆!"}, false, false)
 				c.StopRun()
 				return
 			}
 			loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, session.SysSessionId)
 			loginInfo, _ := utils.Rc.RedisString(loginKey)
 			if loginInfo == `` {
-				c.JSON(models.BaseResponse{Ret: 408, Msg: "超时未操作，系统自动退出！", ErrMsg: "超时未操作，系统自动退出！"})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: "超时未操作，系统自动退出！", ErrMsg: "超时未操作，系统自动退出！"}, false, false)
 				c.StopRun()
 				return
 			}
 			if loginInfo != "1" {
 				msg := "在其他网络登录。此客户端已退出登录。"
-				c.JSON(models.BaseResponse{Ret: 408, Msg: msg, ErrMsg: msg})
+				c.JSON(models.BaseResponse{Ret: 408, Msg: msg, ErrMsg: msg}, false, false)
 				c.StopRun()
 				return
 			}
@@ -102,14 +102,65 @@ func (c *BaseAuthController) Prepare() {
 	}
 }
 
-func (c *BaseAuthController) JSON(data interface{}) error {
+func (c *BaseAuthController) ServeJSON(encoding ...bool) {
+	var (
+		hasIndent   = false
+		hasEncoding = false
+	)
+	if web.BConfig.RunMode == web.PROD {
+		hasIndent = false
+	}
+	if len(encoding) > 0 && encoding[0] == true {
+		hasEncoding = true
+	}
+	if c.Data["json"] == nil {
+		//go utils.SendEmail("异常提醒:", "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值", utils.EmailSendToUsers)
+		body := "接口:" + "URI:" + c.Ctx.Input.URI() + ";无返回值"
+		fmt.Println(body)
+		// go alarm_msg.SendAlarmMsg(body, 1)
+		return
+	}
+	baseRes := c.Data["json"].(*models.BaseResponse)
+	if baseRes != nil && baseRes.Ret != 408 {
+		body, _ := json.Marshal(baseRes)
+		var requestBody string
+		method := c.Ctx.Input.Method()
+		if method == "GET" {
+			requestBody = c.Ctx.Request.RequestURI
+		} else {
+			//requestBody, _ = url.QueryUnescape(string(c.Ctx.Input.RequestBody))
+			requestBody = string(c.Ctx.Input.RequestBody)
+		}
+		if baseRes.Ret != 200 && baseRes.IsSendEmail {
+			//go utils.SendEmail(utils.APPNAME+"【"+utils.RunMode+"】"+"失败提醒", "URI:"+c.Ctx.Input.URI()+"<br/> "+"Params"+requestBody+" <br/>"+"ErrMsg:"+baseRes.ErrMsg+";<br/>Msg:"+baseRes.Msg+";<br/> Body:"+string(body)+"<br/>"+c.SysUser.RealName, utils.EmailSendToUsers)
+			body := "URI:" + c.Ctx.Input.URI() + "<br/> " + "Params" + requestBody + " <br/>" + "ErrMsg:" + baseRes.ErrMsg + ";<br/>Msg:" + baseRes.Msg + ";<br/> Body:" + string(body) + "<br/>" + c.SysUser.SysRealName
+			// go alarm_msg.SendAlarmMsg(body, 1)
+			fmt.Println(body)
+		}
+		if baseRes.IsAddLog && c.SysUser != nil {
+			// go cache.RecordNewLogs(c.SysUser.AdminId, requestBody, string(body), c.SysUser.RealName, c.Ctx.Input.IP(), c.Ctx.Input.URI())
+			return
+		}
+	}
+
+	c.JSON(c.Data["json"], hasIndent, hasEncoding)
+}
+
+func (c *BaseAuthController) JSON(data interface{}, hasIndent bool, coding bool) error {
 	c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
 	desEncrypt := utils.DesBase64Encrypt([]byte(utils.DesKey), utils.DesKeySalt)
 	c.Ctx.Output.Header("Dk", string(desEncrypt)) // des3加解密key
 	// 设置Cookie为HTTPOnly
 	c.Ctx.SetCookie("", "", -1, "/", "", false, true, "")
 
-	content, err := json.Marshal(data)
+	var content []byte
+	var err error
+	if hasIndent {
+		content, err = json.MarshalIndent(data, "", "  ")
+	} else {
+		content, err = json.Marshal(data)
+	}
+
 	if err != nil {
 		http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
 		return err
@@ -118,5 +169,8 @@ func (c *BaseAuthController) JSON(data interface{}) error {
 		content = utils.DesBase64Encrypt(content, utils.DesKey)
 		content = []byte(`"` + string(content) + `"`)
 	}
+	if coding {
+		content = []byte(utils.StringsToJSON(string(content)))
+	}
 	return c.Ctx.Output.Body(content)
 }

controllers/base_common.go

@@ -1,7 +1,11 @@
 package controllers
 
 import (
+	"encoding/json"
+	"eta/eta_mini_crm/models"
 	"eta/eta_mini_crm/utils"
+	"fmt"
+	"net/http"
 	"net/url"
 
 	"github.com/beego/beego/v2/server/web"
@@ -23,3 +27,62 @@ func (c *BaseCommonController) Prepare() {
 	ip := c.Ctx.Input.IP()
 	utils.ApiLog.Info("uri:%s, requestBody:%s, ip:%s", c.Ctx.Input.URI(), requestBody, ip)
 }
+
+func (c *BaseCommonController) ServeJSON(encoding ...bool) {
+	var (
+		hasIndent   = false
+		hasEncoding = false
+	)
+	if web.BConfig.RunMode == web.PROD {
+		hasIndent = false
+	}
+	if len(encoding) > 0 && encoding[0] == true {
+		hasEncoding = true
+	}
+	if c.Data["json"] == nil {
+		//go utils.SendEmail("异常提醒:"+utils.RunMode, "接口:"+"URI:"+c.Ctx.Input.URI()+";无返回值", utils.EmailSendToUsers)
+		// go alarm_msg.SendAlarmMsg("接口:URI:"+c.Ctx.Input.URI()+";无返回值", 3)
+		return
+	}
+	baseRes := c.Data["json"].(*models.BaseResponse)
+	if baseRes != nil && !baseRes.Success && baseRes.IsSendEmail {
+		//go utils.SendEmail(utils.APPNAME+"【"+utils.RunMode+"】"+"失败提醒", "URI:"+c.Ctx.Input.URI()+" ErrMsg:"+baseRes.ErrMsg+";Msg"+baseRes.Msg, utils.EmailSendToUsers)
+		// go alarm_msg.SendAlarmMsg("失败提醒:URI:"+c.Ctx.Input.URI()+" ErrMsg:"+baseRes.ErrMsg+";Msg"+baseRes.Msg, 3)
+		return
+	}
+
+	c.JSON(c.Data["json"], hasIndent, hasEncoding)
+}
+
+func (c *BaseCommonController) JSON(data interface{}, hasIndent bool, coding bool) error {
+	c.Ctx.Output.Header("Content-Type", "application/json; charset=utf-8")
+	desEncrypt := utils.DesBase64Encrypt([]byte(utils.DesKey), utils.DesKeySalt)
+	c.Ctx.Output.Header("Dk", string(desEncrypt)) // des3加解密key
+	// 设置Cookie为HTTPOnly
+	c.Ctx.SetCookie("", "", -1, "/", "", false, true, "")
+
+	var content []byte
+	var err error
+	if hasIndent {
+		content, err = json.MarshalIndent(data, "", "  ")
+	} else {
+		content, err = json.Marshal(data)
+	}
+	if err != nil {
+		http.Error(c.Ctx.Output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
+		return err
+	}
+	params := c.Ctx.Input.Params()
+	fmt.Println("params")
+	fmt.Println(params)
+	// 如果不是debug分支的话，那么需要加密返回
+	if utils.RunMode != "debug" {
+		content = utils.DesBase64Encrypt(content, utils.DesKey)
+		// get请求时，不加双引号就获取不到数据，不知道什么原因，所以还是在前后加上双引号吧
+		content = []byte(`"` + string(content) + `"`)
+	}
+	if coding {
+		content = []byte(utils.StringsToJSON(string(content)))
+	}
+	return c.Ctx.Output.Body(content)
+}

utils/common.go

@@ -4,6 +4,7 @@ import (
 	"crypto/md5"
 	"encoding/hex"
 	"regexp"
+	"strconv"
 )
 
 func MD5(data string) string {
@@ -49,3 +50,17 @@ func GetLikeKeywordPars(pars []interface{}, keyword string, num int) (newPars []
 	}
 	return
 }
+
+func StringsToJSON(str string) string {
+	rs := []rune(str)
+	jsons := ""
+	for _, r := range rs {
+		rint := int(r)
+		if rint < 128 {
+			jsons += string(r)
+		} else {
+			jsons += "\\u" + strconv.FormatInt(int64(rint), 16) // json
+		}
+	}
+	return jsons
+}

utils/config.go

@@ -56,6 +56,9 @@ func init() {
 	if len(REDIS_CACHE) <= 0 {
 		panic(any("redis链接参数没有配置"))
 	}
+	// 接口返回加密KEY
+	DesKey = config["des_key"]
+
 	// 初始化缓存
 	redisClient, err := initRedis(config["redis_type"], config["beego_cache"])
 	if err != nil {