风险等级设置

controllers/chart_permission.go

@@ -1,8 +1,11 @@
 package controllers
 
 import (
+	"encoding/json"
 	"eta/eta_mini_crm_ht/models"
+	"eta/eta_mini_crm_ht/models/request"
 	"eta/eta_mini_crm_ht/models/response"
+	"regexp"
 )
 
 type ChartPermissionController struct {
@@ -21,10 +24,7 @@ func (this *ChartPermissionController) List() {
 		this.Data["json"] = br
 		this.ServeJSON()
 	}()
-	userId, _ := this.GetInt("UserId")
-
-	items, err := models.GetChartPermissionList()
-
+	items, err := models.GetPermissionList()
 	if err != nil {
 		br.Msg = "权限列表获取失败"
 		br.ErrMsg = "权限列表获取失败，系统错误，Err:" + err.Error()
@@ -35,15 +35,7 @@ func (this *ChartPermissionController) List() {
 		ParentID: 0,
 	}
 	assemblePermissionNode(items, root, 0, 2)
-	resp := new(response.ChartPermissionListresp)
-	if userId > 0 {
-		ids, err := models.GetChartPermissionIdByUserId(userId)
-		if err != nil {
-			br.Msg = "权限列表获取失败"
-			br.ErrMsg = "权限列表获取失败，系统错误，Err:" + err.Error()
-		}
-		resp.SelectedList = ids
-	}
+	resp := new(response.ChartPermissionListResp)
 	resp.List = root.Children
 	br.Ret = 200
 	br.Data = resp
@@ -51,22 +43,92 @@ func (this *ChartPermissionController) List() {
 	br.Success = true
 }
 
+func checkRiskLevel(riskLevel string) bool {
+	pattern := `^R\d+$`
+	matched, _ := regexp.MatchString(pattern, riskLevel)
+	return matched
+}
+
+// SetRiskLevel
+// @Title 系统品种列表
+// @Description 系统品种列表
+// @Param   UserId   query   int  true       "角色ID"
+// @Success 200 {object} models.LoginResp
+// @router /setRiskLevel [post]
+func (this *ChartPermissionController) SetRiskLevel() {
+	br := new(models.BaseResponse).Init()
+	defer func() {
+		this.Data["json"] = br
+		this.ServeJSON()
+	}()
+	var req request.PermissionRiskReq
+	err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
+	if err != nil {
+		br.Msg = "请求参数错误"
+		br.ErrMsg = "解析请求参数异常，Err:" + err.Error()
+		return
+	}
+	if req.Id <= 0 {
+		br.Msg = "品种ID非法"
+		br.ErrMsg = "品种ID不能为负数"
+		return
+	}
+	if req.RiskLevel == "" {
+		br.Msg = "风控等级为空"
+		br.ErrMsg = "风控等级为空"
+		return
+	}
+	if !checkRiskLevel(req.RiskLevel) {
+		br.Msg = "风控等级包含非法字符"
+		br.ErrMsg = "风控等级非法:" + req.RiskLevel
+		return
+	}
+	item, err := models.GetPermissionByPermissionId(req.Id)
+	if err != nil {
+		br.Msg = "获取品种信息失败"
+		br.ErrMsg = "获取品种信息失败，系统错误，Err:" + err.Error()
+		return
+	}
+	if item.ParentId == 0 {
+		br.Msg = "当前品种为一级品种,不能设置风险等级"
+		br.ErrMsg = "当前品种为一级品种,不能设置风险等级"
+		return
+	}
+	item.RiskLevel = req.RiskLevel
+	err = models.InsertProductRiskLevel(req.RiskLevel)
+	if err != nil {
+		br.Msg = "保存自定义风险等级失败"
+		br.ErrMsg = "保存自定义风险等级失败，Err:" + err.Error()
+		return
+	}
+	err = item.SetPermissionRiskLevel()
+	if err != nil {
+		br.Msg = "设置风险等级失败"
+		br.ErrMsg = "设置风险等级失败，Err:" + err.Error()
+		return
+	}
+	br.Ret = 200
+	br.Msg = "设置风险等级成功"
+	br.Success = true
+}
+
 type PermissionNode struct {
-	ID       int               `json:"id"`
-	Name     string            `json:"name"`
-	ParentID int               `json:"parentId"`
-	Children []*PermissionNode `json:"children,omitempty"`
+	ID        int               `json:"id"`
+	Name      string            `json:"name"`
+	ParentID  int               `json:"parentId"`
+	RiskLevel string            `json:"riskLevel"`
+	Children  []*PermissionNode `json:"children"`
 }
 
-func assemblePermissionNode(list []*models.ChartPermission, node *PermissionNode, current int, level int) {
+func assemblePermissionNode(list []*models.Permission, node *PermissionNode, current int, level int) {
 	if node != nil && current < level {
 		for _, permission := range list {
 			if permission.ParentId == node.ID {
-
 				childNode := &PermissionNode{
-					ID:       permission.ChartPermissionId,
-					Name:     permission.PermissionName,
-					ParentID: permission.ParentId,
+					ID:        permission.PermissionId,
+					Name:      permission.Name,
+					RiskLevel: permission.RiskLevel,
+					ParentID:  permission.ParentId,
 				}
 				node.Children = append(node.Children, childNode)
 				assemblePermissionNode(list, childNode, current+1, level)

controllers/risk_config.go

@@ -0,0 +1,68 @@
+package controllers
+
+import (
+	"eta/eta_mini_crm_ht/models"
+	"eta/eta_mini_crm_ht/models/response"
+)
+
+type RiskConfigController struct {
+	BaseAuthController
+}
+
+// GetCustomerRiskList
+// @Title 获取客户风险等级
+// @Description 获取客户风险等级
+// @Success 200 {object} models.LoginResp
+// @router /customerRiskList [get]
+func (this *RiskConfigController) GetCustomerRiskList() {
+	br := new(models.BaseResponse).Init()
+	defer func() {
+		this.Data["json"] = br
+		this.ServeJSON()
+	}()
+	list, err := models.GetCustomerRiskList()
+	if err != nil {
+		br.Msg = "获取失败"
+		br.ErrMsg = "获取失败，Err:" + err.Error()
+		return
+	}
+	var viewList []*models.RiskConfigView
+	for _, item := range list {
+		viewList = append(viewList, item.ToView())
+	}
+	resp := new(response.RiskConfigResp)
+	resp.List = viewList
+	br.Ret = 200
+	br.Success = true
+	br.Msg = "获取成功"
+	br.Data = resp
+}
+
+// GetProductRiskList
+// @Title 获取产品风险等级
+// @Description  获取产品风险等级
+// @Success 200 {object} models.LoginResp
+// @router /productRiskList [get]
+func (this *RiskConfigController) GetProductRiskList() {
+	br := new(models.BaseResponse).Init()
+	defer func() {
+		this.Data["json"] = br
+		this.ServeJSON()
+	}()
+	list, err := models.GetProductRiskList()
+	if err != nil {
+		br.Msg = "获取失败"
+		br.ErrMsg = "获取失败，Err:" + err.Error()
+		return
+	}
+	var viewList []*models.RiskConfigView
+	for _, item := range list {
+		viewList = append(viewList, item.ToView())
+	}
+	resp := new(response.RiskConfigResp)
+	resp.List = viewList
+	br.Ret = 200
+	br.Success = true
+	br.Msg = "获取成功"
+	br.Data = resp
+}

controllers/user_login.go

@@ -15,36 +15,19 @@ type UserLoginController struct {
 	BaseCommonController
 }
 
-// SSOLogin
-// @Title SSO用户登录
-// @Description SSO用户登录
-// @Param	request	body UserLoginReq true "type json string"
-// @Success 200 {object} models.LoginResp
-// @router /login [get]
-func (this *UserLoginController) SSOLogin() {
+func ssoLogin(req request.UserLoginReq, br *models.BaseResponse) {
 
-	br := new(models.BaseResponse).Init()
-	defer func() {
-		this.Data["json"] = br
-		this.ServeJSON()
-	}()
-	code := this.GetString("Code")
-	if code == "" {
+	if req.Code == "" {
 		br.Msg = "code不能为空"
 		return
 	}
-	token := services.SSOLogin(code)
+	_, err := services.SSOLogin(req.Code)
 	////sysUser, err := models.GetSysUserBySysUserName(req.UserName)
-	////if err != nil {
-	////	if err.Error() == utils.ErrNoRow() {
-	////		br.Msg = "登录失败, 账号或密码错误"
-	////		return
-	////	} else {
-	////		br.Msg = "系统错误"
-	////		br.ErrMsg = "系统错误" + err.Error()
-	////		return
-	////	}
-	////}
+	if err != nil {
+		br.ErrMsg = err.Error()
+		br.Msg = "sso登录失败"
+		return
+	}
 	//sysRole, err := models.GetSysRoleById(sysUser.SysRoleId)
 	//if err != nil {
 	//	br.Msg = "登录失败"
@@ -68,13 +51,6 @@ func (this *UserLoginController) SSOLogin() {
 	//	return
 	//}
 	resp := new(response.LoginResp)
-	resp.Authorization = "authorization=" + token
-	//resp.SysUserName = sysUser.SysUserName
-	//resp.SysRealName = sysUser.SysRealName
-	//resp.SysUserId = sysUser.SysUserId
-	//resp.RoleName = sysRole.SysRoleName
-	//resp.RoleId = sysUser.SysRoleId
-
 	// 获取不可信的登录态，并将该登录态重置掉，不允许多次登录
 	//	noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.SysUserId)
 	//noTrustLoginId, _ := utils.Rc.RedisString(noTrustLoginKey)
@@ -105,14 +81,24 @@ func (this *UserLoginController) Login() {
 		this.Data["json"] = br
 		this.ServeJSON()
 	}()
-
 	var req request.UserLoginReq
 	err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
 	if err != nil {
-		br.Msg = "参数解析异常！"
-		br.ErrMsg = "参数解析失败，Err:" + err.Error()
+		br.Msg = "参数错误"
+		br.ErrMsg = "解析参数失败：" + err.Error()
 		return
 	}
+	switch req.LoginType {
+	case "sso":
+		ssoLogin(req, br)
+	case "password":
+		login(req, br)
+	default:
+		ssoLogin(req, br)
+	}
+}
+
+func login(req request.UserLoginReq, br *models.BaseResponse) {
 	if req.UserName == "" {
 		br.Msg = "请输入账号"
 		return

main.go

@@ -17,13 +17,11 @@ func main() {
 		web.BConfig.WebConfig.DirectoryIndex = true
 		web.BConfig.WebConfig.StaticDir["/swagger"] = "swagger"
 	}
-
 	// 启动定时任务
 	web.BConfig.WebConfig.AutoRender = false
 	web.ErrorController(&controllers.ErrorController{})
 	// 内存调整
 	web.BConfig.MaxMemory = 1024 * 1024 * 128
-
 	web.BConfig.RecoverFunc = Recover
 	web.Run()
 }

models/db.go

@@ -50,5 +50,7 @@ func init() {
 		new(MediaPermissionMapping),
 		new(ImageSource),
 		new(Report),
+		new(RiskConfig),
+		new(Permission),
 	)
 }

models/permission.go

@@ -0,0 +1,47 @@
+package models
+
+import (
+	"github.com/beego/beego/v2/client/orm"
+	"time"
+)
+
+// MetaInfo 表示 meta_infos 表的模型
+// Permission 表示权限表的结构
+type Permission struct {
+	Id           int       `description:"column:id;primary_key;autoIncrement"`
+	PermissionId int       `description:"column:permission_id"`
+	Name         string    `description:"column:name"`
+	ParentId     int       `description:"column:parent_id"`
+	RiskLevel    string    `description:"column:risk_level"`
+	Sort         int       `description:"column:sort"`
+	CreateTime   time.Time `description:"column:create_time"`
+	UpdateTime   time.Time `description:"column:update_time"`
+}
+
+func (p *Permission) TableName() string {
+	return "permissions"
+}
+func (p *Permission) Insert() (insert int64, err error) {
+	o := orm.NewOrm()
+	insert, err = o.Insert(p)
+	return
+}
+func GetPermissionList() (items []*Permission, err error) {
+	o := orm.NewOrm()
+	sql := `SELECT * FROM permissions ORDER BY sort ASC`
+	_, err = o.Raw(sql).QueryRows(&items)
+	return
+}
+
+func GetPermissionByPermissionId(permissionId int) (items *Permission, err error) {
+	o := orm.NewOrm()
+	sql := `SELECT * FROM permissions  where permission_id =?`
+	err = o.Raw(sql, permissionId).QueryRow(&items)
+	return
+}
+
+func (p *Permission) SetPermissionRiskLevel() (err error) {
+	o := orm.NewOrm()
+	_, err = o.Update(p, "RiskLevel")
+	return
+}

models/request/chart_permission.go

@@ -3,3 +3,8 @@ package request
 type ChartPermissionListReq struct {
 	UserId int `description:"用户ID"`
 }
+
+type PermissionRiskReq struct {
+	Id        int    `description:"品种ID"`
+	RiskLevel string `description:"风控等级"`
+}

models/request/sys_user.go

@@ -43,7 +43,9 @@ type MoveToDepartmentReq struct {
 }
 
 type UserLoginReq struct {
-	UserName string `description:"账号"`
-	Password string `description:"密码"`
-	ReqTime  string `description:"登录时间戳"`
+	LoginType string `description:"登录方式 sso:密码登录 password:微信登录"`
+	Code      string `description:"授权code"`
+	UserName  string `description:"账号"`
+	Password  string `description:"密码"`
+	ReqTime   string `description:"登录时间戳"`
 }

models/response/chart_permission.go

@@ -1,6 +1,6 @@
 package response
 
-type ChartPermissionListresp struct {
+type ChartPermissionListResp struct {
 	List         interface{}
 	SelectedList []int
 }

models/response/risk_config.go

@@ -0,0 +1,7 @@
+package response
+
+import "eta/eta_mini_crm_ht/models"
+
+type RiskConfigResp struct {
+	List []*models.RiskConfigView
+}

models/risk_config.go

@@ -0,0 +1,64 @@
+package models
+
+import (
+	"github.com/beego/beego/v2/client/orm"
+	"time"
+)
+
+// RiskConfig 表示风险配置表
+type RiskConfig struct {
+	Id          int          `description:"primaryKey;autoIncrement"`
+	RiskName    string       `description:"size:10"`                                 // 风险名称
+	RiskType    RiskTypeEnum `description:"type:enum('customer','product')"`         // 风险类型
+	CreatedTime time.Time    `description:"default:null"`                            // 创建时间
+	UpdatedTime time.Time    `description:"default:null;onUpdate:CURRENT_TIMESTAMP"` // 更新时间
+}
+type RiskConfigView struct {
+	Id       int
+	RiskName string
+	RiskType string
+}
+
+// RiskTypeEnum 定义风险类型的枚举
+type RiskTypeEnum string
+
+const (
+	Customer RiskTypeEnum = "customer"
+	Product  RiskTypeEnum = "product"
+)
+
+func GetCustomerRiskList() (list []*RiskConfig, err error) {
+	o := orm.NewOrm()
+	sql := "select id, risk_name,risk_type  from risk_config where risk_type= ? ORDER BY CAST(substr(risk_name,  2) AS UNSIGNED)"
+	_, err = o.Raw(sql, Customer).QueryRows(&list)
+	return
+}
+func (r *RiskConfig) ToView() *RiskConfigView {
+	return &RiskConfigView{
+		Id:       r.Id,
+		RiskName: r.RiskName,
+		RiskType: string(r.RiskType),
+	}
+}
+func GetProductRiskList() (list []*RiskConfig, err error) {
+	o := orm.NewOrm()
+	sql := "select id, risk_name,risk_type from risk_config where risk_type= ? ORDER BY CAST(substr(risk_name,  2) AS UNSIGNED)"
+	_, err = o.Raw(sql, Product).QueryRows(&list)
+	return
+}
+
+func InsertProductRiskLevel(riskName string) (err error) {
+	var riskConfig RiskConfig
+	o := orm.NewOrm()
+	sql := "select * from  risk_config where risk_name =? and risk_type=?"
+	err = o.Raw(sql, riskName, Product).QueryRow(&riskConfig)
+	if err != nil && err != orm.ErrNoRows {
+		return
+	}
+	if err == orm.ErrNoRows || riskConfig.Id == 0 {
+		riskConfig.RiskType = Product
+		riskConfig.RiskName = riskName
+		_, err = o.Insert(&riskConfig)
+	}
+	return
+}

routers/commentsRouter.go

@@ -99,6 +99,15 @@ func init() {
             Filters: nil,
             Params: nil})
 
+    beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:ChartPermissionController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:ChartPermissionController"],
+        beego.ControllerComments{
+            Method: "SetRiskLevel",
+            Router: `/setRiskLevel`,
+            AllowHTTPMethods: []string{"post"},
+            MethodParams: param.Make(),
+            Filters: nil,
+            Params: nil})
+
     beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:ClassifyController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:ClassifyController"],
         beego.ControllerComments{
             Method: "List",
@@ -288,6 +297,24 @@ func init() {
             Filters: nil,
             Params: nil})
 
+    beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:RiskConfigController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:RiskConfigController"],
+        beego.ControllerComments{
+            Method: "GetCustomerRiskList",
+            Router: `/customerRiskList`,
+            AllowHTTPMethods: []string{"get"},
+            MethodParams: param.Make(),
+            Filters: nil,
+            Params: nil})
+
+    beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:RiskConfigController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:RiskConfigController"],
+        beego.ControllerComments{
+            Method: "GetProductRiskList",
+            Router: `/productRiskList`,
+            AllowHTTPMethods: []string{"get"},
+            MethodParams: param.Make(),
+            Filters: nil,
+            Params: nil})
+
     beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:SysDepartmentController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:SysDepartmentController"],
         beego.ControllerComments{
             Method: "Add",
@@ -621,15 +648,6 @@ func init() {
             Filters: nil,
             Params: nil})
 
-    beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:UserLoginController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:UserLoginController"],
-        beego.ControllerComments{
-            Method: "SSOLogin",
-            Router: `/login`,
-            AllowHTTPMethods: []string{"get"},
-            MethodParams: param.Make(),
-            Filters: nil,
-            Params: nil})
-
     beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:UserLoginController"] = append(beego.GlobalControllerRouter["eta/eta_mini_crm_ht/controllers:UserLoginController"],
         beego.ControllerComments{
             Method: "Login",

routers/router.go

@@ -84,6 +84,11 @@ func init() {
 				&controllers.MessageController{},
 			),
 		),
+		beego.NSNamespace("/risk",
+			beego.NSInclude(
+				&controllers.RiskConfigController{},
+			),
+		),
 	)
 	beego.AddNamespace(ns)
 }

rpc/rpc.go

@@ -21,8 +21,8 @@ import (
 	"google.golang.org/protobuf/proto"
 	"google.golang.org/protobuf/types/known/anypb"
 	"io"
-	"io/ioutil"
 	"log"
+	"os"
 	"time"
 )
 
@@ -115,7 +115,7 @@ func (d *DefaultRpcClient) signature(req interface{}, nonceLen int) (timestamp i
 
 	// 使用私钥加密
 	var privateKey *rsa.PrivateKey
-	privateKey, err = d.parsePrivateKeyFromPEM([]byte(""))
+	privateKey, err = d.parsePrivateKeyFromPEM()
 	if err != nil {
 		utils.FileLog.Error("私钥解析失败: %v", err)
 		return
@@ -134,8 +134,8 @@ func (d *DefaultRpcClient) signature(req interface{}, nonceLen int) (timestamp i
 }
 
 // 解析RSA公钥
-func (d *DefaultRpcClient) parsePrivateKeyFromPEM(pemBytes []byte) (privateKey *rsa.PrivateKey, err error) {
-	pemBlock, err := ioutil.ReadFile("./conf/rsa_private_key.pem")
+func (d *DefaultRpcClient) parsePrivateKeyFromPEM() (privateKey *rsa.PrivateKey, err error) {
+	pemBlock, err := os.ReadFile("./conf/rsa_private_key.pem")
 	block, _ := pem.Decode(pemBlock)
 	if block == nil {
 		utils.FileLog.Error("公钥解析失败")

rpc/sso/sso_rpc.go

@@ -2,9 +2,11 @@ package sso
 
 import (
 	"context"
+	"encoding/base64"
+	"encoding/json"
 	"eta/eta_mini_crm_ht/rpc"
 	"eta/eta_mini_crm_ht/utils"
-	"fmt"
+	"google.golang.org/grpc/metadata"
 	"sync"
 )
 
@@ -30,18 +32,50 @@ func GetSSOService() *SSOService {
 	return SSOServiceImpl
 }
 
-func (s *SSOService) SSOLogin(request *LoginRequest) {
+func (s *SSOService) SSOLogin(request *LoginRequest) (resp string, err error) {
 	conn := rpcPool.Get()
 	defer rpcPool.Put(conn)
 	ssoLoginService := NewSSOLoginClient(conn)
-	s.WrapSign(request, func(ctx context.Context, request interface{}) (err error) {
-		loginReq := request.(*LoginRequest)
-		rep, err := ssoLoginService.Login(ctx, loginReq)
-		if err != nil {
-			fmt.Printf("rpc error: %v", err)
-		} else {
-			fmt.Printf("rpc result: %v", rep)
-		}
+	aesKey, err := utils.GenerateAESKey(16)
+	if err != nil {
+		utils.FileLog.Error("生成AES密钥失败:%v", err)
 		return
-	})
+	}
+	encryptedCode, err := utils.EncryptWithAES(aesKey, []byte(request.Code))
+	if err != nil {
+		utils.FileLog.Error("AES加密失败:%v", err)
+		return
+	}
+	request.Code = base64Encode(encryptedCode)
+	publicKey, err := utils.ParsePublicKeyFromPEM()
+	if err != nil {
+		utils.FileLog.Error("RSA加密失败:%v", err)
+		return
+	}
+	//加密 AES 密钥
+	encryptedAESKey, err := utils.EncryptWithRSA(publicKey, aesKey)
+	if err != nil {
+		utils.FileLog.Error("encrypting AES key: %v", err)
+		return
+	}
+	key := base64Encode(encryptedAESKey)
+	ctx := metadata.NewOutgoingContext(context.Background(), metadata.Pairs(
+		"key", key,
+	))
+	ssoResp, err := ssoLoginService.Login(ctx, request)
+	if err != nil {
+		utils.FileLog.Error("sso login failed:%v", err)
+		return
+	}
+	bytessss, _ := json.Marshal(ssoResp)
+	resp = string(bytessss)
+	return
+}
+func base64Encode(data []byte) string {
+	return base64.StdEncoding.EncodeToString(data)
+}
+
+// Base64Decode 对数据进行 Base64 解码
+func base64Decode(data string) ([]byte, error) {
+	return base64.StdEncoding.DecodeString(data)
 }

services/sso_service.go

@@ -2,12 +2,15 @@ package services
 
 import "eta/eta_mini_crm_ht/rpc/sso"
 
-func SSOLogin(code string) (token string) {
+const (
+	crmSource = "weapp"
+)
+
+func SSOLogin(code string) (resp string, err error) {
 	req := &sso.LoginRequest{
 		Code:   code,
-		Source: "weapp",
+		Source: crmSource,
 	}
 	ssoService := sso.GetSSOService()
-	ssoService.SSOLogin(req)
-	return
+	return ssoService.SSOLogin(req)
 }

utils/aes.go

@@ -0,0 +1,64 @@
+package utils
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"errors"
+	"io"
+)
+
+// GenerateAESKey 生成 AES 密钥
+func GenerateAESKey(len int) ([]byte, error) {
+	key := make([]byte, len)
+	_, err := io.ReadFull(rand.Reader, key)
+	if err != nil {
+		return nil, err
+	}
+	return key, nil
+}
+func pad(buf []byte, blockSize int) []byte {
+	padding := blockSize - (len(buf) % blockSize)
+	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(buf, padtext...)
+}
+
+// EncryptWithAES 使用 AES 加密数据
+func EncryptWithAES(key []byte, plaintext []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	plaintext = pad(plaintext, aes.BlockSize)
+	ciphertext := make([]byte, aes.BlockSize+len(plaintext))
+	iv := ciphertext[:aes.BlockSize]
+	if _, err = io.ReadFull(rand.Reader, iv); err != nil {
+		return nil, err
+	}
+
+	stream := cipher.NewCFBEncrypter(block, iv)
+	stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
+
+	return ciphertext, nil
+}
+
+// DecryptWithAES 使用 AES 解密数据
+func DecryptWithAES(key []byte, ciphertext []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(ciphertext) < aes.BlockSize {
+		return nil, errors.New("ciphertext too short")
+	}
+
+	iv := ciphertext[:aes.BlockSize]
+	ciphertext = ciphertext[aes.BlockSize:]
+
+	stream := cipher.NewCFBDecrypter(block, iv)
+	stream.XORKeyStream(ciphertext, ciphertext)
+
+	return ciphertext, nil
+}

utils/config.go

@@ -75,6 +75,7 @@ var (
 	ES_PASSWORD string // ES密码
 	MEDIA_INDEX string
 )
+
 var (
 	HT_WX_APP_SECRET       string
 	HT_WX_APPID            string
@@ -82,6 +83,9 @@ var (
 	TEMPLATE_ID_BY_PRODUCT string
 	RESOURCE               string
 )
+var (
+	ENABLE_TASK string
+)
 
 // ES索引配置
 var (
@@ -188,7 +192,9 @@ func init() {
 		ES_USERNAME = config["es_username"]
 		ES_PASSWORD = config["es_password"]
 	}
-
+	{
+		ENABLE_TASK = config["enable_task"]
+	}
 	// ES 索引
 	{
 		MINI_REPORT_INDEX_NAME = config["mini_report_index_name"]

utils/rsa.go

@@ -0,0 +1,45 @@
+package utils
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"os"
+)
+
+// EncryptWithRSA 使用 RSA 公钥加密数据
+func EncryptWithRSA(publicKey *rsa.PublicKey, data []byte) ([]byte, error) {
+	encrypted, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, data)
+	if err != nil {
+		return nil, err
+	}
+	return encrypted, nil
+}
+
+// DecryptWithRSA 使用 RSA 私钥解密数据
+func DecryptWithRSA(privateKey *rsa.PrivateKey, encrypted []byte) ([]byte, error) {
+	hash, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, privateKey, encrypted, nil)
+	if err != nil {
+		return nil, err
+	}
+	return hash, nil
+}
+
+// 解析RSA公钥
+func ParsePublicKeyFromPEM() (publicKey *rsa.PublicKey, err error) {
+	pemBlock, err := os.ReadFile("./conf/rsa_public_key.pem")
+	block, _ := pem.Decode(pemBlock)
+	if block == nil {
+		FileLog.Error("公钥解析失败")
+		return nil, errors.New("公钥解析失败")
+	}
+	key, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+	publicKey = key.(*rsa.PublicKey)
+	return
+}