fix：gorm调整

controllers/xy/base_auth_xy.go

@@ -2,6 +2,8 @@ package xy
 
 import (
 	"encoding/json"
+	"errors"
+	"eta/eta_hub/models"
 	"eta/eta_hub/models/system"
 	"eta/eta_hub/models/xy"
 	"eta/eta_hub/utils"
@@ -15,12 +17,14 @@ import (
 type BaseAuthXyController struct {
 	web.Controller
 	SysUser *system.Admin
+	Appid   string
 }
 
 func (this *BaseAuthXyController) Prepare() {
 	fmt.Println("enter prepare")
 	method := this.Ctx.Input.Method()
 	uri := this.Ctx.Input.URI()
+	ip := this.Ctx.Input.IP()
 	fmt.Println("Url:", uri)
 	if method != "HEAD" {
 		var nonce, timestamp, appid, signature string
@@ -44,28 +48,15 @@ func (this *BaseAuthXyController) Prepare() {
 		//timestamp := this.Ctx.Input.Header("timestamp")
 		//appid := this.Ctx.Input.Header("appid")
 		//signature := this.Ctx.Input.Header("signature")
-		if nonce == "" {
-			errMsg := "随机字符串不能为空"
-			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: errMsg, ErrMsg: errMsg}, false, false)
-			this.StopRun()
-			return
-		}
-
-		if timestamp == "" {
-			errMsg := "时间戳不能为空"
-			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: errMsg, ErrMsg: errMsg}, false, false)
-			this.StopRun()
-			return
-		}
+		this.Appid = appid
 
-		if appid != utils.AppId {
-			errMsg := "商家AppId错误，请核查"
+		checkSign, errMsg, err := getCheckSignStr(appid, nonce, timestamp, ip)
+		if err != nil {
 			this.JSON(xy.BaseResponse{ReturnCode: "E", Status: "E", Msg: errMsg, ErrMsg: errMsg}, false, false)
 			this.StopRun()
 			return
 		}
 
-		checkSign := utils.GetSign(nonce, timestamp)
 		if signature != checkSign {
 			utils.FileLog.Debug("用户提交签名：%s；\n系统生成签名：%s\n", signature, checkSign)
 			errMsg := "签名错误"
@@ -145,3 +136,69 @@ func (c *BaseAuthXyController) logUri(respContent []byte, requestBody, ip string
 	}
 	return
 }
+
+// getCheckSignStr
+// @Description: 获取校验签名字符串
+// @author: Roc
+// @datetime 2025-07-03 16:51:30
+// @param appid string
+// @param nonce string
+// @param timestamp string
+// @param ip string
+// @return checkSignStr string
+// @return errMsg string
+// @return err error
+func getCheckSignStr(appid, nonce, timestamp, ip string) (checkSignStr, errMsg string, err error) {
+	if nonce == "" {
+		errMsg = "随机字符串不能为空"
+		err = errors.New(errMsg)
+		return
+	}
+
+	if timestamp == "" {
+		errMsg = "时间戳不能为空"
+		err = errors.New(errMsg)
+		return
+	}
+
+	if appid == "" {
+		errMsg = "appid不能为空"
+		err = errors.New(errMsg)
+		return
+	}
+
+	secret := utils.Secret
+
+	if appid != utils.AppId {
+		openApiUserInfo, tmpErr := models.GetByAppid(appid)
+		if tmpErr != nil {
+			if utils.IsErrNoRow(tmpErr) {
+				errMsg = "商家AppId错误，请核查"
+			} else {
+				err = errors.New("系统异常，请联系管理员")
+			}
+			err = errors.New(errMsg)
+			return
+		}
+
+		if openApiUserInfo.Appid == `` {
+			errMsg = "商家AppId错误，请核查"
+			err = errors.New(errMsg)
+			return
+		}
+
+		//如果有ip限制，那么就添加ip
+		if openApiUserInfo.Ip != "" {
+			if !strings.Contains(openApiUserInfo.Ip, ip) {
+				errMsg = fmt.Sprintf("无权限访问该接口,ip:%v，请联系管理员", ip)
+				err = errors.New(errMsg)
+				return
+			}
+		}
+		secret = openApiUserInfo.Secret
+	}
+
+	checkSignStr = utils.GetSignV2(nonce, timestamp, appid, secret)
+
+	return
+}