feats

controllers/component.go

 	"bytes"
 	"encoding/base64"
 	"encoding/json"
-	"io/ioutil"
 	"net/http"
 	"strings"
 	"wechat-conf/models"
 	BaseController
 	serv       *autoreply.AutoreplyServ
 	wechatServ *wechat.WechatServ
+	compConf   *model.SysComponentConf
+	cipher     core.IOCipher
 }
 
+const (
+	INFOTYPE_TICKET           = "component_verify_ticket"
+	INFOTYPE_AUTHORIZED       = "authorized"
+	INFOTYPE_UNAUTHORIZED     = "unauthorized"
+	INFOTYPE_UPDATEAUTHORIZED = "updateauthorized"
+)
+
+const (
+	WX_OFFICE_TEST_APPID    = "wx570bc396a51b8ff8"
+	WX_OFFICE_TEST_USERNAME = "gh_3c884a361561"
+)
+
 var nilData = []byte("success")
 
 // Constructor 初始化 Controller
 func (c *WechatController) Constructor() {
 	c.serv = autoreply.NewAutoreplyServ(c.Context)
 	c.wechatServ = wechat.NewWechatServ(c.Context)
-}
 
-const (
-	INFOTYPE_TICKET           = "component_verify_ticket"
-	INFOTYPE_AUTHORIZED       = "authorized"
-	INFOTYPE_UNAUTHORIZED     = "unauthorized"
-	INFOTYPE_UPDATEAUTHORIZED = "updateauthorized"
-)
+	var err error
+	c.compConf, err = c.wechatServ.GetComponentInfo()
+	if err != nil {
+		utils.LogError("获取平台配置失败", err)
+		return
+	}
 
-// ComponentPush 第三方平台推送
-func (c *WechatController) ComponentPush() {
-	utils.LogError("推送开始")
-	r := c.Ctx.Request
-	defer r.Body.Close()
-	con, _ := ioutil.ReadAll(r.Body)
-	utils.LogError("推送消息：", string(con))
-	// 解析xml
-	xp := &core.XMLParse{}
-	resMsg, err := xp.Parse(string(con))
+	c.cipher, err = core.NewCipher(c.compConf.OriginToken, c.compConf.Aeskey, c.compConf.Appid)
 	if err != nil {
-		utils.LogError("xml解析失败：", err)
-		c.ResponseRaw(nilData)
+		utils.LogError("初始化加解密算法失败", err)
+		return
 	}
-	encrypt := resMsg["Encrypt"]
-	conf, err := c.wechatServ.GetComponentInfo()
-	if err != nil || conf == nil || conf.Appid == "" {
-		utils.LogError("读取微信配置文件失败")
-		c.ResponseRaw(nilData)
+}
+
+// preCheck 如果有需要用到加解密之前, 请先调用这个方法
+func (c *WechatController) preCheck(resp []byte) {
+	if c.compConf == nil || c.compConf.Appid == "" {
+		c.ResponseRaw(resp)
 	}
-	EncodingAESKey := conf.Aeskey
 
-	AESKey, err := base64.StdEncoding.DecodeString(EncodingAESKey + "=")
-	if err != nil {
-		utils.LogError("DecodeString失败：", err)
-		c.ResponseRaw(nilData)
+	if c.cipher == nil {
+		c.ResponseRaw(resp)
 	}
-	EncryptVal, err := base64.StdEncoding.DecodeString(encrypt)
-	if err != nil {
-		utils.LogError("密文base64解析", err)
+}
+
+// ComponentPush 接收第三方平台推送
+// 主要有 ticket, 取消授权等
+func (c *WechatController) ComponentPush() {
+	utils.LogInfo("接收平台推送")
+	c.preCheck(nilData)
+
+	// 接收内容
+	receiveData := string(c.Ctx.Input.RequestBody)
+	utils.LogInfo("接收内容", receiveData)
+	if receiveData == "" {
 		c.ResponseRaw(nilData)
 	}
-	msgbyte, err := utils.AesDecrypt(EncryptVal, AESKey)
+
+	// 解密内容
+	r := bytes.NewBufferString(receiveData)
+	dt, err := c.cipher.Decrypt(r)
 	if err != nil {
-		utils.LogError("解密失败：", err)
+		utils.LogError("解密数据失败", err)
 		c.ResponseRaw(nilData)
 	}
-	utils.LogError("解密成功")
+
+	receiveMessage := string(dt)
+	utils.LogInfo("解密内容: ", receiveMessage)
+
 	// 解析xml
-	msg, err := xp.Parse(string(msgbyte))
+	xp := &core.XMLParse{}
+	data, err := xp.Parse(receiveMessage)
 	if err != nil {
-		utils.LogError("xml解析失败：", err)
+		utils.LogError("解析解密数据失败：", err)
 		c.ResponseRaw(nilData)
 	}
-	utils.LogError("xml解析成功：", msg)
-	switch msg["InfoType"] {
+
+	infoType := data["InfoType"]
+	fromWXOffice := data["AppId"] == WX_OFFICE_TEST_APPID
+
+	switch infoType {
 	case INFOTYPE_TICKET:
+		// 微信测试推送 component_verify_ticket, 只需要返回 success
+		if fromWXOffice {
+			c.ResponseRaw(nilData)
+		}
+
 		// 更新ticket
-		conf.Ticket = msg["ComponentVerifyTicket"]
-		err := c.wechatServ.UpdateComponentTicket(conf)
+		c.compConf.Ticket = data["ComponentVerifyTicket"]
+		err := c.wechatServ.UpdateComponentTicket(c.compConf)
 		if err != nil {
 			utils.LogError("修改ticket失败：", err)
 		}
-		utils.RefreshComponentTicket(msg["ComponentVerifyTicket"])
+		utils.RefreshComponentTicket(data["ComponentVerifyTicket"])
 		break
+
 	case INFOTYPE_AUTHORIZED:
 		// 授权成功
 		var cert = map[string]string{
-			"appid":              msg["AuthorizerAppid"],
-			"authorization_code": msg["AuthorizationCode"],
+			"appid":              data["AuthorizerAppid"],
+			"authorization_code": data["AuthorizationCode"],
 		}
-		beego.Error("授权成功参数：", cert)
+
 		wxclient := utils.WechatInit(cert, c.wechatServ.UpdateToken)
 		if wxclient == nil {
 			utils.LogError("获取wxclient失败")
 			c.ResponseRaw(nilData)
 		}
-		beego.Error(wxclient)
+
 		utils.AppendWxClient(wxclient)
 
 		// 获取微信信息
 			utils.LogError("获取微信信息失败")
 			c.ResponseRaw(nilData)
 		}
-		beego.Error(info)
+
 		authorizerInfo := (info["authorizer_info"]).(map[string]interface{})
-		beego.Error(info["authorizer_info"])
+
 		// 插入数据库
-		mjson, _ := json.Marshal(msg)
+		mjson, _ := json.Marshal(data)
 		HeadImg := ""
 		if authorizerInfo["head_img"] != nil {
 			HeadImg = authorizerInfo["head_img"].(string)
 		}
 		var conf = model.SysWechatConf{
-			Appid:             msg["AuthorizerAppid"],
-			AuthorizationCode: msg["AuthorizationCode"],
+			Appid:             data["AuthorizerAppid"],
+			AuthorizationCode: data["AuthorizationCode"],
 			AuthorizationInfo: string(mjson),
 			WxNikeName:        authorizerInfo["nick_name"].(string),
 			HeadImg:           HeadImg,
 	case INFOTYPE_UNAUTHORIZED:
 		// 取消授权
 		// 删除wechatConf信息，同时将org解绑
-		appid := msg["AuthorizerAppid"]
+		appid := data["AuthorizerAppid"]
 		c.wechatServ.UnAuthorized(appid)
 		// 删除第三方中的微信信息
 		utils.Component.DelWxClient(appid)
 		break
 	}
+
 	c.ResponseRaw(nilData)
 }
 
 // WxReceive 微信消息接收
 func (c *WechatController) WxReceive() {
 	utils.LogInfo("接收微信事件, URI: ", c.Ctx.Input.URI())
+	c.preCheck(nilData)
 
 	// 初始化微信客户端
 	appid := c.GetString(":appid")
 		c.ResponseRaw(nilData)
 	}
 
-	conf, err := c.wechatServ.GetComponentInfo()
-	if err != nil || conf == nil || conf.Appid == "" {
-		utils.LogError("读取微信配置文件失败", err)
-		c.ResponseRaw(nilData)
-	}
-
 	// 校验接收数据
-	receiveData, err := c.validReceiveData(c.Ctx.Input.RequestBody, conf.Aeskey, wechat)
+	receiveData, err := c.validReceiveData(c.Ctx.Input.RequestBody, c.compConf.Aeskey, wechat)
 	if err != nil {
 		c.ResponseRaw(nilData)
 	}
 	utils.LogInfo("反馈微信内容: ", string(replyMessage))
 
 	// 加密内容
-	sendData, err := c.encryptMessage(replyMessage, conf.Aeskey, conf.OriginToken, wechat)
+	sendData, err := c.encryptMessage(replyMessage, c.compConf.Aeskey, c.compConf.OriginToken, c.compConf.Appid, wechat)
 	if err != nil {
 		c.ResponseRaw(nilData)
 	}
 }
 
 // encryptReceiveMessage 加密需要发送的信息
-func (c *WechatController) encryptMessage(message []byte, aesKey, token string, wechat *component.WxClient) ([]byte, error) {
-	cipher, err := core.NewCipher(token, aesKey, wechat.GetAppID())
+func (c *WechatController) encryptMessage(message []byte, aesKey, token, appID string, wechat *component.WxClient) ([]byte, error) {
+	cipher, err := core.NewCipher(token, aesKey, appID)
 	// cipher, err := core.NewCipher("pamtest", "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG", "wxb11529c136998cb6")
 	if err != nil {
 		utils.LogError("NewCipher 失败: " + err.Error())
 	from := receviceData["ToUserName"]
 	openID := receviceData["FromUserName"]
 	appID := wechat.GetAppID()
+	fromWXOffice := openID == WX_OFFICE_TEST_USERNAME
 
 	// 暂时支持 文本以及订阅事件消息
 	switch msgType {
 	case "text":
-		if replay, err = c.serv.GetAutoReplayByAppID(appID, receviceData["Content"]); err != nil {
+		content := receviceData["Content"]
+
+		// 微信文本消息测试
+		if fromWXOffice {
+			// 普通文本测试, 返回 TESTCOMPONENT_MSG_TYPE_TEXT_callback
+			if content == "TESTCOMPONENT_MSG_TYPE_TEXT" {
+				replay = &model.TaAutoReply{
+					MessageType:      models.MESSAGE_TYPE_PARAGRAPH,
+					MessageParagraph: "TESTCOMPONENT_MSG_TYPE_TEXT_callback",
+					IsUse:            models.AUTOREPLY_IS_USE_ON,
+				}
+
+				// 发送 query_auth_code , 返回空, 并立即调用客服接口
+			} else if strings.Index(content, "QUERY_AUTH_CODE") > -1 {
+				replay = nil
+			}
+			break
+		}
+
+		if replay, err = c.serv.GetAutoReplayByAppID(appID, content); err != nil {
 			utils.LogError("获取微信自动回复信息失败: " + err.Error())
 			return
 		}

models/models.go

 	dns := getMySQLDNS()
 
 	engine, err := xorm.NewEngine(dbType, dns)
-	engine.ShowSQL()
+	// engine.ShowSQL()
 
 	if err != nil {
 		panic(err)

service/sysorg/sysorg.go

 		utils.LogError("删除项目失败: " + err.Error())
 		return errors.New("删除项目失败")
 	}
+
 	if user != nil {
 		return errors.New("当前项目已被用户绑定，请先进行解绑操作")
 	}

service/user/user.go

 
 // CheckUserRoute 判断用户理由
 func (s *UserServ) CheckUserRoute(userId, route, method string) (int, error) {
-
 	if strings.Index(route, "admin") < 0 {
 		return http.StatusOK, nil
 	}
 
 	// 如果没有登录
 	if userId == "" {
+		utils.LogError("当前 API", route)
 		return http.StatusUnauthorized, utils.LogError("请先登录系统")
 	}