feat: rename qiniu to oss, add admin upload proxy with thumbnail, add dev-login

- Rename all QINIU_* config/code/docs to OSS_* to match actual Alibaba Cloud OSS
- Refactor upload module from internal/common/qiniu to internal/common/upload
- Add backend proxy upload endpoint (POST /api/admin/marketing/upload) to avoid CORS
- Auto-generate compressed thumbnail (800px, JPEG 80%) on admin image upload
- Add dev-login endpoint (POST /api/v1/auth/dev-login) for H5 debugging
- Add imageutil package for server-side image resizing

Made-with: Cursor

internal/common/upload/handler/upload_handler.go

@@ -0,0 +1,169 @@
+package handler
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"net/url"
+	"path"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+
+	"wx_service/config"
+	oss "wx_service/internal/common/oss"
+	uploadservice "wx_service/internal/common/upload/service"
+	"wx_service/internal/middleware"
+	"wx_service/internal/model"
+)
+
+type UploadHandler struct {
+	uploadService *uploadservice.UploadService
+}
+
+func NewUploadHandler(uploadService *uploadservice.UploadService) *UploadHandler {
+	return &UploadHandler{uploadService: uploadService}
+}
+
+type uploadTokenRequest struct {
+	Filename string `json:"filename"`
+}
+
+type callbackPayload struct {
+	Key      string `json:"key"`
+	Hash     string `json:"hash"`
+	Fsize    int64  `json:"fsize"`
+	MimeType string `json:"mimeType"`
+}
+
+type uploadTokenResponse struct {
+	Token        string `json:"token,omitempty"`
+	Key          string `json:"key"`
+	UploadURL    string `json:"upload_url"`
+	ExpireAt     int64  `json:"expire,omitempty"`
+	CDNDomain    string `json:"cdn_domain,omitempty"`
+	OSSAccessKey string `json:"oss_access_key_id,omitempty"`
+	OSSPolicy    string `json:"oss_policy,omitempty"`
+	OSSSignature string `json:"oss_signature,omitempty"`
+}
+
+var extPattern = regexp.MustCompile(`^\.[a-z0-9]{1,10}$`)
+
+// GetUploadToken 返回直传所需的凭证；CDN 为阿里云 OSS 时返回 OSS PostObject 凭证。
+func (h *UploadHandler) GetUploadToken(c *gin.Context) {
+	user := middleware.MustCurrentUser(c)
+
+	var req uploadTokenRequest
+	_ = c.ShouldBindJSON(&req)
+
+	cfg := config.AppConfig.OSS
+	cdnDomain := strings.TrimSpace(cfg.CDNDomain)
+
+	if oss.IsOSSDomain(cdnDomain) && cfg.AccessKey != "" && cfg.SecretKey != "" && cfg.Bucket != "" {
+		ext := path.Ext(req.Filename)
+		if ext == "" || !extPattern.MatchString(strings.ToLower(ext)) {
+			ext = ".jpg"
+		}
+		keyPrefix := strings.Trim(cfg.KeyPrefix, "/")
+		key := fmt.Sprintf("%s/mp_%d/user_%d/%s/%x%s",
+			keyPrefix, user.MiniProgramID, user.ID,
+			time.Now().Format("20060102"), time.Now().UnixNano()&0xffffffff, ext)
+		endpoint := oss.ParseOSSEndpoint(cdnDomain)
+		expireSeconds := cfg.TokenExpireSeconds
+		if expireSeconds <= 0 {
+			expireSeconds = 300
+		}
+		policy, signature, err := oss.PostPolicy(cfg.Bucket, endpoint, key, cfg.SecretKey, expireSeconds)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, model.Error(http.StatusInternalServerError, "生成 OSS 凭证失败"))
+			return
+		}
+		uploadURL := oss.UploadHost(cfg.Bucket, endpoint)
+		cdnHost := "https://" + cfg.Bucket + "." + endpoint + ".aliyuncs.com"
+		c.JSON(http.StatusOK, model.Success(uploadTokenResponse{
+			Key:          key,
+			UploadURL:    uploadURL,
+			CDNDomain:    cdnHost,
+			OSSAccessKey: cfg.AccessKey,
+			OSSPolicy:    policy,
+			OSSSignature: signature,
+		}))
+		return
+	}
+
+	token, err := h.uploadService.CreateUploadToken(user.MiniProgramID, user.ID, req.Filename)
+	if err != nil {
+		if errors.Is(err, uploadservice.ErrUploadNotConfigured) {
+			c.JSON(http.StatusServiceUnavailable, model.Error(http.StatusServiceUnavailable, "未配置上传服务，请联系管理员"))
+			return
+		}
+		c.JSON(http.StatusInternalServerError, model.Error(http.StatusInternalServerError, "获取上传凭证失败，请稍后重试"))
+		return
+	}
+	c.JSON(http.StatusOK, model.Success(token))
+}
+
+// UploadCallback 处理上传回调（无需登录），通过签名验签确保来源可信。
+func (h *UploadHandler) UploadCallback(c *gin.Context) {
+	rawBody, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "读取回调内容失败"))
+		return
+	}
+
+	if err := h.uploadService.VerifyCallbackSignature(c.Request, rawBody); err != nil {
+		switch {
+		case errors.Is(err, uploadservice.ErrUploadNotConfigured):
+			c.JSON(http.StatusServiceUnavailable, model.Error(http.StatusServiceUnavailable, "上传服务未配置"))
+		default:
+			c.JSON(http.StatusUnauthorized, model.Error(http.StatusUnauthorized, "回调验签失败"))
+		}
+		return
+	}
+
+	payload, err := parseCallbackPayload(c.ContentType(), rawBody)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "回调内容格式错误"))
+		return
+	}
+	if strings.TrimSpace(payload.Key) == "" {
+		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "回调内容缺少 key"))
+		return
+	}
+
+	log.Printf("[upload_callback] key=%s hash=%s fsize=%d mimeType=%s", payload.Key, payload.Hash, payload.Fsize, payload.MimeType)
+	c.JSON(http.StatusOK, model.Success(gin.H{"ok": true}))
+}
+
+func parseCallbackPayload(contentType string, raw []byte) (callbackPayload, error) {
+	var payload callbackPayload
+	trimmed := strings.TrimSpace(strings.ToLower(contentType))
+	if strings.Contains(trimmed, "application/json") {
+		if err := json.Unmarshal(raw, &payload); err != nil {
+			return callbackPayload{}, err
+		}
+		return payload, nil
+	}
+
+	values, err := url.ParseQuery(string(raw))
+	if err != nil {
+		return callbackPayload{}, err
+	}
+	payload.Key = strings.TrimSpace(values.Get("key"))
+	payload.Hash = strings.TrimSpace(values.Get("hash"))
+	payload.MimeType = strings.TrimSpace(values.Get("mimeType"))
+	if rawFsize := strings.TrimSpace(values.Get("fsize")); rawFsize != "" {
+		fsize, parseErr := strconv.ParseInt(rawFsize, 10, 64)
+		if parseErr != nil {
+			return callbackPayload{}, parseErr
+		}
+		payload.Fsize = fsize
+	}
+	return payload, nil
+}

internal/common/upload/handler/upload_handler_test.go

@@ -0,0 +1,103 @@
+package handler
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+
+	"wx_service/config"
+	uploadservice "wx_service/internal/common/upload/service"
+)
+
+func TestUploadCallbackSuccess(t *testing.T) {
+	t.Parallel()
+	gin.SetMode(gin.TestMode)
+
+	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
+	h := NewUploadHandler(uploadservice.NewUploadService(cfg))
+
+	body := "key=uploads/test.png&hash=abc&fsize=12&mimeType=image%2Fpng"
+	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+signCallback(req.URL.Path+"\n"+body, cfg.SecretKey))
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+	c.Request = req
+
+	h.UploadCallback(c)
+
+	if w.Code != http.StatusOK {
+		t.Fatalf("status=%d, want=200, body=%s", w.Code, w.Body.String())
+	}
+	if !strings.Contains(w.Body.String(), `"code":200`) {
+		t.Fatalf("unexpected response body: %s", w.Body.String())
+	}
+}
+
+func TestUploadCallbackInvalidSignature(t *testing.T) {
+	t.Parallel()
+	gin.SetMode(gin.TestMode)
+
+	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
+	h := NewUploadHandler(uploadservice.NewUploadService(cfg))
+
+	body := "key=uploads/test.png&hash=abc"
+	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Authorization", "QBox ak-test:bad-sign")
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+	c.Request = req
+
+	h.UploadCallback(c)
+
+	if w.Code != http.StatusUnauthorized {
+		t.Fatalf("status=%d, want=401, body=%s", w.Code, w.Body.String())
+	}
+}
+
+func TestUploadCallbackMissingKey(t *testing.T) {
+	t.Parallel()
+	gin.SetMode(gin.TestMode)
+
+	cfg := config.OSSConfig{AccessKey: "ak-test", SecretKey: "sk-test"}
+	h := NewUploadHandler(uploadservice.NewUploadService(cfg))
+
+	body := "hash=abc&fsize=12"
+	req := httptest.NewRequest(http.MethodPost, "/api/v1/common/upload/oss/callback", strings.NewReader(body))
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+signCallback(req.URL.Path+"\n"+body, cfg.SecretKey))
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+	c.Request = req
+
+	h.UploadCallback(c)
+
+	if w.Code != http.StatusBadRequest {
+		t.Fatalf("status=%d, want=400, body=%s", w.Code, w.Body.String())
+	}
+}
+
+func TestParseCallbackPayloadJSON(t *testing.T) {
+	t.Parallel()
+	raw := []byte(`{"key":"uploads/test.png","hash":"abc","fsize":321,"mimeType":"image/png"}`)
+	got, err := parseCallbackPayload("application/json", raw)
+	if err != nil {
+		t.Fatalf("parseCallbackPayload: %v", err)
+	}
+	if got.Key != "uploads/test.png" || got.Hash != "abc" || got.Fsize != 321 {
+		t.Fatalf("unexpected payload: %+v", got)
+	}
+}
+
+func signCallback(signing, secret string) string {
+	mac := hmac.New(sha1.New, []byte(secret))
+	_, _ = mac.Write([]byte(signing))
+	return base64.URLEncoding.WithPadding(base64.NoPadding).EncodeToString(mac.Sum(nil))
+}

internal/common/upload/service/upload_service.go

@@ -0,0 +1,181 @@
+package service
+
+import (
+	"crypto/hmac"
+	"crypto/rand"
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"path"
+	"regexp"
+	"strings"
+	"time"
+
+	"wx_service/config"
+)
+
+var (
+	ErrUploadNotConfigured  = errors.New("oss upload is not configured")
+	ErrCallbackUnauthorized = errors.New("upload callback unauthorized")
+	ErrCallbackInvalidHeader = errors.New("upload callback authorization header is invalid")
+)
+
+type UploadService struct {
+	cfg config.OSSConfig
+}
+
+func NewUploadService(cfg config.OSSConfig) *UploadService {
+	return &UploadService{cfg: cfg}
+}
+
+type UploadToken struct {
+	Token     string `json:"token"`
+	Key       string `json:"key"`
+	UploadURL string `json:"upload_url"`
+	ExpireAt  int64  `json:"expire"`
+	CDNDomain string `json:"cdn_domain"`
+}
+
+var extPattern = regexp.MustCompile(`^\.[a-z0-9]{1,10}$`)
+
+func (s *UploadService) CreateUploadToken(miniProgramID uint, userID uint, filename string) (UploadToken, error) {
+	if s.cfg.AccessKey == "" || s.cfg.SecretKey == "" || s.cfg.Bucket == "" {
+		return UploadToken{}, ErrUploadNotConfigured
+	}
+
+	expireSeconds := s.cfg.TokenExpireSeconds
+	if expireSeconds <= 0 {
+		expireSeconds = 300
+	}
+	expireAt := time.Now().Add(time.Duration(expireSeconds) * time.Second).Unix()
+
+	ext := strings.ToLower(path.Ext(filename))
+	if !extPattern.MatchString(ext) {
+		ext = ""
+	}
+
+	randomHex, err := randomHex(16)
+	if err != nil {
+		return UploadToken{}, fmt.Errorf("generate random key: %w", err)
+	}
+
+	keyPrefix := strings.Trim(s.cfg.KeyPrefix, "/")
+	key := fmt.Sprintf("%s/mp_%d/user_%d/%s/%s%s",
+		keyPrefix,
+		miniProgramID,
+		userID,
+		time.Now().Format("20060102"),
+		randomHex,
+		ext,
+	)
+
+	putPolicy := map[string]interface{}{
+		"scope":      fmt.Sprintf("%s:%s", s.cfg.Bucket, key),
+		"deadline":   expireAt,
+		"returnBody": `{"key":"$(key)","hash":"$(etag)","fsize":$(fsize),"mimeType":"$(mimeType)"}`,
+	}
+	if callbackURL := strings.TrimSpace(s.cfg.CallbackURL); callbackURL != "" {
+		putPolicy["callbackUrl"] = callbackURL
+		callbackBody := strings.TrimSpace(s.cfg.CallbackBody)
+		if callbackBody == "" {
+			callbackBody = "key=$(key)&hash=$(etag)&fsize=$(fsize)&mimeType=$(mimeType)"
+		}
+		callbackBodyType := strings.TrimSpace(s.cfg.CallbackBodyType)
+		if callbackBodyType == "" {
+			callbackBodyType = "application/x-www-form-urlencoded"
+		}
+		putPolicy["callbackBody"] = callbackBody
+		putPolicy["callbackBodyType"] = callbackBodyType
+	}
+
+	policyJSON, err := json.Marshal(putPolicy)
+	if err != nil {
+		return UploadToken{}, fmt.Errorf("marshal put policy: %w", err)
+	}
+
+	encodedPolicy := urlSafeBase64NoPad(policyJSON)
+	sign := hmacSHA1([]byte(s.cfg.SecretKey), []byte(encodedPolicy))
+	encodedSign := urlSafeBase64NoPad(sign)
+
+	token := fmt.Sprintf("%s:%s:%s", s.cfg.AccessKey, encodedSign, encodedPolicy)
+
+	return UploadToken{
+		Token:     token,
+		Key:       key,
+		UploadURL: s.cfg.UploadURL,
+		ExpireAt:  expireAt,
+		CDNDomain: s.cfg.CDNDomain,
+	}, nil
+}
+
+func (s *UploadService) VerifyCallbackSignature(req *http.Request, rawBody []byte) error {
+	if s.cfg.AccessKey == "" || s.cfg.SecretKey == "" {
+		return ErrUploadNotConfigured
+	}
+
+	authHeader := strings.TrimSpace(req.Header.Get("Authorization"))
+	if authHeader == "" {
+		return ErrCallbackInvalidHeader
+	}
+
+	parts := strings.SplitN(authHeader, " ", 2)
+	if len(parts) != 2 {
+		return ErrCallbackInvalidHeader
+	}
+	scheme := strings.TrimSpace(parts[0])
+	if !strings.EqualFold(scheme, "QBox") {
+		return ErrCallbackInvalidHeader
+	}
+
+	token := strings.TrimSpace(parts[1])
+	tokenParts := strings.SplitN(token, ":", 2)
+	if len(tokenParts) != 2 {
+		return ErrCallbackInvalidHeader
+	}
+	accessKey := strings.TrimSpace(tokenParts[0])
+	providedSign := strings.TrimSpace(tokenParts[1])
+	if accessKey == "" || providedSign == "" {
+		return ErrCallbackInvalidHeader
+	}
+	if accessKey != s.cfg.AccessKey {
+		return ErrCallbackUnauthorized
+	}
+
+	signing := req.URL.Path
+	if req.URL.RawQuery != "" {
+		signing += "?" + req.URL.RawQuery
+	}
+	signing += "\n"
+	signing += string(rawBody)
+
+	expected := urlSafeBase64NoPad(hmacSHA1([]byte(s.cfg.SecretKey), []byte(signing)))
+	if !hmac.Equal([]byte(providedSign), []byte(expected)) {
+		return ErrCallbackUnauthorized
+	}
+	return nil
+}
+
+func hmacSHA1(secret []byte, data []byte) []byte {
+	mac := hmac.New(sha1.New, secret)
+	mac.Write(data)
+	return mac.Sum(nil)
+}
+
+func urlSafeBase64NoPad(data []byte) string {
+	return base64.URLEncoding.WithPadding(base64.NoPadding).EncodeToString(data)
+}
+
+func randomHex(nBytes int) (string, error) {
+	if nBytes <= 0 {
+		return "", fmt.Errorf("invalid random bytes length")
+	}
+	buf := make([]byte, nBytes)
+	if _, err := rand.Read(buf); err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(buf), nil
+}

internal/common/upload/service/upload_service_test.go

@@ -0,0 +1,98 @@
+package service
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"wx_service/config"
+)
+
+func TestCreateUploadTokenWithCallbackPolicy(t *testing.T) {
+	t.Parallel()
+
+	svc := NewUploadService(config.OSSConfig{
+		AccessKey:        "ak-test",
+		SecretKey:        "sk-test",
+		Bucket:           "bucket-test",
+		UploadURL:        "https://bucket.oss-cn-beijing.aliyuncs.com",
+		KeyPrefix:        "uploads/",
+		CallbackURL:      "https://api.example.com/api/v1/common/upload/oss/callback",
+		CallbackBody:     "key=$(key)&hash=$(etag)",
+		CallbackBodyType: "application/x-www-form-urlencoded",
+	})
+
+	token, err := svc.CreateUploadToken(1, 2, "avatar.png")
+	if err != nil {
+		t.Fatalf("CreateUploadToken: %v", err)
+	}
+
+	tokenParts := strings.Split(token.Token, ":")
+	if len(tokenParts) != 3 {
+		t.Fatalf("unexpected token format: %s", token.Token)
+	}
+
+	policyRaw, err := base64.URLEncoding.WithPadding(base64.NoPadding).DecodeString(tokenParts[2])
+	if err != nil {
+		t.Fatalf("decode policy: %v", err)
+	}
+
+	var policy map[string]any
+	if err := json.Unmarshal(policyRaw, &policy); err != nil {
+		t.Fatalf("unmarshal policy: %v", err)
+	}
+
+	if got, _ := policy["callbackUrl"].(string); got != "https://api.example.com/api/v1/common/upload/oss/callback" {
+		t.Fatalf("callbackUrl=%q, want callback endpoint", got)
+	}
+	if got, _ := policy["callbackBody"].(string); got != "key=$(key)&hash=$(etag)" {
+		t.Fatalf("callbackBody=%q, want callback body", got)
+	}
+	if got, _ := policy["callbackBodyType"].(string); got != "application/x-www-form-urlencoded" {
+		t.Fatalf("callbackBodyType=%q, want form type", got)
+	}
+}
+
+func TestVerifyCallbackSignature(t *testing.T) {
+	t.Parallel()
+
+	cfg := config.OSSConfig{
+		AccessKey: "ak-test",
+		SecretKey: "sk-test",
+	}
+	svc := NewUploadService(cfg)
+
+	body := []byte("key=uploads/test.png&hash=abc")
+	req := httptest.NewRequest("POST", "http://example.com/api/v1/common/upload/oss/callback?x=1", strings.NewReader(string(body)))
+	signing := req.URL.Path + "?" + req.URL.RawQuery + "\n" + string(body)
+	sign := urlSafeBase64NoPad(hmacSHA1([]byte(cfg.SecretKey), []byte(signing)))
+	req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+sign)
+
+	if err := svc.VerifyCallbackSignature(req, body); err != nil {
+		t.Fatalf("VerifyCallbackSignature: %v", err)
+	}
+}
+
+func TestVerifyCallbackSignatureInvalid(t *testing.T) {
+	t.Parallel()
+
+	cfg := config.OSSConfig{
+		AccessKey: "ak-test",
+		SecretKey: "sk-test",
+	}
+	svc := NewUploadService(cfg)
+
+	body := []byte("key=uploads/test.png&hash=abc")
+	req := httptest.NewRequest("POST", "http://example.com/api/v1/common/upload/oss/callback", strings.NewReader(string(body)))
+	req.Header.Set("Authorization", "QBox ak-test:bad-sign")
+
+	err := svc.VerifyCallbackSignature(req, body)
+	if err == nil {
+		t.Fatalf("expected signature verification error")
+	}
+	if err != ErrCallbackUnauthorized {
+		t.Fatalf("error=%v, want=%v", err, ErrCallbackUnauthorized)
+	}
+}