feat(auth): add mini program test code endpoint (#51)

2026-04-11 01:49:18 +08:00
parent a6f0bfd4e8
commit 411ded8a0c
7 changed files with 228 additions and 15 deletions
@@ -9,6 +9,7 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/redis/go-redis/v9 v9.17.2
 	golang.org/x/crypto v0.48.0
 	golang.org/x/image v0.38.0
 	gorm.io/driver/mysql v1.6.0
 	gorm.io/driver/sqlite v1.6.0
 	gorm.io/gorm v1.31.1
@@ -45,7 +46,6 @@ require (
 	github.com/ugorji/go/codec v1.3.0 // indirect
 	go.uber.org/mock v0.5.0 // indirect
 	golang.org/x/arch v0.20.0 // indirect
 	golang.org/x/image v0.38.0 // indirect
 	golang.org/x/mod v0.33.0 // indirect
 	golang.org/x/net v0.50.0 // indirect
 	golang.org/x/sync v0.20.0 // indirect
@@ -92,35 +92,21 @@ go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
 go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c=
 golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
 golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
 golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
 golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
 golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/image v0.38.0 h1:5l+q+Y9JDC7mBOMjo4/aPhMDcxEptsX+Tt3GgRQRPuE=
 golang.org/x/image v0.38.0/go.mod h1:/3f6vaXC+6CEanU4KJxbcUZyEePbyKbaLoDOe4ehFYY=
 golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
 golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
 golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
 golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
 golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs=
 golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8=
 golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
 golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM=
 golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
 golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
 golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
 golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
 golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4=
 golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU=
 golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
 golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
 golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
 golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
 golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
 golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
 google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw=
@@ -155,6 +155,11 @@ type updateProfileRequest struct {
 	AvatarURL string `json:"avatar_url"`
 }
 type miniProgramCodeQuery struct {
 	Path  string `form:"path"`
 	Width int    `form:"width"`
 }
 func (h *AuthHandler) UpdateProfile(c *gin.Context) {
 	user := middleware.MustCurrentUser(c)
@@ -181,3 +186,23 @@ func (h *AuthHandler) UpdateProfile(c *gin.Context) {
 		"avatar_url": updated.AvatarURL,
 	}))
 }
 func (h *AuthHandler) GetMiniProgramTestCode(c *gin.Context) {
 	user := middleware.MustCurrentUser(c)
 	var query miniProgramCodeQuery
 	if err := c.ShouldBindQuery(&query); err != nil {
 		c.JSON(http.StatusBadRequest, model.Error(http.StatusBadRequest, "参数错误"))
 		return
 	}
 	codeBytes, err := h.authService.GetMiniProgramTestCode(c.Request.Context(), user.ID, query.Path, query.Width)
 	if err != nil {
 		log.Printf("[get_mini_program_test_code] error: %v", err)
 		c.JSON(http.StatusInternalServerError, model.Error(http.StatusInternalServerError, "获取小程序码失败"))
 		return
 	}
 	c.Header("Cache-Control", "no-store")
 	c.Data(http.StatusOK, "image/png", codeBytes)
 }
@@ -265,3 +265,32 @@ func normalizeAvatarURL(raw string) string {
 	}
 	return text
 }
 func (s *AuthService) GetMiniProgramTestCode(ctx context.Context, userID uint, path string, width int) ([]byte, error) {
 	var user model.User
 	if err := s.db.WithContext(ctx).Select("id, mini_program_id").First(&user, userID).Error; err != nil {
 		return nil, fmt.Errorf("find user: %w", err)
 	}
 	if user.MiniProgramID == 0 {
 		return nil, fmt.Errorf("user mini program id missing")
 	}
 	miniProgram, err := s.miniProgramSvc.GetByID(ctx, user.MiniProgramID)
 	if err != nil {
 		return nil, fmt.Errorf("load mini program: %w", err)
 	}
 	if strings.TrimSpace(path) == "" {
 		path = "pages/nsti/test?resume=0"
 	}
 	if width <= 0 {
 		width = 280
 	}
 	client := s.getWeChatClient(miniProgram)
 	codeBytes, err := client.GetWXACode(ctx, path, width)
 	if err != nil {
 		return nil, fmt.Errorf("get mini program test code: %w", err)
 	}
 	return codeBytes, nil
 }
@@ -0,0 +1,66 @@
 package service
 import (
 	"context"
 	"testing"
 	"gorm.io/driver/sqlite"
 	"gorm.io/gorm"
 	"wx_service/internal/model"
 )
 func newAuthTestDB(t *testing.T) *gorm.DB {
 	t.Helper()
 	db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{})
 	if err != nil {
 		t.Fatalf("open sqlite: %v", err)
 	}
 	if err := db.AutoMigrate(&model.User{}); err != nil {
 		t.Fatalf("auto migrate: %v", err)
 	}
 	return db
 }
 func TestAuthServiceUpdateProfilePersistsUserFields(t *testing.T) {
 	db := newAuthTestDB(t)
 	svc := NewAuthService(db, nil)
 	user := model.User{
 		MiniProgramID: 1,
 		OpenID:        "openid-1",
 		NickName:      "旧昵称",
 		AvatarURL:     "https://example.com/old.png",
 		SessionKey:    "session-1",
 	}
 	if err := db.Create(&user).Error; err != nil {
 		t.Fatalf("seed user: %v", err)
 	}
 	updated, err := svc.UpdateProfile(context.Background(), user.ID, "新昵称", "https://example.com/new.png")
 	if err != nil {
 		t.Fatalf("update profile: %v", err)
 	}
 	if updated.NickName != "新昵称" {
 		t.Fatalf("expected updated nickname, got %q", updated.NickName)
 	}
 	if updated.AvatarURL != "https://example.com/new.png" {
 		t.Fatalf("expected updated avatar, got %q", updated.AvatarURL)
 	}
 	var persisted model.User
 	if err := db.First(&persisted, user.ID).Error; err != nil {
 		t.Fatalf("reload user: %v", err)
 	}
 	if persisted.NickName != "新昵称" {
 		t.Fatalf("expected persisted nickname, got %q", persisted.NickName)
 	}
 	if persisted.AvatarURL != "https://example.com/new.png" {
 		t.Fatalf("expected persisted avatar, got %q", persisted.AvatarURL)
 	}
 }
@@ -1,15 +1,19 @@
 package service
 import (
 	"bytes"
 	"context"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 	"time"
 )
 const weChatCode2SessionURL = "https://api.weixin.qq.com/sns/jscode2session"
 const weChatAccessTokenURL = "https://api.weixin.qq.com/cgi-bin/token"
 const weChatGetWXACodeURL = "https://api.weixin.qq.com/wxa/getwxacode"
 // WeChatClient 调用微信接口获取 session/openid。
 type WeChatClient struct {
@@ -30,6 +34,13 @@ type weChatSessionResponse struct {
 	ErrMsg  string `json:"errmsg"`
 }
 type weChatAccessTokenResponse struct {
 	AccessToken string `json:"access_token"`
 	ExpiresIn   int    `json:"expires_in"`
 	ErrCode     int    `json:"errcode"`
 	ErrMsg      string `json:"errmsg"`
 }
 // WeChatError 表示微信接口级错误。
 type WeChatError struct {
 	Code int
@@ -87,3 +98,98 @@ func (c *WeChatClient) Code2Session(ctx context.Context, code string) (*WeChatSe
 	return &raw.WeChatSession, nil
 }
 func (c *WeChatClient) GetAccessToken(ctx context.Context) (string, error) {
 	query := url.Values{}
 	query.Set("grant_type", "client_credential")
 	query.Set("appid", c.appID)
 	query.Set("secret", c.appSecret)
 	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("%s?%s", weChatAccessTokenURL, query.Encode()), nil)
 	if err != nil {
 		return "", fmt.Errorf("build access token request: %w", err)
 	}
 	resp, err := c.client.Do(req)
 	if err != nil {
 		return "", fmt.Errorf("call wechat access token api: %w", err)
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		return "", fmt.Errorf("wechat access token api unexpected status: %s", resp.Status)
 	}
 	var raw weChatAccessTokenResponse
 	if err := json.NewDecoder(resp.Body).Decode(&raw); err != nil {
 		return "", fmt.Errorf("decode access token response: %w", err)
 	}
 	if raw.ErrCode != 0 {
 		return "", &WeChatError{Code: raw.ErrCode, Msg: raw.ErrMsg}
 	}
 	if raw.AccessToken == "" {
 		return "", fmt.Errorf("wechat access token missing")
 	}
 	return raw.AccessToken, nil
 }
 type getWXACodeRequest struct {
 	Path      string `json:"path"`
 	Width     int    `json:"width,omitempty"`
 	AutoColor bool   `json:"auto_color"`
 	IsHyaline bool   `json:"is_hyaline"`
 }
 type weChatAPIErrorResponse struct {
 	ErrCode int    `json:"errcode"`
 	ErrMsg  string `json:"errmsg"`
 }
 func (c *WeChatClient) GetWXACode(ctx context.Context, path string, width int) ([]byte, error) {
 	accessToken, err := c.GetAccessToken(ctx)
 	if err != nil {
 		return nil, err
 	}
 	body, err := json.Marshal(getWXACodeRequest{
 		Path:      path,
 		Width:     width,
 		AutoColor: false,
 		IsHyaline: true,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("marshal getwxacode request: %w", err)
 	}
 	req, err := http.NewRequestWithContext(
 		ctx,
 		http.MethodPost,
 		fmt.Sprintf("%s?access_token=%s", weChatGetWXACodeURL, url.QueryEscape(accessToken)),
 		bytes.NewReader(body),
 	)
 	if err != nil {
 		return nil, fmt.Errorf("build getwxacode request: %w", err)
 	}
 	req.Header.Set("Content-Type", "application/json")
 	resp, err := c.client.Do(req)
 	if err != nil {
 		return nil, fmt.Errorf("call wechat getwxacode api: %w", err)
 	}
 	defer resp.Body.Close()
 	payload, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, fmt.Errorf("read getwxacode response: %w", err)
 	}
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("wechat getwxacode api unexpected status: %s", resp.Status)
 	}
 	var apiErr weChatAPIErrorResponse
 	if err := json.Unmarshal(payload, &apiErr); err == nil && apiErr.ErrCode != 0 {
 		return nil, &WeChatError{Code: apiErr.ErrCode, Msg: apiErr.ErrMsg}
 	}
 	return payload, nil
 }
@@ -67,6 +67,7 @@ func Register(
 		protected.Use(middleware.RequireUserMiddleware())
 		{
 			protected.PUT("/auth/profile", authHandler.UpdateProfile)
 			protected.GET("/auth/mini-program-test-code", authHandler.GetMiniProgramTestCode)
 			registerCommonRoutes(protected, uploadHandler)
 			registerRemoveWatermarkRoutes(api, protected, videoHandler)
 			registerMembershipRoutes(protected, redeemCodeHandler)