Merge remote-tracking branch 'origin/main' into multi-tenant

src/framework/config/config/config.default.yaml

@@ -1,7 +1,7 @@
 # 项目信息
 framework:
   name: "OMC"
-  version: "2.2408.2"
+  version: "2.2408.3"
 
 # 应用服务配置
 server:
@@ -172,6 +172,13 @@ redis:
   # 多个数据源时可以用这个指定默认的数据源
   defaultDataSourceName: "default"
 
+# AES 加密
+aes:
+  # 接口密钥
+  apiKey: "T9ox2DCzpLfJIPzkH9pKhsOTMOEMJcFv"
+  # 网元主机密钥
+  hostKey: "AGT66VfY4SMaiT97a7df0aef1704d5c5"
+
 # 用户配置
 user:
   # 密码

src/framework/constants/result/result.go

@@ -8,8 +8,13 @@ const (
 	// 响应-msg错误失败
 	MSG_ERROR = "error"
 
-	// 响应-msg正常成功
-	CODE_SUCCESS = 1
 	// 响应-code正常成功
+	CODE_SUCCESS = 1
+	// 响应-msg正常成功
 	MSG_SUCCESS = "success"
+
+	// 响应-code加密数据
+	CODE_ENCRYPT = 2
+	// 响应-msg加密数据
+	MSG_ENCRYPT = "encrypt"
 )

src/framework/errorcatch/errorcatch.go

@@ -20,14 +20,14 @@ func ErrorCatch() gin.HandlerFunc {
 
 				// 返回错误响应给客户端
 				if config.Env() == "prod" {
-					c.JSON(500, result.ErrMsg("Internal Server Errors"))
+					c.JSON(500, result.CodeMsg(500, "Internal Server Errors"))
 				} else {
 					// 通过实现 error 接口的 Error() 方法自定义错误类型进行捕获
 					switch v := err.(type) {
 					case error:
-						c.JSON(500, result.ErrMsg(v.Error()))
+						c.JSON(500, result.CodeMsg(500, v.Error()))
 					default:
-						c.JSON(500, result.ErrMsg(fmt.Sprint(err)))
+						c.JSON(500, result.CodeMsg(500, fmt.Sprint(err)))
 					}
 				}
 

src/framework/middleware/crypto_api.go

@@ -0,0 +1,151 @@
+package middleware
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"strings"
+
+	"be.ems/src/framework/config"
+	constResult "be.ems/src/framework/constants/result"
+	"be.ems/src/framework/logger"
+	"be.ems/src/framework/utils/crypto"
+	"be.ems/src/framework/utils/parse"
+	"github.com/gin-gonic/gin"
+)
+
+// CryptoApi 接口加解密
+//
+// 示例参数：middleware.CryptoApi(true, true)
+//
+// 参数表示：对请求解密，对响应加密
+//
+// 请将中间件放在最前置，对请求优先处理
+func CryptoApi(requestDecrypt, responseEncrypt bool) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 请求解密时对请求data注入
+		if requestDecrypt {
+			method := c.Request.Method
+			contentType := c.ContentType()
+			contentDe := ""
+			// 请求参数解析
+			if method == "GET" {
+				contentDe = c.Query("data")
+			} else if contentType == gin.MIMEJSON {
+				var body struct {
+					Data string `json:"data" binding:"required"`
+				}
+				if err := c.ShouldBindJSON(&body); err == nil {
+					contentDe = body.Data
+				}
+			}
+
+			// 是否存在data字段数据
+			if contentDe == "" {
+				c.JSON(400, map[string]any{
+					"code": constResult.CODE_ERROR,
+					"msg":  "decrypt not found field data",
+				})
+				c.Abort() // 停止执行后续的处理函数
+				return
+			}
+
+			// 解密-原数据加密前含16位长度iv
+			apiKey := config.Get("aes.apiKey").(string)
+			dataBodyStr, err := crypto.AESDecryptBase64(contentDe, apiKey)
+			if err != nil {
+				logger.Errorf("CryptoApi decrypt err => %v", err)
+				c.JSON(400, map[string]any{
+					"code": constResult.CODE_ERROR,
+					"msg":  "decrypted data could not be parsed",
+				})
+				c.Abort() // 停止执行后续的处理函数
+				return
+			}
+
+			// 分配回请求体
+			if method == "GET" {
+				var urlParams map[string]any
+				json.Unmarshal([]byte(dataBodyStr), &urlParams)
+				rawQuery := []string{}
+				for k, v := range urlParams {
+					rawQuery = append(rawQuery, fmt.Sprintf("%s=%v", k, v))
+				}
+				c.Request.URL.RawQuery = strings.Join(rawQuery, "&")
+			} else if contentType == gin.MIMEJSON {
+				c.Request.Body = io.NopCloser(bytes.NewBuffer([]byte(dataBodyStr)))
+			}
+		}
+
+		// 响应加密时替换原有的响应体
+		var rbw *replaceBodyWriter
+		if responseEncrypt {
+			rbw = &replaceBodyWriter{
+				body:           &bytes.Buffer{},
+				ResponseWriter: c.Writer,
+			}
+			c.Writer = rbw
+		}
+
+		// 调用下一个处理程序
+		c.Next()
+
+		// 响应加密时对响应data数据进行加密
+		if responseEncrypt {
+			// 满足成功并带数据的响应进行加密
+			if c.Writer.Status() == 200 {
+				var resBody map[string]any
+				json.Unmarshal(rbw.body.Bytes(), &resBody)
+				codeV, codeOk := resBody["code"]
+				dataV, dataOk := resBody["data"]
+				if codeOk && dataOk {
+					if parse.Number(codeV) == constResult.CODE_SUCCESS {
+						byteBodyData, _ := json.Marshal(dataV)
+						// 加密-原数据头加入标记16位长度iv终止符
+						apiKey := config.Get("aes.apiKey").(string)
+						contentEn, err := crypto.AESEncryptBase64("=:)"+string(byteBodyData), apiKey)
+						if err != nil {
+							logger.Errorf("CryptoApi encrypt err => %v", err)
+							rbw.ReplaceWrite([]byte(fmt.Sprintf(`{"code":"%d","msg":"encrypt err"}`, constResult.CODE_ERROR)))
+						} else {
+							// 响应加密
+							byteBody, _ := json.Marshal(map[string]any{
+								"code": constResult.CODE_ENCRYPT,
+								"msg":  constResult.MSG_ENCRYPT,
+								"data": contentEn,
+							})
+							rbw.ReplaceWrite(byteBody)
+						}
+					}
+				} else {
+					rbw.ReplaceWrite(nil)
+				}
+			} else {
+				rbw.ReplaceWrite(nil)
+			}
+		}
+		//
+	}
+}
+
+// replaceBodyWriter 替换默认的响应体
+type replaceBodyWriter struct {
+	gin.ResponseWriter
+	body *bytes.Buffer
+}
+
+// Write 写入响应体
+func (r replaceBodyWriter) Write(b []byte) (int, error) {
+	return r.body.Write(b)
+}
+
+// ReplaceWrite 替换响应体
+func (r *replaceBodyWriter) ReplaceWrite(b []byte) (int, error) {
+	if b == nil {
+		return r.ResponseWriter.Write(r.body.Bytes())
+	}
+	r.body = &bytes.Buffer{}
+	r.body.Write(b)
+	return r.ResponseWriter.Write(r.body.Bytes())
+}

src/framework/middleware/report.go

@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"runtime"
 	"time"
 
 	"be.ems/src/framework/logger"
@@ -18,6 +19,10 @@ func Report() gin.HandlerFunc {
 
 		// 计算请求处理时间，并打印日志
 		duration := time.Since(start)
-		logger.Infof("%s %s report end=> %v", c.Request.Method, c.Request.RequestURI, duration)
+		// logger.Infof("%s %s report end=> %v", c.Request.Method, c.Request.RequestURI, duration)
+		// 获取当前活跃的goroutine数量
+		num := runtime.NumGoroutine()
+		// logger.Infof("当前活跃的goroutine数量 %d\n", num)
+		logger.Infof("\n访问接口 %s %s\n总耗时 %v\n当前活跃的goroutine数量 %d\n", c.Request.Method, c.Request.RequestURI, duration, num)
 	}
 }

src/framework/utils/crypto/aes.go

@@ -10,12 +10,12 @@ import (
 	"io"
 )
 
-// StringEncryptByAES 字符串AES加密
-func StringEncryptByAES(text string) (string, error) {
+// AESEncryptBase64 AES加密转Base64字符串
+func AESEncryptBase64(text, key string) (string, error) {
 	if len(text) == 0 {
 		return "", nil
 	}
-	xpass, err := aesEncryptWithSalt([]byte(text))
+	xpass, err := AESEncrypt([]byte(text), []byte(key))
 	if err != nil {
 		return "", err
 	}
@@ -23,8 +23,8 @@ func StringEncryptByAES(text string) (string, error) {
 	return pass64, nil
 }
 
-// StringDecryptByAES 字符串AES解密
-func StringDecryptByAES(text string) (string, error) {
+// AESDecryptBase64 AES解密解Base64字符串
+func AESDecryptBase64(text, key string) (string, error) {
 	if len(text) == 0 {
 		return "", nil
 	}
@@ -32,21 +32,16 @@ func StringDecryptByAES(text string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-
-	tpass, err := aesDecryptWithSalt(bytesPass)
+	tpass, err := AESDecrypt(bytesPass, []byte(key))
 	if err != nil {
 		return "", err
 	}
 	return string(tpass), nil
 }
 
-// aesKey 字符串AES加解密密钥
-const aesKey = "AGT66VfY4SMaiT97a7df0aef1704d5c5"
-
-// const aesKey = "AGT66VfY4SMaiT97"
-// aesEncryptWithSalt AES加密
-func aesEncryptWithSalt(plaintext []byte) ([]byte, error) {
-	block, err := aes.NewCipher([]byte(aesKey))
+// AESEncrypt AES加密
+func AESEncrypt(plaintext, aeskey []byte) ([]byte, error) {
+	block, err := aes.NewCipher(aeskey)
 	if err != nil {
 		return nil, err
 	}
@@ -68,8 +63,8 @@ func aesEncryptWithSalt(plaintext []byte) ([]byte, error) {
 	return ciphertext, nil
 }
 
-// aesDecryptWithSalt AES解密
-func aesDecryptWithSalt(ciphertext []byte) ([]byte, error) {
+// AESDecrypt AES解密
+func AESDecrypt(ciphertext, aeskey []byte) ([]byte, error) {
 	blockSize := aes.BlockSize
 	if len(ciphertext) < blockSize {
 		return nil, fmt.Errorf("ciphertext too short")
@@ -77,12 +72,14 @@ func aesDecryptWithSalt(ciphertext []byte) ([]byte, error) {
 
 	iv := ciphertext[:blockSize]
 	ciphertext = ciphertext[blockSize:]
+	block, err := aes.NewCipher([]byte(aeskey))
 
-	block, err := aes.NewCipher([]byte(aesKey))
 	if err != nil {
 		return nil, err
 	}
-
+	if len(ciphertext) == 0 {
+		return nil, fmt.Errorf("ciphertext is invalid")
+	}
 	if len(ciphertext)%blockSize != 0 {
 		return nil, fmt.Errorf("ciphertext is not a multiple of the block size")
 	}

src/framework/utils/machine/launch.go

@@ -8,6 +8,7 @@ import (
 	"runtime"
 	"time"
 
+	"be.ems/src/framework/config"
 	"be.ems/src/framework/constants/common"
 	"be.ems/src/framework/logger"
 	"be.ems/src/framework/utils/cmd"
@@ -68,7 +69,8 @@ func codeFileRead() (map[string]any, error) {
 	}
 	content := string(bytes)
 	// 解密
-	contentDe, err := crypto.StringDecryptByAES(content)
+	hostKey := config.Get("aes.hostKey").(string)
+	contentDe, err := crypto.AESDecryptBase64(content, hostKey)
 	if err != nil {
 		logger.Errorf("CodeFileRead decrypt: %v", err.Error())
 		return mapData, fmt.Errorf("decrypt fail")
@@ -86,7 +88,8 @@ func codeFileRead() (map[string]any, error) {
 func codeFileWrite(data map[string]any) error {
 	jsonByte, _ := json.Marshal(data)
 	// 加密
-	contentEn, err := crypto.StringEncryptByAES(string(jsonByte))
+	hostKey := config.Get("aes.hostKey").(string)
+	contentEn, err := crypto.AESEncryptBase64(string(jsonByte), hostKey)
 	if err != nil {
 		logger.Errorf("insert encrypt: %v", err.Error())
 		return fmt.Errorf("encrypt fail")

src/framework/utils/ua/ua.go

@@ -1,8 +1,8 @@
 package ua
 
-import "github.com/mssola/user_agent"
+import "github.com/mssola/useragent"
 
 // 获取user-agent信息
-func Info(userAgent string) *user_agent.UserAgent {
-	return user_agent.New(userAgent)
+func Info(userAgent string) *useragent.UserAgent {
+	return useragent.New(userAgent)
 }

src/framework/vo/result/result.go

@@ -3,7 +3,7 @@ package result
 import (
 	"fmt"
 
-	"be.ems/src/framework/constants/result"
+	constResult "be.ems/src/framework/constants/result"
 )
 
 // CodeMsg 响应结果
@@ -17,8 +17,8 @@ func CodeMsg(code int, msg string) map[string]any {
 // 响应成功结果 map[string]any{}
 func Ok(v map[string]any) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_SUCCESS
-	args["msg"] = result.MSG_SUCCESS
+	args["code"] = constResult.CODE_SUCCESS
+	args["msg"] = constResult.MSG_SUCCESS
 	// v合并到args
 	for key, value := range v {
 		args[key] = value
@@ -29,7 +29,7 @@ func Ok(v map[string]any) map[string]any {
 // 响应成功结果信息
 func OkMsg(msg string) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_SUCCESS
+	args["code"] = constResult.CODE_SUCCESS
 	args["msg"] = msg
 	return args
 }
@@ -37,8 +37,8 @@ func OkMsg(msg string) map[string]any {
 // 响应成功结果数据
 func OkData(data any) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_SUCCESS
-	args["msg"] = result.MSG_SUCCESS
+	args["code"] = constResult.CODE_SUCCESS
+	args["msg"] = constResult.MSG_SUCCESS
 	args["data"] = data
 	return args
 }
@@ -46,8 +46,8 @@ func OkData(data any) map[string]any {
 // 响应失败结果 map[string]any{}
 func Err(v map[string]any) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_ERROR
-	args["msg"] = result.MSG_ERROR
+	args["code"] = constResult.CODE_ERROR
+	args["msg"] = constResult.MSG_ERROR
 	// v合并到args
 	for key, value := range v {
 		args[key] = value
@@ -58,7 +58,7 @@ func Err(v map[string]any) map[string]any {
 // 响应失败结果信息
 func ErrMsg(msg string, fmt ...any) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_ERROR
+	args["code"] = constResult.CODE_ERROR
 	args["msg"] = msg
 	return args
 }
@@ -66,7 +66,7 @@ func ErrMsg(msg string, fmt ...any) map[string]any {
 // 响应失败结果信息
 func ErrMsgFmt(msg string, args ...any) map[string]any {
 	argv := make(map[string]any)
-	argv["code"] = result.CODE_ERROR
+	argv["code"] = constResult.CODE_ERROR
 	argv["msg"] = fmt.Sprintf(msg, args...)
 	return argv
 }
@@ -74,8 +74,8 @@ func ErrMsgFmt(msg string, args ...any) map[string]any {
 // 响应失败结果数据
 func ErrData(data any) map[string]any {
 	args := make(map[string]any)
-	args["code"] = result.CODE_ERROR
-	args["msg"] = result.MSG_ERROR
+	args["code"] = constResult.CODE_ERROR
+	args["msg"] = constResult.MSG_ERROR
 	args["data"] = data
 	return args
 }