feat: 注册短信验证码验证功能已经开启

api/go/handler/admin/admin_handler.go

@@ -36,7 +36,7 @@ func (h *ManagerHandler) Login(c *gin.Context) {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	manager := h.App.AppConfig.Manager
+	manager := h.App.Config.Manager
 	if data.Username == manager.Username && data.Password == manager.Password {
 		err := utils.SetLoginAdmin(c, manager)
 		if err != nil {

api/go/handler/chat_handler.go

@@ -394,7 +394,7 @@ func (h *ChatHandler) doRequest(ctx context.Context, user vo.User, apiKey *strin
 	request = request.WithContext(ctx)
 	request.Header.Add("Content-Type", "application/json")
 
-	proxyURL := h.App.AppConfig.ProxyURL
+	proxyURL := h.App.Config.ProxyURL
 	if proxyURL == "" {
 		client = &http.Client{}
 	} else { // 使用代理

api/go/handler/upload_handler.go

@@ -47,7 +47,7 @@ func (h *UploadHandler) Upload(c *gin.Context) {
 // 生成上传文件路径
 func (h *UploadHandler) genFilePath(filename string) (string, error) {
 	now := time.Now()
-	dir := fmt.Sprintf("%s/upload/%d/%d", h.App.AppConfig.StaticDir, now.Year(), now.Month())
+	dir := fmt.Sprintf("%s/upload/%d/%d", h.App.Config.StaticDir, now.Year(), now.Month())
 	_, err := os.Stat(dir)
 	if err != nil {
 		err = os.MkdirAll(dir, 0755)
@@ -63,5 +63,5 @@ func (h *UploadHandler) genFilePath(filename string) (string, error) {
 func (h *UploadHandler) genFileUrl(filePath string) string {
 	now := time.Now()
 	filename := filepath.Base(filePath)
-	return fmt.Sprintf("%s/upload/%d/%d/%s", h.App.AppConfig.StaticUrl, now.Year(), now.Month(), filename)
+	return fmt.Sprintf("%s/upload/%d/%d/%s", h.App.Config.StaticUrl, now.Year(), now.Month(), filename)
 }

api/go/handler/user_handler.go

@@ -3,6 +3,7 @@ package handler
 import (
 	"chatplus/core"
 	"chatplus/core/types"
+	"chatplus/store"
 	"chatplus/store/model"
 	"chatplus/store/vo"
 	"chatplus/utils"
@@ -21,10 +22,11 @@ type UserHandler struct {
 	BaseHandler
 	db       *gorm.DB
 	searcher *xdb.Searcher
+	levelDB  *store.LevelDB
 }
 
-func NewUserHandler(app *core.AppServer, db *gorm.DB, searcher *xdb.Searcher) *UserHandler {
-	handler := &UserHandler{db: db, searcher: searcher}
+func NewUserHandler(app *core.AppServer, db *gorm.DB, searcher *xdb.Searcher, levelDB *store.LevelDB) *UserHandler {
+	handler := &UserHandler{db: db, searcher: searcher, levelDB: levelDB}
 	handler.App = app
 	return handler
 }
@@ -35,6 +37,8 @@ func (h *UserHandler) Register(c *gin.Context) {
 	var data struct {
 		Username string `json:"username"`
 		Password string `json:"password"`
+		Mobile   string `json:"mobile"`
+		Code     int    `json:"code"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
@@ -52,6 +56,16 @@ func (h *UserHandler) Register(c *gin.Context) {
 		return
 	}
 
+	// 检查验证码
+	key := CodeStorePrefix + data.Mobile
+	code, err := h.levelDB.Get(key)
+	if err != nil || int(code.(float64)) != data.Code {
+		resp.ERROR(c, "短信验证码错误")
+		return
+	} else {
+		_ = h.levelDB.Delete(key) // 删除短信验证码
+	}
+
 	// check if the username is exists
 	var item model.User
 	tx := h.db.Where("username = ?", data.Username).First(&item)
@@ -89,7 +103,7 @@ func (h *UserHandler) Register(c *gin.Context) {
 	var cfg model.Config
 	h.db.Where("marker = ?", "system").First(&cfg)
 	var config types.SystemConfig
-	err := utils.JsonDecode(cfg.Config, &config)
+	err = utils.JsonDecode(cfg.Config, &config)
 	if err != nil || config.UserInitCalls <= 0 {
 		user.Calls = types.UserInitCalls
 	} else {

api/go/handler/verify_handler.go

@@ -0,0 +1,116 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/service"
+	"chatplus/store"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+// 生成验证的控制器
+
+type VerifyHandler struct {
+	BaseHandler
+	sms *service.AliYunSmsService
+	db  *store.LevelDB
+}
+
+const TokenStorePrefix = "/tokens/"
+const CodeStorePrefix = "/codes/"
+
+func NewVerifyHandler(app *core.AppServer, sms *service.AliYunSmsService, db *store.LevelDB) *VerifyHandler {
+	handler := &VerifyHandler{sms: sms, db: db}
+	handler.App = app
+	return handler
+}
+
+type VerifyToken struct {
+	Token     string
+	Timestamp int64
+}
+
+// Token 生成自验证 token
+func (h *VerifyHandler) Token(c *gin.Context) {
+	// 确保是通过浏览器访问
+	if c.GetHeader("Sec-Fetch-Mode") != "cors" {
+		resp.HACKER(c)
+		return
+	}
+
+	token := VerifyToken{
+		Token:     utils.RandString(32),
+		Timestamp: time.Now().Unix(),
+	}
+	json := utils.JsonEncode(token)
+	encrypt, err := utils.AesEncrypt(h.App.Config.AesEncryptKey, []byte(json))
+	if err != nil {
+		resp.ERROR(c, "Token 加密出错")
+		return
+	}
+	err = h.db.Put(TokenStorePrefix+token.Token, token)
+	if err != nil {
+		resp.ERROR(c, "Token 存储失败")
+		return
+	}
+
+	resp.SUCCESS(c, encrypt)
+}
+
+// SendMsg 发送验证码短信
+func (h *VerifyHandler) SendMsg(c *gin.Context) {
+	var data struct {
+		Mobile string `json:"mobile"`
+		Token  string `json:"token"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	decrypt, err := utils.AesDecrypt(h.App.Config.AesEncryptKey, data.Token)
+	if err != nil {
+		resp.ERROR(c, "Token 解密失败")
+		return
+	}
+
+	var token VerifyToken
+	err = utils.JsonDecode(string(decrypt), &token)
+	if err != nil {
+		resp.ERROR(c, "Token 解码失败")
+		return
+	}
+
+	_, err = h.db.Get(TokenStorePrefix + token.Token)
+	if err != nil {
+		resp.HACKER(c)
+		return
+	}
+
+	if time.Now().Unix()-token.Timestamp > 30 {
+		resp.ERROR(c, "Token 已过期，请刷新页面重试")
+		return
+	}
+
+	code := utils.RandomNumber(6)
+	err = h.sms.SendVerifyCode(data.Mobile, code)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	// 每个 token 用完一次立即失效
+	_ = h.db.Delete(TokenStorePrefix + token.Token)
+	// 存储验证码，等待后面注册验证
+	err = h.db.Put(CodeStorePrefix+data.Mobile, code)
+	if err != nil {
+		resp.ERROR(c, "验证码保存失败")
+		return
+	}
+
+	resp.SUCCESS(c)
+}