huang
df76e33105
实现面向个人客户的 7 个认证接口(A1-A7),覆盖资产验证、 微信公众号/小程序登录、手机号绑定/换绑、退出登录完整流程。 主要变更: - 新增 PersonalCustomerOpenID 模型,支持多 AppID 多 OpenID 管理 - 实现有状态 JWT(JWT + Redis 双重校验),支持服务端主动失效 - 扩展微信 SDK:小程序 Code2Session + 3 个 DB 动态工厂函数 - 实现 A1 资产验证 IP 限流(30/min)和 A4 三层验证码限流 - 新增 7 个错误码(1180-1186)和 6 个 Redis Key 函数 - 注册 /api/c/v1/auth/* 下 7 个端点并更新 OpenAPI 文档 - 数据库迁移 000083:新建 tb_personal_customer_openid 表
128 lines
3.5 KiB
YAML
128 lines
3.5 KiB
YAML
# 默认配置文件(嵌入二进制)
|
||
# 敏感配置和必填配置为空,必须通过环境变量设置
|
||
# 环境变量格式:JUNHONG_{SECTION}_{KEY}
|
||
|
||
server:
|
||
address: ":3000"
|
||
read_timeout: "30s"
|
||
write_timeout: "30s"
|
||
shutdown_timeout: "30s"
|
||
prefork: false
|
||
|
||
# 数据库配置(必填项需通过环境变量设置)
|
||
database:
|
||
host: "" # 必填:JUNHONG_DATABASE_HOST
|
||
port: 5432
|
||
user: "" # 必填:JUNHONG_DATABASE_USER
|
||
password: "" # 必填:JUNHONG_DATABASE_PASSWORD(敏感)
|
||
dbname: "" # 必填:JUNHONG_DATABASE_DBNAME
|
||
sslmode: "disable"
|
||
max_open_conns: 25
|
||
max_idle_conns: 10
|
||
conn_max_lifetime: "5m"
|
||
|
||
# Redis 配置(必填项需通过环境变量设置)
|
||
redis:
|
||
address: "" # 必填:JUNHONG_REDIS_ADDRESS
|
||
port: 6379
|
||
password: "" # 可选:JUNHONG_REDIS_PASSWORD(敏感)
|
||
db: 0
|
||
pool_size: 10
|
||
min_idle_conns: 5
|
||
dial_timeout: "5s"
|
||
read_timeout: "3s"
|
||
write_timeout: "3s"
|
||
|
||
# 对象存储配置
|
||
storage:
|
||
provider: "s3"
|
||
temp_dir: "/tmp/junhong-storage"
|
||
s3:
|
||
endpoint: "" # 可选:JUNHONG_STORAGE_S3_ENDPOINT
|
||
region: "" # 可选:JUNHONG_STORAGE_S3_REGION
|
||
bucket: "" # 可选:JUNHONG_STORAGE_S3_BUCKET
|
||
access_key_id: "" # 可选:JUNHONG_STORAGE_S3_ACCESS_KEY_ID(敏感)
|
||
secret_access_key: "" # 可选:JUNHONG_STORAGE_S3_SECRET_ACCESS_KEY(敏感)
|
||
use_ssl: false
|
||
path_style: true
|
||
presign:
|
||
upload_expires: "15m"
|
||
download_expires: "24h"
|
||
|
||
# 日志配置
|
||
logging:
|
||
level: "info"
|
||
development: false
|
||
app_log:
|
||
filename: "/app/logs/app.log"
|
||
max_size: 100
|
||
max_backups: 3
|
||
max_age: 7
|
||
compress: true
|
||
access_log:
|
||
filename: "/app/logs/access.log"
|
||
max_size: 100
|
||
max_backups: 3
|
||
max_age: 7
|
||
compress: true
|
||
|
||
# 任务队列配置
|
||
queue:
|
||
concurrency: 10
|
||
queues:
|
||
critical: 6
|
||
default: 3
|
||
low: 1
|
||
retry_max: 5
|
||
timeout: "10m"
|
||
|
||
# JWT 配置(必填项需通过环境变量设置)
|
||
jwt:
|
||
secret_key: "" # 必填:JUNHONG_JWT_SECRET_KEY(敏感)
|
||
token_duration: "24h"
|
||
access_token_ttl: "24h"
|
||
refresh_token_ttl: "168h"
|
||
|
||
# 中间件配置
|
||
middleware:
|
||
enable_rate_limiter: false
|
||
rate_limiter:
|
||
max: 100
|
||
expiration: "1m"
|
||
storage: "memory"
|
||
|
||
# 客户端配置
|
||
client:
|
||
require_phone_binding: true # 是否要求个人客户绑定手机号
|
||
|
||
# 短信服务配置
|
||
sms:
|
||
gateway_url: "" # 可选:JUNHONG_SMS_GATEWAY_URL
|
||
username: "" # 可选:JUNHONG_SMS_USERNAME
|
||
password: "" # 可选:JUNHONG_SMS_PASSWORD(敏感)
|
||
signature: "" # 可选:JUNHONG_SMS_SIGNATURE
|
||
timeout: "10s"
|
||
|
||
# 默认超级管理员配置(可选)
|
||
default_admin:
|
||
username: ""
|
||
password: ""
|
||
phone: ""
|
||
|
||
# Gateway 服务配置
|
||
gateway:
|
||
base_url: "https://lplan.whjhft.com/openapi"
|
||
app_id: "60bgt1X8i7AvXqkd"
|
||
app_secret: "BZeQttaZQt0i73moF"
|
||
timeout: 30
|
||
|
||
# 微信配置(必填项需通过环境变量设置)
|
||
wechat:
|
||
official_account:
|
||
app_id: "" # 必填:JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_ID
|
||
app_secret: "" # 必填:JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_SECRET(敏感)
|
||
token: "" # 可选:JUNHONG_WECHAT_OFFICIAL_ACCOUNT_TOKEN
|
||
aes_key: "" # 可选:JUNHONG_WECHAT_OFFICIAL_ACCOUNT_AES_KEY(敏感)
|
||
oauth_redirect_url: "" # 可选:JUNHONG_WECHAT_OFFICIAL_ACCOUNT_OAUTH_REDIRECT_URL
|
||
|