From c82e3d7d7ccddf2802e0b49fad26ccfb5656dd98 Mon Sep 17 00:00:00 2001 From: zhouyonggao <1971162852@qq.com> Date: Tue, 23 Dec 2025 16:21:24 +0800 Subject: [PATCH] =?UTF-8?q?fix(api):=20=E6=94=B9=E8=BF=9B=E8=AE=A4?= =?UTF-8?q?=E8=AF=81=E9=94=99=E8=AF=AF=E8=BF=94=E5=9B=9E=E5=8F=8A=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0=E5=88=86=E9=94=80=E5=95=86=E6=9F=A5=E8=AF=A2=E8=BF=87?= =?UTF-8?q?=E6=BB=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 优化认证中间件,支持根据HTTP状态码和业务code判断认证状态 - 返回更详细的业务错误码和消息,默认消息为“认证失败” - 添加响应头Content-Type为application/json,确保响应格式正确 - 在分销商列表查询中新增creator参数支持 - 支持从请求上下文获取创建者ID列表,结合参数动态构建SQL过滤条件 - 使用OR连接creator参数和上下文创建者ID的过滤条件 - 增加搜索功能,对分销商ID和名称支持模糊查询 - 查询结果默认排序并限制最大返回数量 --- server/internal/api/middleware.go | 16 ++++++++--- server/internal/api/resellers.go | 48 +++++++++++++++++++++++++++++-- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/server/internal/api/middleware.go b/server/internal/api/middleware.go index bf45b2c..529936f 100644 --- a/server/internal/api/middleware.go +++ b/server/internal/api/middleware.go @@ -138,10 +138,18 @@ func withAuth(apiDomain string) func(http.Handler) http.Handler { return } - // 检查认证是否成功 - if authResp.Code != 200 { - errorMsg := fmt.Sprintf("{\"code\":%d,\"message\":\"%s\",\"data\":null}", authResp.Code, authResp.Message) - http.Error(w, errorMsg, http.StatusUnauthorized) + // 检查认证是否成功(支持 HTTP 状态码和业务 code) + if resp.StatusCode != http.StatusOK || authResp.Code != 200 { + // 优先使用业务返回的错误信息 + errorMsg := authResp.Message + if errorMsg == "" { + errorMsg = "认证失败" + } + // 返回原始的业务错误码和消息 + responseBody := fmt.Sprintf("{\"code\":%d,\"message\":\"%s\",\"data\":null}", authResp.Code, errorMsg) + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusUnauthorized) + w.Write([]byte(responseBody)) return } diff --git a/server/internal/api/resellers.go b/server/internal/api/resellers.go index e3cff6b..4a32e9e 100644 --- a/server/internal/api/resellers.go +++ b/server/internal/api/resellers.go @@ -2,6 +2,7 @@ package api import ( "database/sql" + "fmt" "net/http" "strconv" "strings" @@ -25,6 +26,7 @@ func ResellersHandler(resellerDB *sql.DB) http.Handler { func (a *ResellersAPI) list(w http.ResponseWriter, r *http.Request) { q := r.URL.Query().Get("q") + creatorParam := r.URL.Query().Get("creator") limitStr := r.URL.Query().Get("limit") limit := 2000 if limitStr != "" { @@ -32,16 +34,58 @@ func (a *ResellersAPI) list(w http.ResponseWriter, r *http.Request) { limit = n } } - // 不再过滤 creator,返回所有分销商 + + // 从 context 中获取创建者 ID 列表 + creatorIDs := CreatorIDsFrom(r) + + // 构建 SQL 查询 sql1 := "SELECT id, COALESCE(name,'') AS name FROM reseller" args := []interface{}{} + whereClauses := []string{} + + // 构建 creator 过滤条件(URL 参数 OR context 中的创建者 ID) + if creatorParam != "" || len(creatorIDs) > 0 { + creatorConditions := []string{} + + // 添加 URL 参数的 creator 条件 + if creatorParam != "" { + if creatorID, err := strconv.Atoi(creatorParam); err == nil { + creatorConditions = append(creatorConditions, "creator = ?") + args = append(args, creatorID) + } + } + + // 添加 context 中的创建者 ID IN 条件 + if len(creatorIDs) > 0 { + placeholders := []string{} + for _, id := range creatorIDs { + placeholders = append(placeholders, "?") + args = append(args, id) + } + creatorConditions = append(creatorConditions, fmt.Sprintf("creator IN (%s)", strings.Join(placeholders, ","))) + } + + // 使用 OR 连接两个条件 + if len(creatorConditions) > 0 { + whereClauses = append(whereClauses, fmt.Sprintf("(%s)", strings.Join(creatorConditions, " OR "))) + } + } + + // 添加搜索条件 if q != "" { - sql1 += " WHERE CAST(id AS CHAR) LIKE ? OR name LIKE ?" + whereClauses = append(whereClauses, "(CAST(id AS CHAR) LIKE ? OR name LIKE ?)") like := "%" + q + "%" args = append(args, like, like) } + + // 组装 WHERE 子句 + if len(whereClauses) > 0 { + sql1 += " WHERE " + strings.Join(whereClauses, " AND ") + } + sql1 += " ORDER BY id ASC LIMIT ?" args = append(args, limit) + rows, err := a.resellerDB.Query(sql1, args...) if err != nil { fail(w, r, http.StatusInternalServerError, err.Error())