针对腾讯云银行卡4要素校验优化：

1、增加接口校验UserId是否本人；
2、增加 <DailyQuota value="5"/> 每日请求配额配置项，默认次数为5次。

config/config.go

@@ -103,6 +103,7 @@ type TencentCloudConfig struct {
 	SecretId       string
 	SecretKey      string
 	FaceIdEndPoint string
+	DailyQuota     int
 }
 
 func (c *ServiceConfig) Init(path string) error {
@@ -469,40 +470,51 @@ func (c *ServiceConfig) Init(path string) error {
 		SerCfg.TencentCfg.SignKey = signKey.SelectAttrValue("value", "")
 	}
 
-	// Tencent配置
+	// 腾讯云配置
 	tencentCloudsettings := root.SelectElements("TencentCloud")
 	for _, setting := range tencentCloudsettings {
 		// 启用标志
 		enabled := setting.SelectElement("Enabled")
 		if enabled == nil {
-			return errors.New("read tencent enabled failed")
+			return errors.New("read tencentcloud enabled failed")
 		}
 		ret, err := strconv.ParseUint(enabled.SelectAttrValue("value", "0"), 10, 32)
 		if err != nil {
-			return errors.New("read tencent enabled failed")
+			return errors.New("read tencentcloud enabled failed")
 		}
 		SerCfg.TencentCloudCfg.Enabled = int(ret)
 
 		// 密钥ID
 		secretId := setting.SelectElement("SecretId")
 		if secretId == nil {
-			return errors.New("read tencent SecretId failed")
+			return errors.New("read tencentcloud SecretId failed")
 		}
 		SerCfg.TencentCloudCfg.SecretId = secretId.SelectAttrValue("value", "")
 
 		// 密钥key
 		secretKey := setting.SelectElement("SecretKey")
 		if secretKey == nil {
-			return errors.New("read tencent SecretKey failed")
+			return errors.New("read tencentcloud SecretKey failed")
 		}
 		SerCfg.TencentCloudCfg.SecretKey = secretKey.SelectAttrValue("value", "")
 
 		// EndPoint API域名
 		endPoint := setting.SelectElement("FaceIdEndPoint")
 		if endPoint == nil {
-			return errors.New("read tencent EndPoint failed")
+			return errors.New("read tencentcloud EndPoint failed")
 		}
 		SerCfg.TencentCloudCfg.FaceIdEndPoint = endPoint.SelectAttrValue("value", "")
+
+		// 启用标志
+		dailyQuota := setting.SelectElement("DailyQuota")
+		if dailyQuota == nil {
+			return errors.New("read tencentcloud dailyQuota failed")
+		}
+		ret, err = strconv.ParseUint(dailyQuota.SelectAttrValue("value", "0"), 10, 32)
+		if err != nil {
+			return errors.New("read tencentcloud dailyQuota failed")
+		}
+		SerCfg.TencentCloudCfg.DailyQuota = int(ret)
 	}
 
 	// 爱签配置

config/config.xml

@@ -74,5 +74,6 @@
     <SecretId value="AKIDPktwvneP2WqxvmWFsMclmfLLKDyrbAXp"/>
     <SecretKey value="GNH9tX8c6Wls02vhNzUvdLuGMYfeVErM"/>
     <FaceIdEndPoint value="faceid.tencentcloudapi.com"/>
+    <DailyQuota value="5"/>
   </TencentCloud>
 </Configuration>

controllers/tencent-cloud/auth.go

@@ -1,12 +1,14 @@
 package tencetcloud
 
 import (
+	"mtp2_if/config"
 	"mtp2_if/global/app"
 	"mtp2_if/global/e"
 	"mtp2_if/logger"
 	asignService "mtp2_if/services/asign"
 	tencentCloudService "mtp2_if/services/tencent-cloud"
 	"net/http"
+	"strconv"
 
 	"github.com/gin-gonic/gin"
 )
@@ -32,9 +34,14 @@ func BankCard4(c *gin.Context) {
 		return
 	}
 
-	if rsp, err := tencentCloudService.BankCard4EVerification(req); err == nil {
-		appG.Response(http.StatusOK, e.SUCCESS, rsp)
-	} else {
-		appG.ResponseByMsg(http.StatusBadRequest, e.ERROR, err.Error(), nil)
+	if !config.SerCfg.GetDebugMode() {
+		requserid, _ := appG.C.Get("requserid")
+		if requserid != strconv.Itoa(req.UserId) {
+			appG.Response(http.StatusOK, e.SUCCESS, tencentCloudService.BankCard4Rsp{Code: "2", Description: "请求参数非法"})
+			return
+		}
 	}
+
+	rsp := tencentCloudService.BankCard4EVerification(req)
+	appG.Response(http.StatusOK, e.SUCCESS, rsp)
 }

routers/router.go

@@ -868,7 +868,7 @@ func InitRouter() *gin.Engine {
 	tencentCloudR := apiR.Group("TencentCloud")
 	tencentCloudR.Use()
 	{
-		tencentCloudR.POST("BankCard4", tencentcloud.BankCard4)
+		tencentCloudR.Use(token.Auth()).POST("BankCard4", tencentcloud.BankCard4)
 	}
 
 	// ************************* 爱签 *************************

services/tencent-cloud/api.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"mtp2_if/config"
 	"mtp2_if/db"
 	"mtp2_if/logger"
 	"mtp2_if/models"
@@ -21,34 +22,53 @@ type BankCard4Rsp struct {
 	Description string `json:"description"` // 业务结果描述。
 }
 
-func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err error) {
+func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp) {
+	var err error
+
+	var authinfo []byte
+	if req.Type == 1 {
+		if authinfo, err = json.Marshal(req.Person); err != nil {
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
+			return
+		}
+	} else {
+		if authinfo, err = json.Marshal(req.Company); err != nil {
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
+			return
+		}
+	}
+
 	if utils.TencenCloudFaceIdClient == nil {
 		err = fmt.Errorf("腾讯云FaceId客户端未初始化")
 		logger.GetLogger().Errorf("CreateConsoleLoginUrl failed: %s", err.Error())
+		rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 		return
 	}
 
 	// 校验入参
 	if req.Type == 1 && req.Person == nil {
 		err = errors.New("缺少参数")
+		rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 		return
 	}
 	if req.Type == 2 && req.Company == nil {
 		err = errors.New("缺少参数")
+		rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 		return
 	}
 
 	// 从交易库中获取类型为实名认证的电子签信息
-	var authinfo []byte
 	var record models.Useresignrecord
 	var has bool
 	has, err = db.GetEngine().Where("TEMPLATETYPE = 5 AND USERID = ?", req.UserId).Get(&record)
 	if err != nil {
+		rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 		return
 	}
 	if !has {
-		err = errors.New("无对应实名认证记录信息")
-		logger.GetLogger().Error("无对应实名认证记录信息, userId:", req.UserId)
+		// err = errors.New("无对应实名认证记录信息")
+		// logger.GetLogger().Error("无对应实名认证记录信息, userId:", req.UserId)
+		rsp = BankCard4Rsp{Code: "0", Description: "认证通过"}
 		return
 	}
 	if record.RECORDSTATUS == 3 {
@@ -56,6 +76,7 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 		if record.AUTHINFO == "" {
 			err = errors.New("实名认证记录信息异常")
 			logger.GetLogger().Error("实名认证记录信息异常, userId:", req.UserId)
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 			return
 		}
 		if req.Type == 1 {
@@ -63,6 +84,7 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 			var oriAuthInfo reqModels.PersonBankCard4
 			err = json.Unmarshal([]byte(record.AUTHINFO), &oriAuthInfo)
 			if err != nil {
+				rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 				return
 			}
 			if oriAuthInfo.RealName == req.Person.RealName &&
@@ -70,14 +92,12 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 				oriAuthInfo.BankCard == req.Person.BankCard &&
 				oriAuthInfo.Mobile == req.Person.Mobile {
 				// 信息一致，则直接返回已实名
-				err = errors.New("账户已实名")
-				logger.GetLogger().Error("账户已实名, userId:", req.UserId)
+				// err = errors.New("账户已实名")
+				// logger.GetLogger().Error("账户已实名, userId:", req.UserId)
+				rsp = BankCard4Rsp{Code: "0", Description: "认证通过"}
 				return
 			} else {
 				// 信息不一致，重新进行实名认证
-				if authinfo, err = json.Marshal(req.Person); err != nil {
-					return
-				}
 				sql := fmt.Sprintf(`
 					UPDATE useresignrecord
 					SET RECORDSTATUS = 1,
@@ -87,6 +107,7 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 				`, string(authinfo), req.UserId)
 				_, err = db.GetEngine().Exec(sql)
 				if err != nil {
+					rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 					return
 				}
 			}
@@ -95,6 +116,7 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 			var oriAuthInfo reqModels.CompanyBankCard4
 			err = json.Unmarshal([]byte(record.AUTHINFO), &oriAuthInfo)
 			if err != nil {
+				rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 				return
 			}
 			if oriAuthInfo.CompanyName == req.Company.CompanyName &&
@@ -104,14 +126,12 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 				oriAuthInfo.BankCard == req.Company.BankCard &&
 				oriAuthInfo.Mobile == req.Company.Mobile {
 				// 信息一致，则直接返回已实名
-				err = errors.New("账户已实名")
-				logger.GetLogger().Error("账户已实名, userId:", req.UserId)
+				// err = errors.New("账户已实名")
+				// logger.GetLogger().Error("账户已实名, userId:", req.UserId)
+				rsp = BankCard4Rsp{Code: "0", Description: "认证通过"}
 				return
 			} else {
 				// 信息不一致，重新进行实名认证
-				if authinfo, err = json.Marshal(req.Company); err != nil {
-					return
-				}
 				sql := fmt.Sprintf(`
 					UPDATE useresignrecord
 					SET RECORDSTATUS = 1,
@@ -121,6 +141,7 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 				`, string(authinfo), req.UserId)
 				_, err = db.GetEngine().Exec(sql)
 				if err != nil {
+					rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 					return
 				}
 			}
@@ -133,14 +154,35 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 		sql := fmt.Sprintf(`
 					UPDATE useresignrecord
 					SET RECORDSTATUS = 3,
-						UPDATETIME = SYSDATE
+						UPDATETIME = SYSDATE,
+						AUTHINFO = '%v'
 					WHERE USERID = %v AND TEMPLATETYPE = 5 
-				`, req.UserId)
+				`, string(authinfo), req.UserId)
 		_, err = db.GetEngine().Exec(sql)
 		if err == nil {
 			rsp = BankCard4Rsp{Code: "0", Description: "认证通过"}
 		}
 	} else {
+		// 判断当日是否已经超过配额
+		type FeeCount struct {
+			FeeCount int `xorm:"FEECOUNT"`
+		}
+		feeCount := FeeCount{}
+		sql := fmt.Sprintf(`select count(t.logid) FEECOUNT 
+							from USERESIGNRECORDLOG t 
+							where t.userid = %d and trunc(t.createtime) = trunc(sysdate) and t.feeflag = 1`, req.UserId)
+		has, err = db.GetEngine().SQL(sql).Get(&feeCount)
+		if err != nil {
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
+			return
+		}
+		if has {
+			if feeCount.FeeCount >= config.SerCfg.TencentCloudCfg.DailyQuota {
+				rsp = BankCard4Rsp{Code: "3", Description: "次数超过每日配额"}
+				return
+			}
+		}
+
 		// 个人
 		// 调用腾讯云接口
 		// request := &v20180301.BankCard4EVerificationRequest{
@@ -159,11 +201,13 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 		response, err = utils.TencenCloudFaceIdClient.BankCard4EVerification(request)
 		if err != nil {
 			logger.GetLogger().Error("调用腾讯云实名认证接口发生错误：", err.Error())
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 			return
 		}
 		if response.Response.Result == nil {
 			err = errors.New("返回结果为空")
 			logger.GetLogger().Error("调用腾讯云实名认证接口发生错误：", err.Error())
+			rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
 			return
 		}
 
@@ -197,7 +241,6 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 		case "0", "-1", "-6", "-7", "-8", "-9", "-10", "-11", "-12", "-13", "-14", "-15", "-16", "-17":
 			feeFlag = 1
 		}
-		var sql string
 		sql, _ = builder.Insert(
 			builder.Eq{
 				"LOGID":            "SEQ_USERESIGNRECORDLOG.nextval",
@@ -215,23 +258,23 @@ func BankCard4EVerification(req reqModels.BankCard4Req) (rsp BankCard4Rsp, err e
 		sql = strings.ReplaceAll(sql, "'SYSDATE'", "SYSDATE")
 		db.GetEngine().Exec(sql)
 
-		if *response.Response.Result != "0" {
-			err = errors.New("返回结果失败，错误码(" + *response.Response.Result + ")，返回信息(" + response.ToJsonString() + ")")
-			logger.GetLogger().Error("调用腾讯云实名认证接口返回结果不成功：", err.Error())
-			return
-		}
-
-		// 返回结果结果，更新记录状态
-		sql = fmt.Sprintf(`
+		if *response.Response.Result == "0" {
+			// 返回结果结果，更新记录状态
+			sql = fmt.Sprintf(`
 					UPDATE useresignrecord
 					SET RECORDSTATUS = 3,
-						UPDATETIME = SYSDATE
+						UPDATETIME = SYSDATE,
+						AUTHINFO = '%v'
 					WHERE USERID = %v AND TEMPLATETYPE = 5 
-				`, req.UserId)
-		_, err = db.GetEngine().Exec(sql)
-		if err == nil {
-			rsp = BankCard4Rsp{Code: "0", Description: "认证通过"}
+				`, string(authinfo), req.UserId)
+			_, err = db.GetEngine().Exec(sql)
+			if err != nil {
+				rsp = BankCard4Rsp{Code: "1", Description: err.Error()}
+				return
+			}
 		}
+
+		rsp = BankCard4Rsp{Code: *response.Response.Result, Description: *response.Response.Description}
 	}
 
 	return