diff --git a/app/admin/apis/cos.go b/app/admin/apis/cos.go new file mode 100644 index 0000000000000000000000000000000000000000..46510d17671f508aefbac7a038dec58a34d906e5 --- /dev/null +++ b/app/admin/apis/cos.go @@ -0,0 +1,40 @@ +package apis + +import ( + "go-admin/app/admin/service" + "go-admin/app/admin/service/dto" + "go-admin/common/apis" + + "github.com/gin-gonic/gin" + "github.com/gin-gonic/gin/binding" +) + +type Cos struct { + apis.Api +} + +// GetCosCredential 获取cos临时密钥 +func (e Cos) GetCosCredential(ctx *gin.Context) { + s := service.CosApi{} + err := e.MakeContext(ctx). + MakeOrm(). + Bind(&dto.GetCredentialReq{}, binding.JSON, nil). + MakeService(&s.Service). + Errors + if err != nil { + e.Logger.Error(err) + e.Error(500, err, err.Error()) + return + } + credential, err := s.GetCredential() + if err != nil { + e.Error(500, err, "获取临时密钥失败") + return + } + + e.OK(&dto.GetCredentialResp{ + TmpSecretID: credential.TmpSecretID, + TmpSecretKey: credential.TmpSecretKey, + SessionToken: credential.SessionToken, + }, "查询成功") +} diff --git a/app/admin/router/cos.go b/app/admin/router/cos.go new file mode 100644 index 0000000000000000000000000000000000000000..b05b3f78b05e6983baca338f50bd7da64c876cef --- /dev/null +++ b/app/admin/router/cos.go @@ -0,0 +1,21 @@ +package router + +import ( + "go-admin/app/admin/apis" + + "github.com/gin-gonic/gin" + jwt "github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth" +) + +func init() { + routerCheckRole = append(routerCheckRole, registerCosRouter) +} + +// 需认证的路由代码 +func registerCosRouter(v1 *gin.RouterGroup, authMiddleware *jwt.GinJWTMiddleware) { + api := apis.Cos{} + r := v1.Group("") + { + r.GET("/cos/credential", api.GetCosCredential) + } +} diff --git a/app/admin/router/init_router.go b/app/admin/router/init_router.go index 61fb978acbfbbcb52f1f7683cdf31b12bb74e45b..b72ee0f07fac800b5843b649546abf1b7e2ffa34 100644 --- a/app/admin/router/init_router.go +++ b/app/admin/router/init_router.go @@ -3,10 +3,11 @@ package router import ( "os" + common "go-admin/common/middleware" + "github.com/gin-gonic/gin" log "github.com/go-admin-team/go-admin-core/logger" "github.com/go-admin-team/go-admin-core/sdk" - common "go-admin/common/middleware" ) // InitRouter 路由初始化,不要怀疑,这里用到了 diff --git a/app/admin/service/cos.go b/app/admin/service/cos.go new file mode 100644 index 0000000000000000000000000000000000000000..c73d3721ed64f30e4ac617199356daa24a535ce4 --- /dev/null +++ b/app/admin/service/cos.go @@ -0,0 +1,65 @@ +package service + +import ( + "go-admin/common/service" + "go-admin/config" + "time" + + sts "github.com/tencentyun/qcloud-cos-sts-sdk/go" +) + +type CosApi struct { + service.Service +} + +// GetCredential 获取密钥 +func (e *CosApi) GetCredential() (*sts.Credentials, error) { + c := sts.NewClient(config.ExtConfig.Cloud.SecretId, config.ExtConfig.Cloud.SecretKey, nil) + opt := &sts.CredentialOptions{ + DurationSeconds: int64(time.Hour.Seconds()), + Region: config.ExtConfig.Cos.Region, + Policy: &sts.CredentialPolicy{ + Statement: []sts.CredentialPolicyStatement{ + { + Action: []string{ + // 简单上传 + "name/cos:PostObject", + "name/cos:PutObject", + // 分片上传 + "name/cos:InitiateMultipartUpload", + "name/cos:ListMultipartUploads", + "name/cos:ListParts", + "name/cos:UploadPart", + "name/cos:CompleteMultipartUpload", + }, + Effect: "allow", + Resource: []string{ + // 这里改成允许的路径前缀,可以根据自己网站的用户登录态判断允许上传的具体路径,例子: a.jpg 或者 a/* 或者 * (使用通配符*存在重大安全风险, 请谨慎评估使用) + // 存储桶的命名格式为 BucketName-APPID,此处填写的 bucket 必须为此格式 + "qcs::cos:ap-chengdu:uid/" + config.ExtConfig.Cos.Appid + ":" + config.ExtConfig.Cos. + Bucket + "/*", + }, + // 开始构建生效条件 condition + // 关于 condition 的详细设置规则和COS支持的condition类型可以参考https://cloud.tencent.com/document/product/436/71306 + Condition: map[string]map[string]interface{}{ + /*"ip_equal": map[string]interface{}{ + "qcs:ip": []string{ + "10.217.182.3/24", + "111.21.33.72/24", + }, + },*/ + }, + }, + }, + }, + } + + // case 1 请求临时密钥 + res, err := c.GetCredential(opt) + if err != nil { + e.Log.Errorf("Service GetCredential error:%s", err) + return nil, err + } + + return res.Credentials, nil +} diff --git a/app/admin/service/dto/cos.go b/app/admin/service/dto/cos.go new file mode 100644 index 0000000000000000000000000000000000000000..f54612df164f91903d2437cd2374843f18ae2c91 --- /dev/null +++ b/app/admin/service/dto/cos.go @@ -0,0 +1,12 @@ +package dto + +// GetCredentialReq 功能删除请求参数 +type GetCredentialReq struct { +} + +// GetCredentialResp 功能删除请求参数 +type GetCredentialResp struct { + TmpSecretID string `json:"tmpSecretId,omitempty"` + TmpSecretKey string `json:"tmpSecretKey,omitempty"` + SessionToken string `json:"token,omitempty"` +} diff --git a/config/extend.go b/config/extend.go index bd06e031f35abadde4ffd10ef1b8e72374ce0400..63f8abad8b91a17b4a730d23caca25fc099444b8 100644 --- a/config/extend.go +++ b/config/extend.go @@ -3,14 +3,24 @@ package config var ExtConfig Extend // Extend 扩展配置 -// extend: -// demo: -// name: demo-name +// +// extend: +// demo: +// name: demo-name +// // 使用方法: config.ExtConfig......即可!! type Extend struct { - AMap AMap // 这里配置对应配置文件的结构即可 + Cloud Cloud + Cos Cos } -type AMap struct { - Key string +type Cloud struct { + SecretId string + SecretKey string +} + +type Cos struct { + Appid string + Bucket string + Region string } diff --git a/config/settings.yml b/config/settings.yml index 8e7ed8708d8a4e48d65a3df14a6f489427dba029..8e899946878736c0d42d074797da906dd5b9fd82 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -48,6 +48,13 @@ settings: extend: # 扩展项使用说明 demo: name: data + cloud: + SecretId: AKIDMWQ5TaQ0JL6bpmSr76nDNGsDH4apoXru + SecretKey: nKaZHjuoVw6zcx3sQhiSwA7nCKAk35qL + cos: + appid: 1257779754 + bucket: custom-doc-1257779754 + region: ap-chengdu cache: # redis: # addr: 127.0.0.1:6379 diff --git a/go.mod b/go.mod index 47a81c9c00c644f58618b47c71f3fa6576d94f20..f6bc780494c8d122a2e7737cf09f0be4966d7760 100644 --- a/go.mod +++ b/go.mod @@ -116,6 +116,7 @@ require ( github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect github.com/spf13/cast v1.3.1 // indirect github.com/spf13/pflag v1.0.3 // indirect + github.com/tencentyun/qcloud-cos-sts-sdk v0.0.0-20230614023614-3c390abe0dd8 // indirect github.com/tklauser/go-sysconf v0.3.9 // indirect github.com/tklauser/numcpus v0.3.0 // indirect github.com/tsuyoshiwada/go-gitcmd v0.0.0-20180205145712-5f1f5f9475df // indirect