package controllers import ( "bytes" "crypto/hmac" "crypto/sha256" "encoding/base64" "encoding/hex" "encoding/json" "fmt" "image" "image/jpeg" "io" "math" "net/http" neturl "net/url" "path/filepath" "shudao-chat-go/utils" "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/s3" "github.com/beego/beego/v2/server/web" ) type ShudaoOssController struct { web.Controller } // OSS配置信息 - 延迟初始化 var ( ossBucket string ossAccessKey string ossSecretKey string ossEndpoint string ossRegion = "us-east-1" ossInited = false ) // initOSSConfig 延迟初始化OSS配置 func initOSSConfig() { if ossInited { return } ossConfig := utils.GetOSSConfig() ossBucket = ossConfig["bucket"] ossAccessKey = ossConfig["access_key"] ossSecretKey = ossConfig["secret_key"] ossEndpoint = ossConfig["endpoint"] ossInited = true } // 图片压缩配置 const ( // 目标文件大小(字节) TargetFileSize = 200 * 1024 // 200KB // 最大图片尺寸(像素)- 作为备选方案 MaxImageWidth = 1920 MaxImageHeight = 1080 // JPEG压缩质量范围 MinJPEGQuality = 10 // 最低质量 MaxJPEGQuality = 95 // 最高质量 // 是否启用图片压缩 EnableImageCompression = true ) // 上传响应结构 type UploadResponse struct { StatusCode int `json:"statusCode"` Message string `json:"message"` FileURL string `json:"fileUrl"` FileName string `json:"fileName"` FileSize int64 `json:"fileSize"` } // getS3Session 获取S3会话 func getS3Session() (*session.Session, error) { initOSSConfig() s3Config := &aws.Config{ Credentials: credentials.NewStaticCredentials(ossAccessKey, ossSecretKey, ""), Endpoint: aws.String(ossEndpoint), Region: aws.String(ossRegion), S3ForcePathStyle: aws.Bool(true), DisableSSL: aws.Bool(true), MaxRetries: aws.Int(3), } sess, err := session.NewSession(s3Config) if err != nil { return nil, err } if _, err = sess.Config.Credentials.Get(); err != nil { return nil, fmt.Errorf("凭据验证失败: %v", err) } return sess, nil } // getUTCS3Session 获取UTC时间同步的S3会话 func getUTCS3Session() (*session.Session, error) { initOSSConfig() s3Config := &aws.Config{ Credentials: credentials.NewStaticCredentials(ossAccessKey, ossSecretKey, ""), Endpoint: aws.String(ossEndpoint), Region: aws.String(ossRegion), S3ForcePathStyle: aws.Bool(true), // 强制使用路径样式(OSS兼容性需要) // 移除DisableSSL,因为endpoint已经包含http:// // 移除LogLevel,减少调试输出 // 移除MaxRetries,使用默认值 // 移除S3DisableContentMD5Validation,使用默认值 } // 创建会话 sess, err := session.NewSession(s3Config) if err != nil { return nil, err } // 验证凭据 _, err = sess.Config.Credentials.Get() if err != nil { return nil, fmt.Errorf("凭据验证失败: %v", err) } return sess, nil } // 判断是否为图片文件 func isImageFile(ext string) bool { imageExts := map[string]bool{ ".jpg": true, ".jpeg": true, ".png": true, ".gif": true, ".bmp": true, ".webp": true, ".tiff": true, ".svg": true, ".ico": true, } return imageExts[ext] } // 图片上传接口 func (c *ShudaoOssController) UploadImage() { c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", "*") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Content-Type") if c.Ctx.Request.Method == "OPTIONS" { c.Ctx.ResponseWriter.WriteHeader(200) return } // 获取上传的图片文件 file, header, err := c.GetFile("image") if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "获取上传图片失败: " + err.Error(), } c.ServeJSON() return } defer file.Close() // 检查文件扩展名 ext := strings.ToLower(filepath.Ext(header.Filename)) if !isImageFile(ext) { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "不支持的文件格式,请上传图片文件(jpg, png, gif, bmp, webp等)", } c.ServeJSON() return } // 图片文件大小限制(10MB) if header.Size > 10*1024*1024 { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "图片文件大小超过限制(10MB)", } c.ServeJSON() return } // 生成图片文件名(使用UTC时间) utcNow := time.Now().UTC() timestamp := utcNow.Unix() // 压缩后的图片统一使用.jpg扩展名 fileName := fmt.Sprintf("images/%d/%s_%d.jpg", utcNow.Year(), utcNow.Format("0102"), timestamp) // 读取图片内容 fileBytes, err := io.ReadAll(file) if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "读取图片内容失败: " + err.Error(), } c.ServeJSON() return } // 压缩图片 if EnableImageCompression { compressedBytes, err := compressImage(fileBytes, MaxImageWidth, MaxImageHeight, 0) if err == nil { fileBytes = compressedBytes } } // 获取UTC时间同步的S3会话(解决时区问题) sess, err := getUTCS3Session() if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "创建S3会话失败: " + err.Error(), } c.ServeJSON() return } // 创建S3服务 s3Client := s3.New(sess) // 上传图片到S3 _, err = s3Client.PutObject(&s3.PutObjectInput{ Bucket: aws.String(ossBucket), Key: aws.String(fileName), Body: aws.ReadSeekCloser(strings.NewReader(string(fileBytes))), // 使用与测试文件相同的方式 ACL: aws.String("public-read"), }) if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "上传图片到OSS失败: " + err.Error(), } c.ServeJSON() return } // // 生成预签名URL(1小时有效期) // req, _ := s3Client.GetObjectRequest(&s3.GetObjectInput{ // Bucket: aws.String(ossBucket), // Key: aws.String(fileName), // }) // presignedURL, err := req.Presign(24 * time.Hour) // if err != nil { // fmt.Printf("生成预签名URL失败: %v\n", err) // // 如果预签名URL生成失败,使用简单URL作为备选 // imageURL := fmt.Sprintf("%s/%s", ossEndpoint, fileName) // c.Data["json"] = UploadResponse{ // StatusCode: 200, // Message: "图片上传成功,但预签名URL生成失败", // FileURL: imageURL, // FileName: fileName, // FileSize: header.Size, // } // c.ServeJSON() // return // } permanentURL := fmt.Sprintf("%s/%s/%s", ossEndpoint, ossBucket, fileName) proxyURL := utils.GetProxyURL(permanentURL) c.Data["json"] = UploadResponse{ StatusCode: 200, Message: "图片上传成功", FileURL: proxyURL, FileName: fileName, FileSize: int64(len(fileBytes)), // 使用压缩后的文件大小 } c.ServeJSON() } // 上传PPTjson文件 func (c *ShudaoOssController) UploadPPTJson() { c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", "*") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Content-Type") if c.Ctx.Request.Method == "OPTIONS" { c.Ctx.ResponseWriter.WriteHeader(200) return } // 获取上传的JSON文件 file, header, err := c.GetFile("json") if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "获取上传JSON文件失败: " + err.Error(), } c.ServeJSON() return } defer file.Close() // 检查文件扩展名 ext := strings.ToLower(filepath.Ext(header.Filename)) if ext != ".json" { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "不支持的文件格式,请上传JSON文件(.json)", } c.ServeJSON() return } // JSON文件大小限制(50MB) if header.Size > 50*1024*1024 { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "JSON文件大小超过限制(50MB)", } c.ServeJSON() return } // 生成JSON文件名(使用UTC时间) utcNow := time.Now().UTC() timestamp := utcNow.Unix() fileName := fmt.Sprintf("json/%d/%s_%d%s", utcNow.Year(), utcNow.Format("0102"), timestamp, ext) // 读取JSON内容 fileBytes, err := io.ReadAll(file) if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "读取JSON内容失败: " + err.Error(), } c.ServeJSON() return } // 验证JSON格式 var jsonData interface{} if err := json.Unmarshal(fileBytes, &jsonData); err != nil { c.Data["json"] = UploadResponse{ StatusCode: 400, Message: "JSON格式无效: " + err.Error(), } c.ServeJSON() return } // 获取UTC时间同步的S3会话 sess, err := getUTCS3Session() if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "创建S3会话失败: " + err.Error(), } c.ServeJSON() return } // 创建S3服务 s3Client := s3.New(sess) // 上传JSON到S3 _, err = s3Client.PutObject(&s3.PutObjectInput{ Bucket: aws.String(ossBucket), Key: aws.String(fileName), Body: aws.ReadSeekCloser(strings.NewReader(string(fileBytes))), ACL: aws.String("public-read"), ContentType: aws.String("application/json"), }) if err != nil { c.Data["json"] = UploadResponse{ StatusCode: 500, Message: "上传JSON文件到OSS失败: " + err.Error(), } c.ServeJSON() return } // 生成永久URL permanentURL := fmt.Sprintf("%s/%s/%s", ossEndpoint, ossBucket, fileName) proxyURL := utils.GetProxyURL(permanentURL) c.Data["json"] = UploadResponse{ StatusCode: 200, Message: "JSON文件上传成功", FileURL: proxyURL, FileName: fileName, FileSize: header.Size, } c.ServeJSON() } // ParseOSS OSS代理解析接口,用于代理转发OSS URL请求 func (c *ShudaoOssController) ParseOSS() { // 设置CORS头 c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", "*") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "GET, OPTIONS") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Content-Type") // 处理OPTIONS预检请求 if c.Ctx.Request.Method == "OPTIONS" { c.Ctx.ResponseWriter.WriteHeader(200) return } // 获取URL参数(加密的) encryptedURL := c.GetString("url") if encryptedURL == "" { fmt.Printf("OSS代理请求缺少url参数\n") c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("缺少url参数") return } fmt.Printf("OSS代理请求 - 加密URL: %s\n", encryptedURL) // 解密URL decryptedURL, err := utils.DecryptURL(encryptedURL) if err != nil { fmt.Printf("OSS代理请求 - URL解密失败: %v\n", err) c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("URL解密失败: " + err.Error()) return } fmt.Printf("OSS代理请求 - 解密后URL: %s\n", decryptedURL) // URL解码,处理可能的编码问题 decodedURL, err := neturl.QueryUnescape(decryptedURL) if err != nil { decodedURL = decryptedURL } fmt.Printf("OSS代理请求 - URL解码后: %s\n", decodedURL) var actualOSSURL string // 检查是否是代理URL格式(包含?url=参数) if strings.Contains(decodedURL, "?url=") { fmt.Printf("OSS代理请求 - 检测到嵌套代理URL格式\n") parsedProxyURL, err := neturl.Parse(decodedURL) if err != nil { fmt.Printf("OSS代理请求 - 代理URL解析失败: %v\n", err) c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("代理URL格式无效: " + err.Error()) return } actualOSSURL = parsedProxyURL.Query().Get("url") if actualOSSURL == "" { fmt.Printf("OSS代理请求 - 代理URL中缺少url参数\n") c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("代理URL中缺少url参数") return } fmt.Printf("OSS代理请求 - 从嵌套URL提取的实际URL: %s\n", actualOSSURL) } else { actualOSSURL = decodedURL fmt.Printf("OSS代理请求 - 直接使用解密URL: %s\n", actualOSSURL) } // 验证实际OSS URL格式 parsedOSSURL, err := neturl.Parse(actualOSSURL) if err != nil { fmt.Printf("OSS代理请求 - OSS URL解析失败: %v\n", err) c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("OSS URL格式无效: " + err.Error()) return } if parsedOSSURL.Scheme == "" { fmt.Printf("OSS代理请求 - OSS URL缺少协议方案: %s\n", actualOSSURL) c.Ctx.ResponseWriter.WriteHeader(400) c.Ctx.WriteString("OSS URL缺少协议方案") return } fmt.Printf("OSS代理请求 - 最终请求URL: %s\n", actualOSSURL) // 创建HTTP客户端,设置超时时间 client := &http.Client{ Timeout: 30 * time.Second, } // 发送GET请求到实际的OSS URL resp, err := client.Get(actualOSSURL) if err != nil { fmt.Printf("OSS代理请求 - 连接OSS失败: %v\n", err) c.Ctx.ResponseWriter.WriteHeader(502) c.Ctx.WriteString("无法连接到OSS: " + err.Error()) return } defer resp.Body.Close() fmt.Printf("OSS代理请求 - OSS响应状态码: %d\n", resp.StatusCode) // 检查HTTP状态码 if resp.StatusCode != http.StatusOK { fmt.Printf("OSS代理请求 - OSS返回错误状态码: %d\n", resp.StatusCode) c.Ctx.ResponseWriter.WriteHeader(resp.StatusCode) c.Ctx.WriteString(fmt.Sprintf("OSS返回错误: %d", resp.StatusCode)) return } // 读取响应内容 content, err := io.ReadAll(resp.Body) if err != nil { c.Ctx.ResponseWriter.WriteHeader(500) c.Ctx.WriteString("读取OSS响应失败: " + err.Error()) return } // 获取原始的content-type contentType := resp.Header.Get("content-type") if contentType == "" { contentType = "application/octet-stream" } // 如果OSS返回的是binary/octet-stream或application/octet-stream, // 尝试根据URL文件扩展名推断正确的MIME类型 if contentType == "binary/octet-stream" || contentType == "application/octet-stream" { // 解析URL获取文件路径 parsedURL, err := neturl.Parse(actualOSSURL) if err == nil { filePath := parsedURL.Path // URL解码,处理中文文件名 filePath, err = neturl.QueryUnescape(filePath) if err == nil { // 根据文件扩展名猜测MIME类型 if strings.HasSuffix(strings.ToLower(filePath), ".jpg") || strings.HasSuffix(strings.ToLower(filePath), ".jpeg") { contentType = "image/jpeg" } else if strings.HasSuffix(strings.ToLower(filePath), ".png") { contentType = "image/png" } else if strings.HasSuffix(strings.ToLower(filePath), ".gif") { contentType = "image/gif" } else if strings.HasSuffix(strings.ToLower(filePath), ".pdf") { contentType = "application/pdf" } else if strings.HasSuffix(strings.ToLower(filePath), ".json") { contentType = "application/json" } else if strings.HasSuffix(strings.ToLower(filePath), ".txt") { contentType = "text/plain" } } } } // 设置响应头 c.Ctx.ResponseWriter.Header().Set("Content-Type", contentType) c.Ctx.ResponseWriter.Header().Set("Content-Length", fmt.Sprintf("%d", len(content))) // 转发重要的响应头 importantHeaders := []string{ "content-disposition", "cache-control", "etag", "last-modified", "accept-ranges", } for _, header := range importantHeaders { if value := resp.Header.Get(header); value != "" { c.Ctx.ResponseWriter.Header().Set(header, value) } } // 写入响应内容 c.Ctx.ResponseWriter.WriteHeader(200) c.Ctx.ResponseWriter.Write(content) } // compressImage 压缩图片到目标大小 func compressImage(imageData []byte, maxWidth, maxHeight int, quality int) ([]byte, error) { img, _, err := image.Decode(bytes.NewReader(imageData)) if err != nil { return nil, fmt.Errorf("解码图片失败: %v", err) } originalSize := len(imageData) if originalSize <= TargetFileSize { return imageData, nil } return compressToTargetSize(img, originalSize) } // compressToTargetSize 压缩到目标文件大小 func compressToTargetSize(img image.Image, originalSize int) ([]byte, error) { bounds := img.Bounds() originalWidth := bounds.Dx() originalHeight := bounds.Dy() // 策略1: 先尝试调整质量,不改变尺寸 compressedData, err := compressByQuality(img) if err == nil && len(compressedData) <= TargetFileSize { return compressedData, nil } // 策略2: 如果质量压缩不够,尝试缩小尺寸 targetRatio := float64(TargetFileSize) / float64(originalSize) sizeRatio := math.Sqrt(targetRatio * 0.8) newWidth := int(float64(originalWidth) * sizeRatio) newHeight := int(float64(originalHeight) * sizeRatio) if newWidth < 100 { newWidth = 100 } if newHeight < 100 { newHeight = 100 } resizedImg := resizeImage(img, newWidth, newHeight) return compressByQuality(resizedImg) } // compressByQuality 通过调整质量压缩图片 func compressByQuality(img image.Image) ([]byte, error) { var bestResult []byte var bestSize int = math.MaxInt32 qualities := []int{85, 70, 60, 50, 40, 30, 25, 20, 15, 10} for _, quality := range qualities { var buf bytes.Buffer if err := jpeg.Encode(&buf, img, &jpeg.Options{Quality: quality}); err != nil { continue } currentSize := buf.Len() if currentSize <= TargetFileSize { return buf.Bytes(), nil } if currentSize < bestSize { bestSize = currentSize bestResult = buf.Bytes() } } if bestResult != nil { return bestResult, nil } return nil, fmt.Errorf("压缩失败") } // resizeImage 调整图片尺寸 func resizeImage(img image.Image, newWidth, newHeight int) image.Image { // 创建新的图片 resized := image.NewRGBA(image.Rect(0, 0, newWidth, newHeight)) // 简单的最近邻插值缩放 bounds := img.Bounds() for y := 0; y < newHeight; y++ { for x := 0; x < newWidth; x++ { // 计算原始图片中的对应位置 srcX := int(float64(x) * float64(bounds.Dx()) / float64(newWidth)) srcY := int(float64(y) * float64(bounds.Dy()) / float64(newHeight)) // 确保不超出边界 if srcX >= bounds.Dx() { srcX = bounds.Dx() - 1 } if srcY >= bounds.Dy() { srcY = bounds.Dy() - 1 } resized.Set(x, y, img.At(bounds.Min.X+srcX, bounds.Min.Y+srcY)) } } return resized } // S3策略文档结构 type S3PolicyDocument struct { Expiration string `json:"expiration"` Conditions []interface{} `json:"conditions"` } // S3响应结构 type S3PolicyToken struct { URL string `json:"url"` Fields map[string]string `json:"fields"` Expire int64 `json:"expire"` StatusCode int `json:"statusCode"` } // Upload 生成S3预签名上传凭证 func (c *ShudaoOssController) Upload() { initOSSConfig() c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", "*") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS") c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Content-Type") if c.Ctx.Request.Method == "OPTIONS" { c.Ctx.ResponseWriter.WriteHeader(200) return } userInfo, err := utils.GetUserInfoFromContext(c.Ctx.Input.GetData("userInfo")) if err != nil { c.Data["json"] = map[string]interface{}{"statusCode": 401, "error": "获取用户信息失败"} c.ServeJSON() return } userID := int(userInfo.ID) if userID == 0 { userID = 1 } now := time.Now().UTC() expireTime := int64(1800) expireEnd := now.Unix() + expireTime dateStamp := now.Format("20060102") amzDate := now.Format("20060102T150405Z") expiration := now.Add(time.Duration(expireTime) * time.Second).Format("2006-01-02T15:04:05.000Z") credential := fmt.Sprintf("%s/%s/%s/s3/aws4_request", ossAccessKey, dateStamp, ossRegion) uploadDir := fmt.Sprintf("uploads/%s/%d/", now.Format("0102"), userID) host := fmt.Sprintf("%s/%s", ossEndpoint, ossBucket) policy := S3PolicyDocument{ Expiration: expiration, Conditions: []interface{}{ map[string]string{"bucket": ossBucket}, []interface{}{"starts-with", "$key", uploadDir}, map[string]string{"x-amz-algorithm": "AWS4-HMAC-SHA256"}, map[string]string{"x-amz-credential": credential}, map[string]string{"x-amz-date": amzDate}, []interface{}{"content-length-range", "0", "104857600"}, }, } policyJSON, _ := json.Marshal(policy) policyBase64 := base64.StdEncoding.EncodeToString(policyJSON) signature := generateAWS4Signature(ossSecretKey, dateStamp, ossRegion, policyBase64) c.Data["json"] = S3PolicyToken{ StatusCode: 200, URL: host, Expire: expireEnd, Fields: map[string]string{ "key": uploadDir + "${filename}", "policy": policyBase64, "x-amz-algorithm": "AWS4-HMAC-SHA256", "x-amz-credential": credential, "x-amz-date": amzDate, "x-amz-signature": signature, }, } c.ServeJSON() } // generateAWS4Signature 生成AWS4签名 func generateAWS4Signature(secretKey, dateStamp, region, stringToSign string) string { kDate := hmacSHA256([]byte("AWS4"+secretKey), dateStamp) kRegion := hmacSHA256(kDate, region) kService := hmacSHA256(kRegion, "s3") kSigning := hmacSHA256(kService, "aws4_request") return hex.EncodeToString(hmacSHA256(kSigning, stringToSign)) } // hmacSHA256 HMAC-SHA256计算 func hmacSHA256(key []byte, data string) []byte { mac := hmac.New(sha256.New, key) mac.Write([]byte(data)) return mac.Sum(nil) }