feat: add email verification code for registration and optimize email service

- Add POST /user/email/code endpoint to send 6-digit verification code - Require email code verification before completing registration - Add email code cache with 10min TTL and 5/day send rate limit - Fix nil client guard, TLS conn leak, domain parsing, and Resend error body in email pkg - Deploy via ssh inline command using current branch Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 01:47:06 +08:00
parent 9876169c84
commit a29936f31c
7 changed files with 148 additions and 17 deletions
--- a/api/router.go
+++ b/api/router.go
@@ -43,6 +43,7 @@ func SetupRouter(engine *gin.RouterGroup) {
 		userRouter := v1.Group("/user")
 		{
 			userRouter.POST("/sms", userEndpoint.SendVerificationCode)
+			userRouter.POST("/email/code", userEndpoint.SendEmailVerificationCode)
 			userRouter.POST("/register", userEndpoint.RegisterByEmail)
 			userRouter.POST("/login", userEndpoint.LoginByEmail)
 			userRouter.GET("/oauth/google/url", userEndpoint.GetGoogleOAuthUrl)
--- a/api/v1/user/handler.go
+++ b/api/v1/user/handler.go
@@ -106,6 +106,26 @@ func (h *UserEndpoint) GetUserInfo(ctx *gin.Context) {
 	}))
 }

+func (h *UserEndpoint) SendEmailVerificationCode(ctx *gin.Context) {
+	req := model.EmailCodeSendRequest{}
+	if err := ctx.ShouldBindJSON(&req); err != nil {
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeParamError, common.CodeParamErrorMsg))
+		return
+	}
+
+	if err := h.userService.SendEmailCode(ctx, req.Email); err != nil {
+		if bizErr, ok := err.(*common.BusinessError); ok {
+			ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, int(bizErr.Code), bizErr.Message))
+			return
+		}
+		log.Error(ctx, "func", "SendEmailVerificationCode", "msg", "发送邮箱验证码失败", "error", err)
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeSystemError, common.CodeSystemErrorMsg))
+		return
+	}
+
+	ctx.JSON(http.StatusOK, common.SuccessResponse(ctx, model.EmailCodeSendResponse{}))
+}
+
 func (h *UserEndpoint) RegisterByEmail(ctx *gin.Context) {
 	req := model.EmailRegisterRequest{}
 	if err := ctx.ShouldBindJSON(&req); err != nil {
@@ -113,7 +133,7 @@ func (h *UserEndpoint) RegisterByEmail(ctx *gin.Context) {
 		return
 	}

-	uid, err := h.userService.RegisterByEmail(ctx, req.Email, req.Password)
+	uid, err := h.userService.RegisterByEmail(ctx, req.Email, req.Password, req.Code)
 	if err != nil {
 		if bizErr, ok := err.(*common.BusinessError); ok {
 			ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, int(bizErr.Code), bizErr.Message))