8.6 KiB
8.6 KiB
External Integrations
Analysis Date: 2026-03-21
APIs & External Services
WeChat Mini Program:
- Service: WeChat Mini Program (微信小程序)
- Purpose: User authentication, phone number retrieval, QR code generation, subscribe messages, short links, URL schemes, shipping queries
- SDK/Client: Custom HTTP client in
internal/pkg/wechat/andinternal/pkg/miniprogram/ - Key files:
internal/pkg/wechat/code2session.go,internal/pkg/wechat/phone_number.go,internal/pkg/wechat/decrypt.go,internal/pkg/wechat/qrcode.go,internal/pkg/miniprogram/access_token.go,internal/pkg/miniprogram/subscribe.go - Auth:
configs.Wechat.AppID/configs.Wechat.AppSecret(config keys:wechat.app_id,wechat.app_secret) - Template:
configs.Wechat.LotteryResultTemplateIDfor subscribe messages
WeChat Pay:
- Service: WeChat Pay API v3 (微信支付)
- Purpose: Payment processing for game activities
- SDK/Client:
github.com/wechatpay-apiv3/wechatpay-go v0.2.21 - Key files:
internal/pkg/pay/wechat.go,internal/pkg/pay/client.go - Auth: Merchant ID (
WECHAT_MCHID), API v3 key (WECHAT_API_V3_KEY), serial number (WECHAT_SERIAL_NO), RSA private key (WECHAT_PRIVATE_KEY_PATH) - Supports dynamic config override from
sysconfigservice (Base64 private key stored in DB) - Notify URL:
WECHAT_NOTIFY_URL(callback for payment results)
Douyin (TikTok) / 抖店:
- Service: Douyin Mini Program + 抖店 (TikTok Shop) API
- Purpose: User auth, order synchronization, product rewards, Douyin access token
- SDK/Client: Custom HTTP client in
internal/pkg/douyin/ - Key files:
internal/pkg/douyin/access_token.go,internal/pkg/douyin/code2session.go,internal/pkg/douyin/phonenumber.go - External endpoint:
https://developer.toutiao.com/api/apps/v2/token - Auth:
configs.Douyin.AppID/configs.Douyin.AppSecret(read from dynamic sysconfig at runtime) - Background task:
douyinsvc.StartDouyinOrderSync()runs scheduled order sync
Aliyun SMS (阿里云短信):
- Service: Alibaba Cloud Dysms (短信服务)
- Purpose: SMS verification code delivery
- SDK/Client:
github.com/alibabacloud-go/dysmsapi-20170525/v4 v4.1.3+github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.13 - Key files:
internal/pkg/sms/aliyun.go - External endpoint:
dysmsapi.aliyuncs.com - Auth:
ALIYUN_SMS_ACCESS_KEY_ID/ALIYUN_SMS_ACCESS_KEY_SECRET - Config:
ALIYUN_SMS_SIGN_NAME,ALIYUN_SMS_TEMPLATE_CODE
Tencent COS (腾讯云对象存储):
- Service: Tencent Cloud Object Storage
- Purpose: File uploads (images, game assets, user avatars)
- SDK/Client:
github.com/tencentyun/cos-go-sdk-v5 v0.7.37 - Auth:
configs.COS.SecretID/configs.COS.SecretKey - Config:
configs.COS.Bucket(e.g.,keaiya-1259195914),configs.COS.Region(e.g.,ap-shanghai),configs.COS.BaseURL(optional CDN URL)
Data Storage
Databases:
-
MySQL (primary)
- Connection: Read replica via
MYSQL_READ_ADDR/MYSQL_ADDR; Write master viaMYSQL_WRITE_ADDR/MYSQL_ADDR - User:
MYSQL_USER, Password:MYSQL_PASS, DB name:MYSQL_NAME - Client: GORM v1.25.9 (
gorm.io/gorm) withgorm.io/driver/mysql v1.5.2 - Pool: max 100 open connections, 5 idle, 2 min lifetime
- Read/write split: manual two-connection pattern (
GetDbR()/GetDbW()) ininternal/repository/mysql/mysql.go - Generated DAOs:
internal/repository/mysql/dao/*.gen.go - Generated models:
internal/repository/mysql/model/*.gen.go - Do NOT edit
.gen.gofiles directly
- Connection: Read replica via
-
SQLite (test only)
- Used in test helpers (
internal/repository/mysql/testrepo_sqlite.go) for in-memory unit tests - Driver:
gorm.io/driver/sqlite v1.4.3
- Used in test helpers (
File Storage:
- Tencent COS - all uploaded files (see COS section above)
- Local filesystem for logs (
./logs/mini-chat-access.log) with rotation via lumberjack
Caching:
- Redis (single-node)
- Connection:
REDIS_ADDR(default in dev:127.0.0.1:6379),REDIS_PASS, DB index fromconfigs.Redis.DB - Client:
github.com/redis/go-redis/v9 v9.17.2 - Singleton initialized in
internal/pkg/redis/redis.goviaredis.Init() - Pool: 20 connections, dial timeout 5s, read/write timeout 3s
- Used for: activity settlement, task center worker, session management
- Test:
github.com/alicebob/miniredis/v2 v2.36.1for in-memory Redis in tests
- Connection:
Authentication & Identity
Admin JWT:
- Provider: Custom JWT (HS256)
- Implementation:
internal/pkg/jwtoken/jwtoken.go - Middleware:
internal/router/interceptor/admin_auth.go - Secret:
ADMIN_JWT_SECRETenv var (falls back toconfigs.JWT.AdminSecret) - Token payload:
proposal.SessionUserInfo(user ID, role, session info) - Token verification: signature + user active + token hash match (prevents concurrent sessions)
App User JWT (WeChat/Douyin users):
- Provider: Custom JWT (HS256)
- Middleware:
internal/router/interceptor/app_auth.go - Secret:
configs.JWT.PatientSecret(config key:jwt.patient_secret) - Separate secret from admin tokens
RBAC (Admin):
- Implementation:
internal/router/interceptor/admin_rbac.go - Pattern: Role-based —
RequireAdminRole()checks any role assigned;RequireAdminAction(mark)checks specific action permission
Internal Service Auth:
- Pattern:
X-Internal-Keyheader check for internal API endpoints (/api/internal/*) - Secret:
configs.Internal.ApiKey(env: hardcoded fallbackbindbox-internal-secret-2024) - Used for Nakama game server communication
Blacklist:
- Implementation:
internal/router/interceptor/blacklist.go - Token blacklisting support (likely Redis-backed)
Monitoring & Observability
Distributed Tracing:
- Service: OpenTelemetry (OTLP HTTP) — compatible with Grafana Tempo
- SDK:
go.opentelemetry.io/otel v1.39.0+otlptracehttpexporter - Implementation:
internal/pkg/otel/otel.go,internal/pkg/otel/middleware.go - Config:
configs.Otel.Enabled(bool),configs.Otel.Endpoint(e.g.,tempo:4318) - Middleware applied in
internal/router/router.gowhen enabled - Gin middleware traces all HTTP requests
Metrics:
- Service: Prometheus
- SDK:
github.com/prometheus/client_golang v1.17.0 - Implementation:
internal/metrics/package (referenced in proposal)
Logging:
- Framework: Uber Zap
go.uber.org/zap v1.26.0 - Custom wrapper:
internal/pkg/logger/logger.go - File rotation:
gopkg.in/natefinch/lumberjack.v2 v2.2.1 - Log file:
./logs/mini-chat-access.log - Log levels: debug, info, warn, error, fatal
Profiling:
- pprof endpoint enabled in dev via
github.com/gin-contrib/pprof v1.4.0 - Enabled in router:
core.WithEnablePProf()
Error Tracking:
- Custom alert handler:
internal/alert/package - Registered via
core.WithAlertNotify(alert.NotifyHandler())in router
CI/CD & Deployment
Containerization:
- Docker multi-stage build:
Dockerfile - Build image:
golang:1.24-alpine - Runtime image:
alpine:latest - Port:
9991 - Health check:
GET http://localhost:9991/system/health - Example image:
zfc931912343/bindbox-game:v1.10
Build Targets:
- Linux (amd64):
make build-linux→ binarybindboxgame_api - macOS:
make build-mac - Windows:
make build-win→bindboxgame_api.exe
CI Pipeline:
- Not detected in codebase (no GitHub Actions / CI config files found)
Environment Configuration
Required env vars (production):
ENV— Environment selector (dev/fat/uat/pro)MYSQL_ADDRorMYSQL_READ_ADDR+MYSQL_WRITE_ADDRMYSQL_USER,MYSQL_PASS,MYSQL_NAMEREDIS_ADDR,REDIS_PASSWECHAT_MCHID,WECHAT_SERIAL_NO,WECHAT_API_V3_KEY,WECHAT_PRIVATE_KEY_PATH,WECHAT_NOTIFY_URLALIYUN_SMS_ACCESS_KEY_ID,ALIYUN_SMS_ACCESS_KEY_SECRET,ALIYUN_SMS_SIGN_NAME,ALIYUN_SMS_TEMPLATE_CODEADMIN_JWT_SECRET
Secrets location:
- Primary: TOML config files embedded in binary (
configs/*.toml) — note dev TOML contains real credentials (security concern) - Override: Environment variables at runtime (preferred for production)
- WeChat Pay private key: file path or Base64 in
sysconfigDB table (dynamic config)
Webhooks & Callbacks
Incoming:
- WeChat Pay payment notification:
configs.WechatPay.NotifyURL(WECHAT_NOTIFY_URL) — called by WeChat servers to deliver payment results; handled ininternal/api/pay/package - Douyin order notification:
configs.Douyin.NotifyURL— callback for Douyin order events
Outgoing:
- Douyin access token refresh:
POST https://developer.toutiao.com/api/apps/v2/token - Aliyun SMS send:
POST https://dysmsapi.aliyuncs.com - WeChat API calls: Various WeChat Mini Program endpoints for auth, phone, subscribe messages
- Tencent COS: Object upload/download operations
Integration audit: 2026-03-21