From a24c8280c9f56079fd4cf9b31412cbada466bb37 Mon Sep 17 00:00:00 2001 From: lkddi Date: Thu, 2 Apr 2026 15:37:49 +0800 Subject: [PATCH] =?UTF-8?q?feat(wechat):=20=E5=AE=8C=E5=96=84=E5=BE=AE?= =?UTF-8?q?=E4=BF=A1=E7=BE=A4=E7=BB=91=E5=AE=9A=E5=AE=89=E5=85=A8=E7=BB=84?= =?UTF-8?q?=E7=BD=91=E7=BA=A6=E6=9D=9F=EF=BC=8C=E8=A6=81=E6=B1=82=E5=8F=AA?= =?UTF-8?q?=E5=85=81=E8=AE=B8=E5=9C=A8=E6=8C=87=E5=AE=9A=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E7=BE=A4=E5=86=85=E8=BF=9B=E8=A1=8C=E6=89=AB=E7=A0=81=E9=AA=8C?= =?UTF-8?q?=E8=AF=81=E7=BB=91=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Console/Commands/ConsumeWechatMessages.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/app/Console/Commands/ConsumeWechatMessages.php b/app/Console/Commands/ConsumeWechatMessages.php index 3c186dc..dc64ef6 100644 --- a/app/Console/Commands/ConsumeWechatMessages.php +++ b/app/Console/Commands/ConsumeWechatMessages.php @@ -102,8 +102,21 @@ class ConsumeWechatMessages extends Command $fromUser = $msg['from_user']; $isChatroom = $msg['is_chatroom']; - // 绑定逻辑:支持私聊和群聊。只要内容格式为 BD-xxxxxx + // 绑定逻辑:支持私聊和被授权的微信群。只要内容格式为 BD-xxxxxx if (preg_match('/^BD-\d{6}$/i', $content)) { + // 如果是群聊,则仅允许在后台设定的目标通知群里进行扫码绑定 + if ($isChatroom) { + $sysParam = \App\Models\SysParam::where('alias', 'wechat_bot_config')->first(); + $config = $sysParam && ! empty($sysParam->body) ? json_decode($sysParam->body, true) : []; + $allowedGroupWxid = $config['group_notify']['target_wxid'] ?? ''; + + if ($msg['chatroom_id'] !== $allowedGroupWxid) { + $this->info("拒绝绑定:来自非授权群聊 {$msg['chatroom_id']}"); + + return; + } + } + $replyTarget = $isChatroom ? $msg['chatroom_id'] : $fromUser; $this->info("收到潜在绑定请求: {$content} from {$fromUser} (Reply to: {$replyTarget})"); $this->handleBindRequest(strtoupper($content), $fromUser, $replyTarget, $apiService);