From 25a07b9f0e35b30f2a267fa38fb7a384a78b1e7a Mon Sep 17 00:00:00 2001
From: mozzie <himozzie@foxmail.com>
Date: Tue, 21 Mar 2023 21:47:03 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20token=E7=BB=AD=E7=AD=BE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/server/src/config/base.config.ts         | 19 ++++++++---
 .../src/controller/course.controller.ts       |  4 +--
 apps/server/src/controller/user.controller.ts | 33 +++++++++++--------
 apps/server/src/middleware/auth.middleware.ts | 26 ++++++++++++---
 4 files changed, 58 insertions(+), 24 deletions(-)

diff --git a/apps/server/src/config/base.config.ts b/apps/server/src/config/base.config.ts
index 7db565a..12e80cd 100644
--- a/apps/server/src/config/base.config.ts
+++ b/apps/server/src/config/base.config.ts
@@ -1,7 +1,18 @@
 export const globalPrefix = '/api/v1';
 
-export const adminSign = '_sign_admin';
-export const adminSignExpired = 60 * 1000 * 10; // 10分钟
+const hour = 60 * 60 * 1000;
 
-export const webSign = '_sign_web';
-export const webSignExpired = 60 * 1000 * 100; // 10分钟
+export const ADMIN = {
+  SIGN: '_sign_admin',
+  EXPIRED: 24 * hour,
+};
+
+export const WEB = {
+  SIGN: '_sign_web',
+  EXPIRED: 72 * hour,
+};
+
+/**
+ * 最后1小时续签
+ */
+export const SIGN_DEADLINE = 1 * hour;
diff --git a/apps/server/src/controller/course.controller.ts b/apps/server/src/controller/course.controller.ts
index fe21575..5efada4 100644
--- a/apps/server/src/controller/course.controller.ts
+++ b/apps/server/src/controller/course.controller.ts
@@ -1,7 +1,7 @@
 import { Body, Controller, Inject, Post } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
-import { webSign } from '../config/base.config';
+import { WEB } from '../config/base.config';
 import { CourseCreateDTO } from '../dto/course.dto';
 import { ChapterService } from '../service/chapter.service';
 import { CourseService } from '../service/course.service';
@@ -61,7 +61,7 @@ export class CourseController {
   async selectDetailByCourseId(@Body() params) {
     const { course_id } = params;
     try {
-      const token = this.ctx.cookies.get(webSign);
+      const token = this.ctx.cookies.get(WEB.SIGN);
       const { user_login } = decodeToken(token);
       const user = await this.userService.select({ user_login });
       // 用户订阅鉴权
diff --git a/apps/server/src/controller/user.controller.ts b/apps/server/src/controller/user.controller.ts
index b4107e4..1b9f642 100644
--- a/apps/server/src/controller/user.controller.ts
+++ b/apps/server/src/controller/user.controller.ts
@@ -1,12 +1,6 @@
 import { Body, Controller, Get, Inject, Post } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
-import {
-  adminSign,
-  adminSignExpired,
-  webSign,
-  webSignExpired,
-} from '../config/base.config';
 import { UserAdminAuthDTO, UserWebAuthDTO } from '../dto/user.dto';
 import { XCodeService } from '../service/xcode.service';
 import { UserService } from '../service/user.service';
@@ -15,7 +9,7 @@ import { SmsService } from '../service/sms.service';
 import { SmsDTO } from '../dto/sms.dto';
 import { RedisService } from '@midwayjs/redis';
 import * as CryptoJS from 'crypto-js';
-
+import { ADMIN, WEB } from '../config/base.config';
 @Controller('/user')
 export class UserController {
   @Inject()
@@ -46,9 +40,15 @@ export class UserController {
       const payload = userExist?.id
         ? userExist
         : await this.userService.createUser(params);
-      const token = createToken({ ...payload, hasLogin: true });
-      this.ctx.cookies.set(webSign, token, {
-        expires: new Date(Date.now() + webSignExpired),
+      const expiredIn = new Date(Date.now() + WEB.EXPIRED);
+      const token = createToken({
+        ...payload,
+        hasLogin: true,
+        expiredIn,
+        platform: 'web',
+      });
+      this.ctx.cookies.set(WEB.SIGN, token, {
+        expires: expiredIn,
         httpOnly: false,
       });
       await this.redisService.del('' + params.user_login);
@@ -70,10 +70,15 @@ export class UserController {
   async AdminAuth(@Body() params: UserAdminAuthDTO) {
     try {
       const { username, password } = params;
-      const token = createToken({ hasLogin: true });
+      const expiredIn = new Date(Date.now() + ADMIN.EXPIRED);
+      const token = createToken({
+        hasLogin: true,
+        expiredIn,
+        platform: 'admin',
+      });
       if (username === 'admin' && password === '123123') {
-        this.ctx.cookies.set(adminSign, token, {
-          expires: new Date(Date.now() + adminSignExpired),
+        this.ctx.cookies.set(ADMIN.SIGN, token, {
+          expires: expiredIn,
           httpOnly: false,
         });
         return { code: BizCode.OK };
@@ -89,7 +94,7 @@ export class UserController {
   @Get('/web/state')
   async state() {
     try {
-      const token = this.ctx.cookies.get(webSign);
+      const token = this.ctx.cookies.get(WEB.SIGN);
       const user = decodeToken(token);
       return { code: BizCode.OK, data: user };
     } catch (error) {
diff --git a/apps/server/src/middleware/auth.middleware.ts b/apps/server/src/middleware/auth.middleware.ts
index be26791..d2e5819 100644
--- a/apps/server/src/middleware/auth.middleware.ts
+++ b/apps/server/src/middleware/auth.middleware.ts
@@ -6,9 +6,9 @@ import {
 } from '@midwayjs/core';
 import { NextFunction, Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
-import { adminSign, webSign } from '../config/base.config';
+import { ADMIN, SIGN_DEADLINE, WEB } from '../config/base.config';
 import { whiteApis } from '../config/white.api';
-import { decodeToken } from '../util/encrypt';
+import { createToken, decodeToken } from '../util/encrypt';
 
 @Middleware()
 export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
@@ -19,10 +19,28 @@ export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
     return async (ctx: Context, next: NextFunction) => {
       const isWhiteApi = whiteApis.some(api => ctx.url.indexOf(api) > -1);
       if (!isWhiteApi) {
-        const token = ctx.cookies.get(adminSign) ?? ctx.cookies.get(webSign);
+        const token = ctx.cookies.get(ADMIN.SIGN) ?? ctx.cookies.get(WEB.SIGN);
         try {
-          const { hasLogin } = decodeToken(token);
+          const { hasLogin, expiredIn, platform, ...rest } = decodeToken(token);
+          // token缺少hasLogin
           if (!hasLogin) return { code: BizCode.AUTH, msg: '身份验证错误' };
+          // 续签
+          const sign = platform === 'web' ? WEB.SIGN : ADMIN.SIGN;
+          const signExpired = platform === 'web' ? WEB.EXPIRED : ADMIN.EXPIRED;
+          const timeLeft = new Date(expiredIn).getTime() - Date.now();
+          if (timeLeft < SIGN_DEADLINE) {
+            const expiredIn = new Date(Date.now() + signExpired);
+            const token = createToken({
+              hasLogin: true,
+              platform,
+              expiredIn,
+              ...rest,
+            });
+            ctx.cookies.set(sign, token, {
+              expires: expiredIn,
+              httpOnly: false,
+            });
+          }
           await next();
         } catch (error) {
           return { code: BizCode.AUTH, msg: '身份验证错误' };