feat: token续签

This commit is contained in:
mozzie 2023-03-21 21:47:03 +08:00
parent 6919433b39
commit 25a07b9f0e
4 changed files with 58 additions and 24 deletions

View File

@ -1,7 +1,18 @@
export const globalPrefix = '/api/v1'; export const globalPrefix = '/api/v1';
export const adminSign = '_sign_admin'; const hour = 60 * 60 * 1000;
export const adminSignExpired = 60 * 1000 * 10; // 10分钟
export const webSign = '_sign_web'; export const ADMIN = {
export const webSignExpired = 60 * 1000 * 100; // 10分钟 SIGN: '_sign_admin',
EXPIRED: 24 * hour,
};
export const WEB = {
SIGN: '_sign_web',
EXPIRED: 72 * hour,
};
/**
* 1
*/
export const SIGN_DEADLINE = 1 * hour;

View File

@ -1,7 +1,7 @@
import { Body, Controller, Inject, Post } from '@midwayjs/core'; import { Body, Controller, Inject, Post } from '@midwayjs/core';
import { Context } from '@midwayjs/koa'; import { Context } from '@midwayjs/koa';
import { BizCode } from '../biz/code'; import { BizCode } from '../biz/code';
import { webSign } from '../config/base.config'; import { WEB } from '../config/base.config';
import { CourseCreateDTO } from '../dto/course.dto'; import { CourseCreateDTO } from '../dto/course.dto';
import { ChapterService } from '../service/chapter.service'; import { ChapterService } from '../service/chapter.service';
import { CourseService } from '../service/course.service'; import { CourseService } from '../service/course.service';
@ -61,7 +61,7 @@ export class CourseController {
async selectDetailByCourseId(@Body() params) { async selectDetailByCourseId(@Body() params) {
const { course_id } = params; const { course_id } = params;
try { try {
const token = this.ctx.cookies.get(webSign); const token = this.ctx.cookies.get(WEB.SIGN);
const { user_login } = decodeToken(token); const { user_login } = decodeToken(token);
const user = await this.userService.select({ user_login }); const user = await this.userService.select({ user_login });
// 用户订阅鉴权 // 用户订阅鉴权

View File

@ -1,12 +1,6 @@
import { Body, Controller, Get, Inject, Post } from '@midwayjs/core'; import { Body, Controller, Get, Inject, Post } from '@midwayjs/core';
import { Context } from '@midwayjs/koa'; import { Context } from '@midwayjs/koa';
import { BizCode } from '../biz/code'; import { BizCode } from '../biz/code';
import {
adminSign,
adminSignExpired,
webSign,
webSignExpired,
} from '../config/base.config';
import { UserAdminAuthDTO, UserWebAuthDTO } from '../dto/user.dto'; import { UserAdminAuthDTO, UserWebAuthDTO } from '../dto/user.dto';
import { XCodeService } from '../service/xcode.service'; import { XCodeService } from '../service/xcode.service';
import { UserService } from '../service/user.service'; import { UserService } from '../service/user.service';
@ -15,7 +9,7 @@ import { SmsService } from '../service/sms.service';
import { SmsDTO } from '../dto/sms.dto'; import { SmsDTO } from '../dto/sms.dto';
import { RedisService } from '@midwayjs/redis'; import { RedisService } from '@midwayjs/redis';
import * as CryptoJS from 'crypto-js'; import * as CryptoJS from 'crypto-js';
import { ADMIN, WEB } from '../config/base.config';
@Controller('/user') @Controller('/user')
export class UserController { export class UserController {
@Inject() @Inject()
@ -46,9 +40,15 @@ export class UserController {
const payload = userExist?.id const payload = userExist?.id
? userExist ? userExist
: await this.userService.createUser(params); : await this.userService.createUser(params);
const token = createToken({ ...payload, hasLogin: true }); const expiredIn = new Date(Date.now() + WEB.EXPIRED);
this.ctx.cookies.set(webSign, token, { const token = createToken({
expires: new Date(Date.now() + webSignExpired), ...payload,
hasLogin: true,
expiredIn,
platform: 'web',
});
this.ctx.cookies.set(WEB.SIGN, token, {
expires: expiredIn,
httpOnly: false, httpOnly: false,
}); });
await this.redisService.del('' + params.user_login); await this.redisService.del('' + params.user_login);
@ -70,10 +70,15 @@ export class UserController {
async AdminAuth(@Body() params: UserAdminAuthDTO) { async AdminAuth(@Body() params: UserAdminAuthDTO) {
try { try {
const { username, password } = params; const { username, password } = params;
const token = createToken({ hasLogin: true }); const expiredIn = new Date(Date.now() + ADMIN.EXPIRED);
const token = createToken({
hasLogin: true,
expiredIn,
platform: 'admin',
});
if (username === 'admin' && password === '123123') { if (username === 'admin' && password === '123123') {
this.ctx.cookies.set(adminSign, token, { this.ctx.cookies.set(ADMIN.SIGN, token, {
expires: new Date(Date.now() + adminSignExpired), expires: expiredIn,
httpOnly: false, httpOnly: false,
}); });
return { code: BizCode.OK }; return { code: BizCode.OK };
@ -89,7 +94,7 @@ export class UserController {
@Get('/web/state') @Get('/web/state')
async state() { async state() {
try { try {
const token = this.ctx.cookies.get(webSign); const token = this.ctx.cookies.get(WEB.SIGN);
const user = decodeToken(token); const user = decodeToken(token);
return { code: BizCode.OK, data: user }; return { code: BizCode.OK, data: user };
} catch (error) { } catch (error) {

View File

@ -6,9 +6,9 @@ import {
} from '@midwayjs/core'; } from '@midwayjs/core';
import { NextFunction, Context } from '@midwayjs/koa'; import { NextFunction, Context } from '@midwayjs/koa';
import { BizCode } from '../biz/code'; import { BizCode } from '../biz/code';
import { adminSign, webSign } from '../config/base.config'; import { ADMIN, SIGN_DEADLINE, WEB } from '../config/base.config';
import { whiteApis } from '../config/white.api'; import { whiteApis } from '../config/white.api';
import { decodeToken } from '../util/encrypt'; import { createToken, decodeToken } from '../util/encrypt';
@Middleware() @Middleware()
export class AuthMiddleware implements IMiddleware<Context, NextFunction> { export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
@ -19,10 +19,28 @@ export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
return async (ctx: Context, next: NextFunction) => { return async (ctx: Context, next: NextFunction) => {
const isWhiteApi = whiteApis.some(api => ctx.url.indexOf(api) > -1); const isWhiteApi = whiteApis.some(api => ctx.url.indexOf(api) > -1);
if (!isWhiteApi) { if (!isWhiteApi) {
const token = ctx.cookies.get(adminSign) ?? ctx.cookies.get(webSign); const token = ctx.cookies.get(ADMIN.SIGN) ?? ctx.cookies.get(WEB.SIGN);
try { try {
const { hasLogin } = decodeToken(token); const { hasLogin, expiredIn, platform, ...rest } = decodeToken(token);
// token缺少hasLogin
if (!hasLogin) return { code: BizCode.AUTH, msg: '身份验证错误' }; if (!hasLogin) return { code: BizCode.AUTH, msg: '身份验证错误' };
// 续签
const sign = platform === 'web' ? WEB.SIGN : ADMIN.SIGN;
const signExpired = platform === 'web' ? WEB.EXPIRED : ADMIN.EXPIRED;
const timeLeft = new Date(expiredIn).getTime() - Date.now();
if (timeLeft < SIGN_DEADLINE) {
const expiredIn = new Date(Date.now() + signExpired);
const token = createToken({
hasLogin: true,
platform,
expiredIn,
...rest,
});
ctx.cookies.set(sign, token, {
expires: expiredIn,
httpOnly: false,
});
}
await next(); await next();
} catch (error) { } catch (error) {
return { code: BizCode.AUTH, msg: '身份验证错误' }; return { code: BizCode.AUTH, msg: '身份验证错误' };