Merge branch 'feat/backset.cn-dev-2.1' of ssh://git.mozzie.cn:10022/mozzie/pnpm-backset.cn into feat/backset.cn-dev-2.1

2023-03-22 10:09:28 +08:00 · 2023-03-22 10:09:28 +08:00 · f48a4498cb
commit f48a4498cb
parent c54e03144e 728c7d6ee5
6 changed files with 66 additions and 26 deletions
--- a/apps/server/src/config/base.config.ts
+++ b/apps/server/src/config/base.config.ts
@ -1,7 +1,18 @@
 export const globalPrefix = '/api/v1';
-export const adminSign = '_sign_admin';
+const hour = 60 * 60 * 1000;
 export const adminSignExpired = 60 * 1000 * 10; // 10分钟
-export const webSign = '_sign_web';
+export const ADMIN = {
-export const webSignExpired = 60 * 1000 * 100; // 10分钟
+  SIGN: '_sign_admin',
  EXPIRED: 24 * hour,
 };
 export const WEB = {
  SIGN: '_sign_web',
  EXPIRED: 72 * hour,
 };
 /**
 * 最后1小时续签
 */
 export const SIGN_DEADLINE = 1 * hour;
--- a/apps/server/src/controller/course.controller.ts
+++ b/apps/server/src/controller/course.controller.ts
@ -1,7 +1,7 @@
 import { Body, Controller, Inject, Post } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
-import { webSign } from '../config/base.config';
+import { WEB } from '../config/base.config';
 import { CourseCreateDTO } from '../dto/course.dto';
 import { ChapterService } from '../service/chapter.service';
 import { CourseService } from '../service/course.service';
@ -61,7 +61,7 @@ export class CourseController {
  async selectDetailByCourseId(@Body() params) {
    const { course_id } = params;
    try {
-      const token = this.ctx.cookies.get(webSign);
+      const token = this.ctx.cookies.get(WEB.SIGN);
      const { user_login } = decodeToken(token);
      const user = await this.userService.select({ user_login });
      // 用户订阅鉴权
--- a/apps/server/src/controller/user.controller.ts
+++ b/apps/server/src/controller/user.controller.ts
@ -1,12 +1,6 @@
 import { Body, Controller, Get, Inject, Post } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
 import {
  adminSign,
  adminSignExpired,
  webSign,
  webSignExpired,
 } from '../config/base.config';
 import { UserAdminAuthDTO, UserWebAuthDTO } from '../dto/user.dto';
 import { XCodeService } from '../service/xcode.service';
 import { UserService } from '../service/user.service';
@ -15,7 +9,7 @@ import { SmsService } from '../service/sms.service';
 import { SmsDTO } from '../dto/sms.dto';
 import { RedisService } from '@midwayjs/redis';
 import * as CryptoJS from 'crypto-js';
-
+import { ADMIN, WEB } from '../config/base.config';
@Controller('/user')
 export class UserController {
  @Inject()
@ -46,9 +40,15 @@ export class UserController {
      const payload = userExist?.id
        ? userExist
        : await this.userService.createUser(params);
-      const token = createToken({ ...payload, hasLogin: true });
+      const expiredIn = new Date(Date.now() + WEB.EXPIRED);
-      this.ctx.cookies.set(webSign, token, {
+      const token = createToken({
-        expires: new Date(Date.now() + webSignExpired),
+        ...payload,
        hasLogin: true,
        expiredIn,
        platform: 'web',
      });
      this.ctx.cookies.set(WEB.SIGN, token, {
        expires: expiredIn,
        httpOnly: false,
      });
      await this.redisService.del('' + params.user_login);
@ -70,10 +70,15 @@ export class UserController {
  async AdminAuth(@Body() params: UserAdminAuthDTO) {
    try {
      const { username, password } = params;
-      const token = createToken({ hasLogin: true });
+      const expiredIn = new Date(Date.now() + ADMIN.EXPIRED);
      const token = createToken({
        hasLogin: true,
        expiredIn,
        platform: 'admin',
      });
      if (username === 'admin' && password === '123123') {
-        this.ctx.cookies.set(adminSign, token, {
+        this.ctx.cookies.set(ADMIN.SIGN, token, {
-          expires: new Date(Date.now() + adminSignExpired),
+          expires: expiredIn,
          httpOnly: false,
        });
        return { code: BizCode.OK };
@ -89,7 +94,7 @@ export class UserController {
  @Get('/web/state')
  async state() {
    try {
-      const token = this.ctx.cookies.get(webSign);
+      const token = this.ctx.cookies.get(WEB.SIGN);
      const user = decodeToken(token);
      return { code: BizCode.OK, data: user };
    } catch (error) {
--- a/apps/server/src/entity/course.entity.ts
+++ b/apps/server/src/entity/course.entity.ts
@ -5,13 +5,13 @@ export class Course {
  @PrimaryColumn()
  course_id?: string;
-  @Column({ unique: true })
+  @Column({ type: 'varchar' })
  course_title?: string;
  @Column({ type: 'text' })
  course_summary?: string;
-  @Column({ length: 1000 })
+  @Column()
  course_cover_url?: string;
  @Column({ default: 1 })
--- a/apps/server/src/middleware/auth.middleware.ts
+++ b/apps/server/src/middleware/auth.middleware.ts
@ -6,9 +6,9 @@ import {
 } from '@midwayjs/core';
 import { NextFunction, Context } from '@midwayjs/koa';
 import { BizCode } from '../biz/code';
-import { adminSign, webSign } from '../config/base.config';
+import { ADMIN, SIGN_DEADLINE, WEB } from '../config/base.config';
 import { whiteApis } from '../config/white.api';
-import { decodeToken } from '../util/encrypt';
+import { createToken, decodeToken } from '../util/encrypt';
@Middleware()
 export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
@ -19,10 +19,28 @@ export class AuthMiddleware implements IMiddleware<Context, NextFunction> {
    return async (ctx: Context, next: NextFunction) => {
      const isWhiteApi = whiteApis.some(api => ctx.url.indexOf(api) > -1);
      if (!isWhiteApi) {
-        const token = ctx.cookies.get(adminSign) ?? ctx.cookies.get(webSign);
+        const token = ctx.cookies.get(ADMIN.SIGN) ?? ctx.cookies.get(WEB.SIGN);
        try {
-          const { hasLogin } = decodeToken(token);
+          const { hasLogin, expiredIn, platform, ...rest } = decodeToken(token);
          // token缺少hasLogin
          if (!hasLogin) return { code: BizCode.AUTH, msg: '身份验证错误' };
          // 续签
          const sign = platform === 'web' ? WEB.SIGN : ADMIN.SIGN;
          const signExpired = platform === 'web' ? WEB.EXPIRED : ADMIN.EXPIRED;
          const timeLeft = new Date(expiredIn).getTime() - Date.now();
          if (timeLeft < SIGN_DEADLINE) {
            const expiredIn = new Date(Date.now() + signExpired);
            const token = createToken({
              hasLogin: true,
              platform,
              expiredIn,
              ...rest,
            });
            ctx.cookies.set(sign, token, {
              expires: expiredIn,
              httpOnly: false,
            });
          }
          await next();
        } catch (error) {
          return { code: BizCode.AUTH, msg: '身份验证错误' };
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -13,6 +13,12 @@ services:
      MYSQL_PASSWORD: backset
      MYSQL_ROOT_PASSWORD: root
      MYSQL_TCP_PORT: 3307
      TZ: Asia/Shanghai
      LANG: C.UTF-8
    command: [
      '--character-set-server=utf8mb4',
      '--collation-server=utf8mb4_general_ci'
    ]
    volumes:
      - /www/wwwroot/backset/mysql/conf/my.cnf:/etc/mysql/conf.d/mysqld.cnf
      - /www/wwwroot/backset/mysql/data:/var/lib/mysql