mozzie/web-backset.cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
575a0c4fa2
web-backset.cn/apps/server/src/controller/user.controller.ts
mozzie 17c04dc616 fix: sms bug
2023-03-25 20:41:00 +08:00

155 lines
4.8 KiB
TypeScript
Raw Blame History

import { Body, Controller, Get, Inject, Post } from '@midwayjs/core';
import { Context } from '@midwayjs/koa';
import { BizCode } from '../biz/code';
import { UserAdminAuthDTO, UserWebAuthDTO } from '../dto/user.dto';
import { XCodeService } from '../service/xcode.service';
import { UserService } from '../service/user.service';
import { createToken, decodeToken } from '../util/encrypt';
import { SmsService } from '../service/sms.service';
import { SmsDTO } from '../dto/sms.dto';
import { RedisService } from '@midwayjs/redis';
import * as CryptoJS from 'crypto-js';
import { ADMIN, WEB } from '../config/base.config';
import { User } from '../entity/user.entity';
@Controller('/user')
export class UserController {
@Inject()
ctx: Context;
@Inject()
userService: UserService;
@Inject()
xcodeService: XCodeService;
@Inject()
smsService: SmsService;
@Inject()
redisService: RedisService;
/**
* 用户前台登录
*/
@Post('/web/auth')
async webAuth(@Body() params: UserWebAuthDTO) {
try {
const verifyCode = await this.redisService.get('' + params.user_login);
if (!verifyCode) return { code: BizCode.ERROR, msg: '验证码无效' };
// 查询用户是否存在
const userExist = await this.userService.select(params);
// 用户是否被封号
if (!userExist?.user_status)
return { code: BizCode.FORBID, msg: '您的账号被封禁' };
const payload = userExist?.id
? userExist
: await this.userService.createUser(params);
const expiredIn = new Date(Date.now() + WEB.EXPIRED);
const token = createToken({
...payload,
hasLogin: true,
expiredIn,
platform: 'web',
});
this.ctx.cookies.set(WEB.SIGN, token, {
expires: expiredIn,
httpOnly: false,
});
await this.redisService.del('' + params.user_login);
return {
code: BizCode.OK,
msg: '欢迎来到 backset.cn',
data: { ...payload },
};
} catch (error) {
this.ctx.logger.error(error);
return { code: BizCode.ERROR, msg: '[error] web/auth error' };
}
}
/**
* 管理员登录
*/
@Post('/admin/auth')
async AdminAuth(@Body() params: UserAdminAuthDTO) {
try {
const { username, password } = params;
const expiredIn = new Date(Date.now() + ADMIN.EXPIRED);
const token = createToken({
hasLogin: true,
expiredIn,
platform: 'admin',
});
if (username === 'admin' && password === '123123') {
this.ctx.cookies.set(ADMIN.SIGN, token, {
expires: expiredIn,
httpOnly: false,
});
return { code: BizCode.OK };
} else {
return { code: BizCode.ERROR, msg: '用户名密码错误' };
}
} catch (error) {
this.ctx.logger.error(error);
return { code: BizCode.ERROR, msg: error };
}
}
@Get('/web/state')
async state() {
try {
const token = this.ctx.cookies.get(WEB.SIGN);
const user = decodeToken(token);
const { user_login } = user;
// 查询用户是否被封号
const user_current = await this.userService.select({ user_login });
const { user_status } = user_current;
if (!user_status) return { code: BizCode.FORBID, msg: '您的账号被封禁' };
return { code: BizCode.OK, data: user };
} catch (error) {
this.ctx.logger.error(error);
return { code: BizCode.ERROR, msg: '[error] /web/state error' };
}
}
@Post('/web/sms')
async verifyCode(@Body() params: SmsDTO) {
try {
const { phoneNumber: phoneNumbers, sign } = params;
// 查询手机号是否被封禁
const user = await this.userService.select({ user_login: phoneNumbers });
if (user && !user.user_status)
return { code: BizCode.FORBID, msg: '您的账号被封禁' };
// 防止接口调用 start
const decrypted = CryptoJS.AES.decrypt(sign, phoneNumbers);
const hackAction = decrypted.toString(CryptoJS.enc.Utf8) !== phoneNumbers;
if (hackAction) return { code: BizCode.ERROR, msg: 'fuck u' };
// 防止接口调用 end
const code = Math.floor(Math.random() * 9000 + 1000);
await this.redisService.set('' + phoneNumbers, code, 'EX', 60);
await this.smsService.send({ code, phoneNumbers });
return { code: BizCode.OK };
} catch (error) {
this.ctx.logger.error(error);
return { code: BizCode.ERROR, msg: '[error] /web/sms error' };
}
}
@Post('/admin/select/all')
async selectUser() {
const data = await this.userService.selectAll();
return { code: BizCode.OK, data };
}
@Post('/admin/update')
async updateUser(@Body() user: User) {
try {
await this.userService.update(user);
return { code: BizCode.OK };
} catch (error) {
this.ctx.logger.error(error);
return { code: BizCode.ERROR, msg: error };
}
}
}
Reference in New Issue View Git Blame Copy Permalink