back

60814cd2 · 姜登 · 9f5c4e68 · 60814cd2 · 60814cd2 · 60814cd2
Commit 60814cd2 authored Apr 21, 2020 by 姜登
15 changed files
--- a/app/controller/account.js
+++ b/app/controller/account.js
+'use strict';
+
+const Controller = require('egg').Controller;
+
+class AccountController extends Controller {
+
+    constructor(ctx) {
+        super(ctx);
+    }
+
+    async home() {
+
+    }
+
+    async analyse() {
+
+    }
+
+    async analyseDownload() {
+
+    }
+}
+
+module.exports = AccountController;
--- a/app/controller/user.js
+++ b/app/controller/user.js
@@ -42,6 +42,16 @@ class UserController extends Controller {
        type: 'string',
      },
    };
+    this.loginRule = {
+      passport: {
+        required: true,
+        type: 'string'
+      },
+      password: {
+        required: true,
+        type: 'string'
+      },
+    }
  }
  async index() {
    const { ctx, service } = this;
@@ -71,7 +81,6 @@ class UserController extends Controller {
    ctx.success({ data: accountData, total, ...ctx.pagination });
  }

-
  async update() {
    const { ctx, service } = this;
    ctx.validate(this.updateRule, ctx.request.body);
@@ -91,6 +100,27 @@ class UserController extends Controller {
    ctx.success(ret);
  }

+  async login() {
+    const { service, ctx } = this;
+    const input_params = ctx.request.body;
+    ctx.validate(this.loginRule, input_params);
+    const user = await service.user.findOne('Account', { account: input_params.passport }, ['user_id', 'password']);
+    if (!user || user.password !== input_params.password) {
+      ctx.throw(400, '用户名、密码错误');
+    }
+    const token = await service.jwt.apply({ user_id: user.user_id });
+    ctx.body = { token };
+  }
+
+  async logout() {
+    const { service, ctx } = this;
+    await service.jwt.del_token(ctx.token);
+    ctx.body = { "msg": "登出成功" };
+  }
+
+  async changePwd() {
+
+  }
 }

 module.exports = UserController;
--- a/app/middleware/authInit.js
+++ b/app/middleware/authInit.js
+'uses strict';
+
+module.exports = () => {
+    return async (ctx, next) => {
+        const token = ctx.request.get('authorization').replace(/Bearer /, '') || '';
+
+        if (!token) {
+            ctx.throw(400, 'jwt failed');
+        }
+        const token_data = await ctx.service.jwt.decode_token(token);
+        const token_black = await ctx.app.memcache.get('yizhi_server_token' + token_data.data.user_id);
+        // ctx.logger.info('【token_black：】', token_black, token);
+        if (token_black) ctx.app.logger.info('【sso token black：】', token_black, token);
+        // if (token_black === token) {
+        //     ctx.failed('token 已失效');
+        // }
+        ctx.token = token || '';
+        ctx.userId = token_data.data.user_id || '';
+        ctx.logger.info('userId:', ctx.userId);
+        next();
+    }
+}
\ No newline at end of file
--- a/app/middleware/errorHandler.js
+++ b/app/middleware/errorHandler.js
@@ -8,7 +8,7 @@ module.exports = () => {
      // 所有的异常都在 app 上触发一个 error 事件，框架会记录一条错误日志
      ctx.app.emit('error', err, ctx);

-      const status = err.status || 500;
+      let status = err.status || 500;
      // 生产环境时 500 错误的详细错误内容不返回给客户端，因为可能包含敏感信息
      // const error = status === 500 && ctx.app.config.env === 'prod'
      //   ? 'Internal Server Error'
@@ -19,6 +19,7 @@ module.exports = () => {
      // 从 error 对象上读出各个属性，设置到响应中
      ctx.body = { error };
      if (status === 422) {
+        status = 400;
        ctx.body.detail = err.errors;
      }
      ctx.status = status;

--- a/app/middleware/requestLog.js
+++ b/app/middleware/requestLog.js
@@ -16,33 +16,6 @@ module.exports = (options, app) => {
        request.originalUrl
      } ${ctx.response.status}`
    );
-    // const userId = ctx.user && ctx.user.id ? ctx.user.id : '';
-    // const userName = ctx.user && ctx.user.name ? ctx.user.name : '';
-    // const ip = ctx.ip && ctx.ip.split(':').pop() || '';
-    // const log = {
-    //   ip,
-    //   method: ctx.method,
-    //   request: ctx.url.split('?')[0],
-    //   time: ms,
-    //   user: userName,
-    //   created_by: userId,
-    // };
-    // ctx.service.system.requestLog.create(log);
-    // const changeMethod = [ 'PUT', 'POST', 'DELETE'];
-    // if (changeMethod.includes(ctx.method) && userId) {
-    //   const changeLog = {
-    //     ip,
-    //     method: ctx.method,
-    //     request: ctx.url.split('?')[0],
-    //     time: ms,
-    //     user: userName,
-    //     params: ctx.request.body || {},
-    //     status: ctx.response.status,
-    //     respone: ctx.body || {},
-    //     created_by: userId,
-    //   };
-    //   ctx.service.system.requestChangeLog.create(changeLog);
-    // }

  };
 };
--- a/app/model/yizhi/account.js
+++ b/app/model/yizhi/account.js
@@ -16,6 +16,11 @@ module.exports = app => {
      allowNull: true,
      field: 'account',
    },
+    password: {
+      type: DataTypes.STRING(50),
+      allowNull: true,
+      field: 'password',
+    },
    name: {
      type: DataTypes.STRING(50),
      allowNull: true,

--- a/app/router.js
+++ b/app/router.js
@@ -11,4 +11,5 @@ module.exports = app => {
  router.resources('/price', controller.price); // 价格明细
  router.resources('/recharge', controller.recharge); // 充值信息
  router.resources('/remission', controller.remission); // 减免信息
+  
 };
--- a/app/router/account.js
+++ b/app/router/account.js
+'use strict';
+
+/**
+ * @param {Egg.Application} app - egg application
+ */
+module.exports = app => {
+  const { controller } = app;
+  const router = app.router.namespace(app.config.projectRootPath + '/account');
+  router.get('/home', controller.account.home); // 合作方首页信息
+  router.get('/analyse', controller.account.analyse); // 调用明细
+  router.put('/analyse/download', controller.account.analyseDownload); // 调用明细下载
+  
+};
--- a/app/router/user.js
+++ b/app/router/user.js
+'use strict';
+
+/**
+ * @param {Egg.Application} app - egg application
+ */
+module.exports = app => {
+  const { controller } = app;
+  const router = app.router.namespace(app.config.projectRootPath + '/user');
+  router.post('/login', controller.user.login); // 用户登录
+  router.delete('/logout', controller.user.logout); // 用户登出
+  router.put('/password', controller.user.changePwd); // 修改密码
+  
+};
--- a/app/service/jwt.js
+++ b/app/service/jwt.js
+'use strict';
+
+const Service = require('egg').Service;
+
+class JwtService extends Service {
+
+    async apply(data) {
+        const { ctx } = this;
+        const exp = Math.round(new Date().getTime() / 1000) + ctx.app.config.jwtExp;
+        const secret = ctx.app.config.jwt.secret;
+        const auth_token = ctx.app.jwt.sign(
+            {
+                data,
+                exp,
+            },
+            secret
+        );
+        return auth_token;
+    }
+
+    async decode_token(token) {
+        const { ctx } = this;
+        return ctx.app.jwt.decode(token, ctx.app.config.jwt.secret);
+    }
+
+    async del_token(token) {
+        // 用户登出时将token放到黑名单：置为无效
+        const { app, config } = this;
+        const token_data = await this.decode_token(token);
+        const { user_id } = token_data.data;
+        await app.memcache.set('yizhi_server_token' + user_id, token, config.jwtExp);
+        return true;
+    }
+}
+
+module.exports = JwtService;
\ No newline at end of file
--- a/app/service/user.js
+++ b/app/service/user.js
@@ -71,5 +71,13 @@ class UserService extends Service {
    await ret.update(params);
  }

+  async findOne(type, where, attributes) {
+    const { ctx } = this;
+    return await ctx.yizhiModel[type].findOne({
+      attributes,
+      where,
+    });
+  }
+
 }
 module.exports = UserService;
--- a/config/config.default.js
+++ b/config/config.default.js
@@ -12,18 +12,46 @@ module.exports = appInfo => {
   **/
  const config = exports = {};

+  config.projectRootPath = '/yizhi_server/api';
+
  // use for cookie sign key, should change to your own and keep security
  config.keys = appInfo.name + '_1559722467295_3512';

-  config.projectRootPath = '/yizhi_server/api';
+  config.jwtExp = 60 * 60 * 24 * 30;

  // add your middleware config here
  config.middleware = [
    'requestLog',
    'errorHandler',
+    'authInit',
    'pagination',
  ];

+  config.authInit = {
+    ignore: [
+      '/yizhi_server/api/price',
+      '/yizhi_server/api/account',
+      '/yizhi_server/api/user_service',
+      '/yizhi_server/api/recharge',
+      '/yizhi_server/api/remission',
+      '/yizhi_server/api/user/login'
+    ],
+  }
+
+  config.jwt = {
+    secret: 'yizhi_secret',
+    exp: Math.floor(Date.now() / 1000) + 60 * 60 * 24 * 30,
+    enable: true, // default is false
+    ignore: [
+      '/yizhi_server/api/price',
+      '/yizhi_server/api/account',
+      '/yizhi_server/api/user_service',
+      '/yizhi_server/api/recharge',
+      '/yizhi_server/api/remission',
+      '/yizhi_server/api/user/login'
+    ],
+  };
+
  config.cors = {
    origin: '*',
    allowMethods: 'GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS',

--- a/config/config.local.js
+++ b/config/config.local.js
@@ -24,6 +24,15 @@ module.exports = () => {
    }],
  };

+  config.redis = {
+    client: {
+      port: 6379,
+      host: '127.0.0.1',
+      password: 'DEV8redis',
+      db: 0,
+    },
+  };
+
  config.userInfoUrl = 'https://uat-nginx.jianbing.com/cms_api/session';

  return config;

--- a/config/plugin.js
+++ b/config/plugin.js
@@ -27,4 +27,13 @@ module.exports = {
    enable: true,
    package: 'egg-validate',
  },
+
+  jwt: {
+    enable: true,
+    package: 'egg-jwt',
+  },
+  redis: {
+    enable: true,
+    package: 'egg-redis'
+  }
 };
--- a/package.json
+++ b/package.json
@@ -6,7 +6,9 @@
  "dependencies": {
    "egg": "^2.2.1",
    "egg-cors": "^2.2.0",
+    "egg-jwt": "^3.1.2",
    "egg-mysql": "^3.0.0",
+    "egg-redis": "^2.0.0",
    "egg-router-plus": "^1.3.0",
    "egg-scripts": "^2.5.0",
    "egg-sequelize": "^4.1.0",