lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-05-16 21:27:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

perf: 多重认证登录

Browse Source
This commit is contained in:
xiaojunnuo
2025-04-17 00:06:49 +08:00
parent 8786bae7dc
commit 0f82cf409b
12 changed files with 453 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/modules/mine/service/two-factor-service.ts
+62
View File
@@ -0,0 +1,62 @@
import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
import { UserSettingsService } from "./user-settings-service.js";
import { UserTwoFactorSetting } from "./models.js";
import { utils } from "@certd/basic";
import { UserService } from "../../sys/authority/service/user-service.js";
/**
* 授权
*/
@Provide()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
export class TwoFactorService {
@Inject()
userSettingsService: UserSettingsService;
@Inject()
userService: UserService;
async getAuthenticatorQrCode(userId: any) {
const setting = await this.userSettingsService.getSetting<UserTwoFactorSetting>(userId, UserTwoFactorSetting);
const authenticator = setting.authenticator;
if (!authenticator.secret) {
authenticator.secret = utils.id.simpleNanoId(16);
await this.userSettingsService.saveSetting(userId, setting);
}
const user = await this.userService.info(userId);
const username = user.username;
const secret = authenticator.secret;
const qrcodeContent = `otpauth://totp/Certd:${username}?secret=${secret}&issuer=Certd`;
//生成qrcode base64
const qrcode = await import("qrcode");
return await qrcode.toDataURL(qrcodeContent);
}
async saveAuthenticator(req: { userId: any; verifyCode: any }) {
const userId = req.userId;
const { authenticator } = await import("otplib");
const tfSetting = await this.userSettingsService.getSetting<UserTwoFactorSetting>(userId, UserTwoFactorSetting);
const setting = tfSetting.authenticator;
if (!setting.secret) {
throw new Error("secret is required");
}
const secret = setting.secret;
const token = req.verifyCode;
const isValid = authenticator.verify({ token, secret });
if (!isValid) {
throw new Error("authenticator 校验错误");
}
//校验成功,保存开启状态
setting.enabled = true;
setting.verified = true;
await this.userSettingsService.saveSetting(userId, setting);
}
}