perf: 支持短信验证码登录

packages/ui/certd-server/src/controller/basic/code-controller.ts

@@ -1,14 +1,12 @@
 import { Rule, RuleType } from '@midwayjs/validate';
-import { ALL, Inject } from '@midwayjs/core';
-import { Body } from '@midwayjs/core';
-import { Controller, Post, Provide } from '@midwayjs/core';
-import { BaseController } from '@certd/lib-server';
+import { ALL, Body, Controller, Get, Inject, Post, Provide, Query } from '@midwayjs/core';
+import { BaseController, Constants } from '@certd/lib-server';
 import { CodeService } from '../../modules/basic/service/code-service.js';
 import { EmailService } from '../../modules/basic/service/email-service.js';
-import { Constants } from '@certd/lib-server';
+
 export class SmsCodeReq {
-  @Rule(RuleType.number().required())
-  phoneCode: number;
+  @Rule(RuleType.string().required())
+  phoneCode: string;
 
   @Rule(RuleType.string().required())
   mobile: string;
@@ -16,7 +14,18 @@ export class SmsCodeReq {
   @Rule(RuleType.string().required().max(10))
   randomStr: string;
 
-  @Rule(RuleType.number().required().max(4))
+  @Rule(RuleType.string().required().max(4))
+  imgCode: string;
+}
+
+export class EmailCodeReq {
+  @Rule(RuleType.string().required())
+  email: string;
+
+  @Rule(RuleType.string().required().max(10))
+  randomStr: string;
+
+  @Rule(RuleType.string().required().max(4))
   imgCode: string;
 }
 
@@ -32,21 +41,30 @@ export class BasicController extends BaseController {
   emailService: EmailService;
 
   @Post('/sendSmsCode', { summary: Constants.per.guest })
-  public sendSmsCode(
+  public async sendSmsCode(
     @Body(ALL)
     body: SmsCodeReq
   ) {
+    await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
+    await this.codeService.sendSmsCode(body.phoneCode, body.mobile, body.randomStr);
+    return this.ok(null);
+  }
+
+  @Post('/sendEmailCode', { summary: Constants.per.guest })
+  public async sendEmailCode(
+    @Body(ALL)
+    body: EmailCodeReq
+  ) {
+    await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
+    await this.codeService.sendEmailCode(body.email, body.randomStr);
     // 设置缓存内容
     return this.ok(null);
   }
 
-  @Post('/captcha', { summary: Constants.per.guest })
-  public async getCaptcha(
-    @Body()
-    randomStr
-  ) {
-    console.assert(randomStr < 10, 'randomStr 过长');
+  @Get('/captcha', { summary: Constants.per.guest })
+  public async getCaptcha(@Query('randomStr') randomStr: any) {
     const captcha = await this.codeService.generateCaptcha(randomStr);
-    return this.ok(captcha.data);
+    this.ctx.res.setHeader('Content-Type', 'image/svg+xml');
+    return captcha.data;
   }
 }

packages/ui/certd-server/src/controller/login/login-controller.ts

@@ -1,7 +1,7 @@
-import { Body, Controller, Inject, Post, Provide, ALL } from '@midwayjs/core';
+import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
 import { LoginService } from '../../modules/login/service/login-service.js';
-import { BaseController } from '@certd/lib-server';
-import { Constants } from '@certd/lib-server';
+import { BaseController, Constants, SysPublicSettings, SysSettingsService } from '@certd/lib-server';
+import { CodeService } from '../../modules/basic/service/code-service.js';
 
 /**
  */
@@ -10,13 +10,23 @@ import { Constants } from '@certd/lib-server';
 export class LoginController extends BaseController {
   @Inject()
   loginService: LoginService;
+  @Inject()
+  codeService: CodeService;
+
+  @Inject()
+  sysSettingsService: SysSettingsService;
+
   @Post('/login', { summary: Constants.per.guest })
   public async login(
     @Body(ALL)
     user: any
   ) {
-    const token = await this.loginService.login(user);
+    const settings = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
+    if (settings.passwordLoginEnabled === false) {
+      throw new Error('当前站点已禁止密码登录');
+    }
 
+    const token = await this.loginService.loginByPassword(user);
     this.ctx.cookies.set('token', token.token, {
       maxAge: 1000 * token.expire,
     });
@@ -29,7 +39,17 @@ export class LoginController extends BaseController {
     @Body(ALL)
     body: any
   ) {
-    const token = await this.loginService.loginBySmsCode(body);
+    const settings = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
+    if (settings.smsLoginEnabled !== true) {
+      throw new Error('当前站点禁止短信验证码登录');
+    }
+
+    const token = await this.loginService.loginBySmsCode({
+      phoneCode: body.phoneCode,
+      mobile: body.mobile,
+      smsCode: body.smsCode,
+      randomStr: body.randomStr,
+    });
 
     this.ctx.cookies.set('token', token.token, {
       maxAge: 1000 * token.expire,

packages/ui/certd-server/src/controller/login/register-controller.ts

@@ -1,9 +1,20 @@
 import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
-import { BaseController } from '@certd/lib-server';
-import { Constants } from '@certd/lib-server';
-import { UserService } from '../../modules/sys/authority/service/user-service.js';
-import { UserEntity } from '../../modules/sys/authority/entity/user.js';
-import { SysSettingsService } from '@certd/lib-server';
+import { BaseController, Constants, SysSettingsService } from '@certd/lib-server';
+import { RegisterType, UserService } from '../../modules/sys/authority/service/user-service.js';
+import { CodeService } from '../../modules/basic/service/code-service.js';
+
+export type RegisterReq = {
+  type: RegisterType;
+  username: string;
+  password: string;
+  mobile: string;
+  email: string;
+  phoneCode?: string;
+
+  validateCode: string;
+  imageCode: string;
+  randomStr: string;
+};
 
 /**
  */
@@ -12,6 +23,8 @@ import { SysSettingsService } from '@certd/lib-server';
 export class RegisterController extends BaseController {
   @Inject()
   userService: UserService;
+  @Inject()
+  codeService: CodeService;
 
   @Inject()
   sysSettingsService: SysSettingsService;
@@ -19,13 +32,55 @@ export class RegisterController extends BaseController {
   @Post('/register', { summary: Constants.per.guest })
   public async register(
     @Body(ALL)
-    user: UserEntity
+    body: RegisterReq
   ) {
     const sysPublicSettings = await this.sysSettingsService.getPublicSettings();
     if (sysPublicSettings.registerEnabled === false) {
       throw new Error('当前站点已禁止自助注册功能');
     }
-    const newUser = await this.userService.register(user);
-    return this.ok(newUser);
+
+    if (body.type === 'username') {
+      if (sysPublicSettings.usernameRegisterEnabled) {
+        throw new Error('当前站点已禁止用户名注册功能');
+      }
+      const newUser = await this.userService.register(body.type, {
+        username: body.username,
+        password: body.password,
+      } as any);
+      return this.ok(newUser);
+    } else if (body.type === 'mobile') {
+      if (sysPublicSettings.mobileRegisterEnabled) {
+        throw new Error('当前站点已禁止手机号注册功能');
+      }
+      //验证短信验证码
+      await this.codeService.checkSmsCode({
+        mobile: body.mobile,
+        phoneCode: body.phoneCode,
+        smsCode: body.validateCode,
+        randomStr: body.randomStr,
+        throwError: true,
+      });
+      const newUser = await this.userService.register(body.type, {
+        phoneCode: body.phoneCode,
+        mobile: body.mobile,
+        password: body.password,
+      } as any);
+      return this.ok(newUser);
+    } else if (body.type === 'email') {
+      if (sysPublicSettings.emailRegisterEnabled === false) {
+        throw new Error('当前站点已禁止Email注册功能');
+      }
+      this.codeService.checkEmailCode({
+        email: body.email,
+        randomStr: body.randomStr,
+        validateCode: body.validateCode,
+        throwError: true,
+      });
+      const newUser = await this.userService.register(body.type, {
+        email: body.email,
+        password: body.password,
+      } as any);
+      return this.ok(newUser);
+    }
   }
 }