perf: 支持短信验证码登录

2026-04-20 17:57:41 +08:00 · 2024-11-28 17:36:45 +08:00
parent 5a20242111
commit 387bcc5fa4
28 changed files with 950 additions and 309 deletions
@@ -1,5 +1,12 @@
 import { Inject, Provide } from '@midwayjs/core';
-import { CacheManager } from '@midwayjs/cache';
+import { cache, isDev, randomNumber } from '@certd/basic';
+import { SysSettingsService } from '@certd/lib-server';
+import { SmsServiceFactory } from '../sms/factory.js';
+import { ISmsService } from '../sms/api.js';
+import { CodeErrorException } from '@certd/lib-server/dist/basic/exception/code-error-exception.js';
+import { EmailService } from './email-service.js';
+import { AccessService } from '../../pipeline/service/access-service.js';
+import { AccessSysGetter } from '../../pipeline/service/access-sys-getter.js';

 // {data: '<svg.../svg>', text: 'abcd'}
 /**
@@ -7,7 +14,12 @@ import { CacheManager } from '@midwayjs/cache';
@Provide()
 export class CodeService {
  @Inject()
-  cache: CacheManager; // 依赖注入CacheManager
+  sysSettingsService: SysSettingsService;
+  @Inject()
+  emailService: EmailService;
+
+  @Inject()
+  accessService: AccessService;

  /**
   */
@@ -17,41 +29,114 @@ export class CodeService {
    const c = svgCaptcha.create();
    //{data: '<svg.../svg>', text: 'abcd'}
    const imgCode = c.text; // = RandomUtil.randomStr(4, true);
-    await this.cache.set('imgCode:' + randomStr, imgCode, {
+    cache.set('imgCode:' + randomStr, imgCode, {
      ttl: 2 * 60 * 1000, //过期时间 2分钟
    });
    return c;
  }

  async getCaptchaText(randomStr) {
-    return await this.cache.get('imgCode:' + randomStr);
+    return cache.get('imgCode:' + randomStr);
  }

  async removeCaptcha(randomStr) {
-    await this.cache.del('imgCode:' + randomStr);
+    cache.delete('imgCode:' + randomStr);
  }

-  async checkCaptcha(randomStr, userCaptcha) {
+  async checkCaptcha(randomStr: string, userCaptcha: string) {
    const code = await this.getCaptchaText(randomStr);
    if (code == null) {
      throw new Error('验证码已过期');
    }
-    if (code !== userCaptcha) {
+    if (code.toLowerCase() !== userCaptcha.toLowerCase()) {
      throw new Error('验证码不正确');
    }
+    await this.removeCaptcha(randomStr);
    return true;
  }
  /**
   */
-  async sendSms(phoneCode, mobile, smsCode) {
+  async sendSmsCode(phoneCode, mobile, randomStr) {
    console.assert(phoneCode != null && mobile != null, '手机号不能为空');
-    console.assert(smsCode != null, '验证码不能为空');
+    console.assert(randomStr != null, 'randomStr不能为空');
+
+    const sysSettings = await this.sysSettingsService.getPrivateSettings();
+    if (!sysSettings.sms?.config?.accessId) {
+      throw new Error('当前站点还未配置短信');
+    }
+    const smsType = sysSettings.sms.type;
+    const smsConfig = sysSettings.sms.config;
+    const sender: ISmsService = SmsServiceFactory.createSmsService(smsType);
+    const accessGetter = new AccessSysGetter(this.accessService);
+    sender.setCtx({
+      accessService: accessGetter,
+      config: smsConfig,
+    });
+    const smsCode = randomNumber(4);
+    await sender.sendSmsCode({
+      mobile,
+      code: smsCode,
+      phoneCode,
+    });
+
+    const key = this.buildSmsCodeKey(phoneCode, mobile, randomStr);
+    cache.set(key, smsCode, {
+      ttl: 5 * 60 * 1000, //5分钟
+    });
  }

  /**
-   * loginBySmsCode
   */
-  async loginBySmsCode(user, smsCode) {
-    console.assert(user.mobile != null, '手机号不能为空');
+  async sendEmailCode(email: string, randomStr: string) {
+    console.assert(!email, '手机号不能为空');
+    console.assert(!randomStr, 'randomStr不能为空');
+
+    const code = randomNumber(4);
+    await this.emailService.send({
+      subject: '【Certd】验证码',
+      content: `您的验证码是${code}，请勿泄露`,
+      receivers: [email],
+    });
+
+    const key = this.buildEmailCodeKey(email, code);
+    cache.set(key, code, {
+      ttl: 5 * 60 * 1000, //5分钟
+    });
+  }
+
+  /**
+   * checkSms
+   */
+  async checkSmsCode(opts: { mobile: string; phoneCode: string; smsCode: string; randomStr: string; throwError: boolean }) {
+    const key = this.buildSmsCodeKey(opts.phoneCode, opts.mobile, opts.randomStr);
+    if (isDev()) {
+      return true;
+    }
+    return this.checkValidateCode(key, opts.smsCode, opts.throwError);
+  }
+
+  buildSmsCodeKey(phoneCode: string, mobile: string, randomStr: string) {
+    return `sms:${phoneCode}${mobile}:${randomStr}`;
+  }
+
+  buildEmailCodeKey(email: string, randomStr: string) {
+    return `email:${email}:${randomStr}`;
+  }
+  checkValidateCode(key: string, userCode: string, throwError = true) {
+    //验证图片验证码
+    const code = cache.get(key);
+    if (code == null || code !== userCode) {
+      if (throwError) {
+        throw new CodeErrorException('验证码错误');
+      }
+      return false;
+    }
+    cache.delete(key);
+    return true;
+  }
+
+  checkEmailCode(opts: { randomStr: string; validateCode: string; email: string; throwError: boolean }) {
+    const key = this.buildEmailCodeKey(opts.email, opts.randomStr);
+    return this.checkValidateCode(key, opts.validateCode, opts.throwError);
  }
 }
@@ -91,7 +91,6 @@ export class EmailService implements IEmailService {

  async test(userId: number, receiver: string) {
    await this.send({
-      userId,
      receivers: [receiver],
      subject: '测试邮件,from certd',
      content: '测试邮件,from certd',
@@ -0,0 +1,68 @@
+import { AliyunAccess, AliyunClient } from '@certd/plugin-plus';
+import { logger } from '@certd/basic';
+import { ISmsService, PluginInputs, SmsPluginCtx } from './api.js';
+export type AliyunSmsConfig = {
+  accessId: string;
+  regionId: string;
+  signName: string;
+  codeTemplateId: string;
+};
+
+export class AliyunSmsService implements ISmsService {
+  static getDefine() {
+    return {
+      name: 'aliyun-sms',
+      desc: '阿里云短信服务',
+      input: {
+        accessId: {
+          title: '阿里云授权',
+          component: {
+            name: 'access-selector',
+            from: 'aliyun',
+          },
+          required: true,
+        },
+        regionId: {
+          title: '接入点',
+          required: true,
+        },
+        signName: {
+          title: '签名',
+          required: true,
+        },
+        codeTemplateId: {
+          title: '验证码模板Id',
+          required: true,
+        },
+      } as PluginInputs<AliyunSmsConfig>,
+    };
+  }
+
+  ctx: SmsPluginCtx<AliyunSmsConfig>;
+
+  setCtx(ctx: any) {
+    this.ctx = ctx;
+  }
+
+  async sendSmsCode(opts: { mobile: string; code: string; phoneCode: string }) {
+    const { mobile, code, phoneCode } = opts;
+    const access = await this.ctx.accessService.getById<AliyunAccess>(this.ctx.config.accessId);
+    const aliyunClinet = new AliyunClient({ logger });
+    await aliyunClinet.init({
+      accessKeyId: access.accessKeyId,
+      accessKeySecret: access.accessKeySecret,
+      endpoint: 'https://dysmsapi.aliyuncs.com',
+      apiVersion: '2017-05-25',
+    });
+    const smsConfig = this.ctx.config;
+    const phoneNumber = phoneCode + mobile;
+    const params = {
+      PhoneNumbers: phoneNumber,
+      SignName: smsConfig.signName,
+      TemplateCode: smsConfig.codeTemplateId,
+      TemplateParam: `{"code":"${code}"}`,
+    };
+
+    await aliyunClinet.request('SendSms', params);
+  }
+}
@@ -0,0 +1,15 @@
+import { FormItemProps, IAccessService } from '@certd/pipeline';
+
+export interface ISmsService {
+  sendSmsCode(opts: { mobile: string; code: string; phoneCode: string }): Promise<void>;
+  setCtx(ctx: { accessService: IAccessService; config: { [key: string]: any } }): void;
+}
+
+export type PluginInputs<T = any> = {
+  [key in keyof T]: FormItemProps;
+};
+
+export type SmsPluginCtx<T = any> = {
+  accessService: IAccessService;
+  config: T;
+};
@@ -0,0 +1,12 @@
+import { AliyunSmsService } from './aliyun-sms.js';
+
+export class SmsServiceFactory {
+  static createSmsService(type: string) {
+    switch (type) {
+      case 'aliyun':
+        return new AliyunSmsService();
+      default:
+        throw new Error('不支持的短信服务类型');
+    }
+  }
+}