perf: 支持短信验证码登录

packages/ui/certd-server/src/modules/basic/service/code-service.ts

@@ -1,5 +1,12 @@
 import { Inject, Provide } from '@midwayjs/core';
-import { CacheManager } from '@midwayjs/cache';
+import { cache, isDev, randomNumber } from '@certd/basic';
+import { SysSettingsService } from '@certd/lib-server';
+import { SmsServiceFactory } from '../sms/factory.js';
+import { ISmsService } from '../sms/api.js';
+import { CodeErrorException } from '@certd/lib-server/dist/basic/exception/code-error-exception.js';
+import { EmailService } from './email-service.js';
+import { AccessService } from '../../pipeline/service/access-service.js';
+import { AccessSysGetter } from '../../pipeline/service/access-sys-getter.js';
 
 // {data: '<svg.../svg>', text: 'abcd'}
 /**
@@ -7,7 +14,12 @@ import { CacheManager } from '@midwayjs/cache';
 @Provide()
 export class CodeService {
   @Inject()
-  cache: CacheManager; // 依赖注入CacheManager
+  sysSettingsService: SysSettingsService;
+  @Inject()
+  emailService: EmailService;
+
+  @Inject()
+  accessService: AccessService;
 
   /**
    */
@@ -17,41 +29,114 @@ export class CodeService {
     const c = svgCaptcha.create();
     //{data: '<svg.../svg>', text: 'abcd'}
     const imgCode = c.text; // = RandomUtil.randomStr(4, true);
-    await this.cache.set('imgCode:' + randomStr, imgCode, {
+    cache.set('imgCode:' + randomStr, imgCode, {
       ttl: 2 * 60 * 1000, //过期时间 2分钟
     });
     return c;
   }
 
   async getCaptchaText(randomStr) {
-    return await this.cache.get('imgCode:' + randomStr);
+    return cache.get('imgCode:' + randomStr);
   }
 
   async removeCaptcha(randomStr) {
-    await this.cache.del('imgCode:' + randomStr);
+    cache.delete('imgCode:' + randomStr);
   }
 
-  async checkCaptcha(randomStr, userCaptcha) {
+  async checkCaptcha(randomStr: string, userCaptcha: string) {
     const code = await this.getCaptchaText(randomStr);
     if (code == null) {
       throw new Error('验证码已过期');
     }
-    if (code !== userCaptcha) {
+    if (code.toLowerCase() !== userCaptcha.toLowerCase()) {
       throw new Error('验证码不正确');
     }
+    await this.removeCaptcha(randomStr);
     return true;
   }
   /**
    */
-  async sendSms(phoneCode, mobile, smsCode) {
+  async sendSmsCode(phoneCode, mobile, randomStr) {
     console.assert(phoneCode != null && mobile != null, '手机号不能为空');
-    console.assert(smsCode != null, '验证码不能为空');
+    console.assert(randomStr != null, 'randomStr不能为空');
+
+    const sysSettings = await this.sysSettingsService.getPrivateSettings();
+    if (!sysSettings.sms?.config?.accessId) {
+      throw new Error('当前站点还未配置短信');
+    }
+    const smsType = sysSettings.sms.type;
+    const smsConfig = sysSettings.sms.config;
+    const sender: ISmsService = SmsServiceFactory.createSmsService(smsType);
+    const accessGetter = new AccessSysGetter(this.accessService);
+    sender.setCtx({
+      accessService: accessGetter,
+      config: smsConfig,
+    });
+    const smsCode = randomNumber(4);
+    await sender.sendSmsCode({
+      mobile,
+      code: smsCode,
+      phoneCode,
+    });
+
+    const key = this.buildSmsCodeKey(phoneCode, mobile, randomStr);
+    cache.set(key, smsCode, {
+      ttl: 5 * 60 * 1000, //5分钟
+    });
   }
 
   /**
-   * loginBySmsCode
    */
-  async loginBySmsCode(user, smsCode) {
-    console.assert(user.mobile != null, '手机号不能为空');
+  async sendEmailCode(email: string, randomStr: string) {
+    console.assert(!email, '手机号不能为空');
+    console.assert(!randomStr, 'randomStr不能为空');
+
+    const code = randomNumber(4);
+    await this.emailService.send({
+      subject: '【Certd】验证码',
+      content: `您的验证码是${code}，请勿泄露`,
+      receivers: [email],
+    });
+
+    const key = this.buildEmailCodeKey(email, code);
+    cache.set(key, code, {
+      ttl: 5 * 60 * 1000, //5分钟
+    });
+  }
+
+  /**
+   * checkSms
+   */
+  async checkSmsCode(opts: { mobile: string; phoneCode: string; smsCode: string; randomStr: string; throwError: boolean }) {
+    const key = this.buildSmsCodeKey(opts.phoneCode, opts.mobile, opts.randomStr);
+    if (isDev()) {
+      return true;
+    }
+    return this.checkValidateCode(key, opts.smsCode, opts.throwError);
+  }
+
+  buildSmsCodeKey(phoneCode: string, mobile: string, randomStr: string) {
+    return `sms:${phoneCode}${mobile}:${randomStr}`;
+  }
+
+  buildEmailCodeKey(email: string, randomStr: string) {
+    return `email:${email}:${randomStr}`;
+  }
+  checkValidateCode(key: string, userCode: string, throwError = true) {
+    //验证图片验证码
+    const code = cache.get(key);
+    if (code == null || code !== userCode) {
+      if (throwError) {
+        throw new CodeErrorException('验证码错误');
+      }
+      return false;
+    }
+    cache.delete(key);
+    return true;
+  }
+
+  checkEmailCode(opts: { randomStr: string; validateCode: string; email: string; throwError: boolean }) {
+    const key = this.buildEmailCodeKey(opts.email, opts.randomStr);
+    return this.checkValidateCode(key, opts.validateCode, opts.throwError);
   }
 }

packages/ui/certd-server/src/modules/basic/service/email-service.ts

@@ -91,7 +91,6 @@ export class EmailService implements IEmailService {
 
   async test(userId: number, receiver: string) {
     await this.send({
-      userId,
       receivers: [receiver],
       subject: '测试邮件,from certd',
       content: '测试邮件,from certd',