mirror of
https://github.com/certd/certd.git
synced 2026-07-16 02:37:34 +08:00
chore: format
This commit is contained in:
@@ -1,28 +1,28 @@
|
||||
import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
|
||||
import { Column, Entity, PrimaryGeneratedColumn } from "typeorm";
|
||||
|
||||
@Entity('cd_open_key')
|
||||
@Entity("cd_open_key")
|
||||
export class OpenKeyEntity {
|
||||
@PrimaryGeneratedColumn()
|
||||
id: number;
|
||||
|
||||
@Column({ name: 'user_id', comment: '用户id' })
|
||||
@Column({ name: "user_id", comment: "用户id" })
|
||||
userId: number;
|
||||
|
||||
@Column({ name: 'key_id', comment: 'keyId' })
|
||||
@Column({ name: "key_id", comment: "keyId" })
|
||||
keyId: string;
|
||||
|
||||
@Column({ name: 'key_secret', comment: 'keySecret' })
|
||||
@Column({ name: "key_secret", comment: "keySecret" })
|
||||
keySecret: string;
|
||||
|
||||
@Column({ name: 'scope', comment: '权限范围' })
|
||||
@Column({ name: "scope", comment: "权限范围" })
|
||||
scope: string; // open 仅开放接口、 user 用户所有权限
|
||||
|
||||
@Column({ name: 'project_id', comment: '项目id' })
|
||||
@Column({ name: "project_id", comment: "项目id" })
|
||||
projectId: number;
|
||||
|
||||
@Column({ name: 'create_time', comment: '创建时间', default: () => 'CURRENT_TIMESTAMP' })
|
||||
@Column({ name: "create_time", comment: "创建时间", default: () => "CURRENT_TIMESTAMP" })
|
||||
createTime: Date;
|
||||
|
||||
@Column({ name: 'update_time', comment: '修改时间', default: () => 'CURRENT_TIMESTAMP' })
|
||||
@Column({ name: "update_time", comment: "修改时间", default: () => "CURRENT_TIMESTAMP" })
|
||||
updateTime: Date;
|
||||
}
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
|
||||
import { BaseService, Constants, CodeException, PageReq } from '@certd/lib-server';
|
||||
import { InjectEntityModel } from '@midwayjs/typeorm';
|
||||
import { Repository } from 'typeorm';
|
||||
import { OpenKeyEntity } from '../entity/open-key.js';
|
||||
import { utils } from '@certd/basic';
|
||||
import crypto from 'crypto';
|
||||
import dayjs from 'dayjs';
|
||||
import { Provide, Scope, ScopeEnum } from "@midwayjs/core";
|
||||
import { BaseService, Constants, CodeException, PageReq } from "@certd/lib-server";
|
||||
import { InjectEntityModel } from "@midwayjs/typeorm";
|
||||
import { Repository } from "typeorm";
|
||||
import { OpenKeyEntity } from "../entity/open-key.js";
|
||||
import { utils } from "@certd/basic";
|
||||
import crypto from "crypto";
|
||||
import dayjs from "dayjs";
|
||||
|
||||
export type OpenKey = {
|
||||
userId: number;
|
||||
@@ -31,34 +31,34 @@ export class OpenKeyService extends BaseService<OpenKeyEntity> {
|
||||
}
|
||||
|
||||
async add(bean: OpenKeyEntity) {
|
||||
return await this.generate(bean.userId,bean.projectId, bean.scope);
|
||||
return await this.generate(bean.userId, bean.projectId, bean.scope);
|
||||
}
|
||||
|
||||
async generate(userId: number, projectId?: number, scope: string = 'open') {
|
||||
const keyId = utils.id.simpleNanoId(18) + '_key';
|
||||
async generate(userId: number, projectId?: number, scope = "open") {
|
||||
const keyId = utils.id.simpleNanoId(18) + "_key";
|
||||
const secretKey = crypto.randomBytes(32);
|
||||
const keySecret = Buffer.from(secretKey).toString('hex');
|
||||
const keySecret = Buffer.from(secretKey).toString("hex");
|
||||
const entity = new OpenKeyEntity();
|
||||
entity.userId = userId;
|
||||
entity.projectId = projectId;
|
||||
entity.keyId = keyId;
|
||||
entity.keySecret = keySecret;
|
||||
entity.scope = scope ?? 'open';
|
||||
entity.scope = scope ?? "open";
|
||||
await this.repository.save(entity);
|
||||
return entity;
|
||||
}
|
||||
|
||||
async getByKeyId(keyId: string) {
|
||||
if (!keyId) {
|
||||
throw new Error('keyId不能为空');
|
||||
throw new Error("keyId不能为空");
|
||||
}
|
||||
return this.repository.findOne({ where: { keyId } });
|
||||
}
|
||||
|
||||
async verifyOpenKey(openKey: string): Promise<OpenKey> {
|
||||
// openkey 组成,content = base64({keyId,t,encrypt,signType}) ,sign = md5({keyId,t,encrypt,signType}secret) , key = content.sign
|
||||
const [content, sign] = openKey.split('.');
|
||||
const contentJson = Buffer.from(content, 'base64').toString();
|
||||
const [content, sign] = openKey.split(".");
|
||||
const contentJson = Buffer.from(content, "base64").toString();
|
||||
const { keyId, t, encrypt, signType } = JSON.parse(contentJson);
|
||||
// 正负不超过3分钟 ,timestamps单位为秒
|
||||
if (Math.abs(Number(t) - Math.floor(Date.now() / 1000)) > 180) {
|
||||
@@ -67,22 +67,22 @@ export class OpenKeyService extends BaseService<OpenKeyEntity> {
|
||||
|
||||
const entity = await this.getByKeyId(keyId);
|
||||
if (!entity) {
|
||||
throw new Error('openKey不存在');
|
||||
throw new Error("openKey不存在");
|
||||
}
|
||||
const secret = entity.keySecret;
|
||||
let computedSign = '';
|
||||
if (signType === 'md5') {
|
||||
let computedSign = "";
|
||||
if (signType === "md5") {
|
||||
computedSign = utils.hash.md5(contentJson + secret);
|
||||
} else if (signType === 'sha256') {
|
||||
} else if (signType === "sha256") {
|
||||
computedSign = utils.hash.sha256(contentJson + secret);
|
||||
} else {
|
||||
throw new CodeException(Constants.res.openKeySignTypeError);
|
||||
}
|
||||
if (Buffer.from(computedSign).toString('base64') !== sign) {
|
||||
if (Buffer.from(computedSign).toString("base64") !== sign) {
|
||||
throw new CodeException(Constants.res.openKeySignError);
|
||||
}
|
||||
|
||||
if (entity.userId==null) {
|
||||
if (entity.userId == null) {
|
||||
throw new CodeException(Constants.res.openKeyError);
|
||||
}
|
||||
|
||||
@@ -98,21 +98,21 @@ export class OpenKeyService extends BaseService<OpenKeyEntity> {
|
||||
|
||||
async getApiToken(id: number) {
|
||||
if (!id) {
|
||||
throw new Error('id不能为空');
|
||||
throw new Error("id不能为空");
|
||||
}
|
||||
const entity = await this.repository.findOne({ where: { id } });
|
||||
if (!entity) {
|
||||
throw new Error('id不存在');
|
||||
throw new Error("id不存在");
|
||||
}
|
||||
const { keyId, keySecret } = entity;
|
||||
const openKey = {
|
||||
keyId,
|
||||
t: dayjs().unix(),
|
||||
encrypt: false,
|
||||
signType: 'md5',
|
||||
signType: "md5",
|
||||
};
|
||||
const content = JSON.stringify(openKey);
|
||||
const sign = utils.hash.md5(content + keySecret);
|
||||
return Buffer.from(content).toString('base64') + '.' + Buffer.from(sign).toString('base64');
|
||||
return Buffer.from(content).toString("base64") + "." + Buffer.from(sign).toString("base64");
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user