mirror of
https://github.com/certd/certd.git
synced 2026-07-05 11:27:34 +08:00
perf: 优化用户体验,首次访问时弹出邮箱账号绑定用以初始化账号
This commit is contained in:
@@ -102,7 +102,7 @@ Certd 是可私有化部署的 SSL/TLS 证书自动化管理平台,提供 Web
|
||||
- 只有需要事务传播时才定义 `ctx`;普通查询、纯函数和简单私有方法继续使用明确参数。
|
||||
- 需要按事务上下文取 Repository 时,用 `BaseService.getRepo(ctx, EntityClass)`。
|
||||
- 需要“有事务则复用、无事务则开启”时,用 `BaseService.transactionWithCtx(ctx, callback)`。
|
||||
- 拼接可选 `projectId` 查询条件时,用 `BaseService.buildUserProjectQuery(userId, projectId)`;不要直接写 `{ userId, projectId }`。
|
||||
- 拼接可选 `projectId` 查询条件时,**必须**使用 `BaseService.buildUserProjectQuery(userId, projectId)`,禁止直接写 `{ userId, projectId }`。因为 `projectId` 可能为 `null`/`undefined`,直接放入查询会生成错误的 `WHERE projectId = NULL` 条件。
|
||||
- `ctx` 类型复用 `BaseService` 导出的 `ServiceContext`。
|
||||
- 新增 service 方法避免与 `BaseService` 方法签名冲突,例如不要用 `delete(id)` 覆盖 `delete(ids, where?)`;改用 `deleteById` 等具体名称。
|
||||
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
import { ApplicationContext, Inject } from '@midwayjs/core';
|
||||
import type {IMidwayContainer} from '@midwayjs/core';
|
||||
import * as koa from '@midwayjs/koa';
|
||||
import { Constants } from './constants.js';
|
||||
import { isEnterprise } from './mode.js';
|
||||
|
||||
import { ApplicationContext, Inject } from "@midwayjs/core";
|
||||
import type { IMidwayContainer } from "@midwayjs/core";
|
||||
import * as koa from "@midwayjs/koa";
|
||||
import { Constants } from "./constants.js";
|
||||
import { isEnterprise } from "./mode.js";
|
||||
|
||||
export abstract class BaseController {
|
||||
@Inject()
|
||||
@@ -41,7 +40,7 @@ export abstract class BaseController {
|
||||
getUserId() {
|
||||
const userId = this.ctx.user?.id;
|
||||
if (userId == null) {
|
||||
throw new Error('Token已过期');
|
||||
throw new Error("Token已过期");
|
||||
}
|
||||
return userId;
|
||||
}
|
||||
@@ -49,7 +48,7 @@ export abstract class BaseController {
|
||||
getLoginUser() {
|
||||
const user = this.ctx.user;
|
||||
if (user == null) {
|
||||
throw new Error('Token已过期');
|
||||
throw new Error("Token已过期");
|
||||
}
|
||||
return user;
|
||||
}
|
||||
@@ -61,73 +60,71 @@ export abstract class BaseController {
|
||||
}
|
||||
}
|
||||
|
||||
async getProjectId(permission:string) {
|
||||
async getProjectId(permission: string) {
|
||||
if (!isEnterprise()) {
|
||||
return undefined
|
||||
return undefined;
|
||||
}
|
||||
let projectIdStr = this.ctx.headers["project-id"] as string;
|
||||
if (!projectIdStr){
|
||||
if (!projectIdStr) {
|
||||
projectIdStr = this.ctx.request.query["projectId"] as string;
|
||||
}
|
||||
if (!projectIdStr) {
|
||||
//这里必须抛异常,否则可能会有权限问题
|
||||
throw new Error("projectId 不能为空")
|
||||
throw new Error("projectId 不能为空");
|
||||
}
|
||||
const userId = this.getUserId()
|
||||
const projectId = parseInt(projectIdStr)
|
||||
await this.checkProjectPermission(userId, projectId,permission)
|
||||
const userId = this.getUserId();
|
||||
const projectId = parseInt(projectIdStr);
|
||||
await this.checkProjectPermission(userId, projectId, permission);
|
||||
return projectId;
|
||||
}
|
||||
|
||||
async getProjectUserId(permission:string){
|
||||
let userId = this.getUserId()
|
||||
const projectId = await this.getProjectId(permission)
|
||||
if(projectId){
|
||||
userId = -1 // 企业管理模式下,用户id固定-1
|
||||
async getProjectUserId(permission: string) {
|
||||
let userId = this.getUserId();
|
||||
const projectId = await this.getProjectId(permission);
|
||||
if (projectId) {
|
||||
userId = -1; // 企业管理模式下,用户id固定-1
|
||||
}
|
||||
return {
|
||||
projectId,userId
|
||||
}
|
||||
projectId,
|
||||
userId,
|
||||
};
|
||||
}
|
||||
async getProjectUserIdRead(){
|
||||
return await this.getProjectUserId("read")
|
||||
async getProjectUserIdRead() {
|
||||
return await this.getProjectUserId("read");
|
||||
}
|
||||
async getProjectUserIdWrite(){
|
||||
return await this.getProjectUserId("write")
|
||||
async getProjectUserIdWrite() {
|
||||
return await this.getProjectUserId("write");
|
||||
}
|
||||
async getProjectUserIdAdmin(){
|
||||
return await this.getProjectUserId("admin")
|
||||
async getProjectUserIdAdmin() {
|
||||
return await this.getProjectUserId("admin");
|
||||
}
|
||||
|
||||
async checkProjectPermission(userId: number, projectId: number,permission:string) {
|
||||
const projectService:any = await this.applicationContext.getAsync("projectService");
|
||||
await projectService.checkPermission({userId,projectId,permission})
|
||||
async checkProjectPermission(userId: number, projectId: number, permission: string) {
|
||||
const projectService: any = await this.applicationContext.getAsync("projectService");
|
||||
await projectService.checkPermission({ userId, projectId, permission });
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*
|
||||
* @param service 检查记录是否属于某用户或某项目
|
||||
* @param id
|
||||
* @param id
|
||||
*/
|
||||
async checkOwner(service:any,id:number,permission:string,allowAdmin:boolean = false){
|
||||
let { projectId,userId } = await this.getProjectUserId(permission)
|
||||
const authService:any = await this.applicationContext.getAsync("authService");
|
||||
async checkOwner(service: any, id: number, permission: string, allowAdmin: boolean = false) {
|
||||
const { projectId, userId } = await this.getProjectUserId(permission);
|
||||
const authService: any = await this.applicationContext.getAsync("authService");
|
||||
if (projectId) {
|
||||
await authService.checkProjectId(service, id, projectId);
|
||||
}else{
|
||||
|
||||
if(userId === Constants.systemUserId){
|
||||
} else {
|
||||
if (userId === Constants.systemUserId) {
|
||||
//系统级别,不检查权限
|
||||
}else{
|
||||
if(allowAdmin){
|
||||
} else {
|
||||
if (allowAdmin) {
|
||||
await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
|
||||
}else{
|
||||
await authService.checkUserId( service, id, userId);
|
||||
} else {
|
||||
await authService.checkUserId(service, id, userId);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
return {projectId,userId}
|
||||
return { projectId, userId };
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -56,7 +56,7 @@ export abstract class BaseService<T> {
|
||||
return dataSource.getRepository(entity);
|
||||
}
|
||||
|
||||
protected buildUserProjectQuery(userId: number, projectId?: number) {
|
||||
public buildUserProjectQuery(userId: number, projectId?: number) {
|
||||
const query: { userId: number; projectId?: number; [key: string]: any } = {
|
||||
userId,
|
||||
};
|
||||
|
||||
@@ -1,33 +1,33 @@
|
||||
import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
|
||||
import { Column, Entity, PrimaryGeneratedColumn } from "typeorm";
|
||||
|
||||
/**
|
||||
*/
|
||||
@Entity('sys_settings')
|
||||
@Entity("sys_settings")
|
||||
export class SysSettingsEntity {
|
||||
@PrimaryGeneratedColumn()
|
||||
id: number;
|
||||
@Column({ comment: 'key', length: 100 })
|
||||
@Column({ comment: "key", length: 100 })
|
||||
key: string;
|
||||
@Column({ comment: '名称', length: 100 })
|
||||
@Column({ comment: "名称", length: 100 })
|
||||
title: string;
|
||||
|
||||
@Column({ name: 'setting', comment: '设置', length: 1024, nullable: true })
|
||||
@Column({ name: "setting", comment: "设置", length: 1024, nullable: true })
|
||||
setting: string;
|
||||
|
||||
// public 公开读,私有写, private 私有读,私有写
|
||||
@Column({ name: 'access', comment: '访问权限' })
|
||||
@Column({ name: "access", comment: "访问权限" })
|
||||
access: string;
|
||||
|
||||
@Column({
|
||||
name: 'create_time',
|
||||
comment: '创建时间',
|
||||
default: () => 'CURRENT_TIMESTAMP',
|
||||
name: "create_time",
|
||||
comment: "创建时间",
|
||||
default: () => "CURRENT_TIMESTAMP",
|
||||
})
|
||||
createTime: Date;
|
||||
@Column({
|
||||
name: 'update_time',
|
||||
comment: '修改时间',
|
||||
default: () => 'CURRENT_TIMESTAMP',
|
||||
name: "update_time",
|
||||
comment: "修改时间",
|
||||
default: () => "CURRENT_TIMESTAMP",
|
||||
})
|
||||
updateTime: Date;
|
||||
}
|
||||
|
||||
@@ -1,19 +1,19 @@
|
||||
import { cloneDeep } from 'lodash-es';
|
||||
import { cloneDeep } from "lodash-es";
|
||||
|
||||
export class BaseSettings {
|
||||
static __key__: string;
|
||||
static __title__: string;
|
||||
static __access__ = 'private';
|
||||
static __access__ = "private";
|
||||
|
||||
static getCacheKey() {
|
||||
return 'settings.' + this.__key__;
|
||||
return "settings." + this.__key__;
|
||||
}
|
||||
}
|
||||
|
||||
export class SysPublicSettings extends BaseSettings {
|
||||
static __key__ = 'sys.public';
|
||||
static __title__ = '系统公共设置';
|
||||
static __access__ = 'public';
|
||||
static __key__ = "sys.public";
|
||||
static __title__ = "系统公共设置";
|
||||
static __access__ = "public";
|
||||
|
||||
registerEnabled = false;
|
||||
userValidTimeEnabled?: boolean = false;
|
||||
@@ -34,19 +34,15 @@ export class SysPublicSettings extends BaseSettings {
|
||||
aiChatEnabled = true;
|
||||
homePageEnabled = true;
|
||||
|
||||
|
||||
//验证码是否开启
|
||||
captchaEnabled = false;
|
||||
//验证码类型
|
||||
captchaType?: string;
|
||||
captchaAddonId?: number;
|
||||
|
||||
|
||||
|
||||
//流水线是否启用有效期
|
||||
pipelineValidTimeEnabled?: boolean = false;
|
||||
|
||||
|
||||
//证书域名添加到监控
|
||||
certDomainAddToMonitorEnabled?: boolean = false;
|
||||
|
||||
@@ -60,12 +56,15 @@ export class SysPublicSettings extends BaseSettings {
|
||||
|
||||
// 第三方OAuth配置
|
||||
oauthEnabled?: boolean = false;
|
||||
oauthProviders: Record<string, {
|
||||
type: string;
|
||||
title: string;
|
||||
addonId: number;
|
||||
icon?: string;
|
||||
}> = {};
|
||||
oauthProviders: Record<
|
||||
string,
|
||||
{
|
||||
type: string;
|
||||
title: string;
|
||||
addonId: number;
|
||||
icon?: string;
|
||||
}
|
||||
> = {};
|
||||
|
||||
notice?: string;
|
||||
|
||||
@@ -73,40 +72,37 @@ export class SysPublicSettings extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysPrivateSettings extends BaseSettings {
|
||||
static __title__ = '系统私有设置';
|
||||
static __access__ = 'private';
|
||||
static __key__ = 'sys.private';
|
||||
static __title__ = "系统私有设置";
|
||||
static __access__ = "private";
|
||||
static __key__ = "sys.private";
|
||||
jwtKey?: string;
|
||||
encryptSecret?: string;
|
||||
|
||||
httpsProxy? = '';
|
||||
httpProxy? = '';
|
||||
noProxy? = '';
|
||||
commonHeaders?: string = '';
|
||||
httpsProxy? = "";
|
||||
httpProxy? = "";
|
||||
noProxy? = "";
|
||||
commonHeaders?: string = "";
|
||||
|
||||
reverseProxies?: Record<string, string> = {};
|
||||
|
||||
dnsResultOrder? = '';
|
||||
dnsResultOrder? = "";
|
||||
commonCnameEnabled?: boolean = true;
|
||||
|
||||
httpRequestTimeout?: number = 30;
|
||||
|
||||
pipelineMaxRunningCount?: number;
|
||||
|
||||
|
||||
environmentVars?: string = '';
|
||||
|
||||
environmentVars?: string = "";
|
||||
|
||||
acmeWalkFromAuthoritative?: boolean = true;
|
||||
|
||||
|
||||
sms?: {
|
||||
type?: string;
|
||||
config?: any;
|
||||
} = {
|
||||
type: 'aliyun',
|
||||
config: {},
|
||||
};
|
||||
type: "aliyun",
|
||||
config: {},
|
||||
};
|
||||
|
||||
removeSecret() {
|
||||
const clone = cloneDeep(this);
|
||||
@@ -117,9 +113,9 @@ export class SysPrivateSettings extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysInstallInfo extends BaseSettings {
|
||||
static __title__ = '系统安装信息';
|
||||
static __key__ = 'sys.install';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "系统安装信息";
|
||||
static __key__ = "sys.install";
|
||||
static __access__ = "private";
|
||||
installTime?: number;
|
||||
siteId?: string;
|
||||
bindUserId?: number;
|
||||
@@ -130,21 +126,20 @@ export class SysInstallInfo extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysLicenseInfo extends BaseSettings {
|
||||
static __title__ = '授权许可信息';
|
||||
static __key__ = 'sys.license';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "授权许可信息";
|
||||
static __key__ = "sys.license";
|
||||
static __access__ = "private";
|
||||
license?: string;
|
||||
}
|
||||
|
||||
|
||||
export type EmailTemplate = {
|
||||
addonId?: number;
|
||||
}
|
||||
};
|
||||
|
||||
export class SysEmailConf extends BaseSettings {
|
||||
static __title__ = '邮箱配置';
|
||||
static __key__ = 'sys.email';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "邮箱配置";
|
||||
static __key__ = "sys.email";
|
||||
static __access__ = "private";
|
||||
|
||||
host: string;
|
||||
port: number;
|
||||
@@ -160,18 +155,18 @@ export class SysEmailConf extends BaseSettings {
|
||||
sender: string;
|
||||
usePlus?: boolean;
|
||||
|
||||
templates:{
|
||||
registerCode?: EmailTemplate,
|
||||
forgotPassword?: EmailTemplate,
|
||||
pipelineResult?: EmailTemplate,
|
||||
common?: EmailTemplate,
|
||||
}
|
||||
templates: {
|
||||
registerCode?: EmailTemplate;
|
||||
forgotPassword?: EmailTemplate;
|
||||
pipelineResult?: EmailTemplate;
|
||||
common?: EmailTemplate;
|
||||
};
|
||||
}
|
||||
|
||||
export class SysSiteInfo extends BaseSettings {
|
||||
static __title__ = '站点信息';
|
||||
static __key__ = 'sys.site';
|
||||
static __access__ = 'public';
|
||||
static __title__ = "站点信息";
|
||||
static __key__ = "sys.site";
|
||||
static __access__ = "public";
|
||||
title?: string;
|
||||
slogan?: string;
|
||||
logo?: string;
|
||||
@@ -179,9 +174,9 @@ export class SysSiteInfo extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysSecretBackup extends BaseSettings {
|
||||
static __title__ = '密钥信息备份';
|
||||
static __key__ = 'sys.secret.backup';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "密钥信息备份";
|
||||
static __key__ = "sys.secret.backup";
|
||||
static __access__ = "private";
|
||||
siteId?: string;
|
||||
encryptSecret?: string;
|
||||
}
|
||||
@@ -190,9 +185,9 @@ export class SysSecretBackup extends BaseSettings {
|
||||
* 不要修改
|
||||
*/
|
||||
export class SysSecret extends BaseSettings {
|
||||
static __title__ = '密钥信息';
|
||||
static __key__ = 'sys.secret';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "密钥信息";
|
||||
static __key__ = "sys.secret";
|
||||
static __access__ = "private";
|
||||
siteId?: string;
|
||||
encryptSecret?: string;
|
||||
}
|
||||
@@ -215,9 +210,9 @@ export type MenuItem = {
|
||||
children?: MenuItem[];
|
||||
};
|
||||
export class SysHeaderMenus extends BaseSettings {
|
||||
static __title__ = '顶部菜单';
|
||||
static __key__ = 'sys.header.menus';
|
||||
static __access__ = 'public';
|
||||
static __title__ = "顶部菜单";
|
||||
static __key__ = "sys.header.menus";
|
||||
static __access__ = "public";
|
||||
|
||||
menus: MenuItem[];
|
||||
}
|
||||
@@ -228,9 +223,9 @@ export type PaymentItem = {
|
||||
};
|
||||
|
||||
export class SysPaymentSetting extends BaseSettings {
|
||||
static __title__ = '支付设置';
|
||||
static __key__ = 'sys.payment';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "支付设置";
|
||||
static __key__ = "sys.payment";
|
||||
static __access__ = "private";
|
||||
|
||||
yizhifu?: PaymentItem = { enabled: false };
|
||||
|
||||
@@ -240,9 +235,9 @@ export class SysPaymentSetting extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysSuiteSetting extends BaseSettings {
|
||||
static __title__ = '套餐设置';
|
||||
static __key__ = 'sys.suite';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "套餐设置";
|
||||
static __key__ = "sys.suite";
|
||||
static __access__ = "private";
|
||||
|
||||
enabled: boolean = false;
|
||||
|
||||
@@ -257,26 +252,25 @@ export class SysSuiteSetting extends BaseSettings {
|
||||
}
|
||||
|
||||
export class SysAutoFixSetting extends BaseSettings {
|
||||
static __title__ = '自动修复记录';
|
||||
static __key__ = 'sys.auto.fix';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "自动修复记录";
|
||||
static __key__ = "sys.auto.fix";
|
||||
static __access__ = "private";
|
||||
|
||||
fixed: Record<string, boolean> = {};
|
||||
}
|
||||
|
||||
|
||||
export type SiteHidden = {
|
||||
enabled: boolean;
|
||||
openPath?: string;
|
||||
//md5 hash 两次后保存
|
||||
openPassword?: string;
|
||||
autoHiddenTimes?: number;
|
||||
hiddenOpenApi?: boolean
|
||||
hiddenOpenApi?: boolean;
|
||||
};
|
||||
export class SysSafeSetting extends BaseSettings {
|
||||
static __title__ = '站点安全设置';
|
||||
static __key__ = 'sys.safe';
|
||||
static __access__ = 'private';
|
||||
static __title__ = "站点安全设置";
|
||||
static __key__ = "sys.safe";
|
||||
static __access__ = "private";
|
||||
|
||||
// 站点隐藏
|
||||
hidden: SiteHidden = {
|
||||
|
||||
@@ -31,6 +31,13 @@ export function useFormDialog() {
|
||||
crudOptions: {
|
||||
columns: req.columns,
|
||||
form: {
|
||||
labelCol: {
|
||||
// @ts-ignore
|
||||
span: null,
|
||||
style: {
|
||||
width: "100px",
|
||||
},
|
||||
},
|
||||
initialForm: req.initialForm,
|
||||
wrapper: warpper,
|
||||
async afterSubmit() {},
|
||||
@@ -44,7 +51,7 @@ export function useFormDialog() {
|
||||
};
|
||||
}
|
||||
const { crudOptions } = createCrudOptions();
|
||||
await openCrudFormDialog({ crudOptions });
|
||||
return await openCrudFormDialog({ crudOptions });
|
||||
}
|
||||
return {
|
||||
openFormDialog,
|
||||
|
||||
@@ -18,6 +18,10 @@ defineProps<{
|
||||
showButton: boolean;
|
||||
}>();
|
||||
|
||||
const emit = defineEmits<{
|
||||
(e: "close"): void;
|
||||
}>();
|
||||
|
||||
let passwordFormRef = ref();
|
||||
|
||||
type OpenOptions = {
|
||||
@@ -68,8 +72,8 @@ const passwordFormOptions: CrudOptions = {
|
||||
},
|
||||
async afterSubmit() {
|
||||
const formData = passwordFormRef.value?.getFormData?.();
|
||||
const message = formData?.init ? t("authentication.initPasswordSuccessMessage") : t("authentication.successMessage");
|
||||
notification.success({ message });
|
||||
const msg = formData?.init ? t("authentication.initPasswordSuccessMessage") : t("authentication.successMessage");
|
||||
notification.success({ message: msg });
|
||||
},
|
||||
},
|
||||
columns: {
|
||||
@@ -84,6 +88,7 @@ const passwordFormOptions: CrudOptions = {
|
||||
title: t("authentication.oldPassword"),
|
||||
type: "password",
|
||||
form: {
|
||||
//@ts-ignore
|
||||
show: compute(({ form }) => form.init !== true),
|
||||
rules: [{ required: true, message: t("authentication.oldPasswordRequired") }],
|
||||
},
|
||||
@@ -118,16 +123,18 @@ const passwordFormOptions: CrudOptions = {
|
||||
|
||||
async function open(opts: OpenOptions = {}) {
|
||||
const formOptions = buildFormOptions(passwordFormOptions);
|
||||
formOptions.newInstance = true; //新实例打开
|
||||
formOptions.newInstance = true;
|
||||
if (opts.init) {
|
||||
formOptions.wrapper.title = t("authentication.initPasswordTitle");
|
||||
}
|
||||
formOptions.wrapper.onClosed = () => {
|
||||
emit("close");
|
||||
};
|
||||
passwordFormRef.value = await openDialog(formOptions);
|
||||
passwordFormRef.value.setFormData({
|
||||
init: opts.init === true,
|
||||
password: opts.password || "",
|
||||
});
|
||||
console.log(passwordFormRef.value);
|
||||
}
|
||||
|
||||
const scope = ref({
|
||||
|
||||
@@ -2,22 +2,110 @@
|
||||
<fs-page class="home—index bg-neutral-100 dark:bg-black">
|
||||
<!-- <page-content />-->
|
||||
<dashboard-user />
|
||||
<change-password-button ref="changePasswordButtonRef" :show-button="false"></change-password-button>
|
||||
<change-password-button ref="changePasswordButtonRef" :show-button="false" @close="checkAndSetupAccount"></change-password-button>
|
||||
</fs-page>
|
||||
</template>
|
||||
|
||||
<script lang="ts" setup>
|
||||
<script lang="tsx" setup>
|
||||
import DashboardUser from "./dashboard/index.vue";
|
||||
import { useUserStore } from "/@/store/user";
|
||||
import ChangePasswordButton from "/@/views/certd/mine/change-password-button.vue";
|
||||
import { onMounted, ref } from "vue";
|
||||
import { Modal } from "ant-design-vue";
|
||||
import { Modal, notification } from "ant-design-vue";
|
||||
import { useI18n } from "/src/locales";
|
||||
import { request } from "/@/api/service";
|
||||
import { useFormDialog } from "/@/use/use-dialog";
|
||||
|
||||
const { t } = useI18n();
|
||||
const { openFormDialog } = useFormDialog();
|
||||
|
||||
const userStore = useUserStore();
|
||||
const changePasswordButtonRef = ref();
|
||||
const emailFormWrapperRef = ref<any>();
|
||||
|
||||
const validateEmailConfirm = async (_rule: any, value: string) => {
|
||||
if (!value) {
|
||||
return;
|
||||
}
|
||||
const formData = emailFormWrapperRef.value?.getFormData?.();
|
||||
if (formData && value !== formData.email) {
|
||||
throw new Error("两次输入的邮箱地址不一致");
|
||||
}
|
||||
};
|
||||
|
||||
async function checkAndSetupAccount() {
|
||||
try {
|
||||
const userInfo = userStore.getUserInfo as any;
|
||||
if (!userInfo.needInitAccount) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (userInfo.email) {
|
||||
await request({
|
||||
url: "/mine/accountInit",
|
||||
method: "post",
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
emailFormWrapperRef.value = await openFormDialog({
|
||||
title: "绑定邮箱",
|
||||
wrapper: {
|
||||
width: 560,
|
||||
},
|
||||
initialForm: { email: "", emailConfirm: "" },
|
||||
async onSubmit(form: any) {
|
||||
await request({
|
||||
url: "/mine/accountInit",
|
||||
method: "post",
|
||||
data: { email: form.email },
|
||||
});
|
||||
notification.success({
|
||||
message: "邮箱绑定成功",
|
||||
});
|
||||
},
|
||||
body: () => {
|
||||
return <a-alert class="mb-4" message="为保证用户体验,请先绑定邮箱,初始化您的账号" type="success" show-icon></a-alert>;
|
||||
},
|
||||
columns: {
|
||||
email: {
|
||||
title: "邮箱",
|
||||
type: "text",
|
||||
form: {
|
||||
col: { span: 24 },
|
||||
component: {
|
||||
placeholder: "请输入邮箱地址",
|
||||
},
|
||||
helper: "请输入您的邮箱",
|
||||
rules: [
|
||||
{ required: true, message: "请输入邮箱地址" },
|
||||
{ type: "email", message: "请输入有效的邮箱地址" },
|
||||
],
|
||||
},
|
||||
},
|
||||
emailConfirm: {
|
||||
title: "确认邮箱",
|
||||
type: "text",
|
||||
form: {
|
||||
col: { span: 24 },
|
||||
component: {
|
||||
placeholder: "请再次输入邮箱地址",
|
||||
},
|
||||
helper: "请再次输入邮箱,以确认邮箱地址无误",
|
||||
rules: [
|
||||
{ required: true, message: "请再次输入邮箱地址" },
|
||||
{ type: "email", message: "请输入有效的邮箱地址" },
|
||||
{ validator: validateEmailConfirm, trigger: "blur" },
|
||||
],
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
} catch (e) {
|
||||
console.error("AcmeAccount setup failed:", e);
|
||||
}
|
||||
}
|
||||
|
||||
onMounted(() => {
|
||||
if (userStore.getUserInfo.isWeak === true) {
|
||||
Modal.info({
|
||||
@@ -30,6 +118,9 @@ onMounted(() => {
|
||||
},
|
||||
okText: t("authentication.changeNow"),
|
||||
});
|
||||
} else {
|
||||
//两个弹框不要同时出现
|
||||
checkAndSetupAccount();
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
|
||||
import { AccessGetter, AccessService, BaseController, Constants, SysSettingsService } from "@certd/lib-server";
|
||||
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||
import { PasskeyService } from "../../../modules/login/service/passkey-service.js";
|
||||
import { RoleService } from "../../../modules/sys/authority/service/role-service.js";
|
||||
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
|
||||
import { NotificationService } from "../../../modules/pipeline/service/notification-service.js";
|
||||
import { newAccess } from "@certd/pipeline";
|
||||
import { http, logger, utils } from "@certd/basic";
|
||||
import { ApiTags } from "@midwayjs/swagger";
|
||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
||||
|
||||
/**
|
||||
*/
|
||||
@@ -27,6 +31,15 @@ export class MineController extends BaseController {
|
||||
@Inject()
|
||||
sysSettingsService: SysSettingsService;
|
||||
|
||||
@Inject()
|
||||
accessService: AccessService;
|
||||
|
||||
@Inject()
|
||||
notificationService: NotificationService;
|
||||
|
||||
@Inject()
|
||||
emailService: EmailService;
|
||||
|
||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询用户信息" })
|
||||
public async info() {
|
||||
const userId = this.getUserId();
|
||||
@@ -41,6 +54,17 @@ export class MineController extends BaseController {
|
||||
delete user.password;
|
||||
//@ts-ignore
|
||||
user.needInitPassword = needInitPassword;
|
||||
|
||||
const { projectId } = await this.getProjectUserIdRead();
|
||||
const userProjectQuery = this.accessService.buildUserProjectQuery(userId, projectId);
|
||||
const existingAccess = await this.accessService.findOne({
|
||||
where: { type: "acmeAccount", subtype: "letsencrypt", ...userProjectQuery },
|
||||
});
|
||||
if (!existingAccess) {
|
||||
//@ts-ignore
|
||||
user.needInitAccount = true;
|
||||
}
|
||||
|
||||
return this.ok(user);
|
||||
}
|
||||
|
||||
@@ -122,4 +146,58 @@ export class MineController extends BaseController {
|
||||
});
|
||||
return this.ok({});
|
||||
}
|
||||
|
||||
@Post("/accountInit", { description: Constants.per.authOnly, summary: "初始化Let's Encrypt ACME账号和邮件通知" })
|
||||
public async accountInit(@Body("email") email?: string) {
|
||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||
|
||||
let userEmail = email;
|
||||
let user: any = null;
|
||||
if (!userEmail) {
|
||||
user = await this.userService.info(userId);
|
||||
userEmail = user.email;
|
||||
}
|
||||
if (!userEmail) {
|
||||
return this.ok({ needEmail: true });
|
||||
}
|
||||
|
||||
if (email) {
|
||||
if (!user) {
|
||||
user = await this.userService.info(userId);
|
||||
}
|
||||
if (!user.email) {
|
||||
await this.userService.updateEmail(userId, { email: userEmail });
|
||||
}
|
||||
}
|
||||
|
||||
await this.emailService.add(userId, userEmail);
|
||||
|
||||
await this.notificationService.getOrCreateDefault(userEmail, userId, projectId);
|
||||
|
||||
const getAccessById = this.accessService.getById.bind(this.accessService);
|
||||
const accessGetter = new AccessGetter(userId, projectId, getAccessById);
|
||||
const accessContext = {
|
||||
http,
|
||||
logger,
|
||||
utils,
|
||||
accessService: accessGetter,
|
||||
define: undefined,
|
||||
} as any;
|
||||
const access = await newAccess("acmeAccount", { caType: "letsencrypt", email: userEmail }, accessGetter, accessContext);
|
||||
const accountJson = await access.onGenerateAccount();
|
||||
|
||||
await this.accessService.add({
|
||||
type: "acmeAccount",
|
||||
name: "Let's Encrypt",
|
||||
userId,
|
||||
projectId,
|
||||
setting: JSON.stringify({
|
||||
caType: "letsencrypt",
|
||||
email: userEmail,
|
||||
account: accountJson,
|
||||
}),
|
||||
});
|
||||
|
||||
return this.ok({ success: true });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -441,7 +441,8 @@ export class RuntimeDepsService {
|
||||
|
||||
private getDefineByPluginKey(pluginKey: string, owner?: RuntimeDependencyPluginDefine): RuntimeDependencyPluginDefine {
|
||||
const parts = pluginKey.split(":");
|
||||
let [pluginType, subtype, name] = parts;
|
||||
const [pluginType, subtype, rawName] = parts;
|
||||
let name = rawName;
|
||||
if (parts.length === 2) {
|
||||
name = subtype;
|
||||
} else if (parts.length === 3) {
|
||||
|
||||
Reference in New Issue
Block a user