perf: 验证码支持测试，登录验证码需要测试通过后才能开启

2026-04-24 04:17:25 +08:00 · 2025-09-26 01:21:01 +08:00
parent 03f317ffdb
commit 83e6476408
18 changed files with 485 additions and 60 deletions
@@ -1,7 +1,6 @@
-import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
-import { AccessService, Constants } from '@certd/lib-server';
-import { AccessController } from '../../user/pipeline/access-controller.js';
-import { checkComm } from '@certd/plus-core';
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import { AccessService, Constants } from "@certd/lib-server";
+import { AccessController } from "../../user/pipeline/access-controller.js";

 /**
 * 授权
@@ -17,7 +16,7 @@ export class SysAccessController extends AccessController {
  }

  getUserId() {
-    checkComm();
+    // checkComm();
    return 0;
  }

@@ -192,4 +192,11 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
    await this.service.saveSetting(blankSetting);
    return this.ok({});
  }
+
+
+  @Post("/captchaTest", { summary: "sys:settings:edit" })
+  async captchaTest(@Body(ALL) body: any) {
+    await this.codeService.checkCaptcha(body)
+    return this.ok({});
+  }
 }
@@ -11,56 +11,59 @@ import {
 import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
 import { checkPlus } from "@certd/plus-core";
 import { http, logger, utils } from "@certd/basic";
+import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";

 /**
 * Addon
 */
@Provide()
-@Controller('/api/addon')
+@Controller("/api/addon")
 export class AddonController extends CrudController<AddonService> {
  @Inject()
  service: AddonService;
  @Inject()
  authService: AuthService;
+  @Inject()
+  taskServiceBuilder:TaskServiceBuilder

  getService(): AddonService {
    return this.service;
  }

-  @Post('/page', { summary: Constants.per.authOnly })
+  @Post("/page", { summary: Constants.per.authOnly })
  async page(@Body(ALL) body) {
    body.query = body.query ?? {};
    delete body.query.userId;
    const buildQuery = qb => {
-      qb.andWhere('user_id = :userId', { userId: this.getUserId() });
+      qb.andWhere("user_id = :userId", { userId: this.getUserId() });
    };
    const res = await this.service.page({
      query: body.query,
      page: body.page,
      sort: body.sort,
-      buildQuery,
+      buildQuery
    });
    return this.ok(res);
  }

-  @Post('/list', { summary: Constants.per.authOnly })
+  @Post("/list", { summary: Constants.per.authOnly })
  async list(@Body(ALL) body) {
    body.query = body.query ?? {};
    body.query.userId = this.getUserId();
    return super.list(body);
  }

-  @Post('/add', { summary: Constants.per.authOnly })
+  @Post("/add", { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean) {
    bean.userId = this.getUserId();
    const type = bean.type;
    const addonType = bean.addonType;
-    if (! type || !addonType){
-        throw new ValidateException('请选择Addon类型');
+    if (!type || !addonType) {
+      throw new ValidateException("请选择Addon类型");
    }
-    const define: AddonDefine = this.service.getDefineByType(type,addonType);
+    const define: AddonDefine = this.service.getDefineByType(type, addonType);
    if (!define) {
-      throw new ValidateException('Addon类型不存在');
+      throw new ValidateException("Addon类型不存在");
    }
    if (define.needPlus) {
      checkPlus();
@@ -68,19 +71,19 @@ export class AddonController extends CrudController<AddonService> {
    return super.add(bean);
  }

-  @Post('/update', { summary: Constants.per.authOnly })
+  @Post("/update", { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
    await this.service.checkUserId(bean.id, this.getUserId());
    const old = await this.service.info(bean.id);
    if (!old) {
-      throw new ValidateException('Addon配置不存在');
+      throw new ValidateException("Addon配置不存在");
    }
-    if (old.type !== bean.type ) {
+    if (old.type !== bean.type) {
      const addonType = old.type;
      const type = bean.type;
-      const define: AddonDefine = this.service.getDefineByType(type,addonType);
+      const define: AddonDefine = this.service.getDefineByType(type, addonType);
      if (!define) {
-        throw new ValidateException('Addon类型不存在');
+        throw new ValidateException("Addon类型不存在");
      }
      if (define.needPlus) {
        checkPlus();
@@ -89,26 +92,27 @@ export class AddonController extends CrudController<AddonService> {
    delete bean.userId;
    return super.update(bean);
  }
-  @Post('/info', { summary: Constants.per.authOnly })
-  async info(@Query('id') id: number) {
+
+  @Post("/info", { summary: Constants.per.authOnly })
+  async info(@Query("id") id: number) {
    await this.service.checkUserId(id, this.getUserId());
    return super.info(id);
  }

-  @Post('/delete', { summary: Constants.per.authOnly })
-  async delete(@Query('id') id: number) {
+  @Post("/delete", { summary: Constants.per.authOnly })
+  async delete(@Query("id") id: number) {
    await this.service.checkUserId(id, this.getUserId());
    return super.delete(id);
  }

-  @Post('/define', { summary: Constants.per.authOnly })
-  async define(@Query('type') type: string,@Query('addonType') addonType: string) {
-    const notification = this.service.getDefineByType(type,addonType);
+  @Post("/define", { summary: Constants.per.authOnly })
+  async define(@Query("type") type: string, @Query("addonType") addonType: string) {
+    const notification = this.service.getDefineByType(type, addonType);
    return this.ok(notification);
  }

-  @Post('/getTypeDict', { summary: Constants.per.authOnly })
-  async getTypeDict(@Query('addonType') addonType: string) {
+  @Post("/getTypeDict", { summary: Constants.per.authOnly })
+  async getTypeDict(@Query("addonType") addonType: string) {
    const list: any = this.service.getDefineList(addonType);
    let dict = [];
    for (const item of list) {
@@ -116,7 +120,7 @@ export class AddonController extends CrudController<AddonService> {
        value: item.name,
        label: item.title,
        needPlus: item.needPlus ?? false,
-        icon: item.icon,
+        icon: item.icon
      });
    }
    dict = dict.sort(a => {
@@ -125,13 +129,13 @@ export class AddonController extends CrudController<AddonService> {
    return this.ok(dict);
  }

-  @Post('/simpleInfo', { summary: Constants.per.authOnly })
-  async simpleInfo(@Query('addonType') addonType: string,@Query('id') id: number) {
+  @Post("/simpleInfo", { summary: Constants.per.authOnly })
+  async simpleInfo(@Query("addonType") addonType: string, @Query("id") id: number) {
    if (id === 0) {
      //获取默认
-      const res = await this.service.getDefault(this.getUserId(),addonType);
+      const res = await this.service.getDefault(this.getUserId(), addonType);
      if (!res) {
-        throw new ValidateException('默认Addon配置不存在');
+        throw new ValidateException("默认Addon配置不存在");
      }
      const simple = await this.service.getSimpleInfo(res.id);
      return this.ok(simple);
@@ -141,27 +145,27 @@ export class AddonController extends CrudController<AddonService> {
    return this.ok(res);
  }

-  @Post('/getDefaultId', { summary: Constants.per.authOnly })
-  async getDefaultId(@Query('addonType') addonType: string) {
-    const res = await this.service.getDefault(this.getUserId(),addonType);
+  @Post("/getDefaultId", { summary: Constants.per.authOnly })
+  async getDefaultId(@Query("addonType") addonType: string) {
+    const res = await this.service.getDefault(this.getUserId(), addonType);
    return this.ok(res?.id);
  }

-  @Post('/setDefault', { summary: Constants.per.authOnly })
-  async setDefault(@Query('addonType') addonType: string,@Query('id') id: number) {
+  @Post("/setDefault", { summary: Constants.per.authOnly })
+  async setDefault(@Query("addonType") addonType: string, @Query("id") id: number) {
    await this.service.checkUserId(id, this.getUserId());
-    const res = await this.service.setDefault(id, this.getUserId(),addonType);
+    const res = await this.service.setDefault(id, this.getUserId(), addonType);
    return this.ok(res);
  }


-  @Post('/options', { summary: Constants.per.authOnly })
-  async options(@Query('addonType') addonType: string) {
+  @Post("/options", { summary: Constants.per.authOnly })
+  async options(@Query("addonType") addonType: string) {
    const res = await this.service.list({
      query: {
        userId: this.getUserId(),
        addonType
-      },
+      }
    });
    for (const item of res) {
      delete item.setting;
@@ -170,7 +174,7 @@ export class AddonController extends CrudController<AddonService> {
  }


-  @Post('/handle', { summary: Constants.per.authOnly })
+  @Post("/handle", { summary: Constants.per.authOnly })
  async handle(@Body(ALL) body: AddonRequestHandleReq) {
    const userId = this.getUserId();
    let inputAddon = body.input.addon;
@@ -178,21 +182,24 @@ export class AddonController extends CrudController<AddonService> {
      const oldEntity = await this.service.info(body.input.id);
      if (oldEntity) {
        if (oldEntity.userId !== userId) {
-          throw new Error('addon not found');
+          throw new Error("addon not found");
        }
        // const param: any = {
        //   type: body.typeName,
        //   setting: JSON.stringify(body.input.access),
        // };
-        inputAddon = JSON.parse( oldEntity.setting)
+        inputAddon = JSON.parse(oldEntity.setting);
      }
    }
+    const serviceGetter = this.taskServiceBuilder.create({ userId });
+
    const ctx = {
      http: http,
-      logger:logger,
-      utils:utils,
-    }
-    const addon = await newAddon(body.addonType,body.typeName, inputAddon,ctx);
+      logger: logger,
+      utils: utils,
+      serviceGetter
+    };
+    const addon = await newAddon(body.addonType, body.typeName, inputAddon, ctx);
    const res = await addon.onRequest(body);
    return this.ok(res);
  }
@@ -85,10 +85,18 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
  }

  @Post('/verify', { summary: Constants.per.authOnly })
-  async verify(@Body(ALL) body: { id: string }) {
+  async verify(@Body(ALL) body: { id: number }) {
    const userId = this.getUserId();
    await this.service.checkUserId(body.id, userId);
    const res = await this.service.verify(body.id);
    return this.ok(res);
  }
+
+  @Post('/resetStatus', { summary: Constants.per.authOnly })
+  async resetStatus(@Body(ALL) body: { id: number }) {
+    const userId = this.getUserId();
+    await this.service.checkUserId(body.id, userId);
+    const res = await this.service.resetStatus(body.id);
+    return this.ok(res);
+  }
 }
@@ -13,6 +13,8 @@ export class CnameRecordEntity {

  @Column({ comment: '证书申请域名', length: 100 })
  domain: string;
+  @Column({ comment: '主域名', name: 'main_domain', length: 100 })
+  mainDomain:string;

  @Column({ comment: '主机记录', name: 'host_record', length: 100 })
  hostRecord: string;
@@ -115,6 +115,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
      hostRecord = hostRecord.substring(0, hostRecord.length - 1);
    }
    param.hostRecord = hostRecord;
+    param.mainDomain = realDomain;

    const randomKey = utils.id.simpleNanoId(6).toLowerCase();

@@ -191,6 +192,19 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
        throw new ValidateException(`找不到${domain}的CNAME记录`);
      }
    }
+
+    if (!record.mainDomain){
+      let domainPrefix = record.hostRecord.replace("_acme-challenge", "");
+      if (domainPrefix.startsWith(".")) {
+        domainPrefix = domainPrefix.substring(1);
+      }
+      record.mainDomain = record.domain.replace(domainPrefix, "");
+      await this.update({
+        id: record.id,
+        mainDomain: domainPrefix,
+      })
+    }
+
    const provider = await this.cnameProviderService.info(record.cnameProviderId);
    if (provider == null) {
      throw new ValidateException(`找不到${domain}的CNAME服务`);
@@ -208,7 +222,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
   * 验证是否配置好cname
   * @param id
   */
-  async verify(id: string) {
+  async verify(id: number) {
    const bean = await this.info(id);
    if (!bean) {
      throw new ValidateException(`CnameRecord:${id} 不存在`);
@@ -440,4 +454,11 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
    }

  }
+
+  async resetStatus (id: number) {
+    if (!id) {
+      throw new ValidateException('id不能为空');
+    }
+    await this.getRepository().update(id, {status: 'cname',mainDomain: ""});
+  }
 }
@@ -68,10 +68,6 @@ export class TaskServiceGetter implements IServiceGetter{
    return new DomainVerifierGetter(this.userId, domainService);
  }
 }
-export type TaskServiceCreateReq = {
-  userId: number;
-}
-
@Provide()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class TaskServiceBuilder  {
@@ -84,6 +80,10 @@ export class TaskServiceBuilder  {
  }
 }

+export type TaskServiceCreateReq = {
+  userId: number;
+}
+



@@ -1,2 +1,3 @@
 export * from './geetest/index.js';
 export * from './image/index.js';
+export * from './tencent/index.js';
@@ -0,0 +1,104 @@
+import { AddonInput, BaseAddon, IsAddon } from "@certd/lib-server";
+import { ICaptchaAddon } from "../api.js";
+import { TencentAccess } from "@certd/plugin-lib";
+
+@IsAddon({
+  addonType:"captcha",
+  name: 'tencent',
+  title: '腾讯云验证码',
+  desc: '',
+  showTest:false,
+})
+export class TencentCaptcha extends BaseAddon implements ICaptchaAddon{
+
+  @AddonInput({
+    title: '腾讯云授权',
+    helper: '腾讯云授权',
+    component: {
+      name: 'access-selector',
+      vModel:"modelValue",
+      from: "sys",
+      type: 'tencent', //固定授权类型
+    },
+    required: true,
+  })
+  accessId  :number;
+
+  @AddonInput({
+    title: '验证ID',
+    component: {
+      name:"a-input-number",
+      placeholder: 'CaptchaAppId',
+    },
+    helper:"[腾讯云验证码](https://cloud.tencent.com/act/cps/redirect?redirect=37716&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9)",
+    required: true,
+  })
+  captchaAppId:number;
+
+  @AddonInput({
+    title: '验证Key',
+    component: {
+      placeholder: 'AppSecretKey',
+    },
+    required: true,
+  })
+  appSecretKey = '';
+
+
+  async onValidate(data?:any) {
+    if (!data) {
+      return false
+    }
+
+
+    const access = await this.getAccess<TencentAccess>(this.accessId)
+
+    const sdk =await import("tencentcloud-sdk-nodejs/tencentcloud/services/captcha/v20190722/index.js");
+
+    const CaptchaClient = sdk.v20190722.Client;
+
+    const clientConfig = {
+      credential: {
+        secretId: access.secretId,
+        secretKey: access.secretKey,
+      },
+      region: "",
+      profile: {
+        httpProfile: {
+          endpoint: "captcha.tencentcloudapi.com",
+        },
+      },
+    };
+
+// 实例化要请求产品的client对象,clientProfile是可选的
+    const client = new CaptchaClient(clientConfig);
+    const params = {
+      "CaptchaType": 9, //固定值9
+      "UserIp": "127.0.0.1",
+      "Ticket": data.ticket,
+      "Randstr": data.randstr,
+      "AppSecretKey": this.appSecretKey,
+      "CaptchaAppId": this.captchaAppId,
+    };
+   const res =  await client.DescribeCaptchaResult(params)
+
+    if (res.CaptchaCode == 1) {
+      // 验证成功
+      // verification successful
+      return true;
+    } else {
+      // 验证失败
+      // verification failed
+      this.logger.error("腾讯云验证码验证失败",res.CaptchaMsg)
+      return false;
+    }
+  }
+
+
+ async  getCaptcha(): Promise<any> {
+    return {
+      captchaAppId: this.captchaAppId,
+    }
+  }
+
+}