pref: 安全特性支持，站点隐藏功能

packages/ui/certd-server/src/controller/basic/unhidden-controller.ts

@@ -0,0 +1,66 @@
+import {Body, Controller, Get, Inject, Post, Provide} from '@midwayjs/core';
+import {Constants, NotFoundException, ParamException, SysInstallInfo, SysSettingsService} from '@certd/lib-server';
+import {utils} from "@certd/basic";
+import {hiddenStatus, SafeService} from "../../modules/sys/settings/safe-service.js";
+import {IMidwayKoaContext} from "@midwayjs/koa";
+
+const unhiddenHtml = `
+<html lang="en">
+<head>
+<title>certd解除站点隐藏</title>
+</head>
+<body>
+<div style="margin:50px;width:500px">
+<h3>解除站点隐藏</h3>
+<form method="post">
+请输入解除密码： <input type="password" name="password" /> <button type="submit">确定</button>
+</form>
+</div>
+</body>
+</html>
+
+`
+
+@Provide()
+@Controller('/api/unhidden')
+export class HnhiddenController {
+    @Inject()
+    ctx: IMidwayKoaContext;
+    @Inject()
+    safeService: SafeService;
+    @Inject()
+    sysSettingsService: SysSettingsService;
+
+
+    @Post('/:randomPath', {summary: Constants.per.guest})
+    async randomPath(@Body("password") password: any) {
+        await this.checkUnhiddenPath()
+        const hiddenSetting = await this.safeService.getHiddenSetting()
+        if (utils.hash.md5(password) === hiddenSetting.openPassword) {
+            //解锁
+            hiddenStatus.isHidden = false;
+            const setting = await this.sysSettingsService.getSetting<SysInstallInfo>(SysInstallInfo)
+            const bindUrl = setting.bindUrl
+            //解锁成功,跳转回首页,redirect
+            this.ctx.response.redirect(bindUrl || "/");
+            return
+        } else {
+            //密码错误
+            throw new ParamException('解锁密码错误');
+        }
+    }
+
+    @Get('/:randomPath', {summary: Constants.per.guest})
+    async unhiddenGet() {
+        await this.checkUnhiddenPath()
+        this.ctx.response.body = unhiddenHtml
+    }
+
+    async checkUnhiddenPath() {
+        const hiddenSetting = await this.safeService.getHiddenSetting()
+        if (this.ctx.path != `/api/unhidden/${hiddenSetting.openPath}`) {
+            this.ctx.res.statusCode = 404
+            throw new NotFoundException("Page not found")
+        }
+    }
+}

packages/ui/certd-server/src/controller/sys/settings/sys-safe-settings-controller.ts

@@ -0,0 +1,39 @@
+import {ALL, Body, Controller, Inject, Post, Provide} from '@midwayjs/core';
+import {BaseController, SysSafeSetting} from '@certd/lib-server';
+import {cloneDeep} from 'lodash-es';
+import {SafeService} from "../../../modules/sys/settings/safe-service.js";
+
+
+/**
+ */
+@Provide()
+@Controller('/api/sys/settings/safe')
+export class SysSettingsController extends BaseController {
+  @Inject()
+  safeService: SafeService;
+
+
+
+  @Post("/get", { summary: "sys:settings:view" })
+  async safeGet() {
+    const res = await this.safeService.getSafeSetting()
+    const clone:SysSafeSetting = cloneDeep(res);
+    delete clone.hidden?.openPassword;
+    return this.ok(clone);
+  }
+
+  @Post("/save", { summary: "sys:settings:edit" })
+  async safeSave(@Body(ALL) body: any) {
+    await this.safeService.saveSafeSetting(body);
+    return this.ok({});
+  }
+
+  /**
+   * 立即隐藏
+   */
+  @Post("/hidden", { summary: "sys:settings:edit" })
+  async hiddenImmediate() {
+    await this.safeService.hiddenImmediately();
+    return this.ok({});
+  }
+}

packages/ui/certd-server/src/controller/sys/settings/sys-settings-controller.ts

@@ -1,12 +1,19 @@
-import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
-import { CrudController, SysPrivateSettings, SysPublicSettings, SysSettingsEntity, SysSettingsService } from '@certd/lib-server';
-import { merge } from 'lodash-es';
-import { PipelineService } from '../../../modules/pipeline/service/pipeline-service.js';
-import { UserSettingsService } from '../../../modules/mine/service/user-settings-service.js';
-import { getEmailSettings } from '../../../modules/sys/settings/fix.js';
-import { http, logger, simpleNanoId } from '@certd/basic';
-import { CodeService } from '../../../modules/basic/service/code-service.js';
-import { SmsServiceFactory } from '../../../modules/basic/sms/factory.js';
+import {ALL, Body, Controller, Inject, Post, Provide, Query} from '@midwayjs/core';
+import {
+  CrudController,
+  SysPrivateSettings,
+  SysPublicSettings,
+  SysSafeSetting,
+  SysSettingsEntity,
+  SysSettingsService
+} from '@certd/lib-server';
+import {cloneDeep, merge} from 'lodash-es';
+import {PipelineService} from '../../../modules/pipeline/service/pipeline-service.js';
+import {UserSettingsService} from '../../../modules/mine/service/user-settings-service.js';
+import {getEmailSettings} from '../../../modules/sys/settings/fix.js';
+import {http, logger, simpleNanoId, utils} from '@certd/basic';
+import {CodeService} from '../../../modules/basic/service/code-service.js';
+import {SmsServiceFactory} from '../../../modules/basic/sms/factory.js';
 
 
 /**
@@ -159,4 +166,29 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
   async getSmsTypeDefine(@Body('type') type: string) {
     return this.ok(SmsServiceFactory.getDefine(type));
   }
+
+
+
+  @Post("/safe/get", { summary: "sys:settings:view" })
+  async safeGet() {
+    const res = await this.service.getSetting<SysSafeSetting>(SysSafeSetting);
+    const clone:SysSafeSetting = cloneDeep(res);
+    delete clone.hidden?.openPassword;
+    return this.ok(clone);
+  }
+
+  @Post("/safe/save", { summary: "sys:settings:edit" })
+  async safeSave(@Body(ALL) body: any) {
+    if(body.hidden.openPassword){
+      body.hidden.openPassword = utils.hash.md5(body.hidden.openPassword);
+    }
+    const blankSetting = new SysSafeSetting()
+    const setting = await this.service.getSetting<SysSafeSetting>(SysSafeSetting);
+    const newSetting = merge(blankSetting,cloneDeep(setting), body);
+    if(newSetting.hidden?.enabled && !newSetting.hidden?.openPassword){
+      throw new Error("首次设置需要填写解锁密码")
+    }
+    await this.service.saveSetting(blankSetting);
+    return this.ok({});
+  }
 }