perf: 支持oidc单点登录

2026-05-16 05:07:32 +08:00 · 2025-11-27 01:59:22 +08:00
parent c7b298c46f
commit ec75afbc44
25 changed files with 633 additions and 103 deletions
@@ -17,9 +17,9 @@ import { TwoFactorService } from "../../mine/service/two-factor-service.js";
 import { UserSettingsService } from "../../mine/service/user-settings-service.js";
 import { isPlus } from "@certd/plus-core";
 import { AddonService } from "@certd/lib-server";
+import { OauthBoundService } from "./oauth-bound-service.js";

 /**
- * 系统用户
 */
@Provide()
@Scope(ScopeEnum.Request, {allowDowngrade: true})
@@ -42,6 +42,8 @@ export class LoginService {
  twoFactorService: TwoFactorService;
  @Inject()
  addonService: AddonService;
+  @Inject()
+  oauthBoundService: OauthBoundService;

  checkIsBlocked(username: string) {
    const blockDurationKey = `login_block_duration:${username}`;
@@ -204,6 +206,10 @@ export class LoginService {
   * @param roleIds
   */
  async generateToken(user: UserEntity) {
+    if (user.status === 0) {
+      throw new CommonException('用户已被禁用');
+    }
+
    const roleIds = await this.roleService.getRoleIdsByUserId(user.id);
    const tokenInfo = {
      username: user.username,
@@ -224,4 +230,20 @@ export class LoginService {
      expire,
    };
  }
+
+
+  async loginByOpenId(req: { openId: string, type:string }) {
+    const {openId, type} = req;
+    const oauthBound = await this.oauthBoundService.findOne({
+      where:{openId, type}
+    });
+    if (oauthBound == null) {
+      return null
+    }
+    const info = await this.userService.findOne({id: oauthBound.userId});
+    if (info == null) {
+      throw new CommonException('用户不存在');
+    }
+    return this.generateToken(info);
+  }
 }