lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-23 19:57:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore:

Browse Source
This commit is contained in:
xiaojunnuo
2024-10-10 02:15:05 +08:00
parent b5d8935159
commit f0b2a61246
26 changed files with 262 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts
+1 -1
View File
@@ -20,7 +20,7 @@ export class CnameProviderController extends BaseController {
@Post('/list', { summary: Constants.per.authOnly })
async list(@Body(ALL) body: any) {
body.userId = this.ctx.user.id;
body.userId = this.getUserId();
const res = await this.providerService.find({});
return this.ok(res);
}
packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
+26 -9
View File
@@ -18,50 +18,67 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
@Post('/page', { summary: Constants.per.authOnly })
async page(@Body(ALL) body: any) {
body.query = body.query ?? {};
body.query.userId = this.ctx.user.id;
return await super.page(body);
body.query.userId = this.getUserId();
const domain = body.query.domain;
delete body.query.domain;
const bq = qb => {
if (domain) {
qb.where('domain like :domain', { domain: `%${domain}%` });
}
};
const pageRet = await this.getService().page(body?.query, body?.page, body?.sort, bq);
return this.ok(pageRet);
}
@Post('/list', { summary: Constants.per.authOnly })
async list(@Body(ALL) body: any) {
body.userId = this.ctx.user.id;
body.userId = this.getUserId();
return super.list(body);
}
@Post('/add', { summary: Constants.per.authOnly })
async add(@Body(ALL) bean: any) {
bean.userId = this.ctx.user.id;
bean.userId = this.getUserId();
return super.add(bean);
}
@Post('/update', { summary: Constants.per.authOnly })
async update(@Body(ALL) bean: any) {
await this.service.checkUserId(bean.id, this.ctx.user.id);
await this.service.checkUserId(bean.id, this.getUserId());
return super.update(bean);
}
@Post('/info', { summary: Constants.per.authOnly })
async info(@Query('id') id: number) {
await this.service.checkUserId(id, this.ctx.user.id);
await this.service.checkUserId(id, this.getUserId());
return super.info(id);
}
@Post('/delete', { summary: Constants.per.authOnly })
async delete(@Query('id') id: number) {
await this.service.checkUserId(id, this.ctx.user.id);
await this.service.checkUserId(id, this.getUserId());
return super.delete(id);
}
@Post('/deleteByIds', { summary: Constants.per.authOnly })
async deleteByIds(@Body(ALL) body: any) {
await this.service.delete(body.ids, {
userId: this.getUserId(),
});
return this.ok();
}
@Post('/getByDomain', { summary: Constants.per.authOnly })
async getByDomain(@Body(ALL) body: { domain: string; createOnNotFound: boolean }) {
const userId = this.ctx.user.id;
const userId = this.getUserId();
const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound);
return this.ok(res);
}
@Post('/verify', { summary: Constants.per.authOnly })
async verify(@Body(ALL) body: { id: string }) {
const userId = this.ctx.user.id;
const userId = this.getUserId();
await this.service.checkUserId(body.id, userId);
const res = await this.service.verify(body.id);
return this.ok(res);
packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
+88 -29
View File
@@ -8,9 +8,18 @@ import { CnameProviderService } from '../../sys/cname/service/cname-provider-ser
import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js';
import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert';
import { cache, http, logger, utils } from '@certd/pipeline';
import dns from 'dns';
import { AccessService } from '../../pipeline/service/access-service.js';
import { isDev } from '../../../utils/env.js';
import { walkTxtRecord } from '@certd/acme-client';
type CnameCheckCacheValue = {
validating: boolean;
pass: boolean;
recordReq?: any;
recordRes?: any;
startTime: number;
intervalId?: NodeJS.Timeout;
};
/**
* 授权
*/
@@ -147,56 +156,94 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
if (!bean) {
throw new ValidateException(`CnameRecord:${id} 不存在`);
}
const cacheKey = `cname.record.verify.${bean.id}`;
type CacheValue = {
ready: boolean;
pass: boolean;
};
let value: CacheValue = cache.get(cacheKey);
if (!value) {
value = {
ready: false,
pass: false,
};
if (bean.status === 'valid') {
return true;
}
const originDomain = parseDomain(bean.domain);
const fullDomain = `${bean.hostRecord}.${originDomain}`;
const cacheKey = `cname.record.verify.${bean.id}`;
let value: CnameCheckCacheValue = cache.get(cacheKey);
if (!value) {
value = {
validating: false,
pass: false,
startTime: new Date().getTime(),
};
}
let ttl = 60 * 60 * 15 * 1000;
if (isDev()) {
ttl = 30 * 1000;
}
const recordValue = bean.recordValue.substring(0, bean.recordValue.indexOf('.'));
const buildDnsProvider = async () => {
const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
const context = { access, logger, http, utils };
const dnsProvider: IDnsProvider = await createDnsProvider({
dnsProviderType: cnameProvider.dnsProviderType,
context,
});
return dnsProvider;
};
const checkRecordValue = async () => {
if (value.pass) {
return true;
}
if (value.startTime + ttl < new Date().getTime()) {
logger.warn(`cname验证超时,停止检查,${bean.domain} ${recordValue}`);
clearInterval(value.intervalId);
await this.updateStatus(bean.id, 'cname');
return false;
}
const originDomain = parseDomain(bean.domain);
const fullDomain = `${bean.hostRecord}.${originDomain}`;
logger.info(`检查CNAME配置 ${fullDomain} ${recordValue}`);
const txtRecords = await dns.promises.resolveTxt(fullDomain);
// const txtRecords = await dns.promises.resolveTxt(fullDomain);
// if (txtRecords.length) {
// records = [].concat(...txtRecords);
// }
let records: string[] = [];
if (txtRecords.length) {
records = [].concat(...txtRecords);
try {
records = await walkTxtRecord(fullDomain);
} catch (e) {
logger.error(`获取TXT记录失败,${e.message}`);
}
logger.info(`检查到TXT记录 ${JSON.stringify(records)}`);
const success = records.includes(recordValue);
if (success) {
clearInterval(value.intervalId);
logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${recordValue}`);
await this.updateStatus(bean.id, 'valid');
value.pass = true;
cache.delete(cacheKey);
try {
const dnsProvider = await buildDnsProvider();
await dnsProvider.removeRecord({
recordReq: value.recordReq,
recordRes: value.recordRes,
});
logger.info('删除CNAME的校验DNS记录成功');
} catch (e) {
logger.error(`删除CNAME的校验DNS记录失败, ${e.message}req:${JSON.stringify(value.recordReq)}recordRes:${JSON.stringify(value.recordRes)}`, e);
}
}
return success;
};
if (value.ready) {
if (value.validating) {
// lookup recordValue in dns
return await checkRecordValue();
}
const ttl = 60 * 60 * 30;
cache.set(cacheKey, value, {
ttl: ttl,
});
const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
const context = { access, logger, http, utils };
const dnsProvider: IDnsProvider = await createDnsProvider({
dnsProviderType: cnameProvider.dnsProviderType,
context,
});
const domain = parseDomain(bean.recordValue);
const fullRecord = bean.recordValue;
const hostRecord = fullRecord.replace(`.${domain}`, '');
@@ -207,8 +254,20 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
type: 'TXT',
value: recordValue,
};
await dnsProvider.createRecord(req);
value.ready = true;
const dnsProvider = await buildDnsProvider();
const recordRes = await dnsProvider.createRecord(req);
value.validating = true;
value.recordReq = req;
value.recordRes = recordRes;
await this.updateStatus(bean.id, 'validating');
value.intervalId = setInterval(async () => {
try {
await checkRecordValue();
} catch (e) {
logger.error('检查cname出错:', e);
}
}, 10000);
}
async updateStatus(id: number, status: CnameRecordStatusType) {