npm - @abtnode/blocklet-services - Versions diffs - 1.16.18-beta-adeeb0b3 → 1.16.18-beta-aa01bd8e - Mend

@abtnode/blocklet-services 1.16.18-beta-adeeb0b3 → 1.16.18-beta-aa01bd8e

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (92) hide show

package/api/routes/user.js CHANGED Viewed

@@ -1,5 +1,5 @@
 const { NODE_SERVICES, WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
-const { getApplicationInfo, upsertUserSession } = require('@abtnode/auth/lib/auth');
+const { getApplicationInfo } = require('@abtnode/auth/lib/auth');
 const { fromAppDid } = require('@arcblock/did-ext');
 const { extractUserAvatar } = require('@abtnode/util/lib/user');
 const formatContext = require('@abtnode/util/lib/format-context');
@@ -7,12 +7,15 @@ const createTranslator = require('@abtnode/util/lib/translate');
 const logger = require('@abtnode/logger')('blocklet-services:user');
 const { isFromPublicKey } = require('@arcblock/did');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
+const { fromPublicKey } = require('@ocap/wallet');
+const sortBy = require('lodash/sortBy');
+const head = require('lodash/head');
 const { isInvitedUserOnly, createTokenFn, getDidConnectVersion } = require('../util');
 const initJwt = require('../libs/jwt');
 const { getAvatarByUrl } = require('../libs/auth/utils');
 const { ApiError } = require('../util/error');
-const { loginWalletSchema, loginOAuthSchema } = require('../validators/login');
+const { loginWalletSchema, loginOAuthSchema, loginUserWalletSchema } = require('../validators/login');
 const verifySig = require('../middlewares/verify-sig');
 const { getAvatarByEmail } = require('../libs/auth/utils');
 const ensureBlocklet = require('../middlewares/ensure-blocklet');
@@ -213,7 +216,6 @@ async function loginOAuth(
   if (!validateUser(loginParams.user) || !validateUser(loginParams.user.connectedAccount)) {
     throw new ApiError(400, t('userInfoError', locale));
   }
-  // TODO: @zhanghan 暂不支持统一登录模式登录
   const doc = await node.loginUser(loginParams);
   return doc;
 }
@@ -240,14 +242,14 @@ async function login(req, node, options) {
   const { did: teamDid, wallet: blockletWallet, secret } = await req.getBlockletInfo();
   const blocklet = await req.getBlocklet();
-  let doc;
+  let userDoc;
   if (provider === LOGIN_PROVIDER.WALLET) {
-    doc = await loginWallet(
+    userDoc = await loginWallet(
       { did, pk, avatar, email, fullName },
       { node, req, locale, componentId, teamDid, updateInfo, sourceAppPid }
     );
   } else {
-    doc = await loginOAuth(
+    userDoc = await loginOAuth(
       { provider, id, avatar, email, fullName },
       { node, req, locale, componentId, teamDid, blockletWallet, updateInfo, sourceAppPid }
     );
@@ -259,9 +261,9 @@ async function login(req, node, options) {
   await node.createAuditLog(
     {
       action: 'login',
-      args: { teamDid, userDid: doc.did, passport, provider },
-      context: formatContext(Object.assign(req, { user: doc })),
-      result: doc,
+      args: { teamDid, userDid: userDoc.did, passport, provider },
+      context: formatContext(Object.assign(req, { user: userDoc })),
+      result: userDoc,
     },
     node
   );
@@ -271,35 +273,66 @@ async function login(req, node, options) {
   const createToken = createTokenFn(createSessionToken);
   const sessionConfig = blocklet.settings?.session || {};
   const { sessionToken, refreshToken } = createToken(
-    doc.did,
+    userDoc.did,
     {
       secret,
       passport,
       role: passport.role,
-      fullName: doc.fullName,
+      fullName: userDoc.fullName,
       provider,
       walletOS: 'api',
     },
     { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
   );
-  const userSession = await upsertUserSession(
-    {
-      visitorId,
-      teamDid,
-      userDid: doc.did,
-      appPid: teamDid,
-      status: 'online',
-    },
-    { req, node }
-  );
+  const lastLoginIp = req.headers['x-real-ip'];
+  const ua = req.headers['user-agent'];
+  const userSession = await node.upsertUserSession({
+    visitorId,
+    teamDid,
+    userDid: userDoc.did,
+    appPid: teamDid,
+    status: 'online',
+    ua,
+    lastLoginIp,
+  });
+  node.syncUserSession({
+    teamDid,
+    userDid: userDoc.did,
+    visitorId: userSession.visitorId,
+    passportId: passport?.id,
+    targetAppPid: sourceAppPid,
+    ua,
+    lastLoginIp,
+  });
   return {
-    user: doc,
+    user: userDoc,
     token: sessionToken,
     refreshToken,
     visitorId: userSession?.visitorId || '',
   };
 }
+async function verifyUserSig({ userDid, signature, teamDid, data }, { node }) {
+  const currentUser = await node.getUser({
+    teamDid,
+    user: {
+      did: userDid,
+    },
+    options: {
+      enableConnectedAccount: true,
+    },
+  });
+  if (!currentUser) {
+    throw new Error('user is not exist');
+  }
+  const userWallet = fromPublicKey(currentUser.pk);
+  const valid = userWallet.verify(data, signature);
+  if (!valid) {
+    throw new Error('invalid signature');
+  }
+  return currentUser;
+}
 module.exports = {
   init(server, node, options) {
     async function loginFn(req, res) {
@@ -318,6 +351,111 @@ module.exports = {
     server.post(`${prefix}/login`, verifySig, loginFn);
     server.post(`${prefixApi}/login`, verifySig, loginFn);
+    /**
+     * @description 用于在 native 钱包中完成用户的自动登录
+     * @summary 暂时不允许用户注册，只允许登录
+     */
+    server.post(`${prefixApi}/loginByWallet`, async (req, res) => {
+      const { userDid, signature, walletOS, nonce, visitorId, passportId, sourceAppPid, locale } = req.body;
+      const { error } = loginUserWalletSchema.validate({
+        userDid,
+        signature,
+        walletOS,
+        nonce,
+        visitorId,
+        passportId,
+        sourceAppPid,
+        locale,
+      });
+      if (error) {
+        throw new ApiError(400, error.message);
+      }
+      const { did: teamDid, secret } = await req.getBlockletInfo();
+      const currentUser = await verifyUserSig({ userDid, signature, teamDid, data: nonce }, { node });
+      const { createSessionToken } = initJwt(node, options);
+      const createToken = createTokenFn(createSessionToken);
+      const blocklet = await req.getBlocklet();
+      const sessionConfig = blocklet.settings?.session || {};
+      const passports = currentUser?.passports || [];
+      let passport = null;
+      if (passportId) {
+        passport = passports.find((x) => x.passportId === passportId);
+      }
+      if (!passport) {
+        const now = new Date().getTime();
+        passport = head(
+          sortBy(passports, (x) => {
+            const lastLoginAt = new Date(x.lastLoginAt).getTime();
+            if (typeof lastLoginAt === 'number') {
+              return now - lastLoginAt;
+            }
+            return now;
+          })
+        );
+      }
+      if (!passport) {
+        passport = { name: 'Guest', role: 'guest' };
+      }
+      const lastLoginIp = req.get('x-real-ip');
+      const loginedUser = await node.loginUser({
+        teamDid,
+        user: {
+          did: currentUser.did,
+          pk: currentUser.pk,
+          locale,
+          lastLoginIp,
+          sourceAppPid,
+          connectedAccount: {
+            provider: LOGIN_PROVIDER.WALLET,
+            did: currentUser.did,
+            pk: currentUser.pk,
+          },
+        },
+      });
+      const { sessionToken, refreshToken } = createToken(
+        loginedUser.did,
+        {
+          secret,
+          passport,
+          role: passport?.role || 'guest',
+          fullName: loginedUser.fullName,
+          provider: 'wallet',
+          walletOS,
+        },
+        { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
+      );
+      const ua = req.headers['user-agent'];
+      const userSession = await node.upsertUserSession({
+        visitorId,
+        teamDid,
+        userDid: loginedUser.did,
+        appPid: teamDid,
+        status: 'online',
+        ua,
+        lastLoginIp,
+      });
+      node.syncUserSession({
+        teamDid,
+        userDid,
+        visitorId: userSession.visitorId,
+        passportId,
+        targetAppPid: sourceAppPid,
+        ua,
+        lastLoginIp,
+      });
+      res.json({
+        sessionToken,
+        refreshToken,
+        nonce,
+        visitorId: userSession.visitorId,
+      });
+    });
     server.post(`${prefixApi}/logout`, ensureBlocklet(), async (req, res) => {
       if (req.user) {
         const { blocklet } = req;

package/api/services/auth/connect/invite.js CHANGED Viewed

@@ -6,7 +6,6 @@ const {
   messages,
   checkWalletVersion,
   beforeInvitationRequest,
-  upsertUserSession,
 } = require('@abtnode/auth/lib/auth');
 const { getSourceAppPid } = require('@blocklet/sdk/lib/util/login');
 const { NODE_SERVICES, WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
@@ -98,17 +97,27 @@ module.exports = function createRoutes(node, authenticator, createSessionToken)
         { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
       );
-      const userSessionDoc = await upsertUserSession(
-        {
-          teamDid,
-          visitorId,
-          userDid,
-          appPid: teamDid,
-          passportId: response.data.id,
-          status: 'online',
-        },
-        { req, node, sourceAppPid }
-      );
+      const lastLoginIp = req.headers['x-real-ip'];
+      const ua = req.headers['user-agent'];
+      const userSessionDoc = await node.upsertUserSession({
+        teamDid,
+        visitorId,
+        userDid,
+        appPid: teamDid,
+        passportId: response.data.id,
+        status: 'online',
+        ua,
+        lastLoginIp,
+      });
+      node.syncUserSession({
+        teamDid,
+        userDid,
+        visitorId: userSessionDoc.visitorId,
+        passportId: passport?.id,
+        targetAppPid: sourceAppPid,
+        ua,
+        lastLoginIp,
+      });
       await updateSession(
         {
           sessionToken,

package/api/util/federated.js CHANGED Viewed

@@ -6,18 +6,6 @@ const { signV2 } = require('@arcblock/jwt');
 const { api } = require('../libs/api');
 const { getDidConnectVersion } = require('./index');
-function shouldSyncFederated(sourceAppPid, master, blocklet) {
-  if (sourceAppPid) {
-    return true;
-  }
-  if (master && blocklet && master.appPid === blocklet.appPid) {
-    return true;
-  }
-  return false;
-}
 function getFederatedMaster(blocklet) {
   const { sites } = blocklet?.settings?.federated || {};
   const masterSite = (sites || []).find((item) => isMaster(item));
@@ -114,6 +102,19 @@ async function loginByMember({ blockletInfo, blocklet, request, user, passport }
   return null;
 }
+function shouldSyncFederated(sourceAppPid, blocklet) {
+  if (sourceAppPid) {
+    return true;
+  }
+  const masterSite = getFederatedMaster(blocklet);
+  if (masterSite && blocklet && masterSite.appPid === blocklet.appPid) {
+    return true;
+  }
+  return false;
+}
 module.exports = {
   isMaster,
   shouldSyncFederated,

package/api/validators/login.js CHANGED Viewed

@@ -18,5 +18,17 @@ const loginOAuthSchema = Joi.object({
   fullName: Joi.string().optional(),
 }).empty(null);
+const loginUserWalletSchema = Joi.object({
+  userDid: Joi.DID().trim().required(),
+  signature: Joi.string().required(),
+  walletOS: Joi.string().required(),
+  nonce: Joi.string().required(),
+  visitorId: Joi.string().optional(),
+  passportId: Joi.string().optional(),
+  sourceAppPid: Joi.DID().trim().optional(),
+  locale: Joi.string().optional(),
+}).empty(null);
 exports.loginWalletSchema = loginWalletSchema;
+exports.loginUserWalletSchema = loginUserWalletSchema;
 exports.loginOAuthSchema = loginOAuthSchema;