@abtnode/blocklet-services 1.16.3 → 1.16.4-beta-8682e092
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api/index.js +1 -0
- package/api/libs/auth/utils.js +5 -2
- package/api/libs/connect/session.js +189 -139
- package/api/routes/oauth.js +164 -172
- package/api/services/auth/connect/bind-wallet.js +2 -15
- package/api/services/oauth/index.js +249 -0
- package/api/socket/channel/did.js +13 -1
- package/build/asset-manifest.json +11 -11
- package/build/index.html +1 -1
- package/build/static/css/{344.d2f73ebf.chunk.css → 204.1d1e88ad.chunk.css} +1 -1
- package/build/static/js/204.df50af69.chunk.js +3 -0
- package/build/static/js/343.b31c2008.chunk.js +2 -0
- package/build/static/js/{648.e478fa43.chunk.js → 648.9062f63d.chunk.js} +3 -3
- package/build/static/js/main.49a7bef5.js +3 -0
- package/package.json +33 -32
- package/build/static/js/343.1614c11a.chunk.js +0 -2
- package/build/static/js/344.058d0532.chunk.js +0 -3
- package/build/static/js/main.07407e14.js +0 -3
- /package/build/static/js/{344.058d0532.chunk.js.LICENSE.txt → 204.df50af69.chunk.js.LICENSE.txt} +0 -0
- /package/build/static/js/{648.e478fa43.chunk.js.LICENSE.txt → 648.9062f63d.chunk.js.LICENSE.txt} +0 -0
- /package/build/static/js/{main.07407e14.js.LICENSE.txt → main.49a7bef5.js.LICENSE.txt} +0 -0
package/api/index.js
CHANGED
|
@@ -99,6 +99,7 @@ module.exports = function createServer(node, serverOptions = {}) {
|
|
|
99
99
|
proxy.web(req, res, opts, (error) => {
|
|
100
100
|
if (error) {
|
|
101
101
|
logger.error('http proxy error', { error });
|
|
102
|
+
// TODO 如何同步的方便的拿到 nodeInfo
|
|
102
103
|
res.status(502).send(`Can not proxy to upstream target: ${opts.target}`);
|
|
103
104
|
}
|
|
104
105
|
});
|
package/api/libs/auth/utils.js
CHANGED
|
@@ -27,14 +27,17 @@ async function getAvatarByEmail(email = '') {
|
|
|
27
27
|
const base64Content = Buffer.from(data, 'binary').toString('base64');
|
|
28
28
|
|
|
29
29
|
return `data:image/png;base64,${base64Content}`;
|
|
30
|
-
} catch {
|
|
31
|
-
logger.error(`Fetch gravatar failed: ${email}
|
|
30
|
+
} catch (error) {
|
|
31
|
+
logger.error(`Fetch gravatar failed: ${email}`, { error });
|
|
32
32
|
return null;
|
|
33
33
|
}
|
|
34
34
|
}
|
|
35
35
|
|
|
36
36
|
// FIXME: @zhanghan 转移通行证目前只能颁发新的,会导致用户数据中产生多余的通行证
|
|
37
37
|
async function transferPassport(fromUser, toUser, { req, teamDid, node, nodeInfo }) {
|
|
38
|
+
if (!fromUser || !toUser) {
|
|
39
|
+
return;
|
|
40
|
+
}
|
|
38
41
|
const {
|
|
39
42
|
name: issuerName,
|
|
40
43
|
wallet: issuerWallet,
|
|
@@ -5,7 +5,6 @@ const formatContext = require('@abtnode/util/lib/format-context');
|
|
|
5
5
|
const { extractUserAvatar } = require('@abtnode/util/lib/user-avatar');
|
|
6
6
|
const {
|
|
7
7
|
messages,
|
|
8
|
-
getUser,
|
|
9
8
|
getVCFromClaims,
|
|
10
9
|
validatePassportStatus,
|
|
11
10
|
getPassportStatusEndpoint,
|
|
@@ -19,7 +18,6 @@ const {
|
|
|
19
18
|
VC_TYPE_NODE_PASSPORT,
|
|
20
19
|
WHO_CAN_ACCESS,
|
|
21
20
|
WHO_CAN_ACCESS_PREFIX_ROLES,
|
|
22
|
-
USER_TYPE,
|
|
23
21
|
} = require('@abtnode/constant');
|
|
24
22
|
const {
|
|
25
23
|
validatePassport,
|
|
@@ -32,9 +30,9 @@ const {
|
|
|
32
30
|
upsertToPassports,
|
|
33
31
|
} = require('@abtnode/auth/lib/passport');
|
|
34
32
|
const { getKeyPairClaim, getAuthPrincipalForMigrateAppToV2 } = require('@abtnode/auth/lib/server');
|
|
35
|
-
const sortBy = require('lodash/sortBy');
|
|
36
|
-
const last = require('lodash/last');
|
|
37
33
|
const merge = require('lodash/merge');
|
|
34
|
+
const { types } = require('@arcblock/did');
|
|
35
|
+
const { fromAppDid } = require('@arcblock/did-ext');
|
|
38
36
|
|
|
39
37
|
const { getRolesFromAuthConfig, getBlockletAppIdList } = require('@blocklet/meta/lib/util');
|
|
40
38
|
|
|
@@ -43,6 +41,7 @@ const logger = require('@abtnode/logger')(require('../../../package.json').name)
|
|
|
43
41
|
const { isInvitedUserOnly } = require('../../util');
|
|
44
42
|
const { transferPassport } = require('../auth/utils');
|
|
45
43
|
const { generateTranslate } = require('../translate');
|
|
44
|
+
const { getRawUser, mergeUserData, migrateAccount, normalizeUser } = require('../../services/oauth');
|
|
46
45
|
|
|
47
46
|
const vcTypes = [VC_TYPE_GENERAL_PASSPORT, VC_TYPE_NODE_PASSPORT];
|
|
48
47
|
|
|
@@ -131,7 +130,7 @@ module.exports = {
|
|
|
131
130
|
const { did: teamDid } = await request.getBlockletInfo();
|
|
132
131
|
|
|
133
132
|
const profileFields = get(config, 'profileFields');
|
|
134
|
-
const [invitedUserOnly] = await isInvitedUserOnly(config, node, teamDid);
|
|
133
|
+
const [invitedUserOnly] = config ? await isInvitedUserOnly(config, node, teamDid) : [false];
|
|
135
134
|
const trustedPassports = (blocklet.trustedPassports || []).map((x) => x.issuerDid);
|
|
136
135
|
const trustedIssuers = [...getBlockletAppIdList(blocklet), ...trustedPassports].filter(Boolean);
|
|
137
136
|
|
|
@@ -153,7 +152,14 @@ module.exports = {
|
|
|
153
152
|
claims.verifiableCredential.target = passportId;
|
|
154
153
|
}
|
|
155
154
|
|
|
156
|
-
|
|
155
|
+
let user = await getRawUser(blocklet.meta.did, userDid, {
|
|
156
|
+
getUser: node.getUser,
|
|
157
|
+
getUsers: node.getUsers,
|
|
158
|
+
});
|
|
159
|
+
user = await normalizeUser(teamDid, user, {
|
|
160
|
+
updateUser: node.updateUser,
|
|
161
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
162
|
+
});
|
|
157
163
|
if (user) {
|
|
158
164
|
delete claims.profile;
|
|
159
165
|
}
|
|
@@ -177,11 +183,21 @@ module.exports = {
|
|
|
177
183
|
const { wallet, name, passportColor, did: teamDid } = await request.getBlockletInfo();
|
|
178
184
|
|
|
179
185
|
// Check user approved
|
|
180
|
-
|
|
186
|
+
let user = await getRawUser(teamDid, userDid, {
|
|
187
|
+
getUser: node.getUser,
|
|
188
|
+
getUsers: node.getUsers,
|
|
189
|
+
});
|
|
190
|
+
user = await normalizeUser(teamDid, user, {
|
|
191
|
+
updateUser: node.updateUser,
|
|
192
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
193
|
+
});
|
|
181
194
|
if (user && !user.approved) {
|
|
182
195
|
throw new Error(messages.notAllowed[locale]);
|
|
183
196
|
}
|
|
184
197
|
|
|
198
|
+
const realDid = user?.did || userDid;
|
|
199
|
+
const realPk = user?.pk || userPk;
|
|
200
|
+
|
|
185
201
|
// Get auth config
|
|
186
202
|
const authConfig = (await request.getServiceConfig(NODE_SERVICES.AUTH, { componentId })) || {};
|
|
187
203
|
|
|
@@ -203,7 +219,7 @@ module.exports = {
|
|
|
203
219
|
vc = createPassportVC({
|
|
204
220
|
issuerName: name,
|
|
205
221
|
issuerWallet: wallet,
|
|
206
|
-
ownerDid:
|
|
222
|
+
ownerDid: realDid,
|
|
207
223
|
passport: await createPassport({
|
|
208
224
|
name: defaultRole,
|
|
209
225
|
node,
|
|
@@ -213,7 +229,7 @@ module.exports = {
|
|
|
213
229
|
}),
|
|
214
230
|
endpoint: getPassportStatusEndpoint({
|
|
215
231
|
baseUrl: joinUrl(baseUrl, WELLKNOWN_SERVICE_PATH_PREFIX),
|
|
216
|
-
userDid,
|
|
232
|
+
userDid: realDid,
|
|
217
233
|
teamDid,
|
|
218
234
|
}),
|
|
219
235
|
ownerProfile: profile,
|
|
@@ -234,28 +250,25 @@ module.exports = {
|
|
|
234
250
|
// Recreate passport with correct role
|
|
235
251
|
passport = vc ? createUserPassport(vc, { role }) : null;
|
|
236
252
|
|
|
253
|
+
const currentTime = new Date().toISOString();
|
|
254
|
+
|
|
237
255
|
// Update profile
|
|
238
256
|
const passportForLog = passport || { name: 'Guest', role: 'guest' };
|
|
239
257
|
if (user) {
|
|
240
258
|
// Update user
|
|
241
259
|
const doc = await node.updateUser({
|
|
242
260
|
teamDid,
|
|
243
|
-
user: {
|
|
244
|
-
did: userDid,
|
|
245
|
-
pk: userPk,
|
|
261
|
+
user: mergeUserData(user, {
|
|
246
262
|
locale,
|
|
247
|
-
|
|
248
|
-
user.passports || [],
|
|
249
|
-
passport && { ...passport, lastLoginAt: new Date().toISOString() }
|
|
250
|
-
).filter(Boolean),
|
|
251
|
-
lastLoginAt: new Date().toISOString(),
|
|
263
|
+
lastUsedPassport: passport,
|
|
252
264
|
lastLoginIp: get(request, 'headers[x-real-ip]') || '',
|
|
253
|
-
|
|
265
|
+
connectedAccount: { provider: 'wallet' },
|
|
266
|
+
}),
|
|
254
267
|
});
|
|
255
268
|
await node.createAuditLog(
|
|
256
269
|
{
|
|
257
270
|
action: 'login',
|
|
258
|
-
args: { teamDid, userDid, passport: passportForLog },
|
|
271
|
+
args: { teamDid, userDid: realDid, passport: passportForLog },
|
|
259
272
|
context: formatContext(Object.assign(request, { user: doc })),
|
|
260
273
|
result: doc,
|
|
261
274
|
},
|
|
@@ -272,20 +285,32 @@ module.exports = {
|
|
|
272
285
|
avatar: await extractUserAvatar(get(profile, 'avatar'), {
|
|
273
286
|
dataDir: blocklet.env.dataDir,
|
|
274
287
|
}),
|
|
275
|
-
did:
|
|
276
|
-
pk:
|
|
288
|
+
did: realDid,
|
|
289
|
+
pk: realPk,
|
|
277
290
|
approved: true,
|
|
278
291
|
locale,
|
|
279
292
|
passports: [passport].filter(Boolean),
|
|
280
|
-
firstLoginAt:
|
|
281
|
-
lastLoginAt:
|
|
293
|
+
firstLoginAt: currentTime,
|
|
294
|
+
lastLoginAt: currentTime,
|
|
282
295
|
lastLoginIp: get(request, 'headers[x-real-ip]') || '',
|
|
296
|
+
extraConfigs: {
|
|
297
|
+
sourceProvider: 'wallet',
|
|
298
|
+
connectedAccounts: [
|
|
299
|
+
{
|
|
300
|
+
provider: 'wallet',
|
|
301
|
+
did: realDid,
|
|
302
|
+
pk: realPk,
|
|
303
|
+
firstLoginAt: currentTime,
|
|
304
|
+
lastLoginAt: currentTime,
|
|
305
|
+
},
|
|
306
|
+
],
|
|
307
|
+
},
|
|
283
308
|
},
|
|
284
309
|
});
|
|
285
310
|
await node.createAuditLog(
|
|
286
311
|
{
|
|
287
312
|
action: 'addUser',
|
|
288
|
-
args: { teamDid, userDid, reason: `first login as ${passportForLog.role}` },
|
|
313
|
+
args: { teamDid, userDid: realDid, reason: `first login as ${passportForLog.role}` },
|
|
289
314
|
context: formatContext(Object.assign(request, { user: doc })),
|
|
290
315
|
result: doc,
|
|
291
316
|
},
|
|
@@ -294,8 +319,8 @@ module.exports = {
|
|
|
294
319
|
}
|
|
295
320
|
|
|
296
321
|
// Generate new session token that client can save to localStorage
|
|
297
|
-
const sessionToken = await createSessionToken(
|
|
298
|
-
logger.info('login.success', { userDid, role });
|
|
322
|
+
const sessionToken = await createSessionToken(realDid, { passport, role });
|
|
323
|
+
logger.info('login.success', { userDid: realDid, role });
|
|
299
324
|
|
|
300
325
|
if (
|
|
301
326
|
// if user provides owner passport AND app does not have owner, set this user to owner
|
|
@@ -303,8 +328,8 @@ module.exports = {
|
|
|
303
328
|
// if the user will receive a owner passport AND app does not have owner, set this user to owner
|
|
304
329
|
(issuePassport && defaultRole === ROLES.OWNER && !blocklet.settings?.owner)
|
|
305
330
|
) {
|
|
306
|
-
logger.info('Bind owner for blocklet', { teamDid, userDid });
|
|
307
|
-
await node.setBlockletInitialized({ did: teamDid, owner: { did:
|
|
331
|
+
logger.info('Bind owner for blocklet', { teamDid, userDid: realDid });
|
|
332
|
+
await node.setBlockletInitialized({ did: teamDid, owner: { did: realDid, pk: realPk } });
|
|
308
333
|
}
|
|
309
334
|
|
|
310
335
|
// issue passport for the first login user in a invite-only team
|
|
@@ -315,7 +340,7 @@ module.exports = {
|
|
|
315
340
|
data: vc,
|
|
316
341
|
sessionToken,
|
|
317
342
|
nextWorkflowData: {
|
|
318
|
-
userDid,
|
|
343
|
+
userDid: realDid,
|
|
319
344
|
},
|
|
320
345
|
};
|
|
321
346
|
}
|
|
@@ -323,7 +348,7 @@ module.exports = {
|
|
|
323
348
|
return {
|
|
324
349
|
sessionToken,
|
|
325
350
|
nextWorkflowData: {
|
|
326
|
-
userDid,
|
|
351
|
+
userDid: realDid,
|
|
327
352
|
},
|
|
328
353
|
};
|
|
329
354
|
},
|
|
@@ -341,7 +366,14 @@ module.exports = {
|
|
|
341
366
|
}
|
|
342
367
|
|
|
343
368
|
const { did: teamDid } = await request.getBlockletInfo();
|
|
344
|
-
|
|
369
|
+
let user = await getRawUser(teamDid, userDid, {
|
|
370
|
+
getUser: node.getUser,
|
|
371
|
+
getUsers: node.getUsers,
|
|
372
|
+
});
|
|
373
|
+
user = await normalizeUser(teamDid, user, {
|
|
374
|
+
updateUser: node.updateUser,
|
|
375
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
376
|
+
});
|
|
345
377
|
|
|
346
378
|
if (!user) {
|
|
347
379
|
throw new Error(messages.userNotFound[locale]);
|
|
@@ -363,7 +395,14 @@ module.exports = {
|
|
|
363
395
|
const teamDid = blocklet.meta.did;
|
|
364
396
|
|
|
365
397
|
// check user approved
|
|
366
|
-
|
|
398
|
+
let user = await getRawUser(teamDid, userDid, {
|
|
399
|
+
getUser: node.getUser,
|
|
400
|
+
getUsers: node.getUsers,
|
|
401
|
+
});
|
|
402
|
+
user = await normalizeUser(teamDid, user, {
|
|
403
|
+
updateUser: node.updateUser,
|
|
404
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
405
|
+
});
|
|
367
406
|
if (!user) {
|
|
368
407
|
throw new Error(messages.userNotFound[locale]);
|
|
369
408
|
}
|
|
@@ -403,7 +442,14 @@ module.exports = {
|
|
|
403
442
|
|
|
404
443
|
const { did: teamDid } = await request.getBlockletInfo();
|
|
405
444
|
|
|
406
|
-
|
|
445
|
+
let user = await getRawUser(teamDid, userDid, {
|
|
446
|
+
getUser: node.getUser,
|
|
447
|
+
getUsers: node.getUsers,
|
|
448
|
+
});
|
|
449
|
+
user = await normalizeUser(teamDid, user, {
|
|
450
|
+
updateUser: node.updateUser,
|
|
451
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
452
|
+
});
|
|
407
453
|
|
|
408
454
|
if (!user) {
|
|
409
455
|
throw new Error(messages.userNotFound[locale]);
|
|
@@ -443,7 +489,14 @@ module.exports = {
|
|
|
443
489
|
const { name, did: teamDid } = await request.getBlockletInfo();
|
|
444
490
|
|
|
445
491
|
// Validate user
|
|
446
|
-
|
|
492
|
+
let user = await getRawUser(teamDid, userDid, {
|
|
493
|
+
getUser: node.getUser,
|
|
494
|
+
getUsers: node.getUsers,
|
|
495
|
+
});
|
|
496
|
+
user = await normalizeUser(teamDid, user, {
|
|
497
|
+
updateUser: node.updateUser,
|
|
498
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
499
|
+
});
|
|
447
500
|
if (!user) {
|
|
448
501
|
throw new Error(messages.userNotFound[locale]);
|
|
449
502
|
}
|
|
@@ -513,40 +566,61 @@ module.exports = {
|
|
|
513
566
|
|
|
514
567
|
// 基本流程与 login 一致,但在创建更新用户信息的逻辑不一样
|
|
515
568
|
bindWallet: {
|
|
516
|
-
onConnect: async ({ node, request, userDid, locale, passportId = '', componentId
|
|
569
|
+
onConnect: async ({ node, request, userDid, locale, passportId = '', componentId }) => {
|
|
517
570
|
const translations = {
|
|
518
571
|
en: {
|
|
519
572
|
notFound: "Can't get bind account infomation",
|
|
520
|
-
|
|
521
|
-
|
|
522
|
-
|
|
573
|
+
alreadyBindOAuth: 'already bind with another account',
|
|
574
|
+
alreadyBindWallet: 'Current account is already bind a wallet account',
|
|
575
|
+
alreadyMainAccount: 'Current account is already a main account',
|
|
523
576
|
},
|
|
524
577
|
zh: {
|
|
525
578
|
notFound: '获取绑定账户信息失败',
|
|
526
|
-
|
|
527
|
-
|
|
528
|
-
|
|
579
|
+
alreadyBindOAuth: '已绑定 OAuth 账户',
|
|
580
|
+
alreadyBindWallet: '该账户已绑定 Wallet 账户',
|
|
581
|
+
alreadyMainAccount: '已给该账户分配一个主账户',
|
|
529
582
|
},
|
|
530
583
|
};
|
|
531
584
|
const t = generateTranslate({ translations });
|
|
532
|
-
const blocklet = await request.getBlocklet();
|
|
533
|
-
const config = await request.getServiceConfig(NODE_SERVICES.AUTH, { componentId });
|
|
534
585
|
const { did: teamDid } = await request.getBlockletInfo();
|
|
535
|
-
|
|
536
|
-
const
|
|
586
|
+
|
|
587
|
+
const walletUser = await node.getUser({ teamDid, user: { did: userDid } });
|
|
588
|
+
if (walletUser) {
|
|
589
|
+
throw new Error(t('alreadyMainAccount', locale));
|
|
590
|
+
}
|
|
591
|
+
|
|
592
|
+
const config = await request.getServiceConfig(NODE_SERVICES.AUTH, { componentId });
|
|
593
|
+
let oauthUser = await getRawUser(teamDid, request.user.did, {
|
|
594
|
+
getUser: node.getUser,
|
|
595
|
+
getUsers: node.getUsers,
|
|
596
|
+
});
|
|
597
|
+
oauthUser = await normalizeUser(teamDid, oauthUser, {
|
|
598
|
+
updateUser: node.updateUser,
|
|
599
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
600
|
+
});
|
|
537
601
|
|
|
538
602
|
if (!oauthUser) {
|
|
539
|
-
throw new Error(t('notFound'));
|
|
603
|
+
throw new Error(t('notFound', locale));
|
|
540
604
|
}
|
|
541
|
-
|
|
542
|
-
|
|
605
|
+
const oauthConnectedAccounts = oauthUser.extraConfigs?.connectedAccounts || [];
|
|
606
|
+
const sourceProvider = oauthUser.extraConfigs?.sourceProvider || 'wallet';
|
|
607
|
+
if (oauthConnectedAccounts.find((item) => item.provider === 'wallet')) {
|
|
608
|
+
throw new Error(t('alreadyBindWallet', locale));
|
|
543
609
|
}
|
|
610
|
+
|
|
611
|
+
let bindUser = await getRawUser(teamDid, userDid, {
|
|
612
|
+
getUser: node.getUser,
|
|
613
|
+
getUsers: node.getUsers,
|
|
614
|
+
});
|
|
615
|
+
bindUser = await normalizeUser(teamDid, bindUser, {
|
|
616
|
+
updateUser: node.updateUser,
|
|
617
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
618
|
+
});
|
|
619
|
+
|
|
544
620
|
if (bindUser) {
|
|
545
|
-
|
|
546
|
-
|
|
547
|
-
|
|
548
|
-
if (bindUser.extraConfigs?.derivedAccount) {
|
|
549
|
-
throw new Error(t('alreadyBind'));
|
|
621
|
+
const bindConnectedAccounts = bindUser.extraConfigs?.connectedAccounts || [];
|
|
622
|
+
if (bindConnectedAccounts.find((item) => item.provider === sourceProvider)) {
|
|
623
|
+
throw new Error(`${oauthUser.email} ${t('alreadyBindOAuth', locale)}`);
|
|
550
624
|
}
|
|
551
625
|
}
|
|
552
626
|
|
|
@@ -570,13 +644,21 @@ module.exports = {
|
|
|
570
644
|
|
|
571
645
|
return claims;
|
|
572
646
|
},
|
|
573
|
-
onApprove: async ({ node, request, locale, userDid, userPk, claims
|
|
574
|
-
const
|
|
647
|
+
onApprove: async ({ node, request, locale, userDid, userPk, claims }) => {
|
|
648
|
+
const blocklet = await request.getBlocklet();
|
|
649
|
+
const { did: teamDid, wallet: blockletWallet } = await request.getBlockletInfo();
|
|
575
650
|
|
|
576
|
-
const oauthUser = await getUser(
|
|
651
|
+
const oauthUser = await node.getUser({ teamDid, user: { did: request.user.did } });
|
|
577
652
|
const nodeInfo = await request.getNodeInfo();
|
|
578
653
|
// Check user approved
|
|
579
|
-
let bindUser = await
|
|
654
|
+
let bindUser = await getRawUser(teamDid, userDid, {
|
|
655
|
+
getUser: node.getUser,
|
|
656
|
+
getUsers: node.getUsers,
|
|
657
|
+
});
|
|
658
|
+
bindUser = await normalizeUser(teamDid, bindUser, {
|
|
659
|
+
updateUser: node.updateUser,
|
|
660
|
+
getBlockletInfo: request.getBlockletInfo,
|
|
661
|
+
});
|
|
580
662
|
if (bindUser && !bindUser.approved) {
|
|
581
663
|
throw new Error(messages.notAllowed[locale]);
|
|
582
664
|
}
|
|
@@ -593,104 +675,72 @@ module.exports = {
|
|
|
593
675
|
|
|
594
676
|
// TODO: 获取当前登录使用的 passport(无法获取到 passport.id)
|
|
595
677
|
// 使用最近一次使用的 passport 来代替
|
|
596
|
-
const
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
fullName: bindUser.fullName,
|
|
606
|
-
avatar: bindUser.avatar,
|
|
607
|
-
});
|
|
678
|
+
const mergePassport = (oauthUser.passports || []).reduce((sum, cur) => {
|
|
679
|
+
return upsertToPassports(sum, cur);
|
|
680
|
+
}, bindUser?.passports || []);
|
|
681
|
+
const mergeProfile = merge(profile, {
|
|
682
|
+
email: bindUser?.email,
|
|
683
|
+
fullName: bindUser?.fullName,
|
|
684
|
+
avatar: bindUser?.avatar,
|
|
685
|
+
});
|
|
686
|
+
const currentTime = new Date().toISOString();
|
|
608
687
|
|
|
609
|
-
|
|
610
|
-
|
|
611
|
-
|
|
612
|
-
|
|
688
|
+
await node.updateUser({
|
|
689
|
+
teamDid,
|
|
690
|
+
user: mergeUserData(
|
|
691
|
+
{
|
|
613
692
|
...mergeProfile,
|
|
614
|
-
|
|
615
|
-
|
|
616
|
-
derivedAccount: {
|
|
617
|
-
provider: oauthUser.extraConfigs?.sourceProvider,
|
|
618
|
-
did: oauthUser.did,
|
|
619
|
-
pk: oauthUser.pk,
|
|
620
|
-
},
|
|
621
|
-
connectedAccounts: [
|
|
622
|
-
{
|
|
623
|
-
provider: oauthUser.extraConfigs?.sourceProvider,
|
|
624
|
-
id: oauthUser.extraConfigs?.sourceId,
|
|
625
|
-
lastLoginAt: oauthUser.lastLoginAt,
|
|
626
|
-
},
|
|
627
|
-
],
|
|
628
|
-
},
|
|
629
|
-
source: USER_TYPE.WALLET,
|
|
630
|
-
did: userDid,
|
|
631
|
-
pk: userPk,
|
|
632
|
-
locale,
|
|
693
|
+
did: oauthUser.did,
|
|
694
|
+
pk: oauthUser.pk,
|
|
633
695
|
passports: mergePassport,
|
|
634
|
-
|
|
635
|
-
lastLoginIp: get(request, 'headers[x-real-ip]') || '',
|
|
696
|
+
extraConfigs: oauthUser.extraConfigs,
|
|
636
697
|
},
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
698
|
+
{
|
|
699
|
+
locale,
|
|
700
|
+
lastLoginIp: get(request, 'headers[x-real-ip]') || '',
|
|
701
|
+
connectedAccount: {
|
|
702
|
+
provider: 'wallet',
|
|
703
|
+
did: userDid,
|
|
704
|
+
pk: userPk,
|
|
705
|
+
lastLoginAt: currentTime,
|
|
706
|
+
firstLoginAt: currentTime,
|
|
707
|
+
},
|
|
708
|
+
}
|
|
709
|
+
),
|
|
710
|
+
});
|
|
711
|
+
|
|
712
|
+
if (bindUser) {
|
|
713
|
+
// 更新 bind 用户记录的绑定信息
|
|
714
|
+
await node.updateUser({
|
|
641
715
|
teamDid,
|
|
642
716
|
user: {
|
|
643
|
-
|
|
644
|
-
|
|
717
|
+
did: bindUser.did,
|
|
718
|
+
pk: bindUser.pk,
|
|
645
719
|
extraConfigs: {
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
did: oauthUser.did,
|
|
649
|
-
pk: oauthUser.pk,
|
|
650
|
-
},
|
|
651
|
-
connectedAccounts: [
|
|
652
|
-
{
|
|
653
|
-
provider: oauthUser.extraConfigs?.sourceProvider,
|
|
654
|
-
id: oauthUser.extraConfigs?.sourceId,
|
|
655
|
-
lastLoginAt: oauthUser.lastLoginAt,
|
|
656
|
-
},
|
|
657
|
-
],
|
|
720
|
+
...(bindUser.extraConfigs || {}),
|
|
721
|
+
bindDid: userDid,
|
|
658
722
|
},
|
|
659
|
-
avatar,
|
|
660
|
-
did: userDid,
|
|
661
|
-
pk: userPk,
|
|
662
|
-
approved: true,
|
|
663
|
-
locale,
|
|
664
|
-
passports: oauthUser.passports,
|
|
665
|
-
firstLoginAt: new Date().toISOString(),
|
|
666
|
-
lastLoginAt: new Date().toISOString(),
|
|
667
|
-
lastLoginIp: get(request, 'headers[x-real-ip]') || '',
|
|
668
723
|
},
|
|
669
724
|
});
|
|
670
|
-
|
|
671
|
-
|
|
725
|
+
} else {
|
|
726
|
+
bindUser = {
|
|
727
|
+
...oauthUser,
|
|
728
|
+
// 发送 passport 的对象要设置为 wallet-did
|
|
729
|
+
did: userDid,
|
|
730
|
+
pk: userPk,
|
|
731
|
+
};
|
|
672
732
|
}
|
|
673
|
-
// 更新 oauth 用户记录的绑定信息
|
|
674
|
-
await node.updateUser({
|
|
675
|
-
teamDid,
|
|
676
|
-
user: {
|
|
677
|
-
did: oauthUser.did,
|
|
678
|
-
pk: oauthUser.pk,
|
|
679
|
-
extraConfigs: {
|
|
680
|
-
...(oauthUser.extraConfigs || {}),
|
|
681
|
-
bindDid: userDid,
|
|
682
|
-
},
|
|
683
|
-
},
|
|
684
|
-
});
|
|
685
733
|
|
|
686
734
|
await transferPassport(oauthUser, bindUser, { req: request, node, nodeInfo, teamDid });
|
|
687
735
|
|
|
688
|
-
|
|
689
|
-
const
|
|
690
|
-
|
|
736
|
+
const connectedAccounts = oauthUser?.extraConfigs?.connectedAccounts || [];
|
|
737
|
+
const sourceProvider = oauthUser?.extraConfigs?.sourceProvider;
|
|
738
|
+
const oauthAccount = connectedAccounts.find((item) => item.provider === sourceProvider);
|
|
739
|
+
const userWallet = fromAppDid(oauthAccount.id, blockletWallet.secretKey, types.RoleType.ROLE_ACCOUNT);
|
|
740
|
+
await migrateAccount({ wallet: userWallet, blocklet, user: bindUser });
|
|
741
|
+
// logger.info('bindWallet.success', { userDid, role: passport.role });
|
|
691
742
|
|
|
692
743
|
return {
|
|
693
|
-
sessionToken,
|
|
694
744
|
nextWorkflowData: {
|
|
695
745
|
userDid,
|
|
696
746
|
},
|