npm - @abtnode/blocklet-services - Versions diffs - 1.16.34-beta-20241204-140321-4d75ca21 → 1.16.34-beta-20241206-124652-493dbc39 - Mend

@abtnode/blocklet-services 1.16.34-beta-20241204-140321-4d75ca21 → 1.16.34-beta-20241206-124652-493dbc39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (303) hide show

package/api/routes/oauth.js CHANGED Viewed

@@ -37,6 +37,7 @@ const { sendToUser } = require('../libs/notification');
 const { checkInvitedUserOnly, createTokenFn, getDidConnectVersion, redirectWithoutCache } = require('../util');
 const federatedUtil = require('../util/federated');
 const { isOAuthEmailVerified, isEmailUniqueRequired, isEmailKycRequired, isSameEmail } = require('../libs/kyc');
+const checkUser = require('../middlewares/check-user');
 const PREFIX = WELLKNOWN_SERVICE_PATH_PREFIX;
@@ -179,10 +180,7 @@ function getAuthClient(blocklet, provider, { legacy = false, appPid } = {}) {
 async function login(req, node, options) {
   const blocklet = await req.getBlocklet();
   const { locale = 'en', provider, inviter = null, sourceAppPid = null } = req.body;
-  let visitorId = req.body?.visitorId;
-  if (!visitorId) {
-    visitorId = req.get('x-blocklet-visitor-id');
-  }
+  const visitorId = req.get('x-blocklet-visitor-id');
   if (!blocklet.settings?.owner) {
     throw new CustomError(400, t('oauthCantBeOwner', locale));
   }
@@ -311,7 +309,7 @@ async function login(req, node, options) {
     appPid: teamDid,
     passportId: passport?.id,
     status: 'online',
-    ua,
+    ua: null,
     lastLoginIp,
     extra: {
       walletOS: 'web',
@@ -393,10 +391,7 @@ async function login(req, node, options) {
 async function invite(req, node, options) {
   const { locale, inviteId, baseUrl, provider = LOGIN_PROVIDER.AUTH0, sourceAppPid = null } = req.body;
-  let visitorId = req.body?.visitorId;
-  if (!visitorId) {
-    visitorId = req.get('x-blocklet-visitor-id');
-  }
+  const visitorId = req.get('x-blocklet-visitor-id');
   const blocklet = await req.getBlocklet();
   const { did: teamDid, secret } = await req.getBlockletInfo();
@@ -540,7 +535,7 @@ async function invite(req, node, options) {
     appPid: teamDid,
     passportId: passport.id,
     status: 'online',
-    ua,
+    ua: null,
     lastLoginIp,
     extra: {
       walletOS: 'web',
@@ -774,18 +769,13 @@ async function unbind(req, node) {
 module.exports = {
   init(server, node, options) {
-    async function configsFn(req, res) {
+    server.get(`${prefixApi}/configs`, async (req, res) => {
       const blocklet = await req.getBlocklet();
       const oauthConfig = blocklet?.settings?.oauth || {};
       res.send(oauthConfig);
-    }
-    server.get(`${prefix}/configs`, configsFn);
-    server.get(`${prefixApi}/configs`, configsFn);
+    });
-    async function passportsFn(req, res) {
-      if (!req.user) {
-        res.status(401).send('Unauthorized');
-      }
+    server.get(`${prefixApi}/passports`, checkUser, async (req, res) => {
       const userDid = req.user.did;
       const blockletInfo = await req.getBlockletInfo();
       const nodeInfo = await req.getNodeInfo();
@@ -836,11 +826,9 @@ module.exports = {
         };
       });
       res.send(passportTypes);
-    }
-    server.get(`${prefix}/passports`, passportsFn);
-    server.get(`${prefixApi}/passports`, passportsFn);
+    });
-    async function bindFn(req, res) {
+    server.post(`${prefixApi}/bind`, checkUser, async (req, res) => {
       try {
         await bind(req, node, options);
         res.status(200).json({});
@@ -852,12 +840,9 @@ module.exports = {
         }
         throw err;
       }
-    }
-    server.post(`${prefix}/bind`, bindFn);
-    server.post(`${prefixApi}/bind`, bindFn);
+    });
-    async function unbindFn(req, res) {
+    server.post(`${prefixApi}/unbind`, checkUser, async (req, res) => {
       try {
         await unbind(req, node, options);
         res.status(200).json({});
@@ -869,11 +854,9 @@ module.exports = {
         }
         throw err;
       }
-    }
-    server.post(`${prefixApi}/unbind`, unbindFn);
+    });
-    async function switchFn(req, res) {
+    server.post(`${prefixApi}/switch`, checkUser, async (req, res) => {
       const { did: userDid, provider } = req.user;
       const { passportId } = req.body;
       const blocklet = await req.getBlocklet();
@@ -917,38 +900,38 @@ module.exports = {
       }
       res.status(200).json({ sessionToken, refreshToken });
-    }
-    server.post(`${prefix}/switch`, switchFn);
-    server.post(`${prefixApi}/switch`, switchFn);
+    });
     /**
      * oauth 方式登录
      * 1. 普通配置下，登录/注册是同样的流程，登录过程中会自动注册账号
      * 2. 仅邀请可登录模式下，只允许登录，不允许注册
      */
-    async function loginFn(req, res) {
+    server.post(`${prefixApi}/login`, async (req, res) => {
       const { action = 'login' } = req.body;
       const actionMap = {
         login,
         invite,
       };
+      if (actionMap[action]) {
+        logger.error('Failed to login oauth', { error: 'action not exist', action });
+        throw new Error(`action not exist: ${action}`);
+      }
       try {
         const result = await actionMap[action](req, node, options);
         res.send(result);
       } catch (err) {
-        logger.error('Failed login oauth', { error: err });
+        logger.error('Failed login oauth', { error: err, action });
         if (err instanceof CustomError) {
           res.status(err.code).send(err.message);
           return;
         }
         throw err;
       }
-    }
-    server.post(`${prefix}/login`, loginFn);
-    server.post(`${prefixApi}/login`, loginFn);
+    });
-    async function getUserFn(req, res) {
+    server.post(`${prefixApi}/getUser`, async (req, res) => {
       const { provider, token, idToken, code, appPid } = req.body;
       const blocklet = await req.getBlocklet();
       const oauthInfo = await getOAuthUserInfo({ blocklet, provider, token, idToken, code, appPid });
@@ -959,24 +942,24 @@ module.exports = {
         info: oauthInfo,
         wallet: pick(userWallet, ['type', 'publicKey', 'address']),
       });
-    }
-    server.post(`${prefix}/getUser`, getUserFn);
-    server.post(`${prefixApi}/getUser`, getUserFn);
+    });
-    const checkReferrer = async (req, res, next) => {
-      const blocklet = await req.getBlocklet();
-      const trustedDomains = await federatedUtil.getTrustedDomains({ node, req, blocklet });
-      const referrer = req.get('referrer');
-      const referrerHost = new URL(referrer).host;
+    const checkReferrerMiddleware = () => {
+      return async (req, res, next) => {
+        const blocklet = await req.getBlocklet();
+        const trustedDomains = await federatedUtil.getTrustedDomains({ node, req, blocklet });
+        const referrer = req.get('referrer');
+        const referrerHost = new URL(referrer).host;
-      if (!trustedDomains.includes(referrerHost)) {
-        res.status(400).send(`Invalid host: ${referrerHost}`);
-        return;
-      }
-      next();
+        if (!trustedDomains.includes(referrerHost)) {
+          res.status(400).send(`Invalid host: ${referrerHost}`);
+          return;
+        }
+        next();
+      };
     };
-    server.get(`${prefix}/login/:provider`, checkReferrer, async (req, res) => {
+    server.get(`${prefix}/login/:provider`, checkReferrerMiddleware(), async (req, res) => {
       const { provider } = req.params;
       const blocklet = await req.getBlocklet();
       const availableProviderList = Object.keys(blocklet.settings?.oauth).filter(