npm - @abtnode/blocklet-services - Versions diffs - 1.16.52-beta-20250918-114058-f5efc10b → 1.16.52-beta-20250924-093428-bd3f0d8c - Mend

@abtnode/blocklet-services 1.16.52-beta-20250918-114058-f5efc10b → 1.16.52-beta-20250924-093428-bd3f0d8c

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/api/index.js +1 -1
package/api/middlewares/launcher-login.js +104 -89
package/api/routes/user.js +31 -0
package/package.json +23 -23

package/api/index.js CHANGED Viewed

@@ -88,7 +88,7 @@ const createOpenComponentRoutes = require('./routes/opencomponent');
 const createOpenEmbedRoutes = require('./routes/openembed');
 const createAccessKeyRoutes = require('./routes/access-key');
 const checkRunning = require('./middlewares/check-running');
-const launcherLogin = require('./middlewares/launcher-login');
+const { launcherLogin } = require('./middlewares/launcher-login');
 const { checkMemberPermission, checkGuestPermission } = require('./middlewares/check-permission');
 const ensureBlocklet = require('./middlewares/ensure-blocklet');
 const proxyToDaemon = require('./middlewares/proxy-to-daemon');

package/api/middlewares/launcher-login.js CHANGED Viewed

@@ -9,6 +9,94 @@ const { createTokenFn } = require('../util');
 const initJwt = require('../libs/jwt');
 const logger = require('../libs/logger')('blocklet-services:launcher-login');
+const doLauncherLogin = async (req, token, blocklet, node, options) => {
+  const decoded = JWT.decode(token);
+  const info = await req.getNodeInfo();
+  const isSameLauncher = isSameDid(decoded.iss, info.registerInfo?.appId);
+  const isSameOwner = isSameDid(decoded.oid, blocklet.settings?.owner?.did);
+  const isSameLauncherSessionId = decoded.lid === blocklet.controller.launcherSessionId;
+  const isSameBlocklet = [blocklet.appDid, blocklet.appPid].includes(decoded.aid);
+  logger.debug('Launcher login check', {
+    isSameLauncher,
+    isSameOwner,
+    isSameLauncherSessionId,
+    isSameBlocklet,
+    decoded,
+    owner: blocklet.settings?.owner,
+    launcher: info.registerInfo,
+    controller: blocklet.controller,
+    appDids: [blocklet.appDid, blocklet.appPid],
+  });
+  if (isSameLauncher && isSameOwner && isSameLauncherSessionId && isSameBlocklet) {
+    const verified = await JWT.verify(token, info.registerInfo?.appPk);
+    if (verified) {
+      const user = await node.getUser({
+        teamDid: blocklet.appPid,
+        user: { did: decoded.oid },
+        options: { enableConnectedAccount: true },
+      });
+      if (user?.approved) {
+        const { secret } = await req.getBlockletInfo();
+        const { createSessionToken } = initJwt(node, options);
+        const createToken = createTokenFn(createSessionToken);
+        const { sessionToken, refreshToken } = createToken(
+          user.did,
+          {
+            secret,
+            role: 'owner',
+            fullName: user.fullName,
+            provider: user.sourceProvider,
+            walletOS: user.walletOS,
+            emailVerified: !!user?.emailVerified,
+            phoneVerified: !!user?.phoneVerified,
+            elevated: true,
+          },
+          blocklet.settings?.session || {}
+        );
+        const visitorId = decoded.vid || req.cookies?.vid || generateId();
+        logger.info('done auto login for launcher user', {
+          appPid: blocklet.appPid,
+          userDid: user.did,
+          visitorId,
+        });
+        await node.upsertUserSession({
+          teamDid: blocklet.appPid,
+          userDid: user.did,
+          visitorId,
+          appPid: blocklet.appPid,
+          passportId: null,
+          status: 'online',
+          ua: req.get('user-agent'),
+          lastLoginIp: getRequestIP(req),
+          extra: {
+            walletOS: user.walletOS,
+            device: getDeviceData({ req }),
+          },
+          locale: req.blockletLocale,
+          origin: await getOrigin({ req }),
+        });
+        return {
+          sessionToken,
+          refreshToken,
+          visitorId,
+        };
+      }
+      logger.warn('Launcher login failed, user is revoked', { userDid: user?.did });
+    } else {
+      logger.warn('Launcher login failed, token is invalid', { token, verified });
+    }
+  }
+  return null;
+};
 // auto login from authenticated launcher users: will skip if user is already logged in
 const launcherLogin = (node, options) => async (req, res, next) => {
   if (!req.query.__lt) {
@@ -27,94 +115,18 @@ const launcherLogin = (node, options) => async (req, res, next) => {
   try {
     const token = req.query.__lt;
-    const decoded = JWT.decode(token);
-    const info = await req.getNodeInfo();
-    const isSameLauncher = isSameDid(decoded.iss, info.registerInfo?.appId);
-    const isSameOwner = isSameDid(decoded.oid, blocklet.settings?.owner?.did);
-    const isSameLauncherSessionId = decoded.lid === blocklet.controller.launcherSessionId;
-    const isSameBlocklet = [blocklet.appDid, blocklet.appPid].includes(decoded.aid);
-    logger.debug('Launcher login check', {
-      isSameLauncher,
-      isSameOwner,
-      isSameLauncherSessionId,
-      isSameBlocklet,
-      decoded,
-      owner: blocklet.settings?.owner,
-      launcher: info.registerInfo,
-      controller: blocklet.controller,
-      appDids: [blocklet.appDid, blocklet.appPid],
-    });
-    if (isSameLauncher && isSameOwner && isSameLauncherSessionId && isSameBlocklet) {
-      const verified = await JWT.verify(token, info.registerInfo?.appPk);
-      if (verified) {
-        const user = await node.getUser({
-          teamDid: blocklet.appPid,
-          user: { did: decoded.oid },
-          options: { enableConnectedAccount: true },
-        });
-        if (user?.approved) {
-          const { secret } = await req.getBlockletInfo();
-          const { createSessionToken } = initJwt(node, options);
-          const createToken = createTokenFn(createSessionToken);
-          const result = createToken(
-            user.did,
-            {
-              secret,
-              role: 'owner',
-              fullName: user.fullName,
-              provider: user.sourceProvider,
-              walletOS: user.walletOS,
-              emailVerified: !!user?.emailVerified,
-              phoneVerified: !!user?.phoneVerified,
-              elevated: true,
-            },
-            blocklet.settings?.session || {}
-          );
-          const visitorId = decoded.vid || req.cookies?.vid || generateId();
-          logger.info('done auto login for launcher user', {
-            appPid: blocklet.appPid,
-            userDid: user.did,
-            visitorId,
-          });
-          await node.upsertUserSession({
-            teamDid: blocklet.appPid,
-            userDid: user.did,
-            visitorId,
-            appPid: blocklet.appPid,
-            passportId: null,
-            status: 'online',
-            ua: req.get('user-agent'),
-            lastLoginIp: getRequestIP(req),
-            extra: {
-              walletOS: user.walletOS,
-              device: getDeviceData({ req }),
-            },
-            locale: req.blockletLocale,
-            origin: await getOrigin({ req }),
-          });
-          res.cookie('login_token', result.sessionToken, {
-            maxAge: 24 * 60 * 60 * 1000,
-            secure: true,
-            sameSite: 'lax',
-          });
-          res.cookie('vid', visitorId, {
-            maxAge: 365 * 24 * 60 * 60 * 1000,
-            secure: true,
-            sameSite: 'lax',
-          });
-        } else {
-          logger.warn('Launcher login failed, user is revoked', { userDid: user?.did });
-        }
-      } else {
-        logger.warn('Launcher login failed, token is invalid', { token, verified });
-      }
+    const result = await doLauncherLogin(req, token, blocklet, node, options);
+    if (result) {
+      res.cookie('login_token', result.sessionToken, {
+        maxAge: 24 * 60 * 60 * 1000,
+        secure: true,
+        sameSite: 'lax',
+      });
+      res.cookie('vid', result.visitorId, {
+        maxAge: 365 * 24 * 60 * 60 * 1000,
+        secure: true,
+        sameSite: 'lax',
+      });
     }
   } catch (err) {
     logger.error('Failed to attach launcher token', { error: err });
@@ -123,4 +135,7 @@ const launcherLogin = (node, options) => async (req, res, next) => {
   return next();
 };
-module.exports = launcherLogin;
+module.exports = {
+  launcherLogin,
+  doLauncherLogin,
+};

package/api/routes/user.js CHANGED Viewed

@@ -51,6 +51,7 @@ const { sendToUser } = require('../libs/notification');
 const { createEmailLimiter } = require('../services/kyc');
 const cache = require('../cache');
 const { ensureUserExists, ensureUserEnabled, t } = require('../util/check-user');
+const { doLauncherLogin } = require('../middlewares/launcher-login');
 const validateUser = (user) => {
   try {
@@ -870,6 +871,36 @@ module.exports = {
       });
     });
+    // Used by ArcSphere to login by launcher token
+    server.post(`${prefixApi}/loginByLauncher`, async (req, res) => {
+      const { token } = req.body;
+      if (!token) {
+        throw new CustomError(400, 'Launcher token is required');
+      }
+      const blocklet = await req.getBlocklet();
+      if (!blocklet.controller) {
+        logger.debug('Launcher login is not supported for this blocklet', { blockletDid: blocklet.appDid });
+        throw new CustomError(400, 'Launcher login is not supported for this blocklet');
+      }
+      try {
+        const result = await doLauncherLogin(req, token, blocklet, node, options);
+        if (result) {
+          res.json({
+            sessionToken: result.sessionToken,
+            refreshToken: result.refreshToken,
+            visitorId: result.visitorId,
+          });
+        } else {
+          throw new CustomError(400, 'Failed to login by launcher: not matched');
+        }
+      } catch (err) {
+        logger.error('Failed to login by launcher', { error: err });
+        throw new CustomError(500, 'Failed to login by launcher: internal error');
+      }
+    });
     server.post(`${prefixApi}/checkUser`, async (req, res) => {
       const { users = [], sourceAppPid } = req.body;
       const { error } = checkUserSchema.validate({

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.52-beta-20250918-114058-f5efc10b",
+  "version": "1.16.52-beta-20250924-093428-bd3f0d8c",
   "description": "Provide unified services for every blocklet",
   "main": "api/index.js",
   "files": [
@@ -34,17 +34,17 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/auth": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/connect-storage": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/constant": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/core": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/cron": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/db-cache": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/logger": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/models": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/router-templates": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@abtnode/util": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@abtnode/analytics": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/auth": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/connect-storage": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/constant": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/core": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/cron": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/db-cache": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/logger": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/models": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/router-templates": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/util": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@arcblock/did": "1.24.0",
     "@arcblock/did-connect-js": "1.24.0",
     "@arcblock/did-ext": "1.24.0",
@@ -54,18 +54,18 @@
     "@arcblock/jwt": "1.24.0",
     "@arcblock/validator": "1.24.0",
     "@arcblock/ws": "1.24.0",
-    "@blocklet/constant": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@blocklet/constant": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/dbhub": "^0.2.9",
-    "@blocklet/env": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@blocklet/env": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/error": "^0.2.5",
     "@blocklet/form-builder": "^0.1.12",
     "@blocklet/form-collector": "^0.1.8",
-    "@blocklet/images": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@blocklet/js-sdk": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@blocklet/meta": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@blocklet/rate-limit": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@blocklet/sdk": "1.16.52-beta-20250918-114058-f5efc10b",
-    "@blocklet/server-js": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@blocklet/images": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/js-sdk": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/meta": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/rate-limit": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/sdk": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/server-js": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/theme": "^3.1.41",
     "@blocklet/theme-builder": "0.4.6",
     "@blocklet/uploader-server": "^0.2.11",
@@ -125,7 +125,7 @@
     "whatwg-url": "14.0.0"
   },
   "devDependencies": {
-    "@abtnode/ux": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@abtnode/ux": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@arcblock/bridge": "^3.1.41",
     "@arcblock/did-connect-react": "^3.1.41",
     "@arcblock/icons": "^3.1.41",
@@ -135,7 +135,7 @@
     "@blocklet/did-space-react": "^1.1.24",
     "@blocklet/launcher-layout": "^3.1.41",
     "@blocklet/payment-react": "^1.20.11",
-    "@blocklet/tracker": "1.16.52-beta-20250918-114058-f5efc10b",
+    "@blocklet/tracker": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/ui-react": "^3.1.41",
     "@blocklet/uploader": "^0.2.11",
     "@emotion/react": "^11.14.0",
@@ -215,5 +215,5 @@
     "url": "https://github.com/ArcBlock/blocklet-server/issues",
     "email": "shijun@arcblock.io"
   },
-  "gitHead": "0ca3d74cc1b1c5e0f1b1ab8322c38db67d674392"
+  "gitHead": "208aa87c8e036c9ff5d40e7f6d7a5e24bcc57833"
 }