@abtnode/blocklet-services 1.16.52-beta-20250922-225859-f34775fa → 1.16.52-beta-20250924-093428-bd3f0d8c

package/api/index.js

@@ -88,7 +88,7 @@ const createOpenComponentRoutes = require('./routes/opencomponent');
 const createOpenEmbedRoutes = require('./routes/openembed');
 const createAccessKeyRoutes = require('./routes/access-key');
 const checkRunning = require('./middlewares/check-running');
-const launcherLogin = require('./middlewares/launcher-login');
+const { launcherLogin } = require('./middlewares/launcher-login');
 const { checkMemberPermission, checkGuestPermission } = require('./middlewares/check-permission');
 const ensureBlocklet = require('./middlewares/ensure-blocklet');
 const proxyToDaemon = require('./middlewares/proxy-to-daemon');

package/api/middlewares/launcher-login.js

@@ -9,6 +9,94 @@ const { createTokenFn } = require('../util');
 const initJwt = require('../libs/jwt');
 const logger = require('../libs/logger')('blocklet-services:launcher-login');
 
+const doLauncherLogin = async (req, token, blocklet, node, options) => {
+  const decoded = JWT.decode(token);
+  const info = await req.getNodeInfo();
+
+  const isSameLauncher = isSameDid(decoded.iss, info.registerInfo?.appId);
+  const isSameOwner = isSameDid(decoded.oid, blocklet.settings?.owner?.did);
+  const isSameLauncherSessionId = decoded.lid === blocklet.controller.launcherSessionId;
+  const isSameBlocklet = [blocklet.appDid, blocklet.appPid].includes(decoded.aid);
+
+  logger.debug('Launcher login check', {
+    isSameLauncher,
+    isSameOwner,
+    isSameLauncherSessionId,
+    isSameBlocklet,
+    decoded,
+    owner: blocklet.settings?.owner,
+    launcher: info.registerInfo,
+    controller: blocklet.controller,
+    appDids: [blocklet.appDid, blocklet.appPid],
+  });
+
+  if (isSameLauncher && isSameOwner && isSameLauncherSessionId && isSameBlocklet) {
+    const verified = await JWT.verify(token, info.registerInfo?.appPk);
+    if (verified) {
+      const user = await node.getUser({
+        teamDid: blocklet.appPid,
+        user: { did: decoded.oid },
+        options: { enableConnectedAccount: true },
+      });
+      if (user?.approved) {
+        const { secret } = await req.getBlockletInfo();
+        const { createSessionToken } = initJwt(node, options);
+        const createToken = createTokenFn(createSessionToken);
+        const { sessionToken, refreshToken } = createToken(
+          user.did,
+          {
+            secret,
+            role: 'owner',
+            fullName: user.fullName,
+            provider: user.sourceProvider,
+            walletOS: user.walletOS,
+            emailVerified: !!user?.emailVerified,
+            phoneVerified: !!user?.phoneVerified,
+            elevated: true,
+          },
+          blocklet.settings?.session || {}
+        );
+
+        const visitorId = decoded.vid || req.cookies?.vid || generateId();
+
+        logger.info('done auto login for launcher user', {
+          appPid: blocklet.appPid,
+          userDid: user.did,
+          visitorId,
+        });
+
+        await node.upsertUserSession({
+          teamDid: blocklet.appPid,
+          userDid: user.did,
+          visitorId,
+          appPid: blocklet.appPid,
+          passportId: null,
+          status: 'online',
+          ua: req.get('user-agent'),
+          lastLoginIp: getRequestIP(req),
+          extra: {
+            walletOS: user.walletOS,
+            device: getDeviceData({ req }),
+          },
+          locale: req.blockletLocale,
+          origin: await getOrigin({ req }),
+        });
+
+        return {
+          sessionToken,
+          refreshToken,
+          visitorId,
+        };
+      }
+      logger.warn('Launcher login failed, user is revoked', { userDid: user?.did });
+    } else {
+      logger.warn('Launcher login failed, token is invalid', { token, verified });
+    }
+  }
+
+  return null;
+};
+
 // auto login from authenticated launcher users: will skip if user is already logged in
 const launcherLogin = (node, options) => async (req, res, next) => {
   if (!req.query.__lt) {
@@ -27,94 +115,18 @@ const launcherLogin = (node, options) => async (req, res, next) => {
 
   try {
     const token = req.query.__lt;
-    const decoded = JWT.decode(token);
-    const info = await req.getNodeInfo();
-
-    const isSameLauncher = isSameDid(decoded.iss, info.registerInfo?.appId);
-    const isSameOwner = isSameDid(decoded.oid, blocklet.settings?.owner?.did);
-    const isSameLauncherSessionId = decoded.lid === blocklet.controller.launcherSessionId;
-    const isSameBlocklet = [blocklet.appDid, blocklet.appPid].includes(decoded.aid);
-
-    logger.debug('Launcher login check', {
-      isSameLauncher,
-      isSameOwner,
-      isSameLauncherSessionId,
-      isSameBlocklet,
-      decoded,
-      owner: blocklet.settings?.owner,
-      launcher: info.registerInfo,
-      controller: blocklet.controller,
-      appDids: [blocklet.appDid, blocklet.appPid],
-    });
-
-    if (isSameLauncher && isSameOwner && isSameLauncherSessionId && isSameBlocklet) {
-      const verified = await JWT.verify(token, info.registerInfo?.appPk);
-      if (verified) {
-        const user = await node.getUser({
-          teamDid: blocklet.appPid,
-          user: { did: decoded.oid },
-          options: { enableConnectedAccount: true },
-        });
-        if (user?.approved) {
-          const { secret } = await req.getBlockletInfo();
-          const { createSessionToken } = initJwt(node, options);
-          const createToken = createTokenFn(createSessionToken);
-          const result = createToken(
-            user.did,
-            {
-              secret,
-              role: 'owner',
-              fullName: user.fullName,
-              provider: user.sourceProvider,
-              walletOS: user.walletOS,
-              emailVerified: !!user?.emailVerified,
-              phoneVerified: !!user?.phoneVerified,
-              elevated: true,
-            },
-            blocklet.settings?.session || {}
-          );
-
-          const visitorId = decoded.vid || req.cookies?.vid || generateId();
-
-          logger.info('done auto login for launcher user', {
-            appPid: blocklet.appPid,
-            userDid: user.did,
-            visitorId,
-          });
-
-          await node.upsertUserSession({
-            teamDid: blocklet.appPid,
-            userDid: user.did,
-            visitorId,
-            appPid: blocklet.appPid,
-            passportId: null,
-            status: 'online',
-            ua: req.get('user-agent'),
-            lastLoginIp: getRequestIP(req),
-            extra: {
-              walletOS: user.walletOS,
-              device: getDeviceData({ req }),
-            },
-            locale: req.blockletLocale,
-            origin: await getOrigin({ req }),
-          });
-
-          res.cookie('login_token', result.sessionToken, {
-            maxAge: 24 * 60 * 60 * 1000,
-            secure: true,
-            sameSite: 'lax',
-          });
-          res.cookie('vid', visitorId, {
-            maxAge: 365 * 24 * 60 * 60 * 1000,
-            secure: true,
-            sameSite: 'lax',
-          });
-        } else {
-          logger.warn('Launcher login failed, user is revoked', { userDid: user?.did });
-        }
-      } else {
-        logger.warn('Launcher login failed, token is invalid', { token, verified });
-      }
+    const result = await doLauncherLogin(req, token, blocklet, node, options);
+    if (result) {
+      res.cookie('login_token', result.sessionToken, {
+        maxAge: 24 * 60 * 60 * 1000,
+        secure: true,
+        sameSite: 'lax',
+      });
+      res.cookie('vid', result.visitorId, {
+        maxAge: 365 * 24 * 60 * 60 * 1000,
+        secure: true,
+        sameSite: 'lax',
+      });
     }
   } catch (err) {
     logger.error('Failed to attach launcher token', { error: err });
@@ -123,4 +135,7 @@ const launcherLogin = (node, options) => async (req, res, next) => {
   return next();
 };
 
-module.exports = launcherLogin;
+module.exports = {
+  launcherLogin,
+  doLauncherLogin,
+};

package/api/routes/user.js

@@ -51,6 +51,7 @@ const { sendToUser } = require('../libs/notification');
 const { createEmailLimiter } = require('../services/kyc');
 const cache = require('../cache');
 const { ensureUserExists, ensureUserEnabled, t } = require('../util/check-user');
+const { doLauncherLogin } = require('../middlewares/launcher-login');
 
 const validateUser = (user) => {
   try {
@@ -870,6 +871,36 @@ module.exports = {
       });
     });
 
+    // Used by ArcSphere to login by launcher token
+    server.post(`${prefixApi}/loginByLauncher`, async (req, res) => {
+      const { token } = req.body;
+      if (!token) {
+        throw new CustomError(400, 'Launcher token is required');
+      }
+
+      const blocklet = await req.getBlocklet();
+      if (!blocklet.controller) {
+        logger.debug('Launcher login is not supported for this blocklet', { blockletDid: blocklet.appDid });
+        throw new CustomError(400, 'Launcher login is not supported for this blocklet');
+      }
+
+      try {
+        const result = await doLauncherLogin(req, token, blocklet, node, options);
+        if (result) {
+          res.json({
+            sessionToken: result.sessionToken,
+            refreshToken: result.refreshToken,
+            visitorId: result.visitorId,
+          });
+        } else {
+          throw new CustomError(400, 'Failed to login by launcher: not matched');
+        }
+      } catch (err) {
+        logger.error('Failed to login by launcher', { error: err });
+        throw new CustomError(500, 'Failed to login by launcher: internal error');
+      }
+    });
+
     server.post(`${prefixApi}/checkUser`, async (req, res) => {
       const { users = [], sourceAppPid } = req.body;
       const { error } = checkUserSchema.validate({

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.52-beta-20250922-225859-f34775fa",
+  "version": "1.16.52-beta-20250924-093428-bd3f0d8c",
   "description": "Provide unified services for every blocklet",
   "main": "api/index.js",
   "files": [
@@ -34,17 +34,17 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/auth": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/connect-storage": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/constant": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/core": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/cron": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/db-cache": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/logger": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/models": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/router-templates": "1.16.52-beta-20250922-225859-f34775fa",
-    "@abtnode/util": "1.16.52-beta-20250922-225859-f34775fa",
+    "@abtnode/analytics": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/auth": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/connect-storage": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/constant": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/core": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/cron": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/db-cache": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/logger": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/models": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/router-templates": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@abtnode/util": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@arcblock/did": "1.24.0",
     "@arcblock/did-connect-js": "1.24.0",
     "@arcblock/did-ext": "1.24.0",
@@ -54,18 +54,18 @@
     "@arcblock/jwt": "1.24.0",
     "@arcblock/validator": "1.24.0",
     "@arcblock/ws": "1.24.0",
-    "@blocklet/constant": "1.16.52-beta-20250922-225859-f34775fa",
+    "@blocklet/constant": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/dbhub": "^0.2.9",
-    "@blocklet/env": "1.16.52-beta-20250922-225859-f34775fa",
+    "@blocklet/env": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/error": "^0.2.5",
     "@blocklet/form-builder": "^0.1.12",
     "@blocklet/form-collector": "^0.1.8",
-    "@blocklet/images": "1.16.52-beta-20250922-225859-f34775fa",
-    "@blocklet/js-sdk": "1.16.52-beta-20250922-225859-f34775fa",
-    "@blocklet/meta": "1.16.52-beta-20250922-225859-f34775fa",
-    "@blocklet/rate-limit": "1.16.52-beta-20250922-225859-f34775fa",
-    "@blocklet/sdk": "1.16.52-beta-20250922-225859-f34775fa",
-    "@blocklet/server-js": "1.16.52-beta-20250922-225859-f34775fa",
+    "@blocklet/images": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/js-sdk": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/meta": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/rate-limit": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/sdk": "1.16.52-beta-20250924-093428-bd3f0d8c",
+    "@blocklet/server-js": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/theme": "^3.1.41",
     "@blocklet/theme-builder": "0.4.6",
     "@blocklet/uploader-server": "^0.2.11",
@@ -125,7 +125,7 @@
     "whatwg-url": "14.0.0"
   },
   "devDependencies": {
-    "@abtnode/ux": "1.16.52-beta-20250922-225859-f34775fa",
+    "@abtnode/ux": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@arcblock/bridge": "^3.1.41",
     "@arcblock/did-connect-react": "^3.1.41",
     "@arcblock/icons": "^3.1.41",
@@ -135,7 +135,7 @@
     "@blocklet/did-space-react": "^1.1.24",
     "@blocklet/launcher-layout": "^3.1.41",
     "@blocklet/payment-react": "^1.20.11",
-    "@blocklet/tracker": "1.16.52-beta-20250922-225859-f34775fa",
+    "@blocklet/tracker": "1.16.52-beta-20250924-093428-bd3f0d8c",
     "@blocklet/ui-react": "^3.1.41",
     "@blocklet/uploader": "^0.2.11",
     "@emotion/react": "^11.14.0",
@@ -215,5 +215,5 @@
     "url": "https://github.com/ArcBlock/blocklet-server/issues",
     "email": "shijun@arcblock.io"
   },
-  "gitHead": "c0e0111f82032eac108bd37fd633b47e6db38870"
+  "gitHead": "208aa87c8e036c9ff5d40e7f6d7a5e24bcc57833"
 }