npm - @ai-partner-x/aiko-boot-cli - Versions diffs - 0.1.4 → 0.1.5 - Mend

@ai-partner-x/aiko-boot-cli 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (441) hide show

package/templates/api-system/examples/security/complete/app.config.ts ADDED Viewed

@@ -0,0 +1,69 @@
+import type { AppConfig } from '@ai-partner-x/aiko-boot';
+export default {
+    server: {
+        port: Number(process.env.PORT) || 3001,
+        servlet: {
+            contextPath: '/api',
+        },
+        shutdown: 'graceful',
+    },
+    logging: {
+        level: {
+            root: process.env.NODE_ENV === 'production' ? 'info' : 'debug',
+        },
+    },
+    database: {
+        type: 'sqlite',
+        filename: './data/app.db',
+    },
+    validation: {
+        enabled: true,
+        failFast: false,
+    },
+    security: {
+        enabled: true,
+        jwt: {
+            secret: process.env.JWT_SECRET || 'your-secret-key',
+            expiresIn: '1h',
+        },
+        session: {
+            secret: process.env.SESSION_SECRET || 'your-session-secret',
+            maxAge: 86400000,
+            resave: false,
+            saveUninitialized: false,
+            cookie: {
+                secure: process.env.NODE_ENV === 'production',
+                httpOnly: true,
+                sameSite: 'strict',
+                maxAge: 86400000,
+            },
+        },
+        oauth2: {
+            github: {
+                clientID: process.env.GITHUB_CLIENT_ID || 'your-github-client-id',
+                clientSecret: process.env.GITHUB_CLIENT_SECRET || 'your-github-client-secret',
+                callbackURL: process.env.GITHUB_CALLBACK_URL || 'http://localhost:3001/api/auth/github/callback',
+            },
+            google: {
+                clientID: process.env.GOOGLE_CLIENT_ID || 'your-google-client-id',
+                clientSecret: process.env.GOOGLE_CLIENT_SECRET || 'your-google-client-secret',
+                callbackURL: process.env.GOOGLE_CALLBACK_URL || 'http://localhost:3001/api/auth/google/callback',
+            },
+        },
+        publicPaths: [
+            '/api/auth/login',
+            '/api/auth/register',
+            '/api/auth/github',
+            '/api/auth/google',
+            '/api/auth/github/callback',
+            '/api/auth/google/callback',
+            '/api/public',
+        ],
+        cors: {
+            enabled: true,
+            origin: process.env.CORS_ORIGIN || '*',
+            credentials: true,
+        },
+    },
+} satisfies AppConfig;

package/templates/api-system/examples/security/complete/app.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import { AikoBootApplication, Autowired } from '@ai-partner-x/aiko-boot';
+import { SecurityModule } from '@ai-partner-x/aiko-boot-starter-security';
+import { DatabaseModule } from '@ai-partner-x/aiko-boot-starter-orm';
+import { ValidationModule } from '@ai-partner-x/aiko-boot-starter-validation';
+import { WebModule } from '@ai-partner-x/aiko-boot-starter-web';
+import appConfig from './app.config.js';
+import { AuthController, UserController, RoleController, PermissionController } from './controller/index.js';
+import { AuthService, UserService, RoleService, PermissionService, OAuthService } from './service/index.js';
+import { AuthInterceptor, PermissionInterceptor } from './middleware/index.js';
+import { User, Role, Permission, UserRole, RolePermission, OAuthAccount } from './entity/index.js';
+@AikoBootApplication({
+  imports: [
+    SecurityModule.forRoot(appConfig.security),
+    DatabaseModule.forRoot(appConfig.database),
+    ValidationModule.forRoot(appConfig.validation),
+    WebModule.forRoot(appConfig.server),
+  ],
+  controllers: [
+    AuthController,
+    UserController,
+    RoleController,
+    PermissionController,
+  ],
+  providers: [
+    AuthService,
+    UserService,
+    RoleService,
+    PermissionService,
+    OAuthService,
+    AuthInterceptor,
+    PermissionInterceptor,
+  ],
+  entities: [
+    User,
+    Role,
+    Permission,
+    UserRole,
+    RolePermission,
+    OAuthAccount,
+  ],
+})
+export class Application {
+  @Autowired()
+  private databaseModule!: DatabaseModule;
+  async onApplicationBootstrap(): Promise<void> {
+    console.log('应用正在启动...');
+    console.log(`服务器端口: ${appConfig.server.port}`);
+    console.log(`上下文路径: ${appConfig.server.servlet.contextPath}`);
+    console.log(`数据库类型: ${appConfig.database.type}`);
+    console.log(`数据库文件: ${appConfig.database.filename}`);
+    console.log('安全模块已启用');
+    console.log('应用启动完成！');
+  }
+  async onApplicationShutdown(): Promise<void> {
+    console.log('应用正在关闭...');
+  }
+}
+const app = new Application();
+app.run();

package/templates/api-system/examples/security/complete/controller/auth.controller.ts ADDED Viewed

@@ -0,0 +1,131 @@
+import { RestController, GetMapping, PostMapping, QueryParam } from '@ai-partner-x/aiko-boot-starter-web';
+import { Public } from '@ai-partner-x/aiko-boot-starter-security';
+import { AuthService } from '../service/auth.service.js';
+import { LoginDto } from '../dto/login.dto.js';
+import { RegisterDto } from '../dto/register.dto.js';
+import { ChangePasswordDto } from '../dto/change-password.dto.js';
+import { SecurityContext } from '@ai-partner-x/aiko-boot-starter-security';
+import axios from 'axios';
+@RestController({ path: '/auth' })
+export class AuthController {
+  @Autowired()
+  private authService!: AuthService;
+  @PostMapping('/login')
+  @Public()
+  async login(@RequestBody() dto: LoginDto): Promise<any> {
+    return this.authService.login(dto.username, dto.password);
+  }
+  @PostMapping('/register')
+  @Public()
+  async register(@RequestBody() dto: RegisterDto): Promise<any> {
+    return this.authService.register(dto);
+  }
+  @PostMapping('/refresh')
+  async refresh(@RequestBody() body: { refreshToken: string }): Promise<any> {
+    return this.authService.refreshToken(body.refreshToken);
+  }
+  @PostMapping('/logout')
+  async logout(@RequestBody() body: { token: string }): Promise<any> {
+    return this.authService.logout(body.token);
+  }
+  @PostMapping('/change-password')
+  async changePassword(@RequestBody() dto: ChangePasswordDto): Promise<any> {
+    const securityContext = SecurityContext.getInstance();
+    const currentUser = securityContext.getCurrentUser();
+    if (!currentUser) {
+      throw new Error('未登录');
+    }
+    return this.authService.changePassword(currentUser.id, dto.oldPassword, dto.newPassword);
+  }
+  @GetMapping('/github')
+  @Public()
+  async githubAuth(): Promise<any> {
+    const clientId = process.env.GITHUB_CLIENT_ID;
+    const redirectUri = process.env.GITHUB_CALLBACK_URL;
+    const scope = 'user:email';
+    const authUrl = `https://github.com/login/oauth/authorize?client_id=${clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&scope=${scope}`;
+    return { authUrl };
+  }
+  @GetMapping('/github/callback')
+  @Public()
+  async githubCallback(@QueryParam('code') code: string): Promise<any> {
+    const clientId = process.env.GITHUB_CLIENT_ID;
+    const clientSecret = process.env.GITHUB_CLIENT_SECRET;
+    const redirectUri = process.env.GITHUB_CALLBACK_URL;
+    const tokenResponse = await axios.post('https://github.com/login/oauth/access_token', {
+      client_id: clientId,
+      client_secret: clientSecret,
+      code: code,
+      redirect_uri: redirectUri,
+    }, {
+      headers: { Accept: 'application/json' }
+    });
+    const tokens = tokenResponse.data;
+    const userResponse = await axios.get('https://api.github.com/user', {
+      headers: { Authorization: `Bearer ${tokens.access_token}` }
+    });
+    const profile = {
+      ...userResponse.data,
+      provider: 'github',
+    };
+    return this.authService.handleOAuthCallback(profile, tokens);
+  }
+  @GetMapping('/google')
+  @Public()
+  async googleAuth(): Promise<any> {
+    const clientId = process.env.GOOGLE_CLIENT_ID;
+    const redirectUri = process.env.GOOGLE_CALLBACK_URL;
+    const scope = 'profile email';
+    const authUrl = `https://accounts.google.com/o/oauth2/v2/auth?client_id=${clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&scope=${encodeURIComponent(scope)}&response_type=code`;
+    return { authUrl };
+  }
+  @GetMapping('/google/callback')
+  @Public()
+  async googleCallback(@QueryParam('code') code: string): Promise<any> {
+    const clientId = process.env.GOOGLE_CLIENT_ID;
+    const clientSecret = process.env.GOOGLE_CLIENT_SECRET;
+    const redirectUri = process.env.GOOGLE_CALLBACK_URL;
+    const tokenResponse = await axios.post('https://oauth2.googleapis.com/token', {
+      client_id: clientId,
+      client_secret: clientSecret,
+      code: code,
+      redirect_uri: redirectUri,
+      grant_type: 'authorization_code',
+    });
+    const tokens = tokenResponse.data;
+    const userResponse = await axios.get('https://www.googleapis.com/oauth2/v2/userinfo', {
+      headers: { Authorization: `Bearer ${tokens.access_token}` }
+    });
+    const profile = {
+      ...userResponse.data,
+      provider: 'google',
+    };
+    return this.authService.handleOAuthCallback(profile, tokens);
+  }
+}

package/templates/api-system/examples/security/complete/controller/index.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export { AuthController } from './auth.controller.js';
+export { UserController } from './user.controller.js';
+export { RoleController } from './role.controller.js';
+export { PermissionController } from './permission.controller.js';

package/templates/api-system/examples/security/complete/controller/permission.controller.ts ADDED Viewed

@@ -0,0 +1,41 @@
+import { RestController, GetMapping, PostMapping, PutMapping, DeleteMapping, RequestBody, PathVariable } from '@ai-partner-x/aiko-boot-starter-web';
+import { PreAuthorize } from '@ai-partner-x/aiko-boot-starter-security';
+import { PermissionService } from '../service/permission.service.js';
+import { CreatePermissionDto } from '../dto/create-permission.dto.js';
+import { Permission } from '../entity/permission.entity.js';
+@RestController({ path: '/permissions' })
+export class PermissionController {
+  @Autowired()
+  private permissionService!: PermissionService;
+  @GetMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async list(): Promise<Permission[]> {
+    return this.permissionService.findAll();
+  }
+  @GetMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async getById(@PathVariable('id') id: number): Promise<Permission> {
+    return this.permissionService.findById(id);
+  }
+  @PostMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async create(@RequestBody() dto: CreatePermissionDto): Promise<Permission> {
+    return this.permissionService.create(dto);
+  }
+  @PutMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async update(@PathVariable('id') id: number, @RequestBody() dto: Partial<Permission>): Promise<Permission> {
+    return this.permissionService.update(id, dto);
+  }
+  @DeleteMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async delete(@PathVariable('id') id: number): Promise<boolean> {
+    return this.permissionService.delete(id);
+  }
+}

package/templates/api-system/examples/security/complete/controller/role.controller.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import { RestController, GetMapping, PostMapping, PutMapping, DeleteMapping, RequestBody, PathVariable } from '@ai-partner-x/aiko-boot-starter-web';
+import { PreAuthorize } from '@ai-partner-x/aiko-boot-starter-security';
+import { RoleService } from '../service/role.service.js';
+import { CreateRoleDto } from '../dto/create-role.dto.js';
+import { Role } from '../entity/role.entity.js';
+@RestController({ path: '/roles' })
+export class RoleController {
+  @Autowired()
+  private roleService!: RoleService;
+  @GetMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async list(): Promise<Role[]> {
+    return this.roleService.findAll();
+  }
+  @GetMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async getById(@PathVariable('id') id: number): Promise<Role> {
+    return this.roleService.findById(id);
+  }
+  @PostMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async create(@RequestBody() dto: CreateRoleDto): Promise<Role> {
+    return this.roleService.create(dto);
+  }
+  @PutMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async update(@PathVariable('id') id: number, @RequestBody() dto: Partial<Role>): Promise<Role> {
+    return this.roleService.update(id, dto);
+  }
+  @DeleteMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async delete(@PathVariable('id') id: number): Promise<boolean> {
+    return this.roleService.delete(id);
+  }
+  @PostMapping('/{id}/permissions')
+  @PreAuthorize("hasRole('ADMIN')")
+  async assignPermission(@PathVariable('id') roleId: number, @RequestBody() body: { permissionId: number }): Promise<void> {
+    return this.roleService.assignPermissionToRole(roleId, body.permissionId);
+  }
+  @DeleteMapping('/{id}/permissions/{permissionId}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async removePermission(@PathVariable('id') roleId: number, @PathVariable('permissionId') permissionId: number): Promise<void> {
+    return this.roleService.removePermissionFromRole(roleId, permissionId);
+  }
+}

package/templates/api-system/examples/security/complete/controller/user.controller.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import { RestController, GetMapping, PostMapping, PutMapping, DeleteMapping, RequestBody, PathVariable } from '@ai-partner-x/aiko-boot-starter-web';
+import { Public, PreAuthorize, RolesAllowed, Secured } from '@ai-partner-x/aiko-boot-starter-security';
+import { UserService } from '../service/user.service.js';
+import { CreateUserDto } from '../dto/create-user.dto.js';
+import { User } from '../entity/user.entity.js';
+@RestController({ path: '/users' })
+export class UserController {
+  @Autowired()
+  private userService!: UserService;
+  @GetMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async list(): Promise<User[]> {
+    return this.userService.findAll();
+  }
+  @GetMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN') or #id == authentication.principal.id")
+  async getById(@PathVariable('id') id: number): Promise<User> {
+    return this.userService.findById(id);
+  }
+  @PostMapping()
+  @PreAuthorize("hasRole('ADMIN')")
+  async create(@RequestBody() dto: CreateUserDto): Promise<User> {
+    return this.userService.create(dto);
+  }
+  @PutMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN') or #id == authentication.principal.id")
+  async update(@PathVariable('id') id: number, @RequestBody() dto: Partial<User>): Promise<User> {
+    return this.userService.update(id, dto);
+  }
+  @DeleteMapping('/{id}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async delete(@PathVariable('id') id: number): Promise<boolean> {
+    return this.userService.delete(id);
+  }
+  @PostMapping('/{id}/roles')
+  @PreAuthorize("hasRole('ADMIN')")
+  async assignRole(@PathVariable('id') userId: number, @RequestBody() body: { roleId: number }): Promise<void> {
+    return this.userService.assignRoleToUser(userId, body.roleId);
+  }
+  @DeleteMapping('/{id}/roles/{roleId}')
+  @PreAuthorize("hasRole('ADMIN')")
+  async removeRole(@PathVariable('id') userId: number, @PathVariable('roleId') roleId: number): Promise<void> {
+    return this.userService.removeRoleFromUser(userId, roleId);
+  }
+}

package/templates/api-system/examples/security/complete/dto/change-password.dto.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { IsNotEmpty, MinLength } from '@ai-partner-x/aiko-boot-starter-validation';
+export class ChangePasswordDto {
+  @IsNotEmpty({ message: '旧密码不能为空' })
+  oldPassword!: string;
+  @IsNotEmpty({ message: '新密码不能为空' })
+  @MinLength(8, { message: '新密码长度至少 8 位' })
+  newPassword!: string;
+}

package/templates/api-system/examples/security/complete/dto/create-permission.dto.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { IsNotEmpty } from '@ai-partner-x/aiko-boot-starter-validation';
+export class CreatePermissionDto {
+  @IsNotEmpty({ message: '权限名称不能为空' })
+  name!: string;
+  description?: string;
+  @IsNotEmpty({ message: '资源不能为空' })
+  resource!: string;
+  @IsNotEmpty({ message: '操作不能为空' })
+  action!: string;
+}

package/templates/api-system/examples/security/complete/dto/create-role.dto.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { IsNotEmpty, IsArray } from '@ai-partner-x/aiko-boot-starter-validation';
+export class CreateRoleDto {
+  @IsNotEmpty({ message: '角色名称不能为空' })
+  name!: string;
+  description?: string;
+  @IsArray({ message: '权限必须是数组' })
+  permissionIds!: number[];
+}

package/templates/api-system/examples/security/complete/dto/create-user.dto.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { IsEmail, IsNotEmpty, IsArray } from '@ai-partner-x/aiko-boot-starter-validation';
+export class CreateUserDto {
+  @IsNotEmpty({ message: '用户名不能为空' })
+  username!: string;
+  @IsEmail({}, { message: '邮箱格式不正确' })
+  email!: string;
+  @IsNotEmpty({ message: '密码不能为空' })
+  password!: string;
+  @IsArray({ message: '角色必须是数组' })
+  roleIds!: number[];
+}

package/templates/api-system/examples/security/complete/dto/index.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export { LoginDto } from './login.dto.js';
+export { RegisterDto } from './register.dto.js';
+export { CreateUserDto } from './create-user.dto.js';
+export { CreateRoleDto } from './create-role.dto.js';
+export { CreatePermissionDto } from './create-permission.dto.js';
+export { OAuthProfileDto } from './oauth-profile.dto.js';
+export { ChangePasswordDto } from './change-password.dto.js';

package/templates/api-system/examples/security/complete/dto/login.dto.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { IsNotEmpty, MinLength } from '@ai-partner-x/aiko-boot-starter-validation';
+export class LoginDto {
+  @IsNotEmpty({ message: '用户名不能为空' })
+  username!: string;
+  @IsNotEmpty({ message: '密码不能为空' })
+  @MinLength(6, { message: '密码长度至少 6 位' })
+  password!: string;
+}

package/templates/api-system/examples/security/complete/dto/oauth-profile.dto.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export class OAuthProfileDto {
+  id!: string;
+  username!: string;
+  email!: string;
+  avatar?: string;
+  provider!: string;
+}

package/templates/api-system/examples/security/complete/dto/register.dto.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { IsEmail, IsNotEmpty, MinLength, Matches } from '@ai-partner-x/aiko-boot-starter-validation';
+export class RegisterDto {
+  @IsNotEmpty({ message: '用户名不能为空' })
+  @MinLength(3, { message: '用户名长度至少 3 位' })
+  username!: string;
+  @IsEmail({}, { message: '邮箱格式不正确' })
+  email!: string;
+  @IsNotEmpty({ message: '密码不能为空' })
+  @MinLength(8, { message: '密码长度至少 8 位' })
+  @Matches(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]/, {
+    message: '密码必须包含大小写字母、数字和特殊字符'
+  })
+  password!: string;
+}

package/templates/api-system/examples/security/complete/entity/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export { User } from './user.entity.js';
+export { Role } from './role.entity.js';
+export { Permission } from './permission.entity.js';
+export { UserRole } from './user-role.entity.js';
+export { RolePermission } from './role-permission.entity.js';
+export { OAuthAccount } from './oauth-account.entity.js';

package/templates/api-system/examples/security/complete/entity/oauth-account.entity.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { Entity, TableId, TableField, Column } from '@ai-partner-x/aiko-boot-starter-orm';
+@Entity({ tableName: 'oauth_accounts' })
+export class OAuthAccount {
+  @TableId()
+  id!: number;
+  @TableField()
+  @Column()
+  userId!: number;
+  @TableField()
+  @Column()
+  provider!: string;
+  @TableField()
+  @Column()
+  providerId!: string;
+  @TableField()
+  @Column()
+  accessToken!: string;
+  @TableField()
+  @Column()
+  refreshToken!: string;
+  @TableField()
+  @Column()
+  expiresAt!: Date;
+  @TableField()
+  @Column()
+  createdAt!: Date;
+  @TableField()
+  @Column()
+  updatedAt!: Date;
+}

package/templates/api-system/examples/security/complete/entity/permission.entity.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import { Entity, TableId, TableField, Column } from '@ai-partner-x/aiko-boot-starter-orm';
+@Entity({ tableName: 'permissions' })
+export class Permission {
+  @TableId()
+  id!: number;
+  @TableField()
+  @Column()
+  name!: string;
+  @TableField()
+  @Column()
+  description!: string;
+  @TableField()
+  @Column()
+  resource!: string;
+  @TableField()
+  @Column()
+  action!: string;
+  @TableField()
+  @Column()
+  createdAt!: Date;
+  @TableField()
+  @Column()
+  updatedAt!: Date;
+}

package/templates/api-system/examples/security/complete/entity/role-permission.entity.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { Entity, TableId, TableField, Column } from '@ai-partner-x/aiko-boot-starter-orm';
+@Entity({ tableName: 'role_permissions' })
+export class RolePermission {
+  @TableId()
+  id!: number;
+  @TableField()
+  @Column()
+  roleId!: number;
+  @TableField()
+  @Column()
+  permissionId!: number;
+  @TableField()
+  @Column()
+  createdAt!: Date;
+}

package/templates/api-system/examples/security/complete/entity/role.entity.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { Entity, TableId, TableField, Column } from '@ai-partner-x/aiko-boot-starter-orm';
+@Entity({ tableName: 'roles' })
+export class Role {
+  @TableId()
+  id!: number;
+  @TableField()
+  @Column()
+  name!: string;
+  @TableField()
+  @Column()
+  description!: string;
+  @TableField()
+  @Column()
+  createdAt!: Date;
+  @TableField()
+  @Column()
+  updatedAt!: Date;
+  permissions?: Permission[];
+}

package/templates/api-system/examples/security/complete/entity/user-role.entity.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { Entity, TableId, TableField, Column } from '@ai-partner-x/aiko-boot-starter-orm';
+@Entity({ tableName: 'user_roles' })
+export class UserRole {
+    @TableId()
+    id!: number;
+    @TableField()
+    @Column()
+    userId!: number;
+    @TableField()
+    @Column()
+    roleId!: number;
+    @TableField()
+    @Column()
+    createdAt!: Date;
+}