@azteam/express 1.2.354 → 1.2.356
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/controller/AdminController.js +9 -9
- package/lib/middleware/apiLoginMiddleware.js +80 -0
- package/lib/middleware/index.js +7 -0
- package/package.json +1 -1
- package/src/controller/AdminController.js +9 -9
- package/src/middleware/apiLoginMiddleware.js +39 -0
- package/src/middleware/index.js +1 -0
|
@@ -342,7 +342,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
342
342
|
value: function getOne() {
|
|
343
343
|
return {
|
|
344
344
|
disabled: !this.roles.READ,
|
|
345
|
-
path: '/:id',
|
|
345
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
346
346
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodGetOne]
|
|
347
347
|
};
|
|
348
348
|
}
|
|
@@ -351,7 +351,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
351
351
|
value: function getOneTrash() {
|
|
352
352
|
return {
|
|
353
353
|
disabled: !this.roles.READ,
|
|
354
|
-
path: '/:id',
|
|
354
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
355
355
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodGetOneTrash]
|
|
356
356
|
};
|
|
357
357
|
}
|
|
@@ -485,7 +485,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
485
485
|
var _this3 = this;
|
|
486
486
|
return {
|
|
487
487
|
disabled: !this.roles.UPDATE,
|
|
488
|
-
path: '/:id',
|
|
488
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
489
489
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
490
490
|
var _ref11 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee15(req, res) {
|
|
491
491
|
var item, data;
|
|
@@ -532,7 +532,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
532
532
|
var _this4 = this;
|
|
533
533
|
return {
|
|
534
534
|
disabled: !this.roles.UPDATE,
|
|
535
|
-
path: '/available/:id',
|
|
535
|
+
path: '/available/:id([a-zA-Z0-9]+)',
|
|
536
536
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
537
537
|
var _ref12 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee16(req, res) {
|
|
538
538
|
var item;
|
|
@@ -577,7 +577,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
577
577
|
var _this5 = this;
|
|
578
578
|
return {
|
|
579
579
|
disabled: !this.roles.UPDATE,
|
|
580
|
-
path: '/unavailable/:id',
|
|
580
|
+
path: '/unavailable/:id([a-zA-Z0-9]+)',
|
|
581
581
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
582
582
|
var _ref13 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee17(req, res) {
|
|
583
583
|
var item;
|
|
@@ -622,7 +622,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
622
622
|
var _this6 = this;
|
|
623
623
|
return {
|
|
624
624
|
disabled: !this.roles.UPDATE,
|
|
625
|
-
path: '/waiting/:id',
|
|
625
|
+
path: '/waiting/:id([a-zA-Z0-9]+)',
|
|
626
626
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
627
627
|
var _ref14 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee18(req, res) {
|
|
628
628
|
var item;
|
|
@@ -687,7 +687,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
687
687
|
value: function _delete() {
|
|
688
688
|
return {
|
|
689
689
|
disabled: !this.roles.DELETE,
|
|
690
|
-
path: '/:id',
|
|
690
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
691
691
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DELETE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodDelete]
|
|
692
692
|
};
|
|
693
693
|
}
|
|
@@ -696,7 +696,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
696
696
|
value: function postRestoreTrash() {
|
|
697
697
|
return {
|
|
698
698
|
disabled: !this.roles.RESTORE,
|
|
699
|
-
path: '/:id',
|
|
699
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
700
700
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.RESTORE], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodPostRestoreTrash]
|
|
701
701
|
};
|
|
702
702
|
}
|
|
@@ -726,7 +726,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
726
726
|
value: function deleteDestroyTrash() {
|
|
727
727
|
return {
|
|
728
728
|
disabled: !this.roles.DESTROY,
|
|
729
|
-
path: '/:id',
|
|
729
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
730
730
|
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DESTROY], this.secretKey), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodDeleteDestroyTrash]
|
|
731
731
|
};
|
|
732
732
|
}
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }, _typeof(obj); }
|
|
4
|
+
Object.defineProperty(exports, "__esModule", {
|
|
5
|
+
value: true
|
|
6
|
+
});
|
|
7
|
+
exports["default"] = _default;
|
|
8
|
+
var _httpClient = _interopRequireDefault(require("@azteam/http-client"));
|
|
9
|
+
var _error = require("@azteam/error");
|
|
10
|
+
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
|
|
11
|
+
function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return exports; }; var exports = {}, Op = Object.prototype, hasOwn = Op.hasOwnProperty, $Symbol = "function" == typeof Symbol ? Symbol : {}, iteratorSymbol = $Symbol.iterator || "@@iterator", asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator", toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag"; function define(obj, key, value) { return Object.defineProperty(obj, key, { value: value, enumerable: !0, configurable: !0, writable: !0 }), obj[key]; } try { define({}, ""); } catch (err) { define = function define(obj, key, value) { return obj[key] = value; }; } function wrap(innerFn, outerFn, self, tryLocsList) { var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator, generator = Object.create(protoGenerator.prototype), context = new Context(tryLocsList || []); return generator._invoke = function (innerFn, self, context) { var state = "suspendedStart"; return function (method, arg) { if ("executing" === state) throw new Error("Generator is already running"); if ("completed" === state) { if ("throw" === method) throw arg; return doneResult(); } for (context.method = method, context.arg = arg;;) { var delegate = context.delegate; if (delegate) { var delegateResult = maybeInvokeDelegate(delegate, context); if (delegateResult) { if (delegateResult === ContinueSentinel) continue; return delegateResult; } } if ("next" === context.method) context.sent = context._sent = context.arg;else if ("throw" === context.method) { if ("suspendedStart" === state) throw state = "completed", context.arg; context.dispatchException(context.arg); } else "return" === context.method && context.abrupt("return", context.arg); state = "executing"; var record = tryCatch(innerFn, self, context); if ("normal" === record.type) { if (state = context.done ? "completed" : "suspendedYield", record.arg === ContinueSentinel) continue; return { value: record.arg, done: context.done }; } "throw" === record.type && (state = "completed", context.method = "throw", context.arg = record.arg); } }; }(innerFn, self, context), generator; } function tryCatch(fn, obj, arg) { try { return { type: "normal", arg: fn.call(obj, arg) }; } catch (err) { return { type: "throw", arg: err }; } } exports.wrap = wrap; var ContinueSentinel = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var IteratorPrototype = {}; define(IteratorPrototype, iteratorSymbol, function () { return this; }); var getProto = Object.getPrototypeOf, NativeIteratorPrototype = getProto && getProto(getProto(values([]))); NativeIteratorPrototype && NativeIteratorPrototype !== Op && hasOwn.call(NativeIteratorPrototype, iteratorSymbol) && (IteratorPrototype = NativeIteratorPrototype); var Gp = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(IteratorPrototype); function defineIteratorMethods(prototype) { ["next", "throw", "return"].forEach(function (method) { define(prototype, method, function (arg) { return this._invoke(method, arg); }); }); } function AsyncIterator(generator, PromiseImpl) { function invoke(method, arg, resolve, reject) { var record = tryCatch(generator[method], generator, arg); if ("throw" !== record.type) { var result = record.arg, value = result.value; return value && "object" == _typeof(value) && hasOwn.call(value, "__await") ? PromiseImpl.resolve(value.__await).then(function (value) { invoke("next", value, resolve, reject); }, function (err) { invoke("throw", err, resolve, reject); }) : PromiseImpl.resolve(value).then(function (unwrapped) { result.value = unwrapped, resolve(result); }, function (error) { return invoke("throw", error, resolve, reject); }); } reject(record.arg); } var previousPromise; this._invoke = function (method, arg) { function callInvokeWithMethodAndArg() { return new PromiseImpl(function (resolve, reject) { invoke(method, arg, resolve, reject); }); } return previousPromise = previousPromise ? previousPromise.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg(); }; } function maybeInvokeDelegate(delegate, context) { var method = delegate.iterator[context.method]; if (undefined === method) { if (context.delegate = null, "throw" === context.method) { if (delegate.iterator["return"] && (context.method = "return", context.arg = undefined, maybeInvokeDelegate(delegate, context), "throw" === context.method)) return ContinueSentinel; context.method = "throw", context.arg = new TypeError("The iterator does not provide a 'throw' method"); } return ContinueSentinel; } var record = tryCatch(method, delegate.iterator, context.arg); if ("throw" === record.type) return context.method = "throw", context.arg = record.arg, context.delegate = null, ContinueSentinel; var info = record.arg; return info ? info.done ? (context[delegate.resultName] = info.value, context.next = delegate.nextLoc, "return" !== context.method && (context.method = "next", context.arg = undefined), context.delegate = null, ContinueSentinel) : info : (context.method = "throw", context.arg = new TypeError("iterator result is not an object"), context.delegate = null, ContinueSentinel); } function pushTryEntry(locs) { var entry = { tryLoc: locs[0] }; 1 in locs && (entry.catchLoc = locs[1]), 2 in locs && (entry.finallyLoc = locs[2], entry.afterLoc = locs[3]), this.tryEntries.push(entry); } function resetTryEntry(entry) { var record = entry.completion || {}; record.type = "normal", delete record.arg, entry.completion = record; } function Context(tryLocsList) { this.tryEntries = [{ tryLoc: "root" }], tryLocsList.forEach(pushTryEntry, this), this.reset(!0); } function values(iterable) { if (iterable) { var iteratorMethod = iterable[iteratorSymbol]; if (iteratorMethod) return iteratorMethod.call(iterable); if ("function" == typeof iterable.next) return iterable; if (!isNaN(iterable.length)) { var i = -1, next = function next() { for (; ++i < iterable.length;) { if (hasOwn.call(iterable, i)) return next.value = iterable[i], next.done = !1, next; } return next.value = undefined, next.done = !0, next; }; return next.next = next; } } return { next: doneResult }; } function doneResult() { return { value: undefined, done: !0 }; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, define(Gp, "constructor", GeneratorFunctionPrototype), define(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, toStringTagSymbol, "GeneratorFunction"), exports.isGeneratorFunction = function (genFun) { var ctor = "function" == typeof genFun && genFun.constructor; return !!ctor && (ctor === GeneratorFunction || "GeneratorFunction" === (ctor.displayName || ctor.name)); }, exports.mark = function (genFun) { return Object.setPrototypeOf ? Object.setPrototypeOf(genFun, GeneratorFunctionPrototype) : (genFun.__proto__ = GeneratorFunctionPrototype, define(genFun, toStringTagSymbol, "GeneratorFunction")), genFun.prototype = Object.create(Gp), genFun; }, exports.awrap = function (arg) { return { __await: arg }; }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, asyncIteratorSymbol, function () { return this; }), exports.AsyncIterator = AsyncIterator, exports.async = function (innerFn, outerFn, self, tryLocsList, PromiseImpl) { void 0 === PromiseImpl && (PromiseImpl = Promise); var iter = new AsyncIterator(wrap(innerFn, outerFn, self, tryLocsList), PromiseImpl); return exports.isGeneratorFunction(outerFn) ? iter : iter.next().then(function (result) { return result.done ? result.value : iter.next(); }); }, defineIteratorMethods(Gp), define(Gp, toStringTagSymbol, "Generator"), define(Gp, iteratorSymbol, function () { return this; }), define(Gp, "toString", function () { return "[object Generator]"; }), exports.keys = function (object) { var keys = []; for (var key in object) { keys.push(key); } return keys.reverse(), function next() { for (; keys.length;) { var key = keys.pop(); if (key in object) return next.value = key, next.done = !1, next; } return next.done = !0, next; }; }, exports.values = values, Context.prototype = { constructor: Context, reset: function reset(skipTempReset) { if (this.prev = 0, this.next = 0, this.sent = this._sent = undefined, this.done = !1, this.delegate = null, this.method = "next", this.arg = undefined, this.tryEntries.forEach(resetTryEntry), !skipTempReset) for (var name in this) { "t" === name.charAt(0) && hasOwn.call(this, name) && !isNaN(+name.slice(1)) && (this[name] = undefined); } }, stop: function stop() { this.done = !0; var rootRecord = this.tryEntries[0].completion; if ("throw" === rootRecord.type) throw rootRecord.arg; return this.rval; }, dispatchException: function dispatchException(exception) { if (this.done) throw exception; var context = this; function handle(loc, caught) { return record.type = "throw", record.arg = exception, context.next = loc, caught && (context.method = "next", context.arg = undefined), !!caught; } for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i], record = entry.completion; if ("root" === entry.tryLoc) return handle("end"); if (entry.tryLoc <= this.prev) { var hasCatch = hasOwn.call(entry, "catchLoc"), hasFinally = hasOwn.call(entry, "finallyLoc"); if (hasCatch && hasFinally) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } else if (hasCatch) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); } else { if (!hasFinally) throw new Error("try statement without catch or finally"); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } } } }, abrupt: function abrupt(type, arg) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc <= this.prev && hasOwn.call(entry, "finallyLoc") && this.prev < entry.finallyLoc) { var finallyEntry = entry; break; } } finallyEntry && ("break" === type || "continue" === type) && finallyEntry.tryLoc <= arg && arg <= finallyEntry.finallyLoc && (finallyEntry = null); var record = finallyEntry ? finallyEntry.completion : {}; return record.type = type, record.arg = arg, finallyEntry ? (this.method = "next", this.next = finallyEntry.finallyLoc, ContinueSentinel) : this.complete(record); }, complete: function complete(record, afterLoc) { if ("throw" === record.type) throw record.arg; return "break" === record.type || "continue" === record.type ? this.next = record.arg : "return" === record.type ? (this.rval = this.arg = record.arg, this.method = "return", this.next = "end") : "normal" === record.type && afterLoc && (this.next = afterLoc), ContinueSentinel; }, finish: function finish(finallyLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.finallyLoc === finallyLoc) return this.complete(entry.completion, entry.afterLoc), resetTryEntry(entry), ContinueSentinel; } }, "catch": function _catch(tryLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc === tryLoc) { var record = entry.completion; if ("throw" === record.type) { var thrown = record.arg; resetTryEntry(entry); } return thrown; } } throw new Error("illegal catch attempt"); }, delegateYield: function delegateYield(iterable, resultName, nextLoc) { return this.delegate = { iterator: values(iterable), resultName: resultName, nextLoc: nextLoc }, "next" === this.method && (this.arg = undefined), ContinueSentinel; } }, exports; }
|
|
12
|
+
function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
|
|
13
|
+
function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
|
|
14
|
+
function _default() {
|
|
15
|
+
var systemURL = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : process.env.SYSTEM_URL;
|
|
16
|
+
return /*#__PURE__*/function () {
|
|
17
|
+
var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(req, res, next) {
|
|
18
|
+
var headers, token, apiURL, splitToken, client, response;
|
|
19
|
+
return _regeneratorRuntime().wrap(function _callee$(_context) {
|
|
20
|
+
while (1) {
|
|
21
|
+
switch (_context.prev = _context.next) {
|
|
22
|
+
case 0:
|
|
23
|
+
if (req.user) {
|
|
24
|
+
_context.next = 21;
|
|
25
|
+
break;
|
|
26
|
+
}
|
|
27
|
+
headers = req.headers;
|
|
28
|
+
if (!headers.authorization) {
|
|
29
|
+
_context.next = 21;
|
|
30
|
+
break;
|
|
31
|
+
}
|
|
32
|
+
token = headers.authorization;
|
|
33
|
+
if (!token.startsWith('apikey ')) {
|
|
34
|
+
_context.next = 20;
|
|
35
|
+
break;
|
|
36
|
+
}
|
|
37
|
+
token = token.replace('apikey ', '');
|
|
38
|
+
apiURL = "".concat(systemURL, "/auth/login_api/").concat(token);
|
|
39
|
+
splitToken = token.split(':');
|
|
40
|
+
if (splitToken.token === 2) {
|
|
41
|
+
apiURL = "https://".concat(req.hostname, "/auth/login_api/").concat(splitToken[1]);
|
|
42
|
+
}
|
|
43
|
+
client = new _httpClient["default"]({
|
|
44
|
+
timeout: 20000,
|
|
45
|
+
headers: {
|
|
46
|
+
'User-Agent': 'toda-api'
|
|
47
|
+
}
|
|
48
|
+
});
|
|
49
|
+
_context.next = 12;
|
|
50
|
+
return client.get(apiURL);
|
|
51
|
+
case 12:
|
|
52
|
+
response = _context.sent;
|
|
53
|
+
if (!response.success) {
|
|
54
|
+
_context.next = 17;
|
|
55
|
+
break;
|
|
56
|
+
}
|
|
57
|
+
req.user = response.data;
|
|
58
|
+
_context.next = 18;
|
|
59
|
+
break;
|
|
60
|
+
case 17:
|
|
61
|
+
throw new _error.ErrorException(_error.TOKEN_FAILED);
|
|
62
|
+
case 18:
|
|
63
|
+
_context.next = 21;
|
|
64
|
+
break;
|
|
65
|
+
case 20:
|
|
66
|
+
throw new _error.ErrorException(_error.UNAUTHORIZED);
|
|
67
|
+
case 21:
|
|
68
|
+
return _context.abrupt("return", next());
|
|
69
|
+
case 22:
|
|
70
|
+
case "end":
|
|
71
|
+
return _context.stop();
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
}, _callee);
|
|
75
|
+
}));
|
|
76
|
+
return function (_x, _x2, _x3) {
|
|
77
|
+
return _ref.apply(this, arguments);
|
|
78
|
+
};
|
|
79
|
+
}();
|
|
80
|
+
}
|
package/lib/middleware/index.js
CHANGED
|
@@ -9,6 +9,12 @@ Object.defineProperty(exports, "adminRoleMiddleware", {
|
|
|
9
9
|
return _adminRoleMiddleware["default"];
|
|
10
10
|
}
|
|
11
11
|
});
|
|
12
|
+
Object.defineProperty(exports, "apiLoginMiddleware", {
|
|
13
|
+
enumerable: true,
|
|
14
|
+
get: function get() {
|
|
15
|
+
return _apiLoginMiddleware["default"];
|
|
16
|
+
}
|
|
17
|
+
});
|
|
12
18
|
Object.defineProperty(exports, "cacheMiddleware", {
|
|
13
19
|
enumerable: true,
|
|
14
20
|
get: function get() {
|
|
@@ -71,6 +77,7 @@ Object.defineProperty(exports, "verifyGoogleAppMiddleware", {
|
|
|
71
77
|
});
|
|
72
78
|
var _signMiddleware = _interopRequireDefault(require("./signMiddleware"));
|
|
73
79
|
var _etagMiddleware = _interopRequireDefault(require("./etagMiddleware"));
|
|
80
|
+
var _apiLoginMiddleware = _interopRequireDefault(require("./apiLoginMiddleware"));
|
|
74
81
|
var _roleMiddleware = _interopRequireDefault(require("./roleMiddleware"));
|
|
75
82
|
var _adminRoleMiddleware = _interopRequireDefault(require("./adminRoleMiddleware"));
|
|
76
83
|
var _systemRoleMiddleware = _interopRequireDefault(require("./systemRoleMiddleware"));
|
package/package.json
CHANGED
|
@@ -104,7 +104,7 @@ class AdminController extends Controller {
|
|
|
104
104
|
getOne() {
|
|
105
105
|
return {
|
|
106
106
|
disabled: !this.roles.READ,
|
|
107
|
-
path: '/:id',
|
|
107
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
108
108
|
method: [adminRoleMiddleware([this.roles.READ], this.secretKey), validateMiddleware(REQUEST_TYPE.PARAMS, rulesId), this.methodGetOne],
|
|
109
109
|
};
|
|
110
110
|
}
|
|
@@ -118,7 +118,7 @@ class AdminController extends Controller {
|
|
|
118
118
|
getOneTrash() {
|
|
119
119
|
return {
|
|
120
120
|
disabled: !this.roles.READ,
|
|
121
|
-
path: '/:id',
|
|
121
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
122
122
|
method: [
|
|
123
123
|
adminRoleMiddleware([this.roles.READ], this.secretKey),
|
|
124
124
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -173,7 +173,7 @@ class AdminController extends Controller {
|
|
|
173
173
|
putModify() {
|
|
174
174
|
return {
|
|
175
175
|
disabled: !this.roles.UPDATE,
|
|
176
|
-
path: '/:id',
|
|
176
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
177
177
|
method: [
|
|
178
178
|
adminRoleMiddleware([this.roles.UPDATE], this.secretKey),
|
|
179
179
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -196,7 +196,7 @@ class AdminController extends Controller {
|
|
|
196
196
|
putModifyStatusAvailable() {
|
|
197
197
|
return {
|
|
198
198
|
disabled: !this.roles.UPDATE,
|
|
199
|
-
path: '/available/:id',
|
|
199
|
+
path: '/available/:id([a-zA-Z0-9]+)',
|
|
200
200
|
method: [
|
|
201
201
|
adminRoleMiddleware([this.roles.UPDATE], this.secretKey),
|
|
202
202
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -217,7 +217,7 @@ class AdminController extends Controller {
|
|
|
217
217
|
putModifyStatusUnavailable() {
|
|
218
218
|
return {
|
|
219
219
|
disabled: !this.roles.UPDATE,
|
|
220
|
-
path: '/unavailable/:id',
|
|
220
|
+
path: '/unavailable/:id([a-zA-Z0-9]+)',
|
|
221
221
|
method: [
|
|
222
222
|
adminRoleMiddleware([this.roles.UPDATE], this.secretKey),
|
|
223
223
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -238,7 +238,7 @@ class AdminController extends Controller {
|
|
|
238
238
|
putModifyStatusWaiting() {
|
|
239
239
|
return {
|
|
240
240
|
disabled: !this.roles.UPDATE,
|
|
241
|
-
path: '/waiting/:id',
|
|
241
|
+
path: '/waiting/:id([a-zA-Z0-9]+)',
|
|
242
242
|
method: [
|
|
243
243
|
adminRoleMiddleware([this.roles.UPDATE], this.secretKey),
|
|
244
244
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -274,7 +274,7 @@ class AdminController extends Controller {
|
|
|
274
274
|
delete() {
|
|
275
275
|
return {
|
|
276
276
|
disabled: !this.roles.DELETE,
|
|
277
|
-
path: '/:id',
|
|
277
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
278
278
|
method: [adminRoleMiddleware([this.roles.DELETE], this.secretKey), validateMiddleware(REQUEST_TYPE.PARAMS, rulesId), this.methodDelete],
|
|
279
279
|
};
|
|
280
280
|
}
|
|
@@ -291,7 +291,7 @@ class AdminController extends Controller {
|
|
|
291
291
|
postRestoreTrash() {
|
|
292
292
|
return {
|
|
293
293
|
disabled: !this.roles.RESTORE,
|
|
294
|
-
path: '/:id',
|
|
294
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
295
295
|
method: [
|
|
296
296
|
adminRoleMiddleware([this.roles.RESTORE], this.secretKey),
|
|
297
297
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -327,7 +327,7 @@ class AdminController extends Controller {
|
|
|
327
327
|
deleteDestroyTrash() {
|
|
328
328
|
return {
|
|
329
329
|
disabled: !this.roles.DESTROY,
|
|
330
|
-
path: '/:id',
|
|
330
|
+
path: '/:id([a-zA-Z0-9]+)',
|
|
331
331
|
method: [
|
|
332
332
|
adminRoleMiddleware([this.roles.DESTROY], this.secretKey),
|
|
333
333
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import HttpClient from '@azteam/http-client';
|
|
2
|
+
import {ErrorException, TOKEN_FAILED, UNAUTHORIZED} from '@azteam/error';
|
|
3
|
+
|
|
4
|
+
export default function (systemURL = process.env.SYSTEM_URL) {
|
|
5
|
+
return async function (req, res, next) {
|
|
6
|
+
if (!req.user) {
|
|
7
|
+
const {headers} = req;
|
|
8
|
+
if (headers.authorization) {
|
|
9
|
+
let token = headers.authorization;
|
|
10
|
+
|
|
11
|
+
if (token.startsWith('apikey ')) {
|
|
12
|
+
token = token.replace('apikey ', '');
|
|
13
|
+
let apiURL = `${systemURL}/auth/login_api/${token}`;
|
|
14
|
+
|
|
15
|
+
const splitToken = token.split(':');
|
|
16
|
+
if (splitToken.token === 2) {
|
|
17
|
+
apiURL = `https://${req.hostname}/auth/login_api/${splitToken[1]}`;
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
const client = new HttpClient({
|
|
21
|
+
timeout: 20000,
|
|
22
|
+
headers: {
|
|
23
|
+
'User-Agent': 'toda-api',
|
|
24
|
+
},
|
|
25
|
+
}),
|
|
26
|
+
response = await client.get(apiURL);
|
|
27
|
+
if (response.success) {
|
|
28
|
+
req.user = response.data;
|
|
29
|
+
} else {
|
|
30
|
+
throw new ErrorException(TOKEN_FAILED);
|
|
31
|
+
}
|
|
32
|
+
} else {
|
|
33
|
+
throw new ErrorException(UNAUTHORIZED);
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
return next();
|
|
38
|
+
};
|
|
39
|
+
}
|
package/src/middleware/index.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export {default as signMiddleware} from './signMiddleware';
|
|
2
2
|
export {default as etagMiddleware} from './etagMiddleware';
|
|
3
|
+
export {default as apiLoginMiddleware} from './apiLoginMiddleware';
|
|
3
4
|
export {default as roleMiddleware} from './roleMiddleware';
|
|
4
5
|
export {default as adminRoleMiddleware} from './adminRoleMiddleware';
|
|
5
6
|
export {default as systemRoleMiddleware} from './systemRoleMiddleware';
|