@azteam/express 1.2.359 → 1.2.361
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/Server.js +1 -1
- package/lib/controller/AdminController.js +16 -13
- package/lib/middleware/adminRoleMiddleware.js +2 -2
- package/lib/middleware/index.js +0 -7
- package/lib/middleware/roleMiddleware.js +49 -11
- package/lib/middleware/systemRoleMiddleware.js +2 -2
- package/package.json +1 -1
- package/src/Server.js +1 -1
- package/src/controller/AdminController.js +33 -13
- package/src/middleware/adminRoleMiddleware.js +2 -2
- package/src/middleware/index.js +0 -1
- package/src/middleware/roleMiddleware.js +34 -3
- package/src/middleware/systemRoleMiddleware.js +2 -2
- package/lib/middleware/apiLoginMiddleware.js +0 -82
- package/src/middleware/apiLoginMiddleware.js +0 -43
package/lib/Server.js
CHANGED
|
@@ -250,7 +250,7 @@ var Server = /*#__PURE__*/function () {
|
|
|
250
250
|
var origin = req.get('Origin');
|
|
251
251
|
req.rootOrigin = origin ? _psl["default"].parse(origin.replace(/(?:[\0-\t\x0B\f\x0E-\u2027\u202A-\uD7FF\uE000-\uFFFF]|[\uD800-\uDBFF][\uDC00-\uDFFF]|[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:[^\uD800-\uDBFF]|^)[\uDC00-\uDFFF])*\/\//, '')).domain : null;
|
|
252
252
|
req.trackDevice = {
|
|
253
|
-
ip: req.headers['x-
|
|
253
|
+
ip: req.headers['x-real-ip'] || req.ip,
|
|
254
254
|
device: req.get('X-DEVICE') || req.get('User-Agent'),
|
|
255
255
|
device_id: req.get('X-DEVICE-ID') || 'web',
|
|
256
256
|
os: req.get('X-OS') || 'web'
|
|
@@ -302,7 +302,10 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
302
302
|
IMPORT: null,
|
|
303
303
|
EXPORT: null
|
|
304
304
|
}, options.roles);
|
|
305
|
-
_this.
|
|
305
|
+
_this.roleMiddlewareOptions = {
|
|
306
|
+
secretKey: options.secretKey || process.env.SECRET_KEY,
|
|
307
|
+
systemURL: options.systemURL || process.env.systemURL
|
|
308
|
+
};
|
|
306
309
|
_this.paginateOptions = options.paginateOptions || {
|
|
307
310
|
autocompleteField: null,
|
|
308
311
|
allowSearchFields: [],
|
|
@@ -325,7 +328,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
325
328
|
return {
|
|
326
329
|
disabled: !this.roles.READ,
|
|
327
330
|
path: '/',
|
|
328
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.
|
|
331
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.roleMiddlewareOptions), (0, _middleware.paginateMiddleware)(this.paginateOptions), this.methodGetPaginate]
|
|
329
332
|
};
|
|
330
333
|
}
|
|
331
334
|
}, {
|
|
@@ -334,7 +337,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
334
337
|
return {
|
|
335
338
|
disabled: !this.roles.READ,
|
|
336
339
|
path: '/',
|
|
337
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.
|
|
340
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.roleMiddlewareOptions), (0, _middleware.paginateMiddleware)(this.paginateOptions), this.methodGetPaginateTrash]
|
|
338
341
|
};
|
|
339
342
|
}
|
|
340
343
|
}, {
|
|
@@ -343,7 +346,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
343
346
|
return {
|
|
344
347
|
disabled: !this.roles.READ,
|
|
345
348
|
path: '/:id([a-zA-Z0-9]+)',
|
|
346
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.
|
|
349
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodGetOne]
|
|
347
350
|
};
|
|
348
351
|
}
|
|
349
352
|
}, {
|
|
@@ -352,7 +355,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
352
355
|
return {
|
|
353
356
|
disabled: !this.roles.READ,
|
|
354
357
|
path: '/:id([a-zA-Z0-9]+)',
|
|
355
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.
|
|
358
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.READ], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodGetOneTrash]
|
|
356
359
|
};
|
|
357
360
|
}
|
|
358
361
|
}, {
|
|
@@ -404,7 +407,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
404
407
|
return {
|
|
405
408
|
disabled: !this.roles.CREATE,
|
|
406
409
|
path: '/',
|
|
407
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.CREATE], this.
|
|
410
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.CREATE], this.roleMiddlewareOptions), /*#__PURE__*/function () {
|
|
408
411
|
var _ref10 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee12(req, res) {
|
|
409
412
|
var data, item;
|
|
410
413
|
return _regeneratorRuntime().wrap(function _callee12$(_context12) {
|
|
@@ -486,7 +489,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
486
489
|
return {
|
|
487
490
|
disabled: !this.roles.UPDATE,
|
|
488
491
|
path: '/:id([a-zA-Z0-9]+)',
|
|
489
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.
|
|
492
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
490
493
|
var _ref11 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee15(req, res) {
|
|
491
494
|
var item, data;
|
|
492
495
|
return _regeneratorRuntime().wrap(function _callee15$(_context15) {
|
|
@@ -533,7 +536,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
533
536
|
return {
|
|
534
537
|
disabled: !this.roles.UPDATE,
|
|
535
538
|
path: '/available/:id([a-zA-Z0-9]+)',
|
|
536
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.
|
|
539
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
537
540
|
var _ref12 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee16(req, res) {
|
|
538
541
|
var item;
|
|
539
542
|
return _regeneratorRuntime().wrap(function _callee16$(_context16) {
|
|
@@ -578,7 +581,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
578
581
|
return {
|
|
579
582
|
disabled: !this.roles.UPDATE,
|
|
580
583
|
path: '/unavailable/:id([a-zA-Z0-9]+)',
|
|
581
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.
|
|
584
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
582
585
|
var _ref13 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee17(req, res) {
|
|
583
586
|
var item;
|
|
584
587
|
return _regeneratorRuntime().wrap(function _callee17$(_context17) {
|
|
@@ -623,7 +626,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
623
626
|
return {
|
|
624
627
|
disabled: !this.roles.UPDATE,
|
|
625
628
|
path: '/waiting/:id([a-zA-Z0-9]+)',
|
|
626
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.
|
|
629
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.UPDATE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), /*#__PURE__*/function () {
|
|
627
630
|
var _ref14 = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee18(req, res) {
|
|
628
631
|
var item;
|
|
629
632
|
return _regeneratorRuntime().wrap(function _callee18$(_context18) {
|
|
@@ -688,7 +691,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
688
691
|
return {
|
|
689
692
|
disabled: !this.roles.DELETE,
|
|
690
693
|
path: '/:id([a-zA-Z0-9]+)',
|
|
691
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DELETE], this.
|
|
694
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DELETE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodDelete]
|
|
692
695
|
};
|
|
693
696
|
}
|
|
694
697
|
}, {
|
|
@@ -697,7 +700,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
697
700
|
return {
|
|
698
701
|
disabled: !this.roles.RESTORE,
|
|
699
702
|
path: '/:id([a-zA-Z0-9]+)',
|
|
700
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.RESTORE], this.
|
|
703
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.RESTORE], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodPostRestoreTrash]
|
|
701
704
|
};
|
|
702
705
|
}
|
|
703
706
|
}, {
|
|
@@ -727,7 +730,7 @@ var AdminController = /*#__PURE__*/function (_Controller) {
|
|
|
727
730
|
return {
|
|
728
731
|
disabled: !this.roles.DESTROY,
|
|
729
732
|
path: '/:id([a-zA-Z0-9]+)',
|
|
730
|
-
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DESTROY], this.
|
|
733
|
+
method: [(0, _middleware.adminRoleMiddleware)([this.roles.DESTROY], this.roleMiddlewareOptions), (0, _middleware.validateMiddleware)(_constant.REQUEST_TYPE.PARAMS, _validator.rulesId), this.methodDeleteDestroyTrash]
|
|
731
734
|
};
|
|
732
735
|
}
|
|
733
736
|
}]);
|
|
@@ -9,6 +9,6 @@ var _roleMiddleware = _interopRequireDefault(require("./roleMiddleware"));
|
|
|
9
9
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
|
|
10
10
|
function _default() {
|
|
11
11
|
var roles = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
|
|
12
|
-
var
|
|
13
|
-
return (0, _roleMiddleware["default"])(roles, _constant.USER_LEVEL.ADMIN,
|
|
12
|
+
var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
13
|
+
return (0, _roleMiddleware["default"])(roles, _constant.USER_LEVEL.ADMIN, options);
|
|
14
14
|
}
|
package/lib/middleware/index.js
CHANGED
|
@@ -9,12 +9,6 @@ Object.defineProperty(exports, "adminRoleMiddleware", {
|
|
|
9
9
|
return _adminRoleMiddleware["default"];
|
|
10
10
|
}
|
|
11
11
|
});
|
|
12
|
-
Object.defineProperty(exports, "apiLoginMiddleware", {
|
|
13
|
-
enumerable: true,
|
|
14
|
-
get: function get() {
|
|
15
|
-
return _apiLoginMiddleware["default"];
|
|
16
|
-
}
|
|
17
|
-
});
|
|
18
12
|
Object.defineProperty(exports, "cacheMiddleware", {
|
|
19
13
|
enumerable: true,
|
|
20
14
|
get: function get() {
|
|
@@ -77,7 +71,6 @@ Object.defineProperty(exports, "verifyGoogleAppMiddleware", {
|
|
|
77
71
|
});
|
|
78
72
|
var _signMiddleware = _interopRequireDefault(require("./signMiddleware"));
|
|
79
73
|
var _etagMiddleware = _interopRequireDefault(require("./etagMiddleware"));
|
|
80
|
-
var _apiLoginMiddleware = _interopRequireDefault(require("./apiLoginMiddleware"));
|
|
81
74
|
var _roleMiddleware = _interopRequireDefault(require("./roleMiddleware"));
|
|
82
75
|
var _adminRoleMiddleware = _interopRequireDefault(require("./adminRoleMiddleware"));
|
|
83
76
|
var _systemRoleMiddleware = _interopRequireDefault(require("./systemRoleMiddleware"));
|
|
@@ -5,13 +5,17 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
5
5
|
value: true
|
|
6
6
|
});
|
|
7
7
|
exports["default"] = _default;
|
|
8
|
-
var _error = require("@azteam/error");
|
|
9
8
|
var _jsonwebtoken = _interopRequireDefault(require("jsonwebtoken"));
|
|
10
9
|
var _constant = require("@azteam/constant");
|
|
10
|
+
var _httpClient = _interopRequireDefault(require("@azteam/http-client"));
|
|
11
|
+
var _error = require("@azteam/error");
|
|
11
12
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
|
|
12
13
|
function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return exports; }; var exports = {}, Op = Object.prototype, hasOwn = Op.hasOwnProperty, $Symbol = "function" == typeof Symbol ? Symbol : {}, iteratorSymbol = $Symbol.iterator || "@@iterator", asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator", toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag"; function define(obj, key, value) { return Object.defineProperty(obj, key, { value: value, enumerable: !0, configurable: !0, writable: !0 }), obj[key]; } try { define({}, ""); } catch (err) { define = function define(obj, key, value) { return obj[key] = value; }; } function wrap(innerFn, outerFn, self, tryLocsList) { var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator, generator = Object.create(protoGenerator.prototype), context = new Context(tryLocsList || []); return generator._invoke = function (innerFn, self, context) { var state = "suspendedStart"; return function (method, arg) { if ("executing" === state) throw new Error("Generator is already running"); if ("completed" === state) { if ("throw" === method) throw arg; return doneResult(); } for (context.method = method, context.arg = arg;;) { var delegate = context.delegate; if (delegate) { var delegateResult = maybeInvokeDelegate(delegate, context); if (delegateResult) { if (delegateResult === ContinueSentinel) continue; return delegateResult; } } if ("next" === context.method) context.sent = context._sent = context.arg;else if ("throw" === context.method) { if ("suspendedStart" === state) throw state = "completed", context.arg; context.dispatchException(context.arg); } else "return" === context.method && context.abrupt("return", context.arg); state = "executing"; var record = tryCatch(innerFn, self, context); if ("normal" === record.type) { if (state = context.done ? "completed" : "suspendedYield", record.arg === ContinueSentinel) continue; return { value: record.arg, done: context.done }; } "throw" === record.type && (state = "completed", context.method = "throw", context.arg = record.arg); } }; }(innerFn, self, context), generator; } function tryCatch(fn, obj, arg) { try { return { type: "normal", arg: fn.call(obj, arg) }; } catch (err) { return { type: "throw", arg: err }; } } exports.wrap = wrap; var ContinueSentinel = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var IteratorPrototype = {}; define(IteratorPrototype, iteratorSymbol, function () { return this; }); var getProto = Object.getPrototypeOf, NativeIteratorPrototype = getProto && getProto(getProto(values([]))); NativeIteratorPrototype && NativeIteratorPrototype !== Op && hasOwn.call(NativeIteratorPrototype, iteratorSymbol) && (IteratorPrototype = NativeIteratorPrototype); var Gp = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(IteratorPrototype); function defineIteratorMethods(prototype) { ["next", "throw", "return"].forEach(function (method) { define(prototype, method, function (arg) { return this._invoke(method, arg); }); }); } function AsyncIterator(generator, PromiseImpl) { function invoke(method, arg, resolve, reject) { var record = tryCatch(generator[method], generator, arg); if ("throw" !== record.type) { var result = record.arg, value = result.value; return value && "object" == _typeof(value) && hasOwn.call(value, "__await") ? PromiseImpl.resolve(value.__await).then(function (value) { invoke("next", value, resolve, reject); }, function (err) { invoke("throw", err, resolve, reject); }) : PromiseImpl.resolve(value).then(function (unwrapped) { result.value = unwrapped, resolve(result); }, function (error) { return invoke("throw", error, resolve, reject); }); } reject(record.arg); } var previousPromise; this._invoke = function (method, arg) { function callInvokeWithMethodAndArg() { return new PromiseImpl(function (resolve, reject) { invoke(method, arg, resolve, reject); }); } return previousPromise = previousPromise ? previousPromise.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg(); }; } function maybeInvokeDelegate(delegate, context) { var method = delegate.iterator[context.method]; if (undefined === method) { if (context.delegate = null, "throw" === context.method) { if (delegate.iterator["return"] && (context.method = "return", context.arg = undefined, maybeInvokeDelegate(delegate, context), "throw" === context.method)) return ContinueSentinel; context.method = "throw", context.arg = new TypeError("The iterator does not provide a 'throw' method"); } return ContinueSentinel; } var record = tryCatch(method, delegate.iterator, context.arg); if ("throw" === record.type) return context.method = "throw", context.arg = record.arg, context.delegate = null, ContinueSentinel; var info = record.arg; return info ? info.done ? (context[delegate.resultName] = info.value, context.next = delegate.nextLoc, "return" !== context.method && (context.method = "next", context.arg = undefined), context.delegate = null, ContinueSentinel) : info : (context.method = "throw", context.arg = new TypeError("iterator result is not an object"), context.delegate = null, ContinueSentinel); } function pushTryEntry(locs) { var entry = { tryLoc: locs[0] }; 1 in locs && (entry.catchLoc = locs[1]), 2 in locs && (entry.finallyLoc = locs[2], entry.afterLoc = locs[3]), this.tryEntries.push(entry); } function resetTryEntry(entry) { var record = entry.completion || {}; record.type = "normal", delete record.arg, entry.completion = record; } function Context(tryLocsList) { this.tryEntries = [{ tryLoc: "root" }], tryLocsList.forEach(pushTryEntry, this), this.reset(!0); } function values(iterable) { if (iterable) { var iteratorMethod = iterable[iteratorSymbol]; if (iteratorMethod) return iteratorMethod.call(iterable); if ("function" == typeof iterable.next) return iterable; if (!isNaN(iterable.length)) { var i = -1, next = function next() { for (; ++i < iterable.length;) { if (hasOwn.call(iterable, i)) return next.value = iterable[i], next.done = !1, next; } return next.value = undefined, next.done = !0, next; }; return next.next = next; } } return { next: doneResult }; } function doneResult() { return { value: undefined, done: !0 }; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, define(Gp, "constructor", GeneratorFunctionPrototype), define(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, toStringTagSymbol, "GeneratorFunction"), exports.isGeneratorFunction = function (genFun) { var ctor = "function" == typeof genFun && genFun.constructor; return !!ctor && (ctor === GeneratorFunction || "GeneratorFunction" === (ctor.displayName || ctor.name)); }, exports.mark = function (genFun) { return Object.setPrototypeOf ? Object.setPrototypeOf(genFun, GeneratorFunctionPrototype) : (genFun.__proto__ = GeneratorFunctionPrototype, define(genFun, toStringTagSymbol, "GeneratorFunction")), genFun.prototype = Object.create(Gp), genFun; }, exports.awrap = function (arg) { return { __await: arg }; }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, asyncIteratorSymbol, function () { return this; }), exports.AsyncIterator = AsyncIterator, exports.async = function (innerFn, outerFn, self, tryLocsList, PromiseImpl) { void 0 === PromiseImpl && (PromiseImpl = Promise); var iter = new AsyncIterator(wrap(innerFn, outerFn, self, tryLocsList), PromiseImpl); return exports.isGeneratorFunction(outerFn) ? iter : iter.next().then(function (result) { return result.done ? result.value : iter.next(); }); }, defineIteratorMethods(Gp), define(Gp, toStringTagSymbol, "Generator"), define(Gp, iteratorSymbol, function () { return this; }), define(Gp, "toString", function () { return "[object Generator]"; }), exports.keys = function (object) { var keys = []; for (var key in object) { keys.push(key); } return keys.reverse(), function next() { for (; keys.length;) { var key = keys.pop(); if (key in object) return next.value = key, next.done = !1, next; } return next.done = !0, next; }; }, exports.values = values, Context.prototype = { constructor: Context, reset: function reset(skipTempReset) { if (this.prev = 0, this.next = 0, this.sent = this._sent = undefined, this.done = !1, this.delegate = null, this.method = "next", this.arg = undefined, this.tryEntries.forEach(resetTryEntry), !skipTempReset) for (var name in this) { "t" === name.charAt(0) && hasOwn.call(this, name) && !isNaN(+name.slice(1)) && (this[name] = undefined); } }, stop: function stop() { this.done = !0; var rootRecord = this.tryEntries[0].completion; if ("throw" === rootRecord.type) throw rootRecord.arg; return this.rval; }, dispatchException: function dispatchException(exception) { if (this.done) throw exception; var context = this; function handle(loc, caught) { return record.type = "throw", record.arg = exception, context.next = loc, caught && (context.method = "next", context.arg = undefined), !!caught; } for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i], record = entry.completion; if ("root" === entry.tryLoc) return handle("end"); if (entry.tryLoc <= this.prev) { var hasCatch = hasOwn.call(entry, "catchLoc"), hasFinally = hasOwn.call(entry, "finallyLoc"); if (hasCatch && hasFinally) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } else if (hasCatch) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); } else { if (!hasFinally) throw new Error("try statement without catch or finally"); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } } } }, abrupt: function abrupt(type, arg) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc <= this.prev && hasOwn.call(entry, "finallyLoc") && this.prev < entry.finallyLoc) { var finallyEntry = entry; break; } } finallyEntry && ("break" === type || "continue" === type) && finallyEntry.tryLoc <= arg && arg <= finallyEntry.finallyLoc && (finallyEntry = null); var record = finallyEntry ? finallyEntry.completion : {}; return record.type = type, record.arg = arg, finallyEntry ? (this.method = "next", this.next = finallyEntry.finallyLoc, ContinueSentinel) : this.complete(record); }, complete: function complete(record, afterLoc) { if ("throw" === record.type) throw record.arg; return "break" === record.type || "continue" === record.type ? this.next = record.arg : "return" === record.type ? (this.rval = this.arg = record.arg, this.method = "return", this.next = "end") : "normal" === record.type && afterLoc && (this.next = afterLoc), ContinueSentinel; }, finish: function finish(finallyLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.finallyLoc === finallyLoc) return this.complete(entry.completion, entry.afterLoc), resetTryEntry(entry), ContinueSentinel; } }, "catch": function _catch(tryLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc === tryLoc) { var record = entry.completion; if ("throw" === record.type) { var thrown = record.arg; resetTryEntry(entry); } return thrown; } } throw new Error("illegal catch attempt"); }, delegateYield: function delegateYield(iterable, resultName, nextLoc) { return this.delegate = { iterator: values(iterable), resultName: resultName, nextLoc: nextLoc }, "next" === this.method && (this.arg = undefined), ContinueSentinel; } }, exports; }
|
|
13
14
|
function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
|
|
14
15
|
function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
|
|
16
|
+
function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
17
|
+
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { _defineProperty(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
|
|
18
|
+
function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
|
|
15
19
|
function systemLogin() {
|
|
16
20
|
var userData = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
|
|
17
21
|
var user = {};
|
|
@@ -25,21 +29,25 @@ function systemLogin() {
|
|
|
25
29
|
function _default() {
|
|
26
30
|
var roles = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
|
|
27
31
|
var minLevel = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : _constant.USER_LEVEL.USER;
|
|
28
|
-
var
|
|
32
|
+
var options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
33
|
+
options = _objectSpread({
|
|
34
|
+
secretKey: process.env.SECRET_KEY,
|
|
35
|
+
systemURL: process.env.SYSTEM_URL
|
|
36
|
+
}, options);
|
|
29
37
|
return /*#__PURE__*/function () {
|
|
30
38
|
var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(req, res, next) {
|
|
31
|
-
var headers, token;
|
|
39
|
+
var headers, _options, secretKey, systemURL, token, apiURL, splitToken, client, response;
|
|
32
40
|
return _regeneratorRuntime().wrap(function _callee$(_context) {
|
|
33
41
|
while (1) {
|
|
34
42
|
switch (_context.prev = _context.next) {
|
|
35
43
|
case 0:
|
|
36
|
-
headers = req.headers;
|
|
44
|
+
headers = req.headers, _options = options, secretKey = _options.secretKey, systemURL = _options.systemURL;
|
|
37
45
|
if (!(headers['x-app-secret'] === secretKey)) {
|
|
38
46
|
_context.next = 5;
|
|
39
47
|
break;
|
|
40
48
|
}
|
|
41
49
|
req.user = systemLogin(headers['x-app-user']);
|
|
42
|
-
_context.next =
|
|
50
|
+
_context.next = 33;
|
|
43
51
|
break;
|
|
44
52
|
case 5:
|
|
45
53
|
token = null;
|
|
@@ -47,7 +55,7 @@ function _default() {
|
|
|
47
55
|
token = headers.authorization;
|
|
48
56
|
}
|
|
49
57
|
if (!token) {
|
|
50
|
-
_context.next =
|
|
58
|
+
_context.next = 33;
|
|
51
59
|
break;
|
|
52
60
|
}
|
|
53
61
|
if (!token.startsWith('Bearer ')) {
|
|
@@ -70,23 +78,53 @@ function _default() {
|
|
|
70
78
|
case 18:
|
|
71
79
|
throw new _error.ErrorException(_error.TOKEN_FAILED, _context.t0);
|
|
72
80
|
case 19:
|
|
81
|
+
if (!token.startsWith('apikey ')) {
|
|
82
|
+
_context.next = 33;
|
|
83
|
+
break;
|
|
84
|
+
}
|
|
85
|
+
token = token.replace('apikey ', '');
|
|
86
|
+
apiURL = "".concat(systemURL, "/auth/login_api/").concat(token);
|
|
87
|
+
splitToken = token.split(':');
|
|
88
|
+
if (splitToken.length === 2) {
|
|
89
|
+
apiURL = "https://".concat(req.hostname, "/auth/login_api/").concat(splitToken[1]);
|
|
90
|
+
}
|
|
91
|
+
client = new _httpClient["default"]({
|
|
92
|
+
timeout: 20000,
|
|
93
|
+
headers: {
|
|
94
|
+
'User-Agent': 'toda-api'
|
|
95
|
+
}
|
|
96
|
+
});
|
|
97
|
+
_context.next = 27;
|
|
98
|
+
return client.get(apiURL);
|
|
99
|
+
case 27:
|
|
100
|
+
response = _context.sent;
|
|
101
|
+
if (!response.success) {
|
|
102
|
+
_context.next = 32;
|
|
103
|
+
break;
|
|
104
|
+
}
|
|
105
|
+
req.user = response.data;
|
|
106
|
+
_context.next = 33;
|
|
107
|
+
break;
|
|
108
|
+
case 32:
|
|
109
|
+
throw new _error.ErrorException(_error.TOKEN_FAILED);
|
|
110
|
+
case 33:
|
|
73
111
|
if (req.user) {
|
|
74
|
-
_context.next =
|
|
112
|
+
_context.next = 35;
|
|
75
113
|
break;
|
|
76
114
|
}
|
|
77
115
|
throw new _error.ErrorException(_error.UNAUTHORIZED);
|
|
78
|
-
case
|
|
116
|
+
case 35:
|
|
79
117
|
req.user.level = req.user.level || _constant.USER_LEVEL.USER;
|
|
80
118
|
if (!(!roles || req.user.level === 100 || req.user.level >= minLevel && req.user.roles.some(function (r) {
|
|
81
119
|
return roles.includes(r);
|
|
82
120
|
}))) {
|
|
83
|
-
_context.next =
|
|
121
|
+
_context.next = 38;
|
|
84
122
|
break;
|
|
85
123
|
}
|
|
86
124
|
return _context.abrupt("return", next());
|
|
87
|
-
case
|
|
125
|
+
case 38:
|
|
88
126
|
throw new _error.ErrorException(_error.PERMISSION);
|
|
89
|
-
case
|
|
127
|
+
case 39:
|
|
90
128
|
case "end":
|
|
91
129
|
return _context.stop();
|
|
92
130
|
}
|
|
@@ -8,6 +8,6 @@ var _constant = require("@azteam/constant");
|
|
|
8
8
|
var _roleMiddleware = _interopRequireDefault(require("./roleMiddleware"));
|
|
9
9
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
|
|
10
10
|
function _default() {
|
|
11
|
-
var
|
|
12
|
-
return (0, _roleMiddleware["default"])(null, _constant.USER_LEVEL.SYSTEM,
|
|
11
|
+
var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
12
|
+
return (0, _roleMiddleware["default"])(null, _constant.USER_LEVEL.SYSTEM, options);
|
|
13
13
|
}
|
package/package.json
CHANGED
package/src/Server.js
CHANGED
|
@@ -244,7 +244,7 @@ class Server {
|
|
|
244
244
|
req.rootOrigin = origin ? psl.parse(origin.replace(/.*\/\//u, '')).domain : null;
|
|
245
245
|
|
|
246
246
|
req.trackDevice = {
|
|
247
|
-
ip: req.headers['x-
|
|
247
|
+
ip: req.headers['x-real-ip'] || req.ip,
|
|
248
248
|
device: req.get('X-DEVICE') || req.get('User-Agent'),
|
|
249
249
|
device_id: req.get('X-DEVICE-ID') || 'web',
|
|
250
250
|
os: req.get('X-OS') || 'web',
|
|
@@ -39,7 +39,11 @@ class AdminController extends Controller {
|
|
|
39
39
|
...options.roles,
|
|
40
40
|
};
|
|
41
41
|
|
|
42
|
-
this.
|
|
42
|
+
this.roleMiddlewareOptions = {
|
|
43
|
+
secretKey: options.secretKey || process.env.SECRET_KEY,
|
|
44
|
+
systemURL: options.systemURL || process.env.systemURL,
|
|
45
|
+
};
|
|
46
|
+
|
|
43
47
|
this.paginateOptions = options.paginateOptions || {
|
|
44
48
|
autocompleteField: null,
|
|
45
49
|
allowSearchFields: [],
|
|
@@ -78,7 +82,11 @@ class AdminController extends Controller {
|
|
|
78
82
|
return {
|
|
79
83
|
disabled: !this.roles.READ,
|
|
80
84
|
path: '/',
|
|
81
|
-
method: [
|
|
85
|
+
method: [
|
|
86
|
+
adminRoleMiddleware([this.roles.READ], this.roleMiddlewareOptions),
|
|
87
|
+
paginateMiddleware(this.paginateOptions),
|
|
88
|
+
this.methodGetPaginate,
|
|
89
|
+
],
|
|
82
90
|
};
|
|
83
91
|
}
|
|
84
92
|
|
|
@@ -91,7 +99,11 @@ class AdminController extends Controller {
|
|
|
91
99
|
return {
|
|
92
100
|
disabled: !this.roles.READ,
|
|
93
101
|
path: '/',
|
|
94
|
-
method: [
|
|
102
|
+
method: [
|
|
103
|
+
adminRoleMiddleware([this.roles.READ], this.roleMiddlewareOptions),
|
|
104
|
+
paginateMiddleware(this.paginateOptions),
|
|
105
|
+
this.methodGetPaginateTrash,
|
|
106
|
+
],
|
|
95
107
|
};
|
|
96
108
|
}
|
|
97
109
|
|
|
@@ -105,7 +117,11 @@ class AdminController extends Controller {
|
|
|
105
117
|
return {
|
|
106
118
|
disabled: !this.roles.READ,
|
|
107
119
|
path: '/:id([a-zA-Z0-9]+)',
|
|
108
|
-
method: [
|
|
120
|
+
method: [
|
|
121
|
+
adminRoleMiddleware([this.roles.READ], this.roleMiddlewareOptions),
|
|
122
|
+
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
123
|
+
this.methodGetOne,
|
|
124
|
+
],
|
|
109
125
|
};
|
|
110
126
|
}
|
|
111
127
|
|
|
@@ -120,7 +136,7 @@ class AdminController extends Controller {
|
|
|
120
136
|
disabled: !this.roles.READ,
|
|
121
137
|
path: '/:id([a-zA-Z0-9]+)',
|
|
122
138
|
method: [
|
|
123
|
-
adminRoleMiddleware([this.roles.READ], this.
|
|
139
|
+
adminRoleMiddleware([this.roles.READ], this.roleMiddlewareOptions),
|
|
124
140
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
125
141
|
this.methodGetOneTrash,
|
|
126
142
|
],
|
|
@@ -144,7 +160,7 @@ class AdminController extends Controller {
|
|
|
144
160
|
disabled: !this.roles.CREATE,
|
|
145
161
|
path: '/',
|
|
146
162
|
method: [
|
|
147
|
-
adminRoleMiddleware([this.roles.CREATE], this.
|
|
163
|
+
adminRoleMiddleware([this.roles.CREATE], this.roleMiddlewareOptions),
|
|
148
164
|
async (req, res) => {
|
|
149
165
|
const data = await this.beforeCreate(req.body);
|
|
150
166
|
|
|
@@ -175,7 +191,7 @@ class AdminController extends Controller {
|
|
|
175
191
|
disabled: !this.roles.UPDATE,
|
|
176
192
|
path: '/:id([a-zA-Z0-9]+)',
|
|
177
193
|
method: [
|
|
178
|
-
adminRoleMiddleware([this.roles.UPDATE], this.
|
|
194
|
+
adminRoleMiddleware([this.roles.UPDATE], this.roleMiddlewareOptions),
|
|
179
195
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
180
196
|
async (req, res) => {
|
|
181
197
|
let item = await this.repository.findOneById(req.params.id);
|
|
@@ -198,7 +214,7 @@ class AdminController extends Controller {
|
|
|
198
214
|
disabled: !this.roles.UPDATE,
|
|
199
215
|
path: '/available/:id([a-zA-Z0-9]+)',
|
|
200
216
|
method: [
|
|
201
|
-
adminRoleMiddleware([this.roles.UPDATE], this.
|
|
217
|
+
adminRoleMiddleware([this.roles.UPDATE], this.roleMiddlewareOptions),
|
|
202
218
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
203
219
|
async (req, res) => {
|
|
204
220
|
let item = await this.repository.findOneById(req.params.id);
|
|
@@ -219,7 +235,7 @@ class AdminController extends Controller {
|
|
|
219
235
|
disabled: !this.roles.UPDATE,
|
|
220
236
|
path: '/unavailable/:id([a-zA-Z0-9]+)',
|
|
221
237
|
method: [
|
|
222
|
-
adminRoleMiddleware([this.roles.UPDATE], this.
|
|
238
|
+
adminRoleMiddleware([this.roles.UPDATE], this.roleMiddlewareOptions),
|
|
223
239
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
224
240
|
async (req, res) => {
|
|
225
241
|
let item = await this.repository.findOneById(req.params.id);
|
|
@@ -240,7 +256,7 @@ class AdminController extends Controller {
|
|
|
240
256
|
disabled: !this.roles.UPDATE,
|
|
241
257
|
path: '/waiting/:id([a-zA-Z0-9]+)',
|
|
242
258
|
method: [
|
|
243
|
-
adminRoleMiddleware([this.roles.UPDATE], this.
|
|
259
|
+
adminRoleMiddleware([this.roles.UPDATE], this.roleMiddlewareOptions),
|
|
244
260
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
245
261
|
async (req, res) => {
|
|
246
262
|
let item = await this.repository.findOneById(req.params.id);
|
|
@@ -275,7 +291,11 @@ class AdminController extends Controller {
|
|
|
275
291
|
return {
|
|
276
292
|
disabled: !this.roles.DELETE,
|
|
277
293
|
path: '/:id([a-zA-Z0-9]+)',
|
|
278
|
-
method: [
|
|
294
|
+
method: [
|
|
295
|
+
adminRoleMiddleware([this.roles.DELETE], this.roleMiddlewareOptions),
|
|
296
|
+
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
297
|
+
this.methodDelete,
|
|
298
|
+
],
|
|
279
299
|
};
|
|
280
300
|
}
|
|
281
301
|
|
|
@@ -293,7 +313,7 @@ class AdminController extends Controller {
|
|
|
293
313
|
disabled: !this.roles.RESTORE,
|
|
294
314
|
path: '/:id([a-zA-Z0-9]+)',
|
|
295
315
|
method: [
|
|
296
|
-
adminRoleMiddleware([this.roles.RESTORE], this.
|
|
316
|
+
adminRoleMiddleware([this.roles.RESTORE], this.roleMiddlewareOptions),
|
|
297
317
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
298
318
|
this.methodPostRestoreTrash,
|
|
299
319
|
],
|
|
@@ -329,7 +349,7 @@ class AdminController extends Controller {
|
|
|
329
349
|
disabled: !this.roles.DESTROY,
|
|
330
350
|
path: '/:id([a-zA-Z0-9]+)',
|
|
331
351
|
method: [
|
|
332
|
-
adminRoleMiddleware([this.roles.DESTROY], this.
|
|
352
|
+
adminRoleMiddleware([this.roles.DESTROY], this.roleMiddlewareOptions),
|
|
333
353
|
validateMiddleware(REQUEST_TYPE.PARAMS, rulesId),
|
|
334
354
|
this.methodDeleteDestroyTrash,
|
|
335
355
|
],
|
|
@@ -2,6 +2,6 @@ import {USER_LEVEL} from '@azteam/constant';
|
|
|
2
2
|
|
|
3
3
|
import roleMiddleware from './roleMiddleware';
|
|
4
4
|
|
|
5
|
-
export default function (roles = null,
|
|
6
|
-
return roleMiddleware(roles, USER_LEVEL.ADMIN,
|
|
5
|
+
export default function (roles = null, options = {}) {
|
|
6
|
+
return roleMiddleware(roles, USER_LEVEL.ADMIN, options);
|
|
7
7
|
}
|
package/src/middleware/index.js
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
export {default as signMiddleware} from './signMiddleware';
|
|
2
2
|
export {default as etagMiddleware} from './etagMiddleware';
|
|
3
|
-
export {default as apiLoginMiddleware} from './apiLoginMiddleware';
|
|
4
3
|
export {default as roleMiddleware} from './roleMiddleware';
|
|
5
4
|
export {default as adminRoleMiddleware} from './adminRoleMiddleware';
|
|
6
5
|
export {default as systemRoleMiddleware} from './systemRoleMiddleware';
|
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import {ErrorException, PERMISSION, UNAUTHORIZED, TOKEN_EXPIRED, TOKEN_FAILED} from '@azteam/error';
|
|
2
1
|
import jwt from 'jsonwebtoken';
|
|
3
2
|
import {USER_LEVEL} from '@azteam/constant';
|
|
3
|
+
import HttpClient from '@azteam/http-client';
|
|
4
|
+
import {ErrorException, PERMISSION, UNAUTHORIZED, TOKEN_EXPIRED, TOKEN_FAILED} from '@azteam/error';
|
|
4
5
|
|
|
5
6
|
function systemLogin(userData = null) {
|
|
6
7
|
let user = {};
|
|
@@ -12,9 +13,16 @@ function systemLogin(userData = null) {
|
|
|
12
13
|
return user;
|
|
13
14
|
}
|
|
14
15
|
|
|
15
|
-
export default function (roles = null, minLevel = USER_LEVEL.USER,
|
|
16
|
+
export default function (roles = null, minLevel = USER_LEVEL.USER, options = {}) {
|
|
17
|
+
options = {
|
|
18
|
+
secretKey: process.env.SECRET_KEY,
|
|
19
|
+
systemURL: process.env.SYSTEM_URL,
|
|
20
|
+
...options,
|
|
21
|
+
};
|
|
22
|
+
|
|
16
23
|
return async function (req, res, next) {
|
|
17
|
-
const {headers} = req
|
|
24
|
+
const {headers} = req,
|
|
25
|
+
{secretKey, systemURL} = options;
|
|
18
26
|
|
|
19
27
|
if (headers['x-app-secret'] === secretKey) {
|
|
20
28
|
req.user = systemLogin(headers['x-app-user']);
|
|
@@ -38,6 +46,29 @@ export default function (roles = null, minLevel = USER_LEVEL.USER, secretKey = p
|
|
|
38
46
|
throw new ErrorException(TOKEN_FAILED, err);
|
|
39
47
|
}
|
|
40
48
|
}
|
|
49
|
+
|
|
50
|
+
if (token.startsWith('apikey ')) {
|
|
51
|
+
token = token.replace('apikey ', '');
|
|
52
|
+
let apiURL = `${systemURL}/auth/login_api/${token}`;
|
|
53
|
+
|
|
54
|
+
const splitToken = token.split(':');
|
|
55
|
+
if (splitToken.length === 2) {
|
|
56
|
+
apiURL = `https://${req.hostname}/auth/login_api/${splitToken[1]}`;
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
const client = new HttpClient({
|
|
60
|
+
timeout: 20000,
|
|
61
|
+
headers: {
|
|
62
|
+
'User-Agent': 'toda-api',
|
|
63
|
+
},
|
|
64
|
+
}),
|
|
65
|
+
response = await client.get(apiURL);
|
|
66
|
+
if (response.success) {
|
|
67
|
+
req.user = response.data;
|
|
68
|
+
} else {
|
|
69
|
+
throw new ErrorException(TOKEN_FAILED);
|
|
70
|
+
}
|
|
71
|
+
}
|
|
41
72
|
}
|
|
42
73
|
}
|
|
43
74
|
|
|
@@ -2,6 +2,6 @@ import {USER_LEVEL} from '@azteam/constant';
|
|
|
2
2
|
|
|
3
3
|
import roleMiddleware from './roleMiddleware';
|
|
4
4
|
|
|
5
|
-
export default function (
|
|
6
|
-
return roleMiddleware(null, USER_LEVEL.SYSTEM,
|
|
5
|
+
export default function (options = {}) {
|
|
6
|
+
return roleMiddleware(null, USER_LEVEL.SYSTEM, options);
|
|
7
7
|
}
|
|
@@ -1,82 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
|
|
3
|
-
function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }, _typeof(obj); }
|
|
4
|
-
Object.defineProperty(exports, "__esModule", {
|
|
5
|
-
value: true
|
|
6
|
-
});
|
|
7
|
-
exports["default"] = _default;
|
|
8
|
-
var _httpClient = _interopRequireDefault(require("@azteam/http-client"));
|
|
9
|
-
var _error = require("@azteam/error");
|
|
10
|
-
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
|
|
11
|
-
function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return exports; }; var exports = {}, Op = Object.prototype, hasOwn = Op.hasOwnProperty, $Symbol = "function" == typeof Symbol ? Symbol : {}, iteratorSymbol = $Symbol.iterator || "@@iterator", asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator", toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag"; function define(obj, key, value) { return Object.defineProperty(obj, key, { value: value, enumerable: !0, configurable: !0, writable: !0 }), obj[key]; } try { define({}, ""); } catch (err) { define = function define(obj, key, value) { return obj[key] = value; }; } function wrap(innerFn, outerFn, self, tryLocsList) { var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator, generator = Object.create(protoGenerator.prototype), context = new Context(tryLocsList || []); return generator._invoke = function (innerFn, self, context) { var state = "suspendedStart"; return function (method, arg) { if ("executing" === state) throw new Error("Generator is already running"); if ("completed" === state) { if ("throw" === method) throw arg; return doneResult(); } for (context.method = method, context.arg = arg;;) { var delegate = context.delegate; if (delegate) { var delegateResult = maybeInvokeDelegate(delegate, context); if (delegateResult) { if (delegateResult === ContinueSentinel) continue; return delegateResult; } } if ("next" === context.method) context.sent = context._sent = context.arg;else if ("throw" === context.method) { if ("suspendedStart" === state) throw state = "completed", context.arg; context.dispatchException(context.arg); } else "return" === context.method && context.abrupt("return", context.arg); state = "executing"; var record = tryCatch(innerFn, self, context); if ("normal" === record.type) { if (state = context.done ? "completed" : "suspendedYield", record.arg === ContinueSentinel) continue; return { value: record.arg, done: context.done }; } "throw" === record.type && (state = "completed", context.method = "throw", context.arg = record.arg); } }; }(innerFn, self, context), generator; } function tryCatch(fn, obj, arg) { try { return { type: "normal", arg: fn.call(obj, arg) }; } catch (err) { return { type: "throw", arg: err }; } } exports.wrap = wrap; var ContinueSentinel = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var IteratorPrototype = {}; define(IteratorPrototype, iteratorSymbol, function () { return this; }); var getProto = Object.getPrototypeOf, NativeIteratorPrototype = getProto && getProto(getProto(values([]))); NativeIteratorPrototype && NativeIteratorPrototype !== Op && hasOwn.call(NativeIteratorPrototype, iteratorSymbol) && (IteratorPrototype = NativeIteratorPrototype); var Gp = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(IteratorPrototype); function defineIteratorMethods(prototype) { ["next", "throw", "return"].forEach(function (method) { define(prototype, method, function (arg) { return this._invoke(method, arg); }); }); } function AsyncIterator(generator, PromiseImpl) { function invoke(method, arg, resolve, reject) { var record = tryCatch(generator[method], generator, arg); if ("throw" !== record.type) { var result = record.arg, value = result.value; return value && "object" == _typeof(value) && hasOwn.call(value, "__await") ? PromiseImpl.resolve(value.__await).then(function (value) { invoke("next", value, resolve, reject); }, function (err) { invoke("throw", err, resolve, reject); }) : PromiseImpl.resolve(value).then(function (unwrapped) { result.value = unwrapped, resolve(result); }, function (error) { return invoke("throw", error, resolve, reject); }); } reject(record.arg); } var previousPromise; this._invoke = function (method, arg) { function callInvokeWithMethodAndArg() { return new PromiseImpl(function (resolve, reject) { invoke(method, arg, resolve, reject); }); } return previousPromise = previousPromise ? previousPromise.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg(); }; } function maybeInvokeDelegate(delegate, context) { var method = delegate.iterator[context.method]; if (undefined === method) { if (context.delegate = null, "throw" === context.method) { if (delegate.iterator["return"] && (context.method = "return", context.arg = undefined, maybeInvokeDelegate(delegate, context), "throw" === context.method)) return ContinueSentinel; context.method = "throw", context.arg = new TypeError("The iterator does not provide a 'throw' method"); } return ContinueSentinel; } var record = tryCatch(method, delegate.iterator, context.arg); if ("throw" === record.type) return context.method = "throw", context.arg = record.arg, context.delegate = null, ContinueSentinel; var info = record.arg; return info ? info.done ? (context[delegate.resultName] = info.value, context.next = delegate.nextLoc, "return" !== context.method && (context.method = "next", context.arg = undefined), context.delegate = null, ContinueSentinel) : info : (context.method = "throw", context.arg = new TypeError("iterator result is not an object"), context.delegate = null, ContinueSentinel); } function pushTryEntry(locs) { var entry = { tryLoc: locs[0] }; 1 in locs && (entry.catchLoc = locs[1]), 2 in locs && (entry.finallyLoc = locs[2], entry.afterLoc = locs[3]), this.tryEntries.push(entry); } function resetTryEntry(entry) { var record = entry.completion || {}; record.type = "normal", delete record.arg, entry.completion = record; } function Context(tryLocsList) { this.tryEntries = [{ tryLoc: "root" }], tryLocsList.forEach(pushTryEntry, this), this.reset(!0); } function values(iterable) { if (iterable) { var iteratorMethod = iterable[iteratorSymbol]; if (iteratorMethod) return iteratorMethod.call(iterable); if ("function" == typeof iterable.next) return iterable; if (!isNaN(iterable.length)) { var i = -1, next = function next() { for (; ++i < iterable.length;) { if (hasOwn.call(iterable, i)) return next.value = iterable[i], next.done = !1, next; } return next.value = undefined, next.done = !0, next; }; return next.next = next; } } return { next: doneResult }; } function doneResult() { return { value: undefined, done: !0 }; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, define(Gp, "constructor", GeneratorFunctionPrototype), define(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, toStringTagSymbol, "GeneratorFunction"), exports.isGeneratorFunction = function (genFun) { var ctor = "function" == typeof genFun && genFun.constructor; return !!ctor && (ctor === GeneratorFunction || "GeneratorFunction" === (ctor.displayName || ctor.name)); }, exports.mark = function (genFun) { return Object.setPrototypeOf ? Object.setPrototypeOf(genFun, GeneratorFunctionPrototype) : (genFun.__proto__ = GeneratorFunctionPrototype, define(genFun, toStringTagSymbol, "GeneratorFunction")), genFun.prototype = Object.create(Gp), genFun; }, exports.awrap = function (arg) { return { __await: arg }; }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, asyncIteratorSymbol, function () { return this; }), exports.AsyncIterator = AsyncIterator, exports.async = function (innerFn, outerFn, self, tryLocsList, PromiseImpl) { void 0 === PromiseImpl && (PromiseImpl = Promise); var iter = new AsyncIterator(wrap(innerFn, outerFn, self, tryLocsList), PromiseImpl); return exports.isGeneratorFunction(outerFn) ? iter : iter.next().then(function (result) { return result.done ? result.value : iter.next(); }); }, defineIteratorMethods(Gp), define(Gp, toStringTagSymbol, "Generator"), define(Gp, iteratorSymbol, function () { return this; }), define(Gp, "toString", function () { return "[object Generator]"; }), exports.keys = function (object) { var keys = []; for (var key in object) { keys.push(key); } return keys.reverse(), function next() { for (; keys.length;) { var key = keys.pop(); if (key in object) return next.value = key, next.done = !1, next; } return next.done = !0, next; }; }, exports.values = values, Context.prototype = { constructor: Context, reset: function reset(skipTempReset) { if (this.prev = 0, this.next = 0, this.sent = this._sent = undefined, this.done = !1, this.delegate = null, this.method = "next", this.arg = undefined, this.tryEntries.forEach(resetTryEntry), !skipTempReset) for (var name in this) { "t" === name.charAt(0) && hasOwn.call(this, name) && !isNaN(+name.slice(1)) && (this[name] = undefined); } }, stop: function stop() { this.done = !0; var rootRecord = this.tryEntries[0].completion; if ("throw" === rootRecord.type) throw rootRecord.arg; return this.rval; }, dispatchException: function dispatchException(exception) { if (this.done) throw exception; var context = this; function handle(loc, caught) { return record.type = "throw", record.arg = exception, context.next = loc, caught && (context.method = "next", context.arg = undefined), !!caught; } for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i], record = entry.completion; if ("root" === entry.tryLoc) return handle("end"); if (entry.tryLoc <= this.prev) { var hasCatch = hasOwn.call(entry, "catchLoc"), hasFinally = hasOwn.call(entry, "finallyLoc"); if (hasCatch && hasFinally) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } else if (hasCatch) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); } else { if (!hasFinally) throw new Error("try statement without catch or finally"); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } } } }, abrupt: function abrupt(type, arg) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc <= this.prev && hasOwn.call(entry, "finallyLoc") && this.prev < entry.finallyLoc) { var finallyEntry = entry; break; } } finallyEntry && ("break" === type || "continue" === type) && finallyEntry.tryLoc <= arg && arg <= finallyEntry.finallyLoc && (finallyEntry = null); var record = finallyEntry ? finallyEntry.completion : {}; return record.type = type, record.arg = arg, finallyEntry ? (this.method = "next", this.next = finallyEntry.finallyLoc, ContinueSentinel) : this.complete(record); }, complete: function complete(record, afterLoc) { if ("throw" === record.type) throw record.arg; return "break" === record.type || "continue" === record.type ? this.next = record.arg : "return" === record.type ? (this.rval = this.arg = record.arg, this.method = "return", this.next = "end") : "normal" === record.type && afterLoc && (this.next = afterLoc), ContinueSentinel; }, finish: function finish(finallyLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.finallyLoc === finallyLoc) return this.complete(entry.completion, entry.afterLoc), resetTryEntry(entry), ContinueSentinel; } }, "catch": function _catch(tryLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc === tryLoc) { var record = entry.completion; if ("throw" === record.type) { var thrown = record.arg; resetTryEntry(entry); } return thrown; } } throw new Error("illegal catch attempt"); }, delegateYield: function delegateYield(iterable, resultName, nextLoc) { return this.delegate = { iterator: values(iterable), resultName: resultName, nextLoc: nextLoc }, "next" === this.method && (this.arg = undefined), ContinueSentinel; } }, exports; }
|
|
12
|
-
function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
|
|
13
|
-
function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
|
|
14
|
-
function _default() {
|
|
15
|
-
var systemURL = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : process.env.SYSTEM_URL;
|
|
16
|
-
return /*#__PURE__*/function () {
|
|
17
|
-
var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(req, res, next) {
|
|
18
|
-
var headers, token, apiURL, splitToken, client, response;
|
|
19
|
-
return _regeneratorRuntime().wrap(function _callee$(_context) {
|
|
20
|
-
while (1) {
|
|
21
|
-
switch (_context.prev = _context.next) {
|
|
22
|
-
case 0:
|
|
23
|
-
if (req.user) {
|
|
24
|
-
_context.next = 21;
|
|
25
|
-
break;
|
|
26
|
-
}
|
|
27
|
-
headers = req.headers;
|
|
28
|
-
if (!headers.authorization) {
|
|
29
|
-
_context.next = 21;
|
|
30
|
-
break;
|
|
31
|
-
}
|
|
32
|
-
token = headers.authorization;
|
|
33
|
-
if (!token.startsWith('apikey ')) {
|
|
34
|
-
_context.next = 20;
|
|
35
|
-
break;
|
|
36
|
-
}
|
|
37
|
-
token = token.replace('apikey ', '');
|
|
38
|
-
apiURL = "".concat(systemURL, "/auth/login_api/").concat(token);
|
|
39
|
-
splitToken = token.split(':');
|
|
40
|
-
if (splitToken.length === 2) {
|
|
41
|
-
apiURL = "https://".concat(req.hostname, "/auth/login_api/").concat(splitToken[1]);
|
|
42
|
-
}
|
|
43
|
-
client = new _httpClient["default"]({
|
|
44
|
-
timeout: 20000,
|
|
45
|
-
headers: {
|
|
46
|
-
'User-Agent': 'toda-api'
|
|
47
|
-
}
|
|
48
|
-
});
|
|
49
|
-
_context.next = 12;
|
|
50
|
-
return client.get(apiURL);
|
|
51
|
-
case 12:
|
|
52
|
-
response = _context.sent;
|
|
53
|
-
if (!response.success) {
|
|
54
|
-
_context.next = 17;
|
|
55
|
-
break;
|
|
56
|
-
}
|
|
57
|
-
req.user = response.data;
|
|
58
|
-
_context.next = 18;
|
|
59
|
-
break;
|
|
60
|
-
case 17:
|
|
61
|
-
throw new _error.ErrorException(_error.TOKEN_FAILED, [{
|
|
62
|
-
url: apiURL
|
|
63
|
-
}]);
|
|
64
|
-
case 18:
|
|
65
|
-
_context.next = 21;
|
|
66
|
-
break;
|
|
67
|
-
case 20:
|
|
68
|
-
throw new _error.ErrorException(_error.UNAUTHORIZED);
|
|
69
|
-
case 21:
|
|
70
|
-
return _context.abrupt("return", next());
|
|
71
|
-
case 22:
|
|
72
|
-
case "end":
|
|
73
|
-
return _context.stop();
|
|
74
|
-
}
|
|
75
|
-
}
|
|
76
|
-
}, _callee);
|
|
77
|
-
}));
|
|
78
|
-
return function (_x, _x2, _x3) {
|
|
79
|
-
return _ref.apply(this, arguments);
|
|
80
|
-
};
|
|
81
|
-
}();
|
|
82
|
-
}
|
|
@@ -1,43 +0,0 @@
|
|
|
1
|
-
import HttpClient from '@azteam/http-client';
|
|
2
|
-
import {ErrorException, TOKEN_FAILED, UNAUTHORIZED} from '@azteam/error';
|
|
3
|
-
|
|
4
|
-
export default function (systemURL = process.env.SYSTEM_URL) {
|
|
5
|
-
return async function (req, res, next) {
|
|
6
|
-
if (!req.user) {
|
|
7
|
-
const {headers} = req;
|
|
8
|
-
if (headers.authorization) {
|
|
9
|
-
let token = headers.authorization;
|
|
10
|
-
|
|
11
|
-
if (token.startsWith('apikey ')) {
|
|
12
|
-
token = token.replace('apikey ', '');
|
|
13
|
-
let apiURL = `${systemURL}/auth/login_api/${token}`;
|
|
14
|
-
|
|
15
|
-
const splitToken = token.split(':');
|
|
16
|
-
if (splitToken.length === 2) {
|
|
17
|
-
apiURL = `https://${req.hostname}/auth/login_api/${splitToken[1]}`;
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
const client = new HttpClient({
|
|
21
|
-
timeout: 20000,
|
|
22
|
-
headers: {
|
|
23
|
-
'User-Agent': 'toda-api',
|
|
24
|
-
},
|
|
25
|
-
}),
|
|
26
|
-
response = await client.get(apiURL);
|
|
27
|
-
if (response.success) {
|
|
28
|
-
req.user = response.data;
|
|
29
|
-
} else {
|
|
30
|
-
throw new ErrorException(TOKEN_FAILED, [
|
|
31
|
-
{
|
|
32
|
-
url: apiURL,
|
|
33
|
-
},
|
|
34
|
-
]);
|
|
35
|
-
}
|
|
36
|
-
} else {
|
|
37
|
-
throw new ErrorException(UNAUTHORIZED);
|
|
38
|
-
}
|
|
39
|
-
}
|
|
40
|
-
}
|
|
41
|
-
return next();
|
|
42
|
-
};
|
|
43
|
-
}
|