@gingkoo/base-server 0.0.1-alpha.0 → 0.0.1-alpha.2

package/backend/common/wechat/services/notice.js

@@ -0,0 +1,171 @@
+const httpclient = require('node-httpclient');
+const nodemailer = require('nodemailer');
+const config = require('../../../config/index');
+
+const { logger } = require('../../logger');
+const userServices = require('../../services/user');
+const generalConfig = require('../../services/generalConfig');
+const emailService = require('../../services/email');
+
+const { getAccessToken } = require('./auth');
+const wxConfig = require('../config');
+
+const recallMessage = async (msgId, corpsecret = '') => {
+  const accessToken = await getAccessToken(corpsecret);
+  const url = `https://qyapi.weixin.qq.com/cgi-bin/message/recall?access_token=${accessToken}`;
+  let msg = {
+    msgid: msgId,
+  };
+
+  let resp = await httpclient.post(url, JSON.stringify(msg), 'application/json');
+  let json_data = resp.data;
+  logger.info(json_data);
+};
+
+/**
+ * 发送企业微信通知
+ * @param {string[]} toUsers 企业微信那边的用户id集合
+ * @param {'textcard'} msgType
+ * @param {object} message 消息对象
+ *  @param {string} message.description 消息描述
+ *  @param {string} message.title 消息标题
+ *  @param {string} message.url 通知的跳转链接
+ */
+const sendMessage = async (toUsers, msgType, message, agent_id = '', corpsecret = '') => {
+  const accessToken = await getAccessToken(corpsecret);
+  const url = `https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=${accessToken}`;
+
+  let msg = {
+    touser: toUsers.join('|'),
+    msgtype: msgType,
+    agentid: agent_id || wxConfig['agentid'],
+    enable_id_trans: 0,
+    enable_duplicate_check: 1,
+    duplicate_check_interval: 20,
+    //"toparty": "PartyID1|PartyID2",
+    //"totag": "TagID1 | TagID2",
+  };
+
+  msg[msgType] = message;
+  logger.info(msg);
+
+  let resp = await httpclient.post(url, JSON.stringify(msg), 'application/json');
+  let json_data = resp.data;
+  logger.info(json_data);
+  if (json_data['errcode'] != 0) {
+    logger.info('error:{0}'.format(json_data['errmsg']));
+    return json_data['errcode'];
+  }
+
+  return json_data;
+};
+
+/**
+ * 发送企业微信通知
+ * @param {string} toUsers 用户邮箱
+ * @param {string} title   通知标题
+ * @param {string} content 消息描述
+ * @param {string} templateid  模版id
+ */
+const sendEmail = async (toUsers, title, content, link, templateid) => {
+  let smtp = await generalConfig.getFromConfig({ GROUP_ID: 'E-mail' });
+  const { SMTP_PASSWORK, SMTP_SERVE, SMTP_USER, SMTP_SEND, SMTP_PORT, SMTP_TLS, EMAIL_TIME } = smtp;
+  if (!SMTP_PASSWORK || !SMTP_SERVE || !SMTP_USER) return;
+
+  // 创建一个SMTP传输对象
+  const transporter = nodemailer.createTransport({
+    host: SMTP_SERVE,
+    post: SMTP_PORT ? SMTP_PORT : 456,
+    secure: SMTP_TLS || true,
+    auth: {
+      user: SMTP_USER || 'service@gingkoo.com', // 发件人邮箱
+      pass: SMTP_PASSWORK || 'Jinqiu123', // 发件人邮箱的密码或授权码
+    },
+  });
+  let html = ``;
+  let obj = { title: title, content: content, link: link };
+  let email = await emailService.getTempateInfo({ TEMPLATE_ID: 'default' });
+  if (email[0]?.CONTENT) {
+    html = email[0]?.CONTENT;
+    html = html.replace(/{{(.*?)}}/g, (match, key) => {
+      return obj[key] || match;
+    });
+  }
+
+  //邮件的内容
+  const mailOptions = {
+    from: SMTP_SEND ? SMTP_SEND + `<${SMTP_USER}>` : SMTP_USER, // 发件人邮箱
+    to: toUsers, // 收件人邮箱
+    subject: title || '',
+    text: content || '',
+    html: html,
+  };
+  const timeoutValue = EMAIL_TIME - 0 ? EMAIL_TIME : 10000;
+  transporter.sendMail(mailOptions, (error, info) => {
+    if (error) {
+      console.log('发送邮件错误:', error);
+    } else {
+      // console.log('发送成功:', info);
+    }
+  });
+
+  let time = setTimeout(() => {
+    //发生邮件超时
+    transporter.close(); // 可以选择关闭传输器，如果需要的话
+  }, timeoutValue);
+};
+
+module.exports = {
+  sendMessage,
+  recallMessage,
+  sendEmail,
+  /**
+   * 企业微信通知
+   * @param {string[]} toUsers 通知的用户组
+   * @param {string} params.title 通知标题
+   * @param {string} params.content 通知内容
+   * @param {string} params.link 跳转地址
+   */
+  async notice(toUsers, params) {
+    // ① 将 teams的 userId 转成 ginfo userId
+    let verdorUsersMap = await userServices.userChannel(toUsers);
+    if (!verdorUsersMap) {
+      return;
+    }
+
+    let msg = {
+      title: params['title'],
+      description: params['content'],
+      url: config['site']['base_url'] + params['link'],
+    };
+
+    let qywxUsers = [];
+
+    Object.keys(verdorUsersMap).forEach((it) => {
+      if (verdorUsersMap[it]?.workwx) {
+        qywxUsers.push(verdorUsersMap[it].workwx);
+      }
+    });
+
+    sendMessage(qywxUsers, 'textcard', msg);
+  },
+
+  /***
+   * 企业邮件通知
+   * @param {string[]} toUsers 通知的用户组
+   * @param {string} title 通知标题
+   * @param {string} content 描述
+   */
+  async email(toUsers, props, templateid, info) {
+    let verdorUsersMap = await userServices.getEmail(toUsers);
+    let { title, content, link } = props;
+    let email = '';
+    verdorUsersMap.map((v, index) => {
+      if (v.EMAIL) {
+        email += v.EMAIL + ',';
+      }
+    });
+    if (!email) return;
+    sendEmail(email, title, content, link);
+  },
+};

package/backend/config/index.js

@@ -0,0 +1,63 @@
+const path = require('path');
+const _ = require('lodash');
+
+function gConfig() {
+  let serverConfig = {};
+
+  try {
+    serverConfig = require(path.resolve('server.config.js'));
+  } catch (e) {
+    const chalk = require('chalk');
+
+    if (e.message.startsWith('Cannot find module')) {
+      console.log(chalk.red('⚠️  项目根目录缺少 server.config.js 文件'));
+    }
+  }
+
+  // 必填属性，格式不对的属性，需要校验提示
+  return _.merge(
+    {
+      isProd: true, // 纯当前开发用， 通过 npm 包 使用该组件的时候 他应该永远是 true
+      orgid: 'GINGKOO',
+      allowedIPs: [], // 不校验登录的 ip
+      testUser: '', // 测试用户
+
+      ip: '0.0.0.0', // 服务 host
+      port: 8081, // 服务端口号
+      orgid: 'GINGKOO', // 组织 id
+
+      db: {},
+
+      app: {
+        home: path.resolve('app_home'), // 资源存放的磁盘位置 （绝对路径）
+        redirect_uri: '',
+      },
+
+      jwt: {
+        exp: 60 * 60 * 24 * 3, // 过期时间
+        auth_cert: '', // 加盐
+      },
+
+      proxy: {
+        targets: [], // 服务代理
+      },
+
+      scoket: {
+        files: [],
+        config: {},
+      },
+
+      logger: {
+        appenders: {},
+        categories: {},
+      },
+
+      site: {
+        title: '',
+      },
+    },
+    serverConfig,
+  );
+}
+
+module.exports = gConfig();

package/backend/config/path.js

@@ -0,0 +1,3 @@
+const config = require('./index')
+
+exports.attachmentPath = config.app.home + '/storage/'

package/backend/router.js

@@ -0,0 +1,96 @@
+'use strict';
+const path = require('path');
+const express = require('express');
+const { createProxyMiddleware } = require('http-proxy-middleware');
+const jwt = require('./utils/jwt');
+const config = require('./config/index');
+const mapping = require('./common/mapping');
+
+const space = require('./space');
+const wechat = require('./common/wechat');
+const fss = require('./common/fss');
+
+require('./space_mapping');
+
+var router = express.Router();
+
+// 后端
+router.get('/(:module/)?mapping', async (req, res) => {
+  let { module } = req.params;
+  let { list = '', ...extra } = req.query;
+  res.sendOk({
+    dict: await mapping.getMapping(module, list.split('|'), extra),
+  });
+});
+
+router.use('/fss', fss);
+router.use('/wechat', wechat);
+router.use('/space', space);
+
+// 前端
+router.use('/static', express.static(path.join(__dirname, '../static')));
+
+if (config.isProd) {
+  router.use('/', express.static(path.join(__dirname, '../dist')));
+} else {
+  router.use(
+    '/',
+    createProxyMiddleware({
+      target: 'http://127.0.0.1:2000',
+      changeOrigin: false,
+      ws: true,
+      pathRewrite: {
+        '^/': '',
+      },
+      onProxyReq: function (proxyReq, req, res) {
+        if (req.body) {
+          let bodyData = JSON.stringify(req.body);
+          proxyReq.setHeader('Content-Type', 'application/json');
+          proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));
+          proxyReq.write(bodyData);
+        }
+      },
+    }),
+  );
+}
+
+// 反向代理
+if (Array.isArray(config?.proxy?.targets)) {
+  config.proxy.targets.forEach((element) => {
+    let pathRewrite = {};
+    if (element.rewrite) {
+      pathRewrite['^' + element.path] = element.rewrite || '';
+    }
+    router.use(
+      element.path,
+      createProxyMiddleware({
+        target: element.host,
+        changeOrigin: false,
+        ws: true,
+        pathRewrite: pathRewrite,
+        onProxyReq: function (proxyReq, req) {
+          if ('X-Token' in req.cookies) {
+            let tokenData = jwt.verifyToken(req.cookies['X-Token']);
+            if (tokenData) {
+              proxyReq.setHeader('X-Token', req.cookies['X-Token']);
+              tokenData?.data?.userid && proxyReq.setHeader('X-UserId', tokenData.data.userid);
+              // proxyReq.setHeader('X-OrgId', tokenData['orgid']);
+            } else {
+              proxyReq.removeHeader('X-UserId');
+            }
+          } else {
+            proxyReq.removeHeader('X-UserId');
+          }
+          if (req.body) {
+            let bodyData = JSON.stringify(req.body);
+            proxyReq.setHeader('Content-Type', 'application/json');
+            proxyReq.setHeader('Content-Length', Buffer.byteLength(bodyData));
+            proxyReq.write(bodyData);
+          }
+        },
+      }),
+    );
+  });
+}
+
+module.exports = router;

package/backend/routers/app.js

@@ -0,0 +1,222 @@
+'use strict';
+var express = require('express');
+const nodemailer = require('nodemailer');
+const bcrypt = require('bcryptjs');
+const config = require('../config');
+const jwt = require('../utils/jwt');
+const { checkLogin } = require('../common/middleware/auth');
+const { join, readFileContent } = require('../utils/path');
+const userService = require('../common/services/user');
+const generalConfig = require('../common/services/generalConfig');
+const emailService = require('../common/services/email');
+const servicesServices = require('../services/services');
+const setting = require('../services/setting');
+
+var router = express.Router();
+
+/**
+ * 用户名登陆
+ */
+router.post('/login', async (req, res) => {
+  let { userId, password } = req.body;
+
+  if (!userId) {
+    res.sendErr('请输入用户名');
+    return;
+  }
+
+  let userinfo = await userService.getUserInfo(userId);
+  if (!userinfo?.USER_ID) {
+    res.sendErr('用户不存在');
+    return;
+  }
+
+  // 判断密码
+  if (userinfo.PASSWD) {
+    let flag = await bcrypt.compare(password, userinfo.PASSWD);
+    if (!flag) {
+      return res.sendErr('密码错误');
+    }
+  }
+
+  let token = jwt.generateToken({
+    userid: userinfo?.USER_ID,
+  });
+
+  let expires = new Date();
+  expires.setDate(expires.getDate() + 3);
+
+  res.cookie('X-Token', token, { expires });
+
+  res.sendOk({
+    token,
+  });
+});
+
+router.post('/verify', async (req, res) => {
+  let { token } = req.body;
+
+  let result = false;
+  var tokenResult = jwt.verifyToken(token);
+  if (tokenResult) {
+    let tokenData = tokenResult['data'];
+    if (tokenData && tokenData['userid']) {
+      req.headers['x-userid'] = tokenData['userid'];
+      let expires = new Date();
+      expires.setDate(expires.getDate() + 3);
+      if (tokenResult['exp'] + 30 * 60 > Math.floor(Date.now() / 1000)) {
+        result = true;
+      }
+      result = true;
+    }
+    return result;
+  }
+
+  res.sendOk(data);
+});
+
+router.put('/exit', async function (req, res) {
+  let { USER_ID } = req.body;
+  if (!USER_ID) return res.sendErr('缺少用户ID');
+
+  let exit = await userService.update({ MEMBER_STATUS: '3' }, { USER_ID });
+  if (!exit) return res.sendErr('退出登录失败');
+
+  return res.sendOk('已退出登录');
+});
+
+router.get('/allOrgs', checkLogin, async function (req, res) {
+  let userid = req.get('X-UserId');
+  let data = await servicesServices.getAllOrgs(userid);
+  if (!data) {
+    return res.sendErr('');
+  }
+  res.sendOk(data);
+});
+
+// 查看日志
+router.get('/log/:file', async function (req, res) {
+  let { file } = req.params;
+  let logPath = join(config.app.home, 'logs', file);
+  let content = '文件不存在';
+  try {
+    content = readFileContent(logPath);
+  } catch (e) {}
+  res.sendOk(content);
+});
+
+// 获取安全设置登录数据
+router.get('/safe-set', async function (req, res) {
+  let data = await setting.getAllSafeSetData();
+  if (!Array.isArray(data)) return res.sendErr('查询失败');
+
+  let result = data.reduce((prev, item) => {
+    if (Reflect.has(prev, item['CONFIG_TYPE'])) {
+      perv[item['CONFIG_TYPE']].item['CONFIG_NAME'] = item['CONFIG_VALUE'];
+    } else {
+      perv[item['CONFIG_TYPE']] = {
+        [item['CONFIG_NAME']]: item['CONFIG_VALUE'],
+      };
+    }
+    return prev;
+  }, {});
+
+  return res.sendOk(result);
+});
+
+// 判断用户邮件地址并发送验证码
+router.get('/forget-password/sendEmailCode', async function (req, res) {
+  let { USER_ID, EMAIL } = req.query;
+  let userInfo = await userService.getUserInfo(USER_ID);
+  if (!userInfo) return res.sendErr('用户ID无效');
+  console.log('🚀 ~ userInfo:', userInfo);
+  if (userInfo.EMAIL !== EMAIL) return res.sendErr('邮件地址错误');
+
+  // 随机生成验证码，发送验证码，并返回前端
+  let code = Math.floor(Math.random() * (1000000 - 100000) + 100000);
+
+  let smtp = await generalConfig.getFromConfig({ GROUP_ID: 'E-mail' });
+  if (!smtp) return res.sendErr('查询失败');
+  const { SMTP_PASSWORK, SMTP_SERVE, SMTP_USER, SMTP_SEND, SMTP_PORT, SMTP_TLS } = smtp;
+  if (!SMTP_PASSWORK || !SMTP_SERVE || !SMTP_USER) return res.sendErr('系统缺少数据');
+
+  // 创建一个SMTP传输对象
+  const transporter = nodemailer.createTransport({
+    host: SMTP_SERVE,
+    post: SMTP_PORT ? SMTP_PORT : 456,
+    secure: SMTP_TLS || true,
+    auth: {
+      user: SMTP_USER || 'service@gingkoo.com', // 发件人邮箱
+      pass: SMTP_PASSWORK || 'Jinqiu123', // 发件人邮箱的密码或授权码
+    },
+  });
+
+  let html = ``;
+  let emails = await emailService.getTempateInfo({ TEMPLATE_ID: 'email_code' });
+  if (emails[0]?.CONTENT) {
+    html = emails[0]?.CONTENT;
+    html = html.replace('{{code}}', code);
+  }
+
+  //邮件的内容
+  const mailOptions = {
+    from: SMTP_SEND ? SMTP_SEND + `<${SMTP_USER}>` : SMTP_USER, // 发件人邮箱
+    to: EMAIL, // 收件人邮箱
+    subject: 'teams团队协同 账号安全中心-找回密码验证',
+    html: html,
+  };
+
+  transporter.sendMail(mailOptions, (error, info) => {
+    if (error) {
+      console.log('发送邮件错误:', error);
+    } else {
+      // console.log('发送成功:', info);
+    }
+  });
+
+  return res.sendOk({ code });
+});
+
+// 判断用户密保问题并修改密码
+router.put('/forget-security/updatePwd', async function (req, res) {
+  let { SECURITY_PROBLEM, SECURITY_ANSWER, USER_ID, NEW_PWD, PASSWD_POWER } = req.body;
+  if (!NEW_PWD || !SECURITY_PROBLEM || !SECURITY_ANSWER) return res.sendErr('修改失败，参数无效');
+
+  let userInfo = userService.getUserInfo(USER_ID);
+  if (!userInfo) return res.sendErr('用户ID无效');
+
+  // 校验用户密保
+  let [error, userSecurity] = await userService.getUserSecurity({ USER_ID });
+  if (!userSecurity || !userSecurity.length || error)
+    return res.sendErr('修改失败，当前用户未设置密保，请通过其他方式修改密码');
+  let flag = userSecurity.some(
+    (security) =>
+      security['SECUR_KEY'] === SECURITY_PROBLEM && security['SECUR_VALUE'] === SECURITY_ANSWER,
+  );
+  if (!flag) return res.sendErr('修改失败，密保错误，请重新输入');
+
+  // 通过密保校验 修改密码
+  let newHash = await bcrypt.hash(NEW_PWD, 10);
+  if (!newHash || newHash?.length > 64) return res.sendErr('密码加密失败');
+  let updatePwd = await userService.operTeamMember(USER_ID, { PASSWD: newHash, PASSWD_POWER });
+  if (!updatePwd) return res.sendErr('修改密码失败');
+  return res.sendOk('修改成功');
+});
+
+// 修改密码
+router.put('/forget-password/updatePwd', async function (req, res) {
+  let { USER_ID, NEW_PWD, PASSWD_POWER } = req.body;
+
+  let userInfo = userService.getUserInfo(USER_ID);
+  if (!userInfo) return res.sendErr('用户ID无效');
+
+  if (!NEW_PWD) return res.sendErr('修改失败，参数无效');
+
+  let newHash = await bcrypt.hash(NEW_PWD, 10);
+  if (!newHash || newHash?.length > 64) return res.sendErr('密码加密失败');
+  let updatePwd = await userService.operTeamMember(USER_ID, { PASSWD: newHash, PASSWD_POWER });
+  if (!updatePwd) return res.sendErr('修改密码失败');
+  return res.sendOk('修改成功');
+});
+
+module.exports = router;