@kne/fastify-account 1.0.0-alpha.15 → 1.0.0-alpha.17

package/README.md

@@ -22,7 +22,7 @@ npm i --save @kne/fastify-account
 ### API
 
 ---
-title: "@kne/fastify-account v1.0.0-alpha.15"
+title: "@kne/fastify-account v1.0.0-alpha.16"
 language_tabs:
   - shell: Shell
   - http: HTTP
@@ -42,7 +42,7 @@ headingLevel: 2
 
 <!-- Generator: Widdershins v4.0.1 -->
 
-<h1 id="-kne-fastify-account">@kne/fastify-account v1.0.0-alpha.15</h1>
+<h1 id="-kne-fastify-account">@kne/fastify-account v1.0.0-alpha.16</h1>
 
 > Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
 

package/libs/controllers/account.js

@@ -6,7 +6,7 @@ module.exports = fp(async (fastify, options) => {
     {
       schema: {
         tags: ['账号'],
-        summary: '发送邮箱验证码',
+        summary: '发送登录邮箱验证码',
         body: {
           type: 'object',
           required: ['email'],
@@ -32,7 +32,7 @@ module.exports = fp(async (fastify, options) => {
     },
     async request => {
       const { email } = request.body;
-      const code = await services.account.sendEmailCode({ email });
+      const code = await services.account.sendVerificationCode({ name: email, type: 0, messageType: 1 });
       return options.isTest ? { code } : {};
     }
   );
@@ -42,7 +42,7 @@ module.exports = fp(async (fastify, options) => {
     {
       schema: {
         tags: ['账号'],
-        summary: '发送短信验证码',
+        summary: '发送登录短信验证码',
         body: {
           type: 'object',
           required: ['phone'],
@@ -68,7 +68,7 @@ module.exports = fp(async (fastify, options) => {
     },
     async request => {
       const { phone } = request.body;
-      const code = await services.account.sendSMSCode({ phone });
+      const code = await services.account.sendVerificationCode({ name: phone, type: 0, messageType: 0 });
       return options.isTest ? { code } : {};
     }
   );
@@ -84,7 +84,7 @@ module.exports = fp(async (fastify, options) => {
           required: ['name', 'type', 'code'],
           properties: {
             name: { type: 'string', description: '被验证的账号，手机或邮箱' },
-            type: { type: 'number', description: '0:手机注册,1:邮箱注册,2:手机登录,3:邮箱登录,4:验证租户管理员' },
+            type: { type: 'number', description: '0:注册,2:登录,4:验证租户管理员,5:忘记密码' },
             code: { type: 'string', description: '接受到的验证码' }
           }
         },
@@ -253,4 +253,135 @@ module.exports = fp(async (fastify, options) => {
       return { token, currentTenantId: user.currentTenantId };
     }
   );
+
+  fastify.post(
+    `${options.prefix}/modifyPassword`,
+    {
+      schema: {
+        tags: ['账号'],
+        summary: '新用户重置新密码',
+        body: {
+          oneOf: [
+            {
+              type: 'object',
+              required: ['email', 'newPwd', 'oldPwd'],
+              properties: {
+                email: { type: 'string', description: '邮箱' },
+                newPwd: { type: 'string', description: '新密码' },
+                oldPwd: { type: 'string', description: '原密码' }
+              }
+            },
+            {
+              type: 'object',
+              required: ['phone', 'newPwd', 'oldPwd'],
+              properties: {
+                phone: { type: 'string', description: '手机号' },
+                newPwd: { type: 'string', description: '新密码' },
+                oldPwd: { type: 'string', description: '原密码' }
+              }
+            }
+          ]
+        }
+      }
+    },
+    async request => {
+      await services.account.modifyPassword(request.body);
+      return {};
+    }
+  );
+
+  fastify.post(
+    `${options.prefix}/resetPassword`,
+    {
+      schema: {
+        tags: ['账号'],
+        summary: '用户重置密码',
+        body: {
+          oneOf: [
+            {
+              type: 'object',
+              required: ['email', 'newPwd', 'token'],
+              properties: {
+                email: { type: 'string', description: '邮箱' },
+                newPwd: { type: 'string', description: '新密码' },
+                token: { type: 'string', description: '验证token' }
+              }
+            },
+            {
+              type: 'object',
+              required: ['phone', 'newPwd'],
+              properties: {
+                phone: { type: 'string', description: '手机号' },
+                newPwd: { type: 'string', description: '新密码' },
+                token: { type: 'string', description: '验证token' }
+              }
+            }
+          ]
+        }
+      }
+    },
+    async request => {
+      await services.account.resetPassword({
+        email: request.body.email,
+        password: request.body.newPwd,
+        token: request.body.token
+      });
+
+      return {};
+    }
+  );
+
+  fastify.post(
+    `${options.prefix}/forgetPwd`,
+    {
+      schema: {
+        tags: ['账号'],
+        summary: '忘记密码',
+        body: {
+          oneOf: [
+            {
+              type: 'object',
+              required: ['email'],
+              properties: {
+                email: { type: 'string', description: '邮箱' }
+              }
+            },
+            {
+              type: 'object',
+              required: ['phone'],
+              properties: {
+                phone: { type: 'string', description: '手机号' }
+              }
+            }
+          ]
+        }
+      }
+    },
+    async request => {
+      const name = request.body.email || request.body.phone;
+      const token = await services.account.sendJWTVerificationCode({ name, type: 5, messageType: 3 });
+      return options.isTest ? { token } : {};
+    }
+  );
+
+  fastify.post(
+    `${options.prefix}/parseResetToken`,
+    {
+      schema: {
+        tags: ['账号'],
+        summary: '通过token获取name',
+        body: {
+          type: 'object',
+          required: ['token'],
+          properties: {
+            token: { type: 'string' }
+          }
+        }
+      }
+    },
+    async request => {
+      const { name } = await services.account.verificationJWTCodeValidate(request.body);
+      return { name };
+    }
+  );
 });

package/libs/models/verification-code.js

@@ -7,7 +7,8 @@ module.exports = ({ DataTypes }) => {
       },
       type: {
         type: DataTypes.INTEGER,
-        allowNull: false //0:手机注册,1:邮箱注册,2:手机登录,3:邮箱登录,4:验证租户管理员
+        allowNull: false,
+        comment: '0:注册,2:登录,4:验证租户管理员,5:忘记密码'
       },
       code: {
         type: DataTypes.STRING,
@@ -15,7 +16,8 @@ module.exports = ({ DataTypes }) => {
       },
       status: {
         type: DataTypes.INTEGER,
-        defaultValue: 0 //0:未验证,1:已验证,2:已过期
+        defaultValue: 0,
+        comment: '0:未验证,1:已验证,2:已过期'
       }
     }
   };

package/libs/services/account.js

@@ -51,6 +51,34 @@ module.exports = fp(async (fastify, options) => {
     };
   };
 
+  const modifyPassword = async ({ email, phone, oldPwd, newPwd }) => {
+    const user = await models.user.findOne({
+      where: Object.assign(
+        {},
+        email
+          ? {
+              email
+            }
+          : {
+              phone
+            },
+        {
+          status: 1
+        }
+      )
+    });
+    if (!user) {
+      throw new Error('新用户密码只能初始化一次');
+    }
+    if (oldPwd === newPwd) {
+      throw new Error('重置密码不能和初始化密码相同');
+    }
+    await passwordAuthentication({ accountId: user.userAccountId, password: oldPwd });
+    await resetPassword({ userId: user.uuid, password: newPwd });
+    user.status = 0;
+    await user.save();
+  };
+
   const passwordAuthentication = async ({ accountId, password }) => {
     const userAccount = await models.userAccount.findOne({
       where: {
@@ -83,16 +111,20 @@ module.exports = fp(async (fastify, options) => {
     return hash.digest('hex');
   };
 
-  const resetPassword = async ({ userId, password }) => {
+  const resetPassword = async ({ password, token }) => {
+    const { name } = await verificationJWTCodeValidate({ token });
+
+    const isEmail = userNameIsEmail(name);
+
     const userInfo = await models.user.findOne({
-      where: { uuid: userId }
+      where: isEmail ? { email: name } : { phone: name }
     });
     if (!userInfo) {
       throw new Error('用户不存在');
     }
     const account = await models.userAccount.create(
       Object.assign({}, await passwordEncryption(password), {
-        belongToUserId: userId
+        belongToUserId: userInfo.uuid
       })
     );
 
@@ -101,21 +133,11 @@ module.exports = fp(async (fastify, options) => {
 
   const register = async ({ avatar, nickname, gender, birthday, description, phone, email, code, password, status, invitationCode }) => {
     const type = phone ? 0 : 1;
-    const verificationCode = await models.verificationCode.findOne({
-      where: {
-        name: type === 0 ? phone : email,
-        type,
-        code,
-        status: 1
-      }
-    });
-    if (!verificationCode) {
+
+    if (!(await verificationCodeValidate({ name: type === 0 ? phone : email, type, code }))) {
       throw new Error('验证码不正确或者已经过期');
     }
 
-    verificationCode.status = 2;
-    await verificationCode.save();
-
     return await services.user.addUser({
       avatar,
       nickname,
@@ -129,30 +151,31 @@ module.exports = fp(async (fastify, options) => {
     });
   };
 
-  const sendEmailCode = async ({ email }) => {
+  const generateVerificationCode = async ({ name, type }) => {
     const code = generateRandom6DigitNumber();
-
-    // 这里写发送逻辑
-
     await models.verificationCode.update(
       {
         status: 2
       },
       {
         where: {
-          name: email,
-          type: 1,
+          name,
+          type,
           status: 0
         }
       }
     );
-
     await models.verificationCode.create({
-      name: email,
-      type: 1,
+      name,
+      type,
       code
     });
+    return code;
+  };
 
+  const sendVerificationCode = async ({ name, type, messageType }) => {
+    const code = await generateVerificationCode({ name, type });
+    // 这里写发送逻辑
     return code;
   };
 
@@ -177,40 +200,31 @@ module.exports = fp(async (fastify, options) => {
     return isPass;
   };
 
-  const sendSMSCode = async ({ phone }) => {
-    const code = generateRandom6DigitNumber();
-
+  const sendJWTVerificationCode = async ({ name, type, messageType }) => {
+    const code = await generateVerificationCode({ name, type });
+    const token = fastify.jwt.sign({ name, type, code });
     // 这里写发送逻辑
+    return token;
+  };
 
-    await models.verificationCode.update(
-      {
-        status: 2
-      },
-      {
-        where: {
-          name: phone,
-          type: 0,
-          status: 0
-        }
-      }
-    );
-
-    await models.verificationCode.create({
-      name: phone,
-      type: 0,
-      code
-    });
-
-    return code;
+  const verificationJWTCodeValidate = async ({ token }) => {
+    const { iat, name, type, code } = fastify.jwt.decode(token);
+    if (!(await verificationCodeValidate({ name, type, code }))) {
+      throw new Error('验证码不正确或者已经过期');
+    }
+    return { name, type, code };
   };
 
   services.account = {
     md5,
     login,
+    modifyPassword,
     register,
-    sendEmailCode,
-    sendSMSCode,
+    generateVerificationCode,
+    sendVerificationCode,
     verificationCodeValidate,
+    sendJWTVerificationCode,
+    verificationJWTCodeValidate,
     passwordEncryption,
     passwordAuthentication,
     resetPassword

package/libs/services/tenant-org.js

@@ -17,8 +17,16 @@ module.exports = fp(async (fastify, options) => {
   };
 
   const addTenantOrg = async org => {
-    if (await models.tenantOrg.count({ where: { name: org.name } })) {
-      throw new Error('组织名称不能重复');
+    if (
+      await models.tenantOrg.count({
+        where: {
+          name: org.name,
+          pid: org.pid,
+          tenantId: org.tenantId
+        }
+      })
+    ) {
+      throw new Error('组织名称在同一父组织下有重复');
     }
 
     return await models.tenantOrg.create({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kne/fastify-account",
-  "version": "1.0.0-alpha.15",
+  "version": "1.0.0-alpha.17",
   "description": "fastify的用户管理账号等实现",
   "main": "index.js",
   "scripts": {