@kne/fastify-account 1.0.0-alpha.2 → 1.0.0-alpha.21

package/libs/models/tenant-token.js

@@ -1,7 +1,6 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'tenantToken',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       tenantId: {
         type: DataTypes.UUID,
         allowNull: false
@@ -15,18 +14,17 @@ module.exports = (sequelize, DataTypes) => {
         type: DataTypes.INTEGER,
         allowNull: false //10:邀请用户加入租户
       },
-      createTenantUserId: {
+      createdTenantUserId: {
         type: DataTypes.UUID
       }
     },
-    {
-      paranoid: true,
+    options: {
       indexes: [
         {
           unique: true,
-          fields: ['tenantId', 'token', 'type', 'deletedAt']
+          fields: ['tenant_id', 'token', 'type', 'deleted_at']
         }
       ]
     }
-  );
+  };
 };

package/libs/models/tenant-user-org.js

@@ -1,22 +1,23 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'tenantUserOrg',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
+      id: {
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
+        primaryKey: true
+      },
       tenantId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantUserId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantOrgId: {
         type: DataTypes.INTEGER,
         allowNull: false
       }
-    },
-    {
-      paranoid: true
     }
-  );
+  };
 };

package/libs/models/tenant-user-role.js

@@ -1,22 +1,23 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'tenantUserRole',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
+      id: {
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
+        primaryKey: true
+      },
       tenantId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantUserId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantRoleId: {
         type: DataTypes.INTEGER,
         allowNull: false
       }
-    },
-    {
-      paranoid: true
     }
-  );
+  };
 };

package/libs/models/tenant-user-share-group.js

@@ -1,22 +1,18 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'tenantUserShareGroup',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       tenantId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantUserId: {
-        type: DataTypes.STRING,
+        type: DataTypes.UUID,
         allowNull: false
       },
       tenantShareGroupId: {
         type: DataTypes.INTEGER,
         allowNull: false
       }
-    },
-    {
-      paranoid: true
     }
-  );
+  };
 };

package/libs/models/tenant-user.js

@@ -1,12 +1,15 @@
-module.exports = (sequelize, DataTypes) => {
-  const tenantUser = sequelize.define(
-    'tenantUser',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       id: {
-        type: DataTypes.UUID,
-        defaultValue: DataTypes.UUIDV4,
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
         primaryKey: true
       },
+      uuid: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4
+      },
       userId: {
         type: DataTypes.UUID,
         allowNull: false
@@ -36,21 +39,37 @@ module.exports = (sequelize, DataTypes) => {
         defaultValue: 0 //0:正常,11:已禁用,12:已关闭,
       }
     },
-    {
-      paranoid: true,
+    options: {
       indexes: [
         {
           unique: true,
-          fields: ['tenantId', 'userId', 'deletedAt']
+          fields: ['uuid', 'deleted_at']
+        },
+        {
+          unique: true,
+          fields: ['tenant_id', 'user_id', 'deleted_at']
         }
       ]
+    },
+    associate: ({ user, tenantRole, tenantUser, tenantUserRole, tenantOrg, tenantUserOrg }) => {
+      tenantUser.belongsToMany(tenantRole, {
+        through: tenantUserRole,
+        foreignKey: 'tenantUserId',
+        otherKey: 'tenantRoleId',
+        sourceKey: 'uuid',
+        constraints: false
+      });
+      tenantUser.belongsToMany(tenantOrg, {
+        through: tenantUserOrg,
+        foreignKey: 'tenantUserId',
+        otherKey: 'tenantOrgId',
+        sourceKey: 'uuid',
+        constraints: false
+      });
+      tenantUser.belongsTo(user, {
+        targetKey: 'uuid',
+        constraints: false
+      });
     }
-  );
-
-  tenantUser.associate = ({ user, tenantRole, tenantUser, tenantUserRole, tenantOrg, tenantUserOrg }) => {
-    tenantUser.belongsToMany(tenantRole, { through: tenantUserRole });
-    tenantUser.belongsToMany(tenantOrg, { through: tenantUserOrg });
-    tenantUser.belongsTo(user);
   };
-  return tenantUser;
 };

package/libs/models/tenant.js

@@ -1,12 +1,15 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'tenant',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       id: {
-        type: DataTypes.UUID,
-        defaultValue: DataTypes.UUIDV4,
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
         primaryKey: true
       },
+      uuid: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4
+      },
       name: {
         type: DataTypes.STRING,
         allowNull: false
@@ -31,8 +34,13 @@ module.exports = (sequelize, DataTypes) => {
       },
       description: DataTypes.TEXT
     },
-    {
-      paranoid: true
+    options: {
+      indexes: [
+        {
+          unique: true,
+          fields: ['uuid', 'deleted_at']
+        }
+      ]
     }
-  );
+  };
 };

package/libs/models/user-account.js

@@ -1,12 +1,15 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'userAccount',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       id: {
-        type: DataTypes.UUID,
-        defaultValue: DataTypes.UUIDV4,
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
         primaryKey: true
       },
+      uuid: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4
+      },
       password: {
         type: DataTypes.STRING,
         allowNull: false
@@ -19,8 +22,13 @@ module.exports = (sequelize, DataTypes) => {
         type: DataTypes.UUID //用户修改密码时重新生成一条数据，该字段用于记录这个账号之前是属于哪个账号的
       }
     },
-    {
-      paranoid: true
+    options: {
+      indexes: [
+        {
+          unique: true,
+          fields: ['uuid', 'deleted_at']
+        }
+      ]
     }
-  );
+  };
 };

package/libs/models/user.js

@@ -1,12 +1,15 @@
-module.exports = (sequelize, DataTypes) => {
-  const user = sequelize.define(
-    'user',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       id: {
-        type: DataTypes.UUID,
-        defaultValue: DataTypes.UUIDV4,
+        type: DataTypes.INTEGER,
+        autoIncrement: true,
         primaryKey: true
       },
+      uuid: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4
+      },
       nickname: DataTypes.STRING,
       email: DataTypes.STRING,
       phone: DataTypes.STRING,
@@ -26,25 +29,32 @@ module.exports = (sequelize, DataTypes) => {
       birthday: DataTypes.DATE,
       description: DataTypes.TEXT
     },
-    {
-      paranoid: true,
+    options: {
       indexes: [
         {
           unique: true,
-          fields: ['email', 'deletedAt']
+          fields: ['uuid', 'deleted_at']
         },
         {
           unique: true,
-          fields: ['phone', 'deletedAt']
+          fields: ['email', 'deleted_at']
+        },
+        {
+          unique: true,
+          fields: ['phone', 'deleted_at']
         }
       ]
+    },
+    associate: ({ adminRole, user, tenant, tenantUser }) => {
+      user.hasOne(adminRole, { foreignKey: 'userId', sourceKey: 'uuid', constraints: false });
+      user.belongsToMany(tenant, {
+        through: { model: tenantUser, unique: false },
+        otherKey: 'tenantId',
+        foreignKey: 'userId',
+        targetKey: 'uuid',
+        sourceKey: 'uuid',
+        constraints: false
+      });
     }
-  );
-
-  user.associate = ({ adminRole, user, tenant, tenantUser }) => {
-    user.hasOne(adminRole, { foreignKey: 'userId' });
-    user.belongsToMany(tenant, { through: { model: tenantUser, unique: false } });
   };
-
-  return user;
 };

package/libs/models/verification-code.js

@@ -1,14 +1,14 @@
-module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
-    'verificationCode',
-    {
+module.exports = ({ DataTypes }) => {
+  return {
+    model: {
       name: {
         type: DataTypes.STRING,
         allowNull: false
       },
       type: {
         type: DataTypes.INTEGER,
-        allowNull: false //0:手机注册,1:邮箱注册,2:手机登录,3:邮箱登录,4:验证租户管理员
+        allowNull: false,
+        comment: '0:注册,2:登录,4:验证租户管理员,5:忘记密码'
       },
       code: {
         type: DataTypes.STRING,
@@ -16,11 +16,9 @@ module.exports = (sequelize, DataTypes) => {
       },
       status: {
         type: DataTypes.INTEGER,
-        defaultValue: 0 //0:未验证,1:已验证,2:已过期
+        defaultValue: 0,
+        comment: '0:未验证,1:已验证,2:已过期'
       }
-    },
-    {
-      paranoid: true
     }
-  );
+  };
 };

package/libs/services/account.js

@@ -1,6 +1,7 @@
 const fp = require('fastify-plugin');
 const dayjs = require('dayjs');
 const bcrypt = require('bcryptjs');
+const crypto = require('crypto');
 
 function generateRandom6DigitNumber() {
   const randomNumber = Math.random() * 1000000;
@@ -12,9 +13,10 @@ function userNameIsEmail(username) {
 }
 
 module.exports = fp(async (fastify, options) => {
-  const login = async ({ username, password, ip }) => {
+  const { models, services } = fastify.account;
+  const login = async ({ username, password, ip, appName }) => {
     const isEmail = userNameIsEmail(username);
-    const user = await fastify.account.models.user.findOne({
+    const user = await models.user.findOne({
       where: Object.assign(
         {},
         isEmail
@@ -38,16 +40,58 @@ module.exports = fp(async (fastify, options) => {
 
     await passwordAuthentication({ accountId: user.userAccountId, password });
 
-    await fastify.account.models.loginLog.create({
-      userId: user.id,
-      ip
+    const application = appName && (await services.application.getApplicationByCode({ code: appName }));
+
+    await models.loginLog.create({
+      userId: user.uuid,
+      ip,
+      currentTenantId: user.currentTenantId,
+      applicationId: application?.id
     });
 
-    return { token: fastify.jwt.sign({ payload: { id: user.id } }), user };
+    return {
+      token: fastify.jwt.sign({ payload: { id: user.uuid } }),
+      user: Object.assign({}, user.get({ plain: true }), { id: user.uuid })
+    };
+  };
+
+  const resetPassword = async ({ password, userId }) => {
+    const userInfo = await services.user.getUserInstance({ id: userId });
+    const account = await models.userAccount.create(
+      Object.assign({}, await passwordEncryption(password), {
+        belongToUserId: userInfo.uuid
+      })
+    );
+
+    await userInfo.update({ userAccountId: account.uuid });
+  };
+
+  const resetPasswordByToken = async ({ password, token }) => {
+    const { name } = await verificationJWTCodeValidate({ token });
+    const user = await services.user.getUserInstanceByName({ name, status: [0, 1] });
+    await resetPassword({ password, userId: user.uuid });
+  };
+
+  const modifyPassword = async ({ email, phone, oldPwd, newPwd }) => {
+    const user = await services.user.getUserInstanceByName({ name: email || phone, status: 1 });
+    if (!user) {
+      throw new Error('新用户密码只能初始化一次');
+    }
+    if (oldPwd === newPwd) {
+      throw new Error('重置密码不能和初始化密码相同');
+    }
+    await passwordAuthentication({ accountId: user.userAccountId, password: oldPwd });
+    await resetPassword({ userId: user.uuid, password: newPwd });
+    user.status = 0;
+    await user.save();
   };
 
   const passwordAuthentication = async ({ accountId, password }) => {
-    const userAccount = await fastify.account.models.userAccount.findByPk(accountId);
+    const userAccount = await models.userAccount.findOne({
+      where: {
+        uuid: accountId
+      }
+    });
     if (!userAccount) {
       throw new Error('账号不存在');
     }
@@ -68,38 +112,19 @@ module.exports = fp(async (fastify, options) => {
     };
   };
 
-  const resetPassword = async ({ userId, password }) => {
-    const userInfo = await fastify.account.models.user.findByPk(userId);
-    if (!userInfo) {
-      throw new Error('用户不存在');
-    }
-    const account = await fastify.account.models.userAccount.create(
-      Object.assign({}, await passwordEncryption(password), {
-        belongToUserId: userId
-      })
-    );
-
-    await userInfo.update({ userAccountId: account.id });
+  const md5 = value => {
+    const hash = crypto.createHash('md5');
+    hash.update(value);
+    return hash.digest('hex');
   };
 
   const register = async ({ avatar, nickname, gender, birthday, description, phone, email, code, password, status, invitationCode }) => {
     const type = phone ? 0 : 1;
-    const verificationCode = await fastify.account.models.verificationCode.findOne({
-      where: {
-        name: type === 0 ? phone : email,
-        type,
-        code,
-        status: 1
-      }
-    });
-    if (!verificationCode) {
+    if (!(await verificationCodeValidate({ name: type === 0 ? phone : email, type: 0, code }))) {
       throw new Error('验证码不正确或者已经过期');
     }
 
-    verificationCode.status = 2;
-    await verificationCode.save();
-
-    return await fastify.account.services.user.addUser({
+    return await services.user.addUser({
       avatar,
       nickname,
       gender,
@@ -112,35 +137,39 @@ module.exports = fp(async (fastify, options) => {
     });
   };
 
-  const sendEmailCode = async ({ email }) => {
+  const generateVerificationCode = async ({ name, type }) => {
     const code = generateRandom6DigitNumber();
-
-    // 这里写发送逻辑
-
-    await fastify.account.models.verificationCode.update(
+    await models.verificationCode.update(
       {
         status: 2
       },
       {
         where: {
-          name: email,
-          type: 1,
+          name,
+          type,
           status: 0
         }
       }
     );
-
-    await fastify.account.models.verificationCode.create({
-      name: email,
-      type: 1,
+    await models.verificationCode.create({
+      name,
+      type,
       code
     });
+    return code;
+  };
 
+  const sendVerificationCode = async ({ name, type }) => {
+    // messageType: 0:短信验证码，1:邮件验证码 type: 0:注册,2:登录,4:验证租户管理员,5:忘记密码
+    const code = await generateVerificationCode({ name, type });
+    const isEmail = userNameIsEmail(name);
+    // 这里写发送逻辑
+    await options.sendMessage({ name, type, messageType: isEmail ? 1 : 0, props: { code } });
     return code;
   };
 
   const verificationCodeValidate = async ({ name, type, code }) => {
-    const verificationCode = await fastify.account.models.verificationCode.findOne({
+    const verificationCode = await models.verificationCode.findOne({
       where: {
         name,
         type,
@@ -160,41 +189,36 @@ module.exports = fp(async (fastify, options) => {
     return isPass;
   };
 
-  const sendSMSCode = async ({ phone }) => {
-    const code = generateRandom6DigitNumber();
-
+  const sendJWTVerificationCode = async ({ name, type }) => {
+    const code = await generateVerificationCode({ name, type });
+    const token = fastify.jwt.sign({ name, type, code });
+    const isEmail = userNameIsEmail(name);
     // 这里写发送逻辑
+    await options.sendMessage({ name, type, messageType: isEmail ? 1 : 0, props: { token } });
+    return token;
+  };
 
-    await fastify.account.models.verificationCode.update(
-      {
-        status: 2
-      },
-      {
-        where: {
-          name: phone,
-          type: 0,
-          status: 0
-        }
-      }
-    );
-
-    await fastify.account.models.verificationCode.create({
-      name: phone,
-      type: 0,
-      code
-    });
-
-    return code;
+  const verificationJWTCodeValidate = async ({ token }) => {
+    const { iat, name, type, code } = fastify.jwt.decode(token);
+    if (!(await verificationCodeValidate({ name, type, code }))) {
+      throw new Error('验证码不正确或者已经过期');
+    }
+    return { name, type, code };
   };
 
-  fastify.account.services.account = {
+  services.account = {
+    md5,
     login,
+    modifyPassword,
     register,
-    sendEmailCode,
-    sendSMSCode,
+    generateVerificationCode,
+    sendVerificationCode,
     verificationCodeValidate,
+    sendJWTVerificationCode,
+    verificationJWTCodeValidate,
     passwordEncryption,
     passwordAuthentication,
-    resetPassword
+    resetPassword,
+    resetPasswordByToken
   };
 });