@kne/fastify-account 2.0.3 → 2.0.5

package/index.js

@@ -68,6 +68,7 @@ const user = fp(
               if (!(await services.admin.checkIsSuperAdmin(request.userInfo))) {
                 throw Unauthorized('不能执行该操作，需要超级管理员权限');
               }
+              request.userInfo.isAdmin = true;
             }
           }
         ]

package/libs/controllers/account.js

@@ -177,7 +177,7 @@ const accountController = fp(async (fastify, options) => {
               schema: {
                 type: 'object', properties: {
                   token: { type: 'string', description: '用户token' },
-                  currentTenantId: { type: 'string', description: '当前租户id' }
+                  status: { type: 'number', description: '用户当前状态' }
                 }
               }
             }
@@ -187,8 +187,8 @@ const accountController = fp(async (fastify, options) => {
     }
   }, async request => {
     const appName = request.headers['x-app-name'];
-    const { token, user } = await services.account.login(Object.assign({}, request.body, { appName }));
-    return { token, currentTenantId: user.currentTenantId };
+    const { token, user, status } = await services.account.login(Object.assign({}, request.body, { appName }));
+    return { token, status };
   });
 
   fastify.post(`${options.prefix}/account/modifyPassword`, {

package/libs/models/user.js

@@ -26,9 +26,15 @@ const user = ({ DataTypes, definePrimaryType }) => {
       }
     }, options: {
       indexes: [{
-        unique: true, fields: ['email', 'deleted_at']
+        unique: true, fields: ['email'],
+        where: {
+          deleted_at: null
+        }
       }, {
-        unique: true, fields: ['phone', 'deleted_at']
+        unique: true, fields: ['phone'],
+        where: {
+          deleted_at: null
+        }
       }]
     }
   };

package/libs/services/account.js

@@ -115,11 +115,7 @@ const accountService = fp(async (fastify, options) => {
   };
 
   const login = async ({ type, email, phone, password }) => {
-    const query = {
-      status: {
-        [Op.or]: [0, 1]
-      }
-    };
+    const query = {};
     (() => {
       if (type === 'email') {
         query.email = email.toLowerCase();
@@ -142,12 +138,38 @@ const accountService = fp(async (fastify, options) => {
 
     await passwordAuthentication({ accountId: user.userAccountId, password });
 
+    if (!(user.status === 0 || user.status === 1)) {
+      return {
+        status: user.status
+      };
+    }
+
     return {
       token: fastify.jwt.sign({ payload: { id: user.id } }),
       user: Object.assign({}, user.get({ plain: true }), { id: user.id })
     };
   };
 
+  const resetPasswordByToken = async ({ password, token }) => {
+    const { name } = await verificationJWTCodeValidate({ token });
+    const user = await services.user.getUserInstanceByName({ name, status: [0, 1] });
+    await resetPassword({ password, userId: user.id });
+  };
+
+  const modifyPassword = async ({ email, phone, oldPwd, newPwd }) => {
+    const user = await services.user.getUserInstanceByName({ name: email || phone, status: 10 });
+    if (!user) {
+      throw new Error('新用户密码只能初始化一次');
+    }
+    if (oldPwd === newPwd) {
+      throw new Error('重置密码不能和初始化密码相同');
+    }
+    await passwordAuthentication({ accountId: user.userAccountId, password: oldPwd });
+    await resetPassword({ userId: user.id, password: newPwd });
+    user.status = 0;
+    await user.save();
+  };
+
   const resetPassword = async ({ password, userId }) => {
     const user = await services.user.getUserInstance({ id: userId });
     const account = await models.userAccount.create(Object.assign({}, await passwordEncryption(password), {
@@ -167,7 +189,9 @@ const accountService = fp(async (fastify, options) => {
     login,
     userNameIsEmail,
     md5,
-    resetPassword
+    resetPassword,
+    resetPasswordByToken,
+    modifyPassword
   };
 });
 

package/libs/services/user.js

@@ -1,5 +1,5 @@
 const fp = require('fastify-plugin');
-const { pick, get } = require('lodash');
+const { pick, get, isNil } = require('lodash');
 const httpErrors = require('http-errors');
 
 const { Unauthorized } = httpErrors;
@@ -33,6 +33,25 @@ const userService = fp(async (fastify, options) => {
     return Object.assign({}, pick(user, ['id', 'avatar', 'nickname', 'phone', 'email', 'gender', 'status', 'birthday', 'description']));
   };
 
+  const getUserInstanceByName = async ({ name, status }) => {
+    const isEmail = services.account.userNameIsEmail(name);
+    const query = {};
+    if (!isNil(status)) {
+      query['status'] = Array.isArray(status) ? {
+        [fastify.sequelize.Sequelize.Op.or]: status
+      } : status;
+    }
+    const user = await models.user.findOne({
+      where: Object.assign({}, isEmail ? { email: name } : { phone: name }, query)
+    });
+
+    if (!user) {
+      throw new Error('用户不存在');
+    }
+
+    return user;
+  };
+
   const accountIsExists = async ({ email, phone }, currentUser) => {
     const query = [];
     if (email && email !== get(currentUser, 'email')) {
@@ -91,10 +110,7 @@ const userService = fp(async (fastify, options) => {
     }
 
     const { count, rows } = await models.user.findAndCountAll({
-      where: queryFilter,
-      offset: perPage * (currentPage - 1),
-      limit: perPage,
-      order: [['createdAt', 'DESC']]
+      where: queryFilter, offset: perPage * (currentPage - 1), limit: perPage, order: [['createdAt', 'DESC']]
     });
     return {
       pageData: rows.map(item => {
@@ -132,7 +148,15 @@ const userService = fp(async (fastify, options) => {
   };
 
   services.user = {
-    getUserInstance, getUser, addUser, saveUser, accountIsExists, getUserList, setSuperAdmin, setUserStatus
+    getUserInstance,
+    getUserInstanceByName,
+    getUser,
+    addUser,
+    saveUser,
+    accountIsExists,
+    getUserList,
+    setSuperAdmin,
+    setUserStatus
   };
 });
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kne/fastify-account",
-  "version": "2.0.3",
+  "version": "2.0.5",
   "description": "用于用户注册登录认证.",
   "main": "index.js",
   "scripts": {