@next-core/easyops-runtime 0.15.27 → 0.15.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/auth.js +58 -7
- package/dist/cjs/auth.js.map +1 -1
- package/dist/esm/auth.js +59 -8
- package/dist/esm/auth.js.map +1 -1
- package/dist/types/auth.d.ts +4 -1
- package/package.json +3 -3
package/dist/cjs/auth.js
CHANGED
|
@@ -74,22 +74,71 @@ function addPathToBlackList(path) {
|
|
|
74
74
|
|
|
75
75
|
/**
|
|
76
76
|
* 判断一个内部 URL 路径是否被屏蔽。
|
|
77
|
+
*
|
|
78
|
+
* @param pathnameWithQuery - 路径(可包含查询字符串)
|
|
79
|
+
* @returns 是否被屏蔽
|
|
80
|
+
*/
|
|
81
|
+
function isBlockedPath(pathnameWithQuery) {
|
|
82
|
+
return [...pathBlackListSet].some(pattern => {
|
|
83
|
+
// 分离 pattern 的路径和查询字符串
|
|
84
|
+
const [patternPath, patternQuery] = pattern.split("?");
|
|
85
|
+
|
|
86
|
+
// 分离待检查路径的路径和查询字符串
|
|
87
|
+
const [pathname, pathQuery] = pathnameWithQuery.split("?");
|
|
88
|
+
|
|
89
|
+
// 首先匹配路径部分
|
|
90
|
+
const pathMatched = (0, _runtime.matchPath)(pathname, {
|
|
91
|
+
path: patternPath
|
|
92
|
+
});
|
|
93
|
+
if (!pathMatched) {
|
|
94
|
+
return false;
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
// 如果 pattern 不包含查询字符串,只要路径匹配就返回 true
|
|
98
|
+
if (!patternQuery) {
|
|
99
|
+
return true;
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
// 如果 pattern 包含查询字符串,但待检查路径没有,返回 false
|
|
103
|
+
if (!pathQuery) {
|
|
104
|
+
return false;
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
// 精确匹配查询字符串(所有 pattern 中的参数必须存在且值相同)
|
|
108
|
+
const patternParams = new URLSearchParams(patternQuery);
|
|
109
|
+
const pathParams = new URLSearchParams(pathQuery);
|
|
110
|
+
for (const [key, value] of patternParams.entries()) {
|
|
111
|
+
if (pathParams.get(key) !== value) {
|
|
112
|
+
return false;
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
return true;
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
/**
|
|
120
|
+
* 根据特性开关决定是否拼接查询字符串
|
|
121
|
+
* @param pathname - 路径名
|
|
122
|
+
* @param search - 查询字符串(可选)
|
|
123
|
+
* @returns 拼接后的路径
|
|
77
124
|
*/
|
|
78
|
-
function
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
125
|
+
function getPathnameWithQuery(pathname, search) {
|
|
126
|
+
const flags = (0, _runtime.getRuntime)().getFeatureFlags();
|
|
127
|
+
const blackListPreserveQueryFlag = flags === null || flags === void 0 ? void 0 : flags["blacklist-preserve-query-string"];
|
|
128
|
+
return blackListPreserveQueryFlag && search ? pathname + search : pathname;
|
|
82
129
|
}
|
|
83
130
|
|
|
84
131
|
/**
|
|
85
132
|
* 判断一个内部 URL 是否被屏蔽。
|
|
86
133
|
*/
|
|
87
134
|
function isBlockedUrl(url) {
|
|
88
|
-
const
|
|
135
|
+
const location = typeof url === "string" ? (0, _history.createLocation)(url) : url;
|
|
136
|
+
const pathname = location.pathname;
|
|
89
137
|
if (typeof pathname !== "string") {
|
|
90
138
|
return false;
|
|
91
139
|
}
|
|
92
|
-
|
|
140
|
+
const pathnameWithQuery = getPathnameWithQuery(pathname, location.search);
|
|
141
|
+
return isBlockedPath(pathnameWithQuery);
|
|
93
142
|
}
|
|
94
143
|
|
|
95
144
|
/**
|
|
@@ -103,6 +152,8 @@ function isBlockedHref(href) {
|
|
|
103
152
|
return false;
|
|
104
153
|
}
|
|
105
154
|
// 转换为内部路径
|
|
106
|
-
|
|
155
|
+
const internalPath = url.pathname.substring(basePath.length - 1);
|
|
156
|
+
const pathnameWithQuery = getPathnameWithQuery(internalPath, url.search);
|
|
157
|
+
return isBlockedPath(pathnameWithQuery);
|
|
107
158
|
}
|
|
108
159
|
//# sourceMappingURL=auth.js.map
|
package/dist/cjs/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","names":["_runtime","require","_history","_checkPermissions","auth","pathBlackListSet","Set","authenticate","newAuth","_newAuth$license","Object","assign","org","username","userInstanceId","loginFrom","accessRule","isAdmin","csrfToken","license","accessToken","userShowValue","blackList","getAuth","logout","key","keys","undefined","resetPermissionPreChecks","isLoggedIn","addPathToBlackList","path","add","isBlockedPath","
|
|
1
|
+
{"version":3,"file":"auth.js","names":["_runtime","require","_history","_checkPermissions","auth","pathBlackListSet","Set","authenticate","newAuth","_newAuth$license","Object","assign","org","username","userInstanceId","loginFrom","accessRule","isAdmin","csrfToken","license","accessToken","userShowValue","blackList","getAuth","logout","key","keys","undefined","resetPermissionPreChecks","isLoggedIn","addPathToBlackList","path","add","isBlockedPath","pathnameWithQuery","some","pattern","patternPath","patternQuery","split","pathname","pathQuery","pathMatched","matchPath","patternParams","URLSearchParams","pathParams","value","entries","get","getPathnameWithQuery","search","flags","getRuntime","getFeatureFlags","blackListPreserveQueryFlag","isBlockedUrl","url","location","createLocation","isBlockedHref","href","basePath","getBasePath","URL","origin","startsWith","internalPath","substring","length"],"sources":["../../src/auth.ts"],"sourcesContent":["import { getBasePath, getRuntime, matchPath } from \"@next-core/runtime\";\nimport type { AuthApi_CheckLoginResponseBody } from \"@next-api-sdk/api-gateway-sdk\";\nimport { createLocation, type LocationDescriptor } from \"history\";\nimport { resetPermissionPreChecks } from \"./checkPermissions.js\";\n\nconst auth: AuthInfo = {};\nlet pathBlackListSet = new Set<string>();\n\n/** @internal */\nexport type AuthInfo = Omit<AuthApi_CheckLoginResponseBody, \"loggedIn\">;\n\n/** @internal */\nexport function authenticate(newAuth: AuthInfo): void {\n Object.assign(auth, {\n org: newAuth.org,\n username: newAuth.username,\n userInstanceId: newAuth.userInstanceId,\n loginFrom: newAuth.loginFrom,\n accessRule: newAuth.accessRule,\n isAdmin: newAuth.isAdmin,\n csrfToken: newAuth.csrfToken,\n license: newAuth.license,\n accessToken: newAuth.accessToken,\n userShowValue: newAuth.userShowValue,\n });\n\n pathBlackListSet = new Set(newAuth.license?.blackList);\n}\n\n/**\n * 获取当前登录认证信息。\n *\n * @returns 当前登录认证信息。\n */\nexport function getAuth(): AuthInfo {\n return {\n ...auth,\n };\n}\n\n/** @internal */\nexport function logout(): void {\n for (const key of Object.keys(auth) as (keyof AuthInfo)[]) {\n auth[key] = undefined;\n }\n resetPermissionPreChecks();\n}\n\n/**\n * 查看当前是否已登录。\n *\n * @returns 当前是否已登录。\n */\nexport function isLoggedIn(): boolean {\n return auth.username !== undefined;\n}\n\n/**\n * 增加路径黑名单\n */\nexport function addPathToBlackList(path: string): void {\n pathBlackListSet.add(path);\n}\n\n/**\n * 判断一个内部 URL 路径是否被屏蔽。\n *\n * @param pathnameWithQuery - 路径(可包含查询字符串)\n * @returns 是否被屏蔽\n */\nexport function isBlockedPath(pathnameWithQuery: string): boolean {\n return [...pathBlackListSet].some((pattern) => {\n // 分离 pattern 的路径和查询字符串\n const [patternPath, patternQuery] = pattern.split(\"?\");\n\n // 分离待检查路径的路径和查询字符串\n const [pathname, pathQuery] = pathnameWithQuery.split(\"?\");\n\n // 首先匹配路径部分\n const pathMatched = matchPath(pathname, { path: patternPath });\n if (!pathMatched) {\n return false;\n }\n\n // 如果 pattern 不包含查询字符串,只要路径匹配就返回 true\n if (!patternQuery) {\n return true;\n }\n\n // 如果 pattern 包含查询字符串,但待检查路径没有,返回 false\n if (!pathQuery) {\n return false;\n }\n\n // 精确匹配查询字符串(所有 pattern 中的参数必须存在且值相同)\n const patternParams = new URLSearchParams(patternQuery);\n const pathParams = new URLSearchParams(pathQuery);\n\n for (const [key, value] of patternParams.entries()) {\n if (pathParams.get(key) !== value) {\n return false;\n }\n }\n\n return true;\n });\n}\n\n/**\n * 根据特性开关决定是否拼接查询字符串\n * @param pathname - 路径名\n * @param search - 查询字符串(可选)\n * @returns 拼接后的路径\n */\nfunction getPathnameWithQuery(pathname: string, search?: string): string {\n const flags = getRuntime().getFeatureFlags();\n const blackListPreserveQueryFlag = flags?.[\"blacklist-preserve-query-string\"];\n return blackListPreserveQueryFlag && search ? pathname + search : pathname;\n}\n\n/**\n * 判断一个内部 URL 是否被屏蔽。\n */\nexport function isBlockedUrl(url: string | LocationDescriptor): boolean {\n const location = typeof url === \"string\" ? createLocation(url) : url;\n const pathname = location.pathname;\n if (typeof pathname !== \"string\") {\n return false;\n }\n const pathnameWithQuery = getPathnameWithQuery(pathname, location.search);\n return isBlockedPath(pathnameWithQuery);\n}\n\n/**\n * 判断一个 href 是否被屏蔽。\n */\nexport function isBlockedHref(href: string): boolean {\n const basePath = getBasePath();\n const url = new URL(href, `${location.origin}${basePath}`);\n // 忽略外链地址\n if (url.origin !== location.origin || !url.pathname.startsWith(basePath)) {\n return false;\n }\n // 转换为内部路径\n const internalPath = url.pathname.substring(basePath.length - 1);\n const pathnameWithQuery = getPathnameWithQuery(internalPath, url.search);\n return isBlockedPath(pathnameWithQuery);\n}\n"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,QAAA,GAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,iBAAA,GAAAF,OAAA;AAEA,MAAMG,IAAc,GAAG,CAAC,CAAC;AACzB,IAAIC,gBAAgB,GAAG,IAAIC,GAAG,CAAS,CAAC;;AAExC;;AAGA;AACO,SAASC,YAAYA,CAACC,OAAiB,EAAQ;EAAA,IAAAC,gBAAA;EACpDC,MAAM,CAACC,MAAM,CAACP,IAAI,EAAE;IAClBQ,GAAG,EAAEJ,OAAO,CAACI,GAAG;IAChBC,QAAQ,EAAEL,OAAO,CAACK,QAAQ;IAC1BC,cAAc,EAAEN,OAAO,CAACM,cAAc;IACtCC,SAAS,EAAEP,OAAO,CAACO,SAAS;IAC5BC,UAAU,EAAER,OAAO,CAACQ,UAAU;IAC9BC,OAAO,EAAET,OAAO,CAACS,OAAO;IACxBC,SAAS,EAAEV,OAAO,CAACU,SAAS;IAC5BC,OAAO,EAAEX,OAAO,CAACW,OAAO;IACxBC,WAAW,EAAEZ,OAAO,CAACY,WAAW;IAChCC,aAAa,EAAEb,OAAO,CAACa;EACzB,CAAC,CAAC;EAEFhB,gBAAgB,GAAG,IAAIC,GAAG,EAAAG,gBAAA,GAACD,OAAO,CAACW,OAAO,cAAAV,gBAAA,uBAAfA,gBAAA,CAAiBa,SAAS,CAAC;AACxD;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASC,OAAOA,CAAA,EAAa;EAClC,OAAO;IACL,GAAGnB;EACL,CAAC;AACH;;AAEA;AACO,SAASoB,MAAMA,CAAA,EAAS;EAC7B,KAAK,MAAMC,GAAG,IAAIf,MAAM,CAACgB,IAAI,CAACtB,IAAI,CAAC,EAAwB;IACzDA,IAAI,CAACqB,GAAG,CAAC,GAAGE,SAAS;EACvB;EACA,IAAAC,0CAAwB,EAAC,CAAC;AAC5B;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASC,UAAUA,CAAA,EAAY;EACpC,OAAOzB,IAAI,CAACS,QAAQ,KAAKc,SAAS;AACpC;;AAEA;AACA;AACA;AACO,SAASG,kBAAkBA,CAACC,IAAY,EAAQ;EACrD1B,gBAAgB,CAAC2B,GAAG,CAACD,IAAI,CAAC;AAC5B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASE,aAAaA,CAACC,iBAAyB,EAAW;EAChE,OAAO,CAAC,GAAG7B,gBAAgB,CAAC,CAAC8B,IAAI,CAAEC,OAAO,IAAK;IAC7C;IACA,MAAM,CAACC,WAAW,EAAEC,YAAY,CAAC,GAAGF,OAAO,CAACG,KAAK,CAAC,GAAG,CAAC;;IAEtD;IACA,MAAM,CAACC,QAAQ,EAAEC,SAAS,CAAC,GAAGP,iBAAiB,CAACK,KAAK,CAAC,GAAG,CAAC;;IAE1D;IACA,MAAMG,WAAW,GAAG,IAAAC,kBAAS,EAACH,QAAQ,EAAE;MAAET,IAAI,EAAEM;IAAY,CAAC,CAAC;IAC9D,IAAI,CAACK,WAAW,EAAE;MAChB,OAAO,KAAK;IACd;;IAEA;IACA,IAAI,CAACJ,YAAY,EAAE;MACjB,OAAO,IAAI;IACb;;IAEA;IACA,IAAI,CAACG,SAAS,EAAE;MACd,OAAO,KAAK;IACd;;IAEA;IACA,MAAMG,aAAa,GAAG,IAAIC,eAAe,CAACP,YAAY,CAAC;IACvD,MAAMQ,UAAU,GAAG,IAAID,eAAe,CAACJ,SAAS,CAAC;IAEjD,KAAK,MAAM,CAAChB,GAAG,EAAEsB,KAAK,CAAC,IAAIH,aAAa,CAACI,OAAO,CAAC,CAAC,EAAE;MAClD,IAAIF,UAAU,CAACG,GAAG,CAACxB,GAAG,CAAC,KAAKsB,KAAK,EAAE;QACjC,OAAO,KAAK;MACd;IACF;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASG,oBAAoBA,CAACV,QAAgB,EAAEW,MAAe,EAAU;EACvE,MAAMC,KAAK,GAAG,IAAAC,mBAAU,EAAC,CAAC,CAACC,eAAe,CAAC,CAAC;EAC5C,MAAMC,0BAA0B,GAAGH,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAG,iCAAiC,CAAC;EAC7E,OAAOG,0BAA0B,IAAIJ,MAAM,GAAGX,QAAQ,GAAGW,MAAM,GAAGX,QAAQ;AAC5E;;AAEA;AACA;AACA;AACO,SAASgB,YAAYA,CAACC,GAAgC,EAAW;EACtE,MAAMC,QAAQ,GAAG,OAAOD,GAAG,KAAK,QAAQ,GAAG,IAAAE,uBAAc,EAACF,GAAG,CAAC,GAAGA,GAAG;EACpE,MAAMjB,QAAQ,GAAGkB,QAAQ,CAAClB,QAAQ;EAClC,IAAI,OAAOA,QAAQ,KAAK,QAAQ,EAAE;IAChC,OAAO,KAAK;EACd;EACA,MAAMN,iBAAiB,GAAGgB,oBAAoB,CAACV,QAAQ,EAAEkB,QAAQ,CAACP,MAAM,CAAC;EACzE,OAAOlB,aAAa,CAACC,iBAAiB,CAAC;AACzC;;AAEA;AACA;AACA;AACO,SAAS0B,aAAaA,CAACC,IAAY,EAAW;EACnD,MAAMC,QAAQ,GAAG,IAAAC,oBAAW,EAAC,CAAC;EAC9B,MAAMN,GAAG,GAAG,IAAIO,GAAG,CAACH,IAAI,EAAE,GAAGH,QAAQ,CAACO,MAAM,GAAGH,QAAQ,EAAE,CAAC;EAC1D;EACA,IAAIL,GAAG,CAACQ,MAAM,KAAKP,QAAQ,CAACO,MAAM,IAAI,CAACR,GAAG,CAACjB,QAAQ,CAAC0B,UAAU,CAACJ,QAAQ,CAAC,EAAE;IACxE,OAAO,KAAK;EACd;EACA;EACA,MAAMK,YAAY,GAAGV,GAAG,CAACjB,QAAQ,CAAC4B,SAAS,CAACN,QAAQ,CAACO,MAAM,GAAG,CAAC,CAAC;EAChE,MAAMnC,iBAAiB,GAAGgB,oBAAoB,CAACiB,YAAY,EAAEV,GAAG,CAACN,MAAM,CAAC;EACxE,OAAOlB,aAAa,CAACC,iBAAiB,CAAC;AACzC","ignoreList":[]}
|
package/dist/esm/auth.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { getBasePath, matchPath } from "@next-core/runtime";
|
|
1
|
+
import { getBasePath, getRuntime, matchPath } from "@next-core/runtime";
|
|
2
2
|
import { createLocation } from "history";
|
|
3
3
|
import { resetPermissionPreChecks } from "./checkPermissions.js";
|
|
4
4
|
const auth = {};
|
|
@@ -61,22 +61,71 @@ export function addPathToBlackList(path) {
|
|
|
61
61
|
|
|
62
62
|
/**
|
|
63
63
|
* 判断一个内部 URL 路径是否被屏蔽。
|
|
64
|
+
*
|
|
65
|
+
* @param pathnameWithQuery - 路径(可包含查询字符串)
|
|
66
|
+
* @returns 是否被屏蔽
|
|
67
|
+
*/
|
|
68
|
+
export function isBlockedPath(pathnameWithQuery) {
|
|
69
|
+
return [...pathBlackListSet].some(pattern => {
|
|
70
|
+
// 分离 pattern 的路径和查询字符串
|
|
71
|
+
const [patternPath, patternQuery] = pattern.split("?");
|
|
72
|
+
|
|
73
|
+
// 分离待检查路径的路径和查询字符串
|
|
74
|
+
const [pathname, pathQuery] = pathnameWithQuery.split("?");
|
|
75
|
+
|
|
76
|
+
// 首先匹配路径部分
|
|
77
|
+
const pathMatched = matchPath(pathname, {
|
|
78
|
+
path: patternPath
|
|
79
|
+
});
|
|
80
|
+
if (!pathMatched) {
|
|
81
|
+
return false;
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
// 如果 pattern 不包含查询字符串,只要路径匹配就返回 true
|
|
85
|
+
if (!patternQuery) {
|
|
86
|
+
return true;
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
// 如果 pattern 包含查询字符串,但待检查路径没有,返回 false
|
|
90
|
+
if (!pathQuery) {
|
|
91
|
+
return false;
|
|
92
|
+
}
|
|
93
|
+
|
|
94
|
+
// 精确匹配查询字符串(所有 pattern 中的参数必须存在且值相同)
|
|
95
|
+
const patternParams = new URLSearchParams(patternQuery);
|
|
96
|
+
const pathParams = new URLSearchParams(pathQuery);
|
|
97
|
+
for (const [key, value] of patternParams.entries()) {
|
|
98
|
+
if (pathParams.get(key) !== value) {
|
|
99
|
+
return false;
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
return true;
|
|
103
|
+
});
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
/**
|
|
107
|
+
* 根据特性开关决定是否拼接查询字符串
|
|
108
|
+
* @param pathname - 路径名
|
|
109
|
+
* @param search - 查询字符串(可选)
|
|
110
|
+
* @returns 拼接后的路径
|
|
64
111
|
*/
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
112
|
+
function getPathnameWithQuery(pathname, search) {
|
|
113
|
+
const flags = getRuntime().getFeatureFlags();
|
|
114
|
+
const blackListPreserveQueryFlag = flags === null || flags === void 0 ? void 0 : flags["blacklist-preserve-query-string"];
|
|
115
|
+
return blackListPreserveQueryFlag && search ? pathname + search : pathname;
|
|
69
116
|
}
|
|
70
117
|
|
|
71
118
|
/**
|
|
72
119
|
* 判断一个内部 URL 是否被屏蔽。
|
|
73
120
|
*/
|
|
74
121
|
export function isBlockedUrl(url) {
|
|
75
|
-
const
|
|
122
|
+
const location = typeof url === "string" ? createLocation(url) : url;
|
|
123
|
+
const pathname = location.pathname;
|
|
76
124
|
if (typeof pathname !== "string") {
|
|
77
125
|
return false;
|
|
78
126
|
}
|
|
79
|
-
|
|
127
|
+
const pathnameWithQuery = getPathnameWithQuery(pathname, location.search);
|
|
128
|
+
return isBlockedPath(pathnameWithQuery);
|
|
80
129
|
}
|
|
81
130
|
|
|
82
131
|
/**
|
|
@@ -90,6 +139,8 @@ export function isBlockedHref(href) {
|
|
|
90
139
|
return false;
|
|
91
140
|
}
|
|
92
141
|
// 转换为内部路径
|
|
93
|
-
|
|
142
|
+
const internalPath = url.pathname.substring(basePath.length - 1);
|
|
143
|
+
const pathnameWithQuery = getPathnameWithQuery(internalPath, url.search);
|
|
144
|
+
return isBlockedPath(pathnameWithQuery);
|
|
94
145
|
}
|
|
95
146
|
//# sourceMappingURL=auth.js.map
|
package/dist/esm/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","names":["getBasePath","matchPath","createLocation","resetPermissionPreChecks","auth","pathBlackListSet","Set","authenticate","newAuth","_newAuth$license","Object","assign","org","username","userInstanceId","loginFrom","accessRule","isAdmin","csrfToken","license","accessToken","userShowValue","blackList","getAuth","logout","key","keys","undefined","isLoggedIn","addPathToBlackList","path","add","isBlockedPath","
|
|
1
|
+
{"version":3,"file":"auth.js","names":["getBasePath","getRuntime","matchPath","createLocation","resetPermissionPreChecks","auth","pathBlackListSet","Set","authenticate","newAuth","_newAuth$license","Object","assign","org","username","userInstanceId","loginFrom","accessRule","isAdmin","csrfToken","license","accessToken","userShowValue","blackList","getAuth","logout","key","keys","undefined","isLoggedIn","addPathToBlackList","path","add","isBlockedPath","pathnameWithQuery","some","pattern","patternPath","patternQuery","split","pathname","pathQuery","pathMatched","patternParams","URLSearchParams","pathParams","value","entries","get","getPathnameWithQuery","search","flags","getFeatureFlags","blackListPreserveQueryFlag","isBlockedUrl","url","location","isBlockedHref","href","basePath","URL","origin","startsWith","internalPath","substring","length"],"sources":["../../src/auth.ts"],"sourcesContent":["import { getBasePath, getRuntime, matchPath } from \"@next-core/runtime\";\nimport type { AuthApi_CheckLoginResponseBody } from \"@next-api-sdk/api-gateway-sdk\";\nimport { createLocation, type LocationDescriptor } from \"history\";\nimport { resetPermissionPreChecks } from \"./checkPermissions.js\";\n\nconst auth: AuthInfo = {};\nlet pathBlackListSet = new Set<string>();\n\n/** @internal */\nexport type AuthInfo = Omit<AuthApi_CheckLoginResponseBody, \"loggedIn\">;\n\n/** @internal */\nexport function authenticate(newAuth: AuthInfo): void {\n Object.assign(auth, {\n org: newAuth.org,\n username: newAuth.username,\n userInstanceId: newAuth.userInstanceId,\n loginFrom: newAuth.loginFrom,\n accessRule: newAuth.accessRule,\n isAdmin: newAuth.isAdmin,\n csrfToken: newAuth.csrfToken,\n license: newAuth.license,\n accessToken: newAuth.accessToken,\n userShowValue: newAuth.userShowValue,\n });\n\n pathBlackListSet = new Set(newAuth.license?.blackList);\n}\n\n/**\n * 获取当前登录认证信息。\n *\n * @returns 当前登录认证信息。\n */\nexport function getAuth(): AuthInfo {\n return {\n ...auth,\n };\n}\n\n/** @internal */\nexport function logout(): void {\n for (const key of Object.keys(auth) as (keyof AuthInfo)[]) {\n auth[key] = undefined;\n }\n resetPermissionPreChecks();\n}\n\n/**\n * 查看当前是否已登录。\n *\n * @returns 当前是否已登录。\n */\nexport function isLoggedIn(): boolean {\n return auth.username !== undefined;\n}\n\n/**\n * 增加路径黑名单\n */\nexport function addPathToBlackList(path: string): void {\n pathBlackListSet.add(path);\n}\n\n/**\n * 判断一个内部 URL 路径是否被屏蔽。\n *\n * @param pathnameWithQuery - 路径(可包含查询字符串)\n * @returns 是否被屏蔽\n */\nexport function isBlockedPath(pathnameWithQuery: string): boolean {\n return [...pathBlackListSet].some((pattern) => {\n // 分离 pattern 的路径和查询字符串\n const [patternPath, patternQuery] = pattern.split(\"?\");\n\n // 分离待检查路径的路径和查询字符串\n const [pathname, pathQuery] = pathnameWithQuery.split(\"?\");\n\n // 首先匹配路径部分\n const pathMatched = matchPath(pathname, { path: patternPath });\n if (!pathMatched) {\n return false;\n }\n\n // 如果 pattern 不包含查询字符串,只要路径匹配就返回 true\n if (!patternQuery) {\n return true;\n }\n\n // 如果 pattern 包含查询字符串,但待检查路径没有,返回 false\n if (!pathQuery) {\n return false;\n }\n\n // 精确匹配查询字符串(所有 pattern 中的参数必须存在且值相同)\n const patternParams = new URLSearchParams(patternQuery);\n const pathParams = new URLSearchParams(pathQuery);\n\n for (const [key, value] of patternParams.entries()) {\n if (pathParams.get(key) !== value) {\n return false;\n }\n }\n\n return true;\n });\n}\n\n/**\n * 根据特性开关决定是否拼接查询字符串\n * @param pathname - 路径名\n * @param search - 查询字符串(可选)\n * @returns 拼接后的路径\n */\nfunction getPathnameWithQuery(pathname: string, search?: string): string {\n const flags = getRuntime().getFeatureFlags();\n const blackListPreserveQueryFlag = flags?.[\"blacklist-preserve-query-string\"];\n return blackListPreserveQueryFlag && search ? pathname + search : pathname;\n}\n\n/**\n * 判断一个内部 URL 是否被屏蔽。\n */\nexport function isBlockedUrl(url: string | LocationDescriptor): boolean {\n const location = typeof url === \"string\" ? createLocation(url) : url;\n const pathname = location.pathname;\n if (typeof pathname !== \"string\") {\n return false;\n }\n const pathnameWithQuery = getPathnameWithQuery(pathname, location.search);\n return isBlockedPath(pathnameWithQuery);\n}\n\n/**\n * 判断一个 href 是否被屏蔽。\n */\nexport function isBlockedHref(href: string): boolean {\n const basePath = getBasePath();\n const url = new URL(href, `${location.origin}${basePath}`);\n // 忽略外链地址\n if (url.origin !== location.origin || !url.pathname.startsWith(basePath)) {\n return false;\n }\n // 转换为内部路径\n const internalPath = url.pathname.substring(basePath.length - 1);\n const pathnameWithQuery = getPathnameWithQuery(internalPath, url.search);\n return isBlockedPath(pathnameWithQuery);\n}\n"],"mappings":"AAAA,SAASA,WAAW,EAAEC,UAAU,EAAEC,SAAS,QAAQ,oBAAoB;AAEvE,SAASC,cAAc,QAAiC,SAAS;AACjE,SAASC,wBAAwB,QAAQ,uBAAuB;AAEhE,MAAMC,IAAc,GAAG,CAAC,CAAC;AACzB,IAAIC,gBAAgB,GAAG,IAAIC,GAAG,CAAS,CAAC;;AAExC;;AAGA;AACA,OAAO,SAASC,YAAYA,CAACC,OAAiB,EAAQ;EAAA,IAAAC,gBAAA;EACpDC,MAAM,CAACC,MAAM,CAACP,IAAI,EAAE;IAClBQ,GAAG,EAAEJ,OAAO,CAACI,GAAG;IAChBC,QAAQ,EAAEL,OAAO,CAACK,QAAQ;IAC1BC,cAAc,EAAEN,OAAO,CAACM,cAAc;IACtCC,SAAS,EAAEP,OAAO,CAACO,SAAS;IAC5BC,UAAU,EAAER,OAAO,CAACQ,UAAU;IAC9BC,OAAO,EAAET,OAAO,CAACS,OAAO;IACxBC,SAAS,EAAEV,OAAO,CAACU,SAAS;IAC5BC,OAAO,EAAEX,OAAO,CAACW,OAAO;IACxBC,WAAW,EAAEZ,OAAO,CAACY,WAAW;IAChCC,aAAa,EAAEb,OAAO,CAACa;EACzB,CAAC,CAAC;EAEFhB,gBAAgB,GAAG,IAAIC,GAAG,EAAAG,gBAAA,GAACD,OAAO,CAACW,OAAO,cAAAV,gBAAA,uBAAfA,gBAAA,CAAiBa,SAAS,CAAC;AACxD;;AAEA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,OAAOA,CAAA,EAAa;EAClC,OAAO;IACL,GAAGnB;EACL,CAAC;AACH;;AAEA;AACA,OAAO,SAASoB,MAAMA,CAAA,EAAS;EAC7B,KAAK,MAAMC,GAAG,IAAIf,MAAM,CAACgB,IAAI,CAACtB,IAAI,CAAC,EAAwB;IACzDA,IAAI,CAACqB,GAAG,CAAC,GAAGE,SAAS;EACvB;EACAxB,wBAAwB,CAAC,CAAC;AAC5B;;AAEA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASyB,UAAUA,CAAA,EAAY;EACpC,OAAOxB,IAAI,CAACS,QAAQ,KAAKc,SAAS;AACpC;;AAEA;AACA;AACA;AACA,OAAO,SAASE,kBAAkBA,CAACC,IAAY,EAAQ;EACrDzB,gBAAgB,CAAC0B,GAAG,CAACD,IAAI,CAAC;AAC5B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASE,aAAaA,CAACC,iBAAyB,EAAW;EAChE,OAAO,CAAC,GAAG5B,gBAAgB,CAAC,CAAC6B,IAAI,CAAEC,OAAO,IAAK;IAC7C;IACA,MAAM,CAACC,WAAW,EAAEC,YAAY,CAAC,GAAGF,OAAO,CAACG,KAAK,CAAC,GAAG,CAAC;;IAEtD;IACA,MAAM,CAACC,QAAQ,EAAEC,SAAS,CAAC,GAAGP,iBAAiB,CAACK,KAAK,CAAC,GAAG,CAAC;;IAE1D;IACA,MAAMG,WAAW,GAAGxC,SAAS,CAACsC,QAAQ,EAAE;MAAET,IAAI,EAAEM;IAAY,CAAC,CAAC;IAC9D,IAAI,CAACK,WAAW,EAAE;MAChB,OAAO,KAAK;IACd;;IAEA;IACA,IAAI,CAACJ,YAAY,EAAE;MACjB,OAAO,IAAI;IACb;;IAEA;IACA,IAAI,CAACG,SAAS,EAAE;MACd,OAAO,KAAK;IACd;;IAEA;IACA,MAAME,aAAa,GAAG,IAAIC,eAAe,CAACN,YAAY,CAAC;IACvD,MAAMO,UAAU,GAAG,IAAID,eAAe,CAACH,SAAS,CAAC;IAEjD,KAAK,MAAM,CAACf,GAAG,EAAEoB,KAAK,CAAC,IAAIH,aAAa,CAACI,OAAO,CAAC,CAAC,EAAE;MAClD,IAAIF,UAAU,CAACG,GAAG,CAACtB,GAAG,CAAC,KAAKoB,KAAK,EAAE;QACjC,OAAO,KAAK;MACd;IACF;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASG,oBAAoBA,CAACT,QAAgB,EAAEU,MAAe,EAAU;EACvE,MAAMC,KAAK,GAAGlD,UAAU,CAAC,CAAC,CAACmD,eAAe,CAAC,CAAC;EAC5C,MAAMC,0BAA0B,GAAGF,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAG,iCAAiC,CAAC;EAC7E,OAAOE,0BAA0B,IAAIH,MAAM,GAAGV,QAAQ,GAAGU,MAAM,GAAGV,QAAQ;AAC5E;;AAEA;AACA;AACA;AACA,OAAO,SAASc,YAAYA,CAACC,GAAgC,EAAW;EACtE,MAAMC,QAAQ,GAAG,OAAOD,GAAG,KAAK,QAAQ,GAAGpD,cAAc,CAACoD,GAAG,CAAC,GAAGA,GAAG;EACpE,MAAMf,QAAQ,GAAGgB,QAAQ,CAAChB,QAAQ;EAClC,IAAI,OAAOA,QAAQ,KAAK,QAAQ,EAAE;IAChC,OAAO,KAAK;EACd;EACA,MAAMN,iBAAiB,GAAGe,oBAAoB,CAACT,QAAQ,EAAEgB,QAAQ,CAACN,MAAM,CAAC;EACzE,OAAOjB,aAAa,CAACC,iBAAiB,CAAC;AACzC;;AAEA;AACA;AACA;AACA,OAAO,SAASuB,aAAaA,CAACC,IAAY,EAAW;EACnD,MAAMC,QAAQ,GAAG3D,WAAW,CAAC,CAAC;EAC9B,MAAMuD,GAAG,GAAG,IAAIK,GAAG,CAACF,IAAI,EAAE,GAAGF,QAAQ,CAACK,MAAM,GAAGF,QAAQ,EAAE,CAAC;EAC1D;EACA,IAAIJ,GAAG,CAACM,MAAM,KAAKL,QAAQ,CAACK,MAAM,IAAI,CAACN,GAAG,CAACf,QAAQ,CAACsB,UAAU,CAACH,QAAQ,CAAC,EAAE;IACxE,OAAO,KAAK;EACd;EACA;EACA,MAAMI,YAAY,GAAGR,GAAG,CAACf,QAAQ,CAACwB,SAAS,CAACL,QAAQ,CAACM,MAAM,GAAG,CAAC,CAAC;EAChE,MAAM/B,iBAAiB,GAAGe,oBAAoB,CAACc,YAAY,EAAER,GAAG,CAACL,MAAM,CAAC;EACxE,OAAOjB,aAAa,CAACC,iBAAiB,CAAC;AACzC","ignoreList":[]}
|
package/dist/types/auth.d.ts
CHANGED
|
@@ -24,8 +24,11 @@ export declare function isLoggedIn(): boolean;
|
|
|
24
24
|
export declare function addPathToBlackList(path: string): void;
|
|
25
25
|
/**
|
|
26
26
|
* 判断一个内部 URL 路径是否被屏蔽。
|
|
27
|
+
*
|
|
28
|
+
* @param pathnameWithQuery - 路径(可包含查询字符串)
|
|
29
|
+
* @returns 是否被屏蔽
|
|
27
30
|
*/
|
|
28
|
-
export declare function isBlockedPath(
|
|
31
|
+
export declare function isBlockedPath(pathnameWithQuery: string): boolean;
|
|
29
32
|
/**
|
|
30
33
|
* 判断一个内部 URL 是否被屏蔽。
|
|
31
34
|
*/
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@next-core/easyops-runtime",
|
|
3
|
-
"version": "0.15.
|
|
3
|
+
"version": "0.15.28",
|
|
4
4
|
"homepage": "https://github.com/easyops-cn/next-core/tree/v3/packages/easyops-runtime",
|
|
5
5
|
"license": "GPL-3.0",
|
|
6
6
|
"repository": {
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"@next-core/cook": "^2.5.12",
|
|
50
50
|
"@next-core/http": "^1.2.14",
|
|
51
51
|
"@next-core/pipes": "^2.0.36",
|
|
52
|
-
"@next-core/runtime": "^1.72.
|
|
52
|
+
"@next-core/runtime": "^1.72.3",
|
|
53
53
|
"@next-core/types": "^1.19.0",
|
|
54
54
|
"@next-core/utils": "^1.8.9",
|
|
55
55
|
"js-yaml": "^3.14.1",
|
|
@@ -61,5 +61,5 @@
|
|
|
61
61
|
"jest-websocket-mock": "^2.5.0",
|
|
62
62
|
"whatwg-fetch": "^3.6.20"
|
|
63
63
|
},
|
|
64
|
-
"gitHead": "
|
|
64
|
+
"gitHead": "9943d00dfa9228c45a10362013cfc10103f771a3"
|
|
65
65
|
}
|