npm - @nocobase/plugin-verification - Versions diffs - 0.7.5-alpha.1 - Mend

@nocobase/plugin-verification 0.7.5-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/LICENSE +201 -0
package/lib/Plugin.d.ts +21 -0
package/lib/Plugin.js +216 -0
package/lib/actions/index.d.ts +3 -0
package/lib/actions/index.js +30 -0
package/lib/actions/verifications.d.ts +2 -0
package/lib/actions/verifications.js +195 -0
package/lib/collections/verifications.d.ts +29 -0
package/lib/collections/verifications.js +35 -0
package/lib/collections/verifications_providers.d.ts +13 -0
package/lib/collections/verifications_providers.js +24 -0
package/lib/constants.d.ts +3 -0
package/lib/constants.js +12 -0
package/lib/index.d.ts +4 -0
package/lib/index.js +46 -0
package/lib/locale/index.d.ts +1 -0
package/lib/locale/index.js +15 -0
package/lib/locale/zh-CN.d.ts +7 -0
package/lib/locale/zh-CN.js +13 -0
package/lib/providers/index.d.ts +14 -0
package/lib/providers/index.js +84 -0
package/lib/providers/sms-aliyun.d.ts +7 -0
package/lib/providers/sms-aliyun.js +111 -0
package/package.json +25 -0
package/src/Plugin.ts +141 -0
package/src/__tests__/Plugin.test.ts +162 -0
package/src/__tests__/collections/authors.ts +15 -0
package/src/__tests__/index.ts +39 -0
package/src/actions/index.ts +14 -0
package/src/actions/verifications.ts +105 -0
package/src/collections/verifications.ts +36 -0
package/src/collections/verifications_providers.ts +22 -0
package/src/constants.ts +4 -0
package/src/index.ts +5 -0
package/src/locale/index.ts +1 -0
package/src/locale/zh-CN.ts +6 -0
package/src/providers/index.ts +32 -0
package/src/providers/sms-aliyun.ts +62 -0

package/src/__tests__/Plugin.test.ts ADDED Viewed

@@ -0,0 +1,162 @@
+import { MockServer } from '@nocobase/test';
+import Database from '@nocobase/database';
+import Plugin, { Provider } from '..';
+import { getApp, sleep } from '.';
+describe('verification > Plugin', () => {
+  let app: MockServer;
+  let agent;
+  let db: Database;
+  let plugin;
+  let AuthorModel;
+  let AuthorRepo;
+  let VerificationModel;
+  let provider;
+  beforeEach(async () => {
+    app = await getApp();
+    agent = app.agent();
+    db = app.db;
+    plugin = <Plugin>app.getPlugin('@nocobase/plugin-verification');
+    VerificationModel = db.getCollection('verifications').model;
+    AuthorModel = db.getCollection('authors').model;
+    AuthorRepo = db.getCollection('authors').repository;
+    plugin.providers.register('fake', Provider);
+    const VerificationProviderModel = db.getCollection('verifications_providers').model;
+    provider = await VerificationProviderModel.create({
+      id: 'fake1',
+      type: 'fake',
+    });
+  });
+  afterEach(() => app.destroy());
+  describe('auto intercept', () => {
+    beforeEach(async () => {
+      plugin.interceptors.register('authors:create', {
+        provider: 'fake1',
+        getReceiver(ctx) {
+          return ctx.action.params.values.phone;
+        },
+        expiresIn: 2
+      });
+    });
+    it('submit in time', async () => {
+      const res1 = await agent.resource('authors').create({
+        values: { phone: '1' }
+      });
+      expect(res1.status).toBe(400);
+      const res2 = await agent.resource('verifications').create({
+        values: {
+          type: 'authors:create',
+          phone: '1'
+        }
+      });
+      expect(res2.status).toBe(200);
+      expect(res2.body.data.id).toBeDefined();
+      expect(res2.body.data.content).toBeUndefined();
+      const expiresAt = Date.parse(res2.body.data.expiresAt);
+      expect(expiresAt - Date.now()).toBeLessThan(2000);
+      const res3 = await agent.resource('verifications').create({
+        values: {
+          type: 'authors:create',
+          phone: '1'
+        }
+      });
+      expect(res3.status).toBe(429);
+      const verification = await VerificationModel.findByPk(res2.body.data.id);
+      const res4 = await agent.resource('authors').create({
+        values: { phone: '1', code: verification.get('content') }
+      });
+      expect(res4.status).toBe(200);
+    });
+    it('expired', async () => {
+      const res1 = await agent.resource('verifications').create({
+        values: {
+          type: 'authors:create',
+          phone: '1'
+        }
+      });
+      await sleep(2000);
+      const verification = await VerificationModel.findByPk(res1.body.data.id);
+      const res2 = await agent.resource('authors').create({
+        values: { phone: '1', code: verification.get('content') }
+      });
+      expect(res2.status).toBe(400);
+    });
+  });
+  describe('manually intercept', () => {
+    beforeEach(async () => {
+      plugin.interceptors.register('authors:create', {
+        manual: true,
+        provider: 'fake1',
+        getReceiver(ctx) {
+          return ctx.action.params.values.phone;
+        },
+        expiresIn: 2
+      });
+    });
+    it('will not intercept', async () => {
+      const res1 = await agent.resource('authors').create({
+        values: { phone: '1' }
+      });
+      expect(res1.status).toBe(200);
+    });
+    it('will intercept', async () => {
+      app.resourcer.registerActionHandler('authors:create', plugin.intercept);
+      const res1 = await agent.resource('authors').create({
+        values: { phone: '1' }
+      });
+      expect(res1.status).toBe(400);
+    });
+  });
+  describe('validate', () => {
+    beforeEach(async () => {
+      plugin.interceptors.register('authors:create', {
+        provider: 'fake1',
+        getReceiver(ctx) {
+          return ctx.action.params.values.phone;
+        },
+        validate: Boolean
+      });
+    });
+    it('valid', async () => {
+      const res1 = await agent.resource('verifications').create({
+        values: {
+          type: 'authors:create',
+          phone: '1'
+        }
+      });
+      expect(res1.status).toBe(200);
+    });
+    it('invalid', async () => {
+      const res1 = await agent.resource('verifications').create({
+        values: {
+          type: 'authors:create',
+          phone: ''
+        }
+      });
+      expect(res1.status).toBe(400);
+    });
+  });
+});

package/src/__tests__/collections/authors.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { CollectionOptions } from '@nocobase/database';
+export default {
+  name: 'authors',
+  fields: [
+    {
+      type: 'string',
+      name: 'title',
+    },
+    {
+      type: 'string',
+      name: 'phone'
+    }
+  ]
+} as CollectionOptions;

package/src/__tests__/index.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import path from 'path';
+import { MockServer, mockServer } from '@nocobase/test';
+import Plugin from '..';
+import { ApplicationOptions } from '@nocobase/server';
+export function sleep(ms: number) {
+  return new Promise(resolve => {
+    setTimeout(resolve, ms);
+  });
+}
+interface MockAppOptions extends ApplicationOptions {
+  manual?: boolean;
+}
+export async function getApp({ manual, ...options }: MockAppOptions = {}): Promise<MockServer> {
+  const app = mockServer(options);
+  app.plugin(Plugin);
+  await app.load();
+  await app.db.import({
+    directory: path.resolve(__dirname, './collections')
+  });
+  try {
+    await app.db.sync();
+  } catch (error) {
+    console.error(error);
+  }
+  if (!manual) {
+    await app.start();
+  }
+  return app;
+}

package/src/actions/index.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import * as verifications from './verifications';
+function make(name, mod) {
+  return Object.keys(mod).reduce((result, key) => ({
+    ...result,
+    [`${name}:${key}`]: mod[key]
+  }), {})
+}
+export default function ({ app }) {
+  app.actions({
+    ...make('verifications', verifications)
+  });
+}

package/src/actions/verifications.ts ADDED Viewed

@@ -0,0 +1,105 @@
+import { promisify } from 'util';
+import { randomInt, randomUUID } from 'crypto';
+import { Op } from '@nocobase/database';
+import actions, { Context, Next } from '@nocobase/actions';
+import Plugin, { namespace } from '..';
+import { CODE_STATUS_UNUSED } from '../constants';
+import moment from 'moment';
+const asyncRandomInt = promisify(randomInt);
+export async function create(context: Context, next: Next) {
+  const plugin = context.app.getPlugin('@nocobase/plugin-verification') as Plugin;
+  const { values } = context.action.params;
+  const interceptor = plugin.interceptors.get(values?.type);
+  if (!interceptor) {
+    return context.throw(400, 'Invalid action type');
+  }
+  const ProviderRepo = context.db.getRepository('verifications_providers');
+  const providerItem = await ProviderRepo.findOne({
+    filterByTk: interceptor.provider
+  });
+  if (!providerItem) {
+    console.error(`[verification] no provider for action (${values.type}) provided`);
+    return context.throw(500);
+  }
+  const receiver = interceptor.getReceiver(context);
+  if (!receiver) {
+    return context.throw(400, { code: 'InvalidReceiver', message: 'Invalid receiver' });
+  }
+  const VerificationModel = context.db.getModel('verifications');
+  const record = await VerificationModel.findOne({
+    where: {
+      type: values.type,
+      receiver,
+      status: CODE_STATUS_UNUSED,
+      expiresAt: {
+        [Op.gt]: new Date()
+      }
+    }
+  });
+  if (record) {
+    const seconds = moment(record.get('expiresAt')).diff(moment(), 'seconds');
+    // return context.throw(429, { code: 'RateLimit', message: context.t('Please don\'t retry in {{time}}', { time: moment().locale('zh').to(record.get('expiresAt')) }) });
+    return context.throw(429, { code: 'RateLimit', message: context.t('Please don\'t retry in {{time}} seconds', { time: seconds, ns: namespace }) });
+  }
+  const code = (<number>(await asyncRandomInt(999999))).toString(10).padStart(6, '0');
+  if (interceptor.validate) {
+    try {
+      await interceptor.validate(context, receiver);
+    } catch (err) {
+      return context.throw(400, { code: 'InvalidReceiver', message: err.message });
+    }
+  }
+  const ProviderType = plugin.providers.get(<string>providerItem.get('type'));
+  const provider = new ProviderType(plugin, providerItem.get('options'));
+  try {
+    await provider.send(receiver, { code });
+    console.log('verification code sent');
+  } catch (error) {
+    switch (error.name) {
+      case 'InvalidReceiver':
+        // TODO: message should consider email and other providers, maybe use "receiver"
+        return context.throw(400, context.t('Not a valid cellphone number, please re-enter', {ns: namespace }));
+      case 'RateLimit':
+        return context.throw(429, context.t('You are trying so frequently, please slow down', { ns: namespace }));
+      default:
+        console.error(error);
+        return context.throw(500, context.t('Verification send failed, please try later or contact to administrator', { ns: namespace }));
+    }
+  }
+  const data = {
+    id: randomUUID(),
+    type: values.type,
+    receiver,
+    content: code,
+    expiresAt: Date.now() + (interceptor.expiresIn ?? 60) * 1000,
+    status: CODE_STATUS_UNUSED,
+    providerId: providerItem.get('id')
+  };
+  context.action.mergeParams({
+    values: data
+  }, {
+    values: 'overwrite'
+  });
+  await actions.create(context, async () => {
+    const { body: result } = context;
+    context.body = {
+      id: result.id,
+      expiresAt: result.expiresAt
+    };
+    return next();
+  });
+}

package/src/collections/verifications.ts ADDED Viewed

@@ -0,0 +1,36 @@
+export default {
+  name: 'verifications',
+  fields: [
+    {
+      type: 'uuid',
+      name: 'id',
+      primaryKey: true
+    },
+    {
+      type: 'string',
+      name: 'type'
+    },
+    {
+      type: 'string',
+      name: 'receiver'
+    },
+    {
+      type: 'integer',
+      name: 'status',
+      defaultValue: 0
+    },
+    {
+      type: 'date',
+      name: 'expiresAt'
+    },
+    {
+      type: 'string',
+      name: 'content'
+    },
+    {
+      type: 'belongsTo',
+      name: 'provider',
+      target: 'verifications_providers',
+    }
+  ]
+};

package/src/collections/verifications_providers.ts ADDED Viewed

@@ -0,0 +1,22 @@
+export default {
+  name: 'verifications_providers',
+  fields: [
+    {
+      type: 'string',
+      name: 'id',
+      primaryKey: true
+    },
+    {
+      type: 'string',
+      name: 'title',
+    },
+    {
+      type: 'string',
+      name: 'type'
+    },
+    {
+      type: 'jsonb',
+      name: 'options'
+    }
+  ]
+};

package/src/constants.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export const PROVIDER_TYPE_SMS_ALIYUN = 'sms-aliyun';
+export const CODE_STATUS_UNUSED = 0;
+export const CODE_STATUS_USED = 1;

package/src/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './constants';
+export { Provider } from './providers';
+export { Interceptor, default } from './Plugin';
+export const namespace = require('../package.json').name;

package/src/locale/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { default as zhCN } from './zh-CN';

package/src/locale/zh-CN.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export default {
+  'Verification send failed, please try later or contact to administrator': '验证码发送失败，请稍后重试或联系管理员',
+  'Not a valid cellphone number, please re-enter': '不是有效的手机号，请重新输入',
+  "Please don't retry in {{time}} seconds": '请 {{time}} 秒后再试',
+  'You are trying so frequently, please slow down': '您的操作太频繁，请稍后再试'
+};

package/src/providers/index.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import path from 'path';
+import { requireModule } from '@nocobase/utils';
+import Plugin from '../Plugin';
+import { PROVIDER_TYPE_SMS_ALIYUN } from '../constants';
+export class Provider {
+  constructor(protected plugin: Plugin, protected options) {}
+  async send(receiver: string, data: { [key: string]: any }): Promise<any>{}
+}
+interface Providers {
+  [key: string]: typeof Provider
+}
+export default function(plugin: Plugin, more: Providers = {}) {
+  const { providers } = plugin;
+  const natives = [
+    PROVIDER_TYPE_SMS_ALIYUN
+  ].reduce((result, key) => Object.assign(result, {
+    [key]: requireModule(path.isAbsolute(key) ? key : path.join(__dirname, key)) as typeof Provider
+  }), {} as Providers);
+  for (const [name, provider] of Object.entries({ ...more, ...natives })) {
+    providers.register(name, provider);
+  }
+}

package/src/providers/sms-aliyun.ts ADDED Viewed

@@ -0,0 +1,62 @@
+import DysmsApi, { SendSmsRequest } from '@alicloud/dysmsapi20170525';
+import * as OpenApi from '@alicloud/openapi-client';
+import { RuntimeOptions } from '@alicloud/tea-util';
+import { Provider } from '.';
+export default class extends Provider {
+  client: DysmsApi;
+  constructor(plugin, options) {
+    super(plugin, options);
+    const { accessKeyId, accessKeySecret, endpoint } = this.options;
+    let config = new OpenApi.Config({
+      // 您的 AccessKey ID
+      accessKeyId: accessKeyId,
+      // 您的 AccessKey Secret
+      accessKeySecret: accessKeySecret,
+    });
+    // 访问的域名
+    config.endpoint = endpoint;
+    this.client =  new DysmsApi(config);
+  }
+  async send(phoneNumbers, data = {}) {
+    const request = new SendSmsRequest({
+      phoneNumbers,
+      signName: this.options.sign,
+      templateCode: this.options.template,
+      templateParam: JSON.stringify(data)
+    });
+    try {
+      const { body } = await this.client.sendSmsWithOptions(request, new RuntimeOptions({}));
+      let err = new Error(body.message);
+      switch (body.code) {
+        case 'OK':
+          break;
+        case 'isv.MOBILE_NUMBER_ILLEGAL':
+          err.name = 'InvalidReceiver';
+          return Promise.reject(err);
+        case 'isv.BUSINESS_LIMIT_CONTROL':
+          err.name = 'RateLimit';
+          console.error(body);
+          return Promise.reject(err);
+        default:
+          // should not let user to know
+          console.error(body);
+          err.name = 'SendSMSFailed';
+          return Promise.reject(err);
+      }
+    } catch (error) {
+      return Promise.reject(error);
+    }
+  }
+}