@ruiapp/rapid-core 0.3.4 → 0.3.6

package/dist/helpers/licenseHelper.d.ts

@@ -0,0 +1,4 @@
+import { IRpdServer } from "../core/server";
+import { Logger } from "../facilities/log/LogFacility";
+export declare function validateLicense(server: IRpdServer): void;
+export declare function tryValidateLicense(logger: Logger, server: IRpdServer): boolean;

package/dist/index.d.ts

@@ -9,6 +9,8 @@ export * from "./utilities/accessControlUtility";
 export * from "./utilities/entityUtility";
 export * from "./utilities/jwtUtility";
 export * from "./utilities/timeUtility";
+export * from "./utilities/passwordUtility";
+export * from "./helpers/licenseHelper";
 export { mapDbRowToEntity } from "./dataAccess/entityMapper";
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";
 export { default as MetaManagePlugin } from "./plugins/metaManage/MetaManagePlugin";

package/dist/index.js

@@ -9,7 +9,7 @@ var qs = require('qs');
 var dayjs = require('dayjs');
 var jsonwebtoken = require('jsonwebtoken');
 var crypto = require('crypto');
-var bcrypt = require('bcrypt');
+var bcrypt = require('bcryptjs');
 var path = require('path');
 var fs = require('fs');
 var uuid = require('uuid');
@@ -4361,6 +4361,54 @@ async function generateJwtSecretKey() {
     return encode(exportedKey);
 }
 
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+async function generatePasswordHash(password, salt) {
+    if (!salt) {
+        salt = 10;
+    }
+    const passwordHash = await bcrypt__default["default"].hash(password, salt);
+    return passwordHash;
+}
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+async function validatePassword(password, passwordHash) {
+    const isMatch = await bcrypt__default["default"].compare(password, passwordHash);
+    return isMatch;
+}
+
+function validateLicense(server) {
+    const licenseService = server.getService("licenseService");
+    const license = licenseService.getLicense();
+    if (!license) {
+        const errorMessage = `无法获取系统授权信息。`;
+        throw new Error(errorMessage);
+    }
+    if (licenseService.isExpired()) {
+        const expireDate = lodash.get(license.authority, "expireDate");
+        const errorMessage = `您的系统授权已于${expireDate}过期。`;
+        throw new Error(errorMessage);
+    }
+}
+function tryValidateLicense(logger, server) {
+    try {
+        validateLicense(server);
+        return true;
+    }
+    catch (err) {
+        logger.error("授权验证失败：%s", err.message || "");
+    }
+    return false;
+}
+
 const code$u = "listMetaModels";
 async function handler$u(plugin, ctx, options) {
     const { applicationConfig } = ctx;
@@ -6023,12 +6071,11 @@ async function handler$e(plugin, ctx, options) {
     if (!user) {
         throw new Error("User not found.");
     }
-    const isMatch = await bcrypt__default["default"].compare(oldPassword, user.password);
+    const isMatch = await validatePassword(oldPassword, user.password);
     if (!isMatch) {
         throw new Error("旧密码错误。");
     }
-    const saltRounds = 10;
-    const passwordHash = await bcrypt__default["default"].hash(newPassword, saltRounds);
+    const passwordHash = await generatePasswordHash(newPassword);
     await userDataAccessor.updateById(user.id, {
         password: passwordHash,
     });
@@ -6043,18 +6090,10 @@ var changePassword$1 = /*#__PURE__*/Object.freeze({
 
 const code$d = "createSession";
 async function handler$d(plugin, ctx, options) {
-    const { server, input, routerContext } = ctx;
-    const { response } = routerContext;
+    const { server, input, routerContext: routeContext, logger } = ctx;
+    const { response } = routeContext;
     const { account, password } = input;
-    const licenseService = server.getService("licenseService");
-    const license = licenseService.getLicense();
-    if (!license) {
-        throw new Error(`登录失败，无法获取系统授权信息。`);
-    }
-    if (licenseService.isExpired()) {
-        const expireDate = lodash.get(license.authority, "expireDate");
-        throw new Error(`登录失败，系统授权已于${expireDate}过期。`);
-    }
+    validateLicense(server);
     const userDataAccessor = server.getDataAccessor({
         singularCode: "oc_user",
     });
@@ -6070,7 +6109,10 @@ async function handler$d(plugin, ctx, options) {
     if (!user) {
         throw new Error("用户名或密码错误。");
     }
-    const isMatch = await bcrypt__default["default"].compare(password, user.password);
+    if (user.state !== "enabled") {
+        throw new Error("用户已被禁用，不允许登录。");
+    }
+    const isMatch = await validatePassword(password, user.password);
     if (!isMatch) {
         throw new Error("用户名或密码错误。");
     }
@@ -6170,8 +6212,7 @@ async function handler$a(plugin, ctx, options) {
     if (!user) {
         throw new Error("User not found.");
     }
-    const saltRounds = 10;
-    const passwordHash = await bcrypt__default["default"].hash(password, saltRounds);
+    const passwordHash = await generatePasswordHash(password);
     await userDataAccessor.updateById(user.id, {
         password: passwordHash,
     });
@@ -7869,6 +7910,7 @@ class CronJobPlugin {
     async executeJob(server, job) {
         const logger = server.getLogger();
         try {
+            validateLicense(server);
             let handlerContext = {
                 logger,
                 routerContext: null,
@@ -8299,9 +8341,13 @@ exports.bootstrapApplicationConfig = bootstrapApplicationConfig$1;
 exports.createJwt = createJwt;
 exports.decodeJwt = decodeJwt;
 exports.generateJwtSecretKey = generateJwtSecretKey;
+exports.generatePasswordHash = generatePasswordHash;
 exports.getEntityRelationTargetId = getEntityRelationTargetId;
 exports.getNowString = getNowString;
 exports.getNowStringWithTimezone = getNowStringWithTimezone;
 exports.isAccessAllowed = isAccessAllowed;
 exports.mapDbRowToEntity = mapDbRowToEntity;
+exports.tryValidateLicense = tryValidateLicense;
+exports.validateLicense = validateLicense;
+exports.validatePassword = validatePassword;
 exports.verifyJwt = verifyJwt;

package/dist/utilities/passwordUtility.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+export declare function generatePasswordHash(password: string, salt?: number | string): Promise<string>;
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+export declare function validatePassword(password: string, passwordHash: string): Promise<boolean>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ruiapp/rapid-core",
-  "version": "0.3.4",
+  "version": "0.3.6",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -19,7 +19,7 @@
     "typescript": "^4.8.4"
   },
   "dependencies": {
-    "bcrypt": "^5.1.1",
+    "bcryptjs": "^3.0.2",
     "cron": "^3.1.7",
     "dayjs": "^1.11.7",
     "jsonwebtoken": "^9.0.2",

package/src/helpers/licenseHelper.ts

@@ -0,0 +1,29 @@
+import { get } from "lodash";
+import { IRpdServer } from "~/core/server";
+import { Logger } from "~/facilities/log/LogFacility";
+import LicenseService from "~/plugins/license/LicenseService";
+
+export function validateLicense(server: IRpdServer) {
+  const licenseService = server.getService<LicenseService>("licenseService");
+  const license = licenseService.getLicense();
+  if (!license) {
+    const errorMessage = `无法获取系统授权信息。`;
+    throw new Error(errorMessage);
+  }
+  if (licenseService.isExpired()) {
+    const expireDate = get(license.authority, "expireDate");
+    const errorMessage = `您的系统授权已于${expireDate}过期。`;
+    throw new Error(errorMessage);
+  }
+}
+
+export function tryValidateLicense(logger: Logger, server: IRpdServer) {
+  try {
+    validateLicense(server);
+    return true;
+  } catch (err: any) {
+    logger.error("授权验证失败：%s", err.message || "");
+  }
+
+  return false;
+}

package/src/index.ts

@@ -14,6 +14,9 @@ export * from "./utilities/accessControlUtility";
 export * from "./utilities/entityUtility";
 export * from "./utilities/jwtUtility";
 export * from "./utilities/timeUtility";
+export * from "./utilities/passwordUtility";
+
+export * from "./helpers/licenseHelper";
 
 export { mapDbRowToEntity } from "./dataAccess/entityMapper";
 

package/src/plugins/auth/actionHandlers/changePassword.ts

@@ -1,6 +1,6 @@
-import bcrypt from "bcrypt";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
+import { generatePasswordHash, validatePassword } from "~/utilities/passwordUtility";
 
 export const code = "changePassword";
 
@@ -38,13 +38,12 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("User not found.");
   }
 
-  const isMatch = await bcrypt.compare(oldPassword, user.password);
+  const isMatch = await validatePassword(oldPassword, user.password);
   if (!isMatch) {
     throw new Error("旧密码错误。");
   }
 
-  const saltRounds = 10;
-  const passwordHash = await bcrypt.hash(newPassword, saltRounds);
+  const passwordHash = await generatePasswordHash(newPassword);
 
   await userDataAccessor.updateById(user.id, {
     password: passwordHash,

package/src/plugins/auth/actionHandlers/createSession.ts

@@ -1,10 +1,9 @@
-import bcrypt from "bcrypt";
 import { setCookie } from "~/deno-std/http/cookie";
 import { createJwt } from "~/utilities/jwtUtility";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
-import LicenseService from "~/plugins/license/LicenseService";
-import { get } from "lodash";
+import { validateLicense } from "~/helpers/licenseHelper";
+import { validatePassword } from "~/utilities/passwordUtility";
 
 export interface UserAccessToken {
   sub: "userAccessToken";
@@ -14,19 +13,11 @@ export interface UserAccessToken {
 export const code = "createSession";
 
 export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, options: any) {
-  const { server, input, routerContext } = ctx;
-  const { response } = routerContext;
+  const { server, input, routerContext: routeContext, logger } = ctx;
+  const { response } = routeContext;
   const { account, password } = input;
 
-  const licenseService = server.getService<LicenseService>("licenseService");
-  const license = licenseService.getLicense();
-  if (!license) {
-    throw new Error(`登录失败，无法获取系统授权信息。`);
-  }
-  if (licenseService.isExpired()) {
-    const expireDate = get(license.authority, "expireDate");
-    throw new Error(`登录失败，系统授权已于${expireDate}过期。`);
-  }
+  validateLicense(server);
 
   const userDataAccessor = server.getDataAccessor({
     singularCode: "oc_user",
@@ -46,7 +37,11 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("用户名或密码错误。");
   }
 
-  const isMatch = await bcrypt.compare(password, user.password);
+  if (user.state !== "enabled") {
+    throw new Error("用户已被禁用，不允许登录。");
+  }
+
+  const isMatch = await validatePassword(password, user.password);
   if (!isMatch) {
     throw new Error("用户名或密码错误。");
   }

package/src/plugins/auth/actionHandlers/resetPassword.ts

@@ -1,6 +1,6 @@
-import bcrypt from "bcrypt";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
+import { generatePasswordHash } from "~/utilities/passwordUtility";
 
 export const code = "resetPassword";
 
@@ -27,8 +27,7 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("User not found.");
   }
 
-  const saltRounds = 10;
-  const passwordHash = await bcrypt.hash(password, saltRounds);
+  const passwordHash = await generatePasswordHash(password);
 
   await userDataAccessor.updateById(user.id, {
     password: passwordHash,

package/src/plugins/cronJob/CronJobPlugin.ts

@@ -12,6 +12,7 @@ import {
 } from "~/core/server";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { find } from "lodash";
+import { validateLicense } from "~/helpers/licenseHelper";
 
 class CronJobPlugin implements RapidPlugin {
   #jobs: CronJobConfiguration[];
@@ -89,6 +90,8 @@ class CronJobPlugin implements RapidPlugin {
   async executeJob(server: IRpdServer, job: CronJobConfiguration) {
     const logger = server.getLogger();
     try {
+      validateLicense(server);
+
       let handlerContext: ActionHandlerContext = {
         logger,
         routerContext: null,

package/src/utilities/passwordUtility.ts

@@ -0,0 +1,26 @@
+import bcrypt from "bcryptjs";
+
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+export async function generatePasswordHash(password: string, salt?: number | string): Promise<string> {
+  if (!salt) {
+    salt = 10;
+  }
+  const passwordHash = await bcrypt.hash(password, salt);
+  return passwordHash;
+}
+
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+export async function validatePassword(password: string, passwordHash: string): Promise<boolean> {
+  const isMatch = await bcrypt.compare(password, passwordHash);
+  return isMatch;
+}