@ruiapp/rapid-core 0.3.5 → 0.3.7

package/dist/index.d.ts

@@ -9,6 +9,7 @@ export * from "./utilities/accessControlUtility";
 export * from "./utilities/entityUtility";
 export * from "./utilities/jwtUtility";
 export * from "./utilities/timeUtility";
+export * from "./utilities/passwordUtility";
 export * from "./helpers/licenseHelper";
 export { mapDbRowToEntity } from "./dataAccess/entityMapper";
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";

package/dist/index.js

@@ -9,7 +9,7 @@ var qs = require('qs');
 var dayjs = require('dayjs');
 var jsonwebtoken = require('jsonwebtoken');
 var crypto = require('crypto');
-var bcrypt = require('bcrypt');
+var bcrypt = require('bcryptjs');
 var path = require('path');
 var fs = require('fs');
 var uuid = require('uuid');
@@ -4361,6 +4361,30 @@ async function generateJwtSecretKey() {
     return encode(exportedKey);
 }
 
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+async function generatePasswordHash(password, salt) {
+    if (!salt) {
+        salt = 10;
+    }
+    const passwordHash = await bcrypt__default["default"].hash(password, salt);
+    return passwordHash;
+}
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+async function validatePassword(password, passwordHash) {
+    const isMatch = await bcrypt__default["default"].compare(password, passwordHash);
+    return isMatch;
+}
+
 function validateLicense(server) {
     const licenseService = server.getService("licenseService");
     const license = licenseService.getLicense();
@@ -4385,32 +4409,32 @@ function tryValidateLicense(logger, server) {
     return false;
 }
 
-const code$u = "listMetaModels";
-async function handler$u(plugin, ctx, options) {
+const code$v = "listMetaModels";
+async function handler$v(plugin, ctx, options) {
     const { applicationConfig } = ctx;
     ctx.output = { list: applicationConfig.models };
 }
 
 var listMetaModels = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$u,
-  handler: handler$u
+  code: code$v,
+  handler: handler$v
 });
 
-const code$t = "listMetaRoutes";
-async function handler$t(plugin, ctx, options) {
+const code$u = "listMetaRoutes";
+async function handler$u(plugin, ctx, options) {
     const { applicationConfig } = ctx;
     ctx.output = { list: applicationConfig.routes };
 }
 
 var listMetaRoutes = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$t,
-  handler: handler$t
+  code: code$u,
+  handler: handler$u
 });
 
-const code$s = "getMetaModelDetail";
-async function handler$s(plugin, ctx, options) {
+const code$t = "getMetaModelDetail";
+async function handler$t(plugin, ctx, options) {
     const { server, input } = ctx;
     const model = server.getModel(input);
     ctx.output = model;
@@ -4418,8 +4442,8 @@ async function handler$s(plugin, ctx, options) {
 
 var getMetaModelDetail = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$s,
-  handler: handler$s
+  code: code$t,
+  handler: handler$t
 });
 
 function removeFiltersWithNullValue(filters) {
@@ -4933,9 +4957,9 @@ async function runCollectionEntityActionHandler(ctx, options, code, handleEntity
     }
 }
 
-const code$r = "findCollectionEntities";
-async function handler$r(plugin, ctx, options) {
-    await runCollectionEntityActionHandler(ctx, options, code$r, async (entityManager, input) => {
+const code$s = "findCollectionEntities";
+async function handler$s(plugin, ctx, options) {
+    await runCollectionEntityActionHandler(ctx, options, code$s, async (entityManager, input) => {
         input.filters = removeFiltersWithNullValue(input.filters);
         input.routeContext = ctx.routerContext;
         const entities = await entityManager.findEntities(input);
@@ -4951,14 +4975,14 @@ async function handler$r(plugin, ctx, options) {
 
 var findCollectionEntities = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$r,
-  handler: handler$r
+  code: code$s,
+  handler: handler$s
 });
 
-const code$q = "findCollectionEntityById";
-async function handler$q(plugin, ctx, options) {
+const code$r = "findCollectionEntityById";
+async function handler$r(plugin, ctx, options) {
     const { logger, server, input } = ctx;
-    logger.debug(`Running ${code$q} handler...`, { input });
+    logger.debug(`Running ${code$r} handler...`, { input });
     const { id } = input;
     const entityManager = server.getEntityManager(options.singularCode);
     const entity = await entityManager.findById({
@@ -4973,13 +4997,13 @@ async function handler$q(plugin, ctx, options) {
 
 var findCollectionEntityById = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$q,
-  handler: handler$q
+  code: code$r,
+  handler: handler$r
 });
 
-const code$p = "countCollectionEntities";
-async function handler$p(plugin, ctx, options) {
-    await runCollectionEntityActionHandler(ctx, options, code$p, async (entityManager, input) => {
+const code$q = "countCollectionEntities";
+async function handler$q(plugin, ctx, options) {
+    await runCollectionEntityActionHandler(ctx, options, code$q, async (entityManager, input) => {
         input.filters = removeFiltersWithNullValue(input.filters);
         input.routeContext = ctx.routerContext;
         const count = await entityManager.count(input);
@@ -4989,16 +5013,16 @@ async function handler$p(plugin, ctx, options) {
 
 var countCollectionEntities = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$p,
-  handler: handler$p
+  code: code$q,
+  handler: handler$q
 });
 
-const code$o = "createCollectionEntity";
-async function handler$o(plugin, ctx, options) {
+const code$p = "createCollectionEntity";
+async function handler$p(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { defaultInput, fixedInput } = options;
     const mergedInput = mergeInput(defaultInput, input, fixedInput);
-    logger.debug(`Running ${code$o} handler...`, { defaultInput, fixedInput, mergedInput });
+    logger.debug(`Running ${code$p} handler...`, { defaultInput, fixedInput, mergedInput });
     const entityManager = server.getEntityManager(options.singularCode);
     const output = await entityManager.createEntity({
         entity: input,
@@ -5009,15 +5033,15 @@ async function handler$o(plugin, ctx, options) {
 
 var createCollectionEntity = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$o,
-  handler: handler$o
+  code: code$p,
+  handler: handler$p
 });
 
-const code$n = "createCollectionEntitiesBatch";
-async function handler$n(plugin, ctx, options) {
+const code$o = "createCollectionEntitiesBatch";
+async function handler$o(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { defaultInput, fixedInput } = options;
-    logger.debug(`Running ${code$n} handler...`, { defaultInput, fixedInput, input });
+    logger.debug(`Running ${code$o} handler...`, { defaultInput, fixedInput, input });
     const { entities } = input;
     if (!lodash.isArray(entities)) {
         throw new Error("input.entities should be an array.");
@@ -5041,16 +5065,16 @@ async function handler$n(plugin, ctx, options) {
 
 var createCollectionEntitiesBatch = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$n,
-  handler: handler$n
+  code: code$o,
+  handler: handler$o
 });
 
-const code$m = "updateCollectionEntityById";
-async function handler$m(plugin, ctx, options) {
+const code$n = "updateCollectionEntityById";
+async function handler$n(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { defaultInput, fixedInput } = options;
     const mergedInput = mergeInput(defaultInput, input, fixedInput);
-    logger.debug(`Running ${code$m} handler...`, { defaultInput, fixedInput, mergedInput });
+    logger.debug(`Running ${code$n} handler...`, { defaultInput, fixedInput, mergedInput });
     const operation = mergedInput.$operation;
     if (operation) {
         delete mergedInput.$operation;
@@ -5078,15 +5102,15 @@ async function handler$m(plugin, ctx, options) {
 
 var updateCollectionEntityById = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$m,
-  handler: handler$m
+  code: code$n,
+  handler: handler$n
 });
 
-const code$l = "deleteCollectionEntities";
-async function handler$l(plugin, ctx, options) {
+const code$m = "deleteCollectionEntities";
+async function handler$m(plugin, ctx, options) {
     const { logger, server, routerContext } = ctx;
     const input = ctx.input;
-    logger.debug(`Running ${code$l} handler...`);
+    logger.debug(`Running ${code$m} handler...`);
     if (!input.filters || !input.filters.length) {
         throw new Error("Filters are required when deleting entities.");
     }
@@ -5107,14 +5131,14 @@ async function handler$l(plugin, ctx, options) {
 
 var deleteCollectionEntities = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$l,
-  handler: handler$l
+  code: code$m,
+  handler: handler$m
 });
 
-const code$k = "deleteCollectionEntityById";
-async function handler$k(plugin, ctx, options) {
+const code$l = "deleteCollectionEntityById";
+async function handler$l(plugin, ctx, options) {
     const { logger, server, input } = ctx;
-    logger.debug(`Running ${code$k} handler...`);
+    logger.debug(`Running ${code$l} handler...`);
     const entityManager = server.getEntityManager(options.singularCode);
     await entityManager.deleteById({
         id: input.id,
@@ -5126,16 +5150,16 @@ async function handler$k(plugin, ctx, options) {
 
 var deleteCollectionEntityById = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$k,
-  handler: handler$k
+  code: code$l,
+  handler: handler$l
 });
 
-const code$j = "addEntityRelations";
-async function handler$j(plugin, ctx, options) {
+const code$k = "addEntityRelations";
+async function handler$k(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { defaultInput, fixedInput } = options;
     const mergedInput = mergeInput(defaultInput, input, fixedInput);
-    logger.debug(`Running ${code$j} handler...`, { defaultInput, fixedInput, mergedInput });
+    logger.debug(`Running ${code$k} handler...`, { defaultInput, fixedInput, mergedInput });
     const entityManager = server.getEntityManager(options.singularCode);
     mergedInput.routeContext = ctx.routerContext;
     await entityManager.addRelations(mergedInput, plugin);
@@ -5144,16 +5168,16 @@ async function handler$j(plugin, ctx, options) {
 
 var addEntityRelations = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$j,
-  handler: handler$j
+  code: code$k,
+  handler: handler$k
 });
 
-const code$i = "removeEntityRelations";
-async function handler$i(plugin, ctx, options) {
+const code$j = "removeEntityRelations";
+async function handler$j(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { defaultInput, fixedInput } = options;
     const mergedInput = mergeInput(defaultInput, input, fixedInput);
-    logger.debug(`Running ${code$i} handler...`, { defaultInput, fixedInput, mergedInput });
+    logger.debug(`Running ${code$j} handler...`, { defaultInput, fixedInput, mergedInput });
     mergedInput.routeContext = ctx.routerContext;
     const entityManager = server.getEntityManager(options.singularCode);
     await entityManager.removeRelations(mergedInput, plugin);
@@ -5162,16 +5186,16 @@ async function handler$i(plugin, ctx, options) {
 
 var removeEntityRelations = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$i,
-  handler: handler$i
+  code: code$j,
+  handler: handler$j
 });
 
-const code$h = "queryDatabase";
-async function handler$h(plugin, ctx, options) {
+const code$i = "queryDatabase";
+async function handler$i(plugin, ctx, options) {
     const { logger, server, input } = ctx;
     const { sql, querySingle, defaultInput, fixedInput } = options;
     const mergedInput = mergeInput(defaultInput, input, fixedInput);
-    logger.debug(`Running ${code$h} handler...`, { defaultInput, fixedInput, mergedInput });
+    logger.debug(`Running ${code$i} handler...`, { defaultInput, fixedInput, mergedInput });
     const result = await server.queryDatabaseObject(sql, mergedInput);
     if (querySingle) {
         ctx.output = lodash.first(result);
@@ -5183,8 +5207,8 @@ async function handler$h(plugin, ctx, options) {
 
 var queryDatabase = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$h,
-  handler: handler$h
+  code: code$i,
+  handler: handler$i
 });
 
 /**
@@ -5362,17 +5386,17 @@ async function sendSourceResponse(proxyCtx, targetRes) {
     srcRes.body = targetRes.body;
 }
 
-const code$g = "httpProxy";
-async function handler$g(plugin, ctx, options) {
+const code$h = "httpProxy";
+async function handler$h(plugin, ctx, options) {
     const { logger } = ctx;
-    logger.debug(`Running ${code$g} handler...`);
+    logger.debug(`Running ${code$h} handler...`);
     await doProxy(ctx.routerContext, options);
 }
 
 var httpProxy = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$g,
-  handler: handler$g
+  code: code$h,
+  handler: handler$h
 });
 
 /**
@@ -5419,8 +5443,8 @@ class RouteManager {
     }
 }
 
-const code$f = "generateSn";
-async function handler$f(plugin, ctx, options) {
+const code$g = "generateSn";
+async function handler$g(plugin, ctx, options) {
     const { server, routerContext } = ctx;
     const input = ctx.input;
     if (options?.ruleCode) {
@@ -5438,8 +5462,8 @@ async function handler$f(plugin, ctx, options) {
 
 var generateSn$1 = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$f,
-  handler: handler$f
+  code: code$g,
+  handler: handler$g
 });
 
 var pluginActionHandlers$8 = [generateSn$1];
@@ -6018,8 +6042,8 @@ class WebhooksPlugin {
     }
 }
 
-const code$e = "changePassword";
-async function handler$e(plugin, ctx, options) {
+const code$f = "changePassword";
+async function handler$f(plugin, ctx, options) {
     const { server, input, routerContext } = ctx;
     const { id, oldPassword, newPassword } = input;
     const userId = routerContext.state.userId;
@@ -6047,12 +6071,11 @@ async function handler$e(plugin, ctx, options) {
     if (!user) {
         throw new Error("User not found.");
     }
-    const isMatch = await bcrypt__default["default"].compare(oldPassword, user.password);
+    const isMatch = await validatePassword(oldPassword, user.password);
     if (!isMatch) {
         throw new Error("旧密码错误。");
     }
-    const saltRounds = 10;
-    const passwordHash = await bcrypt__default["default"].hash(newPassword, saltRounds);
+    const passwordHash = await generatePasswordHash(newPassword);
     await userDataAccessor.updateById(user.id, {
         password: passwordHash,
     });
@@ -6061,12 +6084,12 @@ async function handler$e(plugin, ctx, options) {
 
 var changePassword$1 = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$e,
-  handler: handler$e
+  code: code$f,
+  handler: handler$f
 });
 
-const code$d = "createSession";
-async function handler$d(plugin, ctx, options) {
+const code$e = "createSession";
+async function handler$e(plugin, ctx, options) {
     const { server, input, routerContext: routeContext, logger } = ctx;
     const { response } = routeContext;
     const { account, password } = input;
@@ -6086,7 +6109,10 @@ async function handler$d(plugin, ctx, options) {
     if (!user) {
         throw new Error("用户名或密码错误。");
     }
-    const isMatch = await bcrypt__default["default"].compare(password, user.password);
+    if (user.state !== "enabled") {
+        throw new Error("用户已被禁用，不允许登录。");
+    }
+    const isMatch = await validatePassword(password, user.password);
     if (!isMatch) {
         throw new Error("用户名或密码错误。");
     }
@@ -6110,12 +6136,12 @@ async function handler$d(plugin, ctx, options) {
 
 var createSession = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$d,
-  handler: handler$d
+  code: code$e,
+  handler: handler$e
 });
 
-const code$c = "deleteSession";
-async function handler$c(plugin, ctx, options) {
+const code$d = "deleteSession";
+async function handler$d(plugin, ctx, options) {
     const { server, input, routerContext } = ctx;
     const { response } = routerContext;
     setCookie(response.headers, {
@@ -6128,12 +6154,12 @@ async function handler$c(plugin, ctx, options) {
 
 var deleteSession = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$c,
-  handler: handler$c
+  code: code$d,
+  handler: handler$d
 });
 
-const code$b = "getMyProfile";
-async function handler$b(plugin, ctx, options) {
+const code$c = "getMyProfile";
+async function handler$c(plugin, ctx, options) {
     const { server, input, routerContext } = ctx;
     const userId = routerContext.state.userId;
     if (!userId) {
@@ -6163,12 +6189,12 @@ async function handler$b(plugin, ctx, options) {
 
 var getMyProfile$2 = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$b,
-  handler: handler$b
+  code: code$c,
+  handler: handler$c
 });
 
-const code$a = "resetPassword";
-async function handler$a(plugin, ctx, options) {
+const code$b = "resetPassword";
+async function handler$b(plugin, ctx, options) {
     const { server, input, routerContext } = ctx;
     const { userId, password } = input;
     const userDataAccessor = server.getDataAccessor({
@@ -6186,8 +6212,7 @@ async function handler$a(plugin, ctx, options) {
     if (!user) {
         throw new Error("User not found.");
     }
-    const saltRounds = 10;
-    const passwordHash = await bcrypt__default["default"].hash(password, saltRounds);
+    const passwordHash = await generatePasswordHash(password);
     await userDataAccessor.updateById(user.id, {
         password: passwordHash,
     });
@@ -6196,8 +6221,8 @@ async function handler$a(plugin, ctx, options) {
 
 var resetPassword$1 = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$a,
-  handler: handler$a
+  code: code$b,
+  handler: handler$b
 });
 
 var pluginActionHandlers$7 = [changePassword$1, createSession, deleteSession, getMyProfile$2, resetPassword$1];
@@ -6420,8 +6445,8 @@ function getFileBaseName(pathname) {
     return path__default["default"].basename(pathname, extName);
 }
 
-const code$9 = "downloadDocument";
-async function handler$9(plugin, ctx, options) {
+const code$a = "downloadDocument";
+async function handler$a(plugin, ctx, options) {
     const { server, applicationConfig, routerContext, input } = ctx;
     const { request, response } = routerContext;
     const documentDataAccessor = ctx.server.getDataAccessor({
@@ -6477,12 +6502,12 @@ async function handler$9(plugin, ctx, options) {
 
 var downloadDocumentActionHandler = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$9,
-  handler: handler$9
+  code: code$a,
+  handler: handler$a
 });
 
-const code$8 = "downloadFile";
-async function handler$8(plugin, ctx, options) {
+const code$9 = "downloadFile";
+async function handler$9(plugin, ctx, options) {
     const { server, applicationConfig, routerContext } = ctx;
     const { request, response } = routerContext;
     //TODO: only public files can download by this handler
@@ -6508,12 +6533,12 @@ async function handler$8(plugin, ctx, options) {
 
 var downloadFileActionHandler = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$8,
-  handler: handler$8
+  code: code$9,
+  handler: handler$9
 });
 
-const code$7 = "uploadFile";
-async function handler$7(plugin, ctx, options) {
+const code$8 = "uploadFile";
+async function handler$8(plugin, ctx, options) {
     const { server, applicationConfig, routerContext, input } = ctx;
     let file = input.file || input.files;
     if (lodash.isArray(file)) {
@@ -6534,8 +6559,8 @@ async function handler$7(plugin, ctx, options) {
 
 var uploadFileActionHandler = /*#__PURE__*/Object.freeze({
   __proto__: null,
-  code: code$7,
-  handler: handler$7
+  code: code$8,
+  handler: handler$8
 });
 
 var getMyProfile = {
@@ -6611,8 +6636,8 @@ class FileManager {
     }
 }
 
-const code$6 = "getLicense";
-async function handler$6(plugin, ctx, options) {
+const code$7 = "getLicense";
+async function handler$7(plugin, ctx, options) {
     const { server, routerContext } = ctx;
     const licenseService = server.getService("licenseService");
     const license = licenseService.getLicense();
@@ -6620,12 +6645,27 @@ async function handler$6(plugin, ctx, options) {
 }
 
 var getLicense$1 = /*#__PURE__*/Object.freeze({
+  __proto__: null,
+  code: code$7,
+  handler: handler$7
+});
+
+const code$6 = "updateLicense";
+async function handler$6(plugin, ctx, options) {
+    const { server, routerContext } = ctx;
+    const input = ctx.input;
+    const licenseService = server.getService("licenseService");
+    const license = await licenseService.updateLicense(input.certText);
+    ctx.output = license;
+}
+
+var updateLicense$1 = /*#__PURE__*/Object.freeze({
   __proto__: null,
   code: code$6,
   handler: handler$6
 });
 
-var pluginActionHandlers$6 = [getLicense$1];
+var pluginActionHandlers$6 = [getLicense$1, updateLicense$1];
 
 var pluginModels$4 = [];
 
@@ -6643,7 +6683,21 @@ var getLicense = {
     ],
 };
 
-var pluginRoutes$5 = [getLicense];
+var updateLicense = {
+    namespace: "svc",
+    name: "svc.updateLicense",
+    code: "svc.updateLicense",
+    type: "RESTful",
+    method: "POST",
+    endpoint: "/svc/license",
+    actions: [
+        {
+            code: "updateLicense",
+        },
+    ],
+};
+
+var pluginRoutes$5 = [getLicense, updateLicense];
 
 function getEncryptionIV(input) {
     const hash = crypto__default["default"].createHash("sha512").update(input).digest("hex");
@@ -6699,12 +6753,9 @@ class LicenseService {
     async loadLicense() {
         const settingService = this.#server.getService("settingService");
         const licenseSettings = await settingService.getSystemSettingValues("license");
-        const { deployId } = licenseSettings;
-        const certText = licenseSettings.cert;
-        const certJSON = Buffer.from(certText, "base64").toString();
-        const cert = JSON.parse(certJSON);
+        const { deployId, cert: certText } = licenseSettings;
         try {
-            const license = extractCertLicense(this.#encryptionKey, deployId, cert);
+            const license = this.parseLicense(deployId, certText);
             this.#license = license;
         }
         catch (error) {
@@ -6715,6 +6766,26 @@ class LicenseService {
     getLicense() {
         return this.#license;
     }
+    parseLicense(deployId, certText) {
+        const certJSON = Buffer.from(certText, "base64").toString();
+        const cert = JSON.parse(certJSON);
+        return extractCertLicense(this.#encryptionKey, deployId, cert);
+    }
+    async updateLicense(certText) {
+        const settingService = this.#server.getService("settingService");
+        const deployId = await settingService.getSystemSettingValue("license", "deployId");
+        let license;
+        try {
+            license = this.parseLicense(deployId, certText);
+        }
+        catch (error) {
+            this.#server.getLogger().error("Parse license failed.", error);
+            throw new Error("Parse license failed.");
+        }
+        await settingService.setSystemSettingValue("license", "cert", certText);
+        this.#license = license;
+        return license;
+    }
     isExpired() {
         if (!this.#license) {
             return true;
@@ -8316,6 +8387,7 @@ exports.bootstrapApplicationConfig = bootstrapApplicationConfig$1;
 exports.createJwt = createJwt;
 exports.decodeJwt = decodeJwt;
 exports.generateJwtSecretKey = generateJwtSecretKey;
+exports.generatePasswordHash = generatePasswordHash;
 exports.getEntityRelationTargetId = getEntityRelationTargetId;
 exports.getNowString = getNowString;
 exports.getNowStringWithTimezone = getNowStringWithTimezone;
@@ -8323,4 +8395,5 @@ exports.isAccessAllowed = isAccessAllowed;
 exports.mapDbRowToEntity = mapDbRowToEntity;
 exports.tryValidateLicense = tryValidateLicense;
 exports.validateLicense = validateLicense;
+exports.validatePassword = validatePassword;
 exports.verifyJwt = verifyJwt;

package/dist/plugins/license/LicenseService.d.ts

@@ -15,6 +15,8 @@ export default class LicenseService {
     constructor(server: IRpdServer, encryptionKey: string);
     loadLicense(): Promise<void>;
     getLicense(): RpdLicense;
+    parseLicense(deployId: string, certText: string): RpdLicense;
+    updateLicense(certText: string): Promise<RpdLicense>;
     isExpired(): boolean;
     getQuota(name: string): any;
     isOutOfQuota(name: string, currentAmount: number): boolean;

package/dist/plugins/license/actionHandlers/index.d.ts

@@ -1,3 +1,4 @@
 import * as getLicense from "./getLicense";
-declare const _default: (typeof getLicense)[];
+import * as updateLicense from "./updateLicense";
+declare const _default: (typeof getLicense | typeof updateLicense)[];
 export default _default;

package/dist/plugins/license/actionHandlers/updateLicense.d.ts

@@ -0,0 +1,9 @@
+import { ActionHandlerContext } from "../../../core/actionHandler";
+import { RapidPlugin } from "../../../core/server";
+export interface UpdateLicenseOptions {
+}
+export interface UpdateLicenseInput {
+    certText: string;
+}
+export declare const code = "updateLicense";
+export declare function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, options: UpdateLicenseOptions): Promise<void>;

package/dist/plugins/license/routes/index.d.ts

@@ -1,4 +1,4 @@
-declare const _default: {
+declare const _default: ({
     namespace: string;
     name: string;
     code: string;
@@ -8,5 +8,15 @@ declare const _default: {
     actions: {
         code: string;
     }[];
-}[];
+} | {
+    namespace: string;
+    name: string;
+    code: string;
+    type: "RESTful";
+    method: "POST";
+    endpoint: string;
+    actions: {
+        code: string;
+    }[];
+})[];
 export default _default;

package/dist/plugins/license/routes/updateLicense.d.ts

@@ -0,0 +1,12 @@
+declare const _default: {
+    namespace: string;
+    name: string;
+    code: string;
+    type: "RESTful";
+    method: "POST";
+    endpoint: string;
+    actions: {
+        code: string;
+    }[];
+};
+export default _default;

package/dist/utilities/passwordUtility.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+export declare function generatePasswordHash(password: string, salt?: number | string): Promise<string>;
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+export declare function validatePassword(password: string, passwordHash: string): Promise<boolean>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ruiapp/rapid-core",
-  "version": "0.3.5",
+  "version": "0.3.7",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -19,7 +19,7 @@
     "typescript": "^4.8.4"
   },
   "dependencies": {
-    "bcrypt": "^5.1.1",
+    "bcryptjs": "^3.0.2",
     "cron": "^3.1.7",
     "dayjs": "^1.11.7",
     "jsonwebtoken": "^9.0.2",

package/src/index.ts

@@ -14,6 +14,7 @@ export * from "./utilities/accessControlUtility";
 export * from "./utilities/entityUtility";
 export * from "./utilities/jwtUtility";
 export * from "./utilities/timeUtility";
+export * from "./utilities/passwordUtility";
 
 export * from "./helpers/licenseHelper";
 

package/src/plugins/auth/actionHandlers/changePassword.ts

@@ -1,6 +1,6 @@
-import bcrypt from "bcrypt";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
+import { generatePasswordHash, validatePassword } from "~/utilities/passwordUtility";
 
 export const code = "changePassword";
 
@@ -38,13 +38,12 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("User not found.");
   }
 
-  const isMatch = await bcrypt.compare(oldPassword, user.password);
+  const isMatch = await validatePassword(oldPassword, user.password);
   if (!isMatch) {
     throw new Error("旧密码错误。");
   }
 
-  const saltRounds = 10;
-  const passwordHash = await bcrypt.hash(newPassword, saltRounds);
+  const passwordHash = await generatePasswordHash(newPassword);
 
   await userDataAccessor.updateById(user.id, {
     password: passwordHash,

package/src/plugins/auth/actionHandlers/createSession.ts

@@ -1,9 +1,9 @@
-import bcrypt from "bcrypt";
 import { setCookie } from "~/deno-std/http/cookie";
 import { createJwt } from "~/utilities/jwtUtility";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
 import { validateLicense } from "~/helpers/licenseHelper";
+import { validatePassword } from "~/utilities/passwordUtility";
 
 export interface UserAccessToken {
   sub: "userAccessToken";
@@ -37,7 +37,11 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("用户名或密码错误。");
   }
 
-  const isMatch = await bcrypt.compare(password, user.password);
+  if (user.state !== "enabled") {
+    throw new Error("用户已被禁用，不允许登录。");
+  }
+
+  const isMatch = await validatePassword(password, user.password);
   if (!isMatch) {
     throw new Error("用户名或密码错误。");
   }

package/src/plugins/auth/actionHandlers/resetPassword.ts

@@ -1,6 +1,6 @@
-import bcrypt from "bcrypt";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
+import { generatePasswordHash } from "~/utilities/passwordUtility";
 
 export const code = "resetPassword";
 
@@ -27,8 +27,7 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("User not found.");
   }
 
-  const saltRounds = 10;
-  const passwordHash = await bcrypt.hash(password, saltRounds);
+  const passwordHash = await generatePasswordHash(password);
 
   await userDataAccessor.updateById(user.id, {
     password: passwordHash,

package/src/plugins/license/LicenseService.ts

@@ -37,13 +37,10 @@ export default class LicenseService {
   async loadLicense(): Promise<void> {
     const settingService = this.#server.getService<SettingService>("settingService");
     const licenseSettings = await settingService.getSystemSettingValues("license");
-    const { deployId } = licenseSettings as LicenseSettings;
-    const certText = licenseSettings.cert;
-    const certJSON = Buffer.from(certText, "base64").toString();
-    const cert: RpdCert = JSON.parse(certJSON);
+    const { deployId, cert: certText } = licenseSettings as LicenseSettings;
 
     try {
-      const license = extractCertLicense(this.#encryptionKey, deployId, cert);
+      const license = this.parseLicense(deployId, certText);
       this.#license = license;
     } catch (error) {
       this.#server.getLogger().error("Loading license failed.", error);
@@ -55,6 +52,29 @@ export default class LicenseService {
     return this.#license;
   }
 
+  parseLicense(deployId: string, certText: string): RpdLicense {
+    const certJSON = Buffer.from(certText, "base64").toString();
+    const cert: RpdCert = JSON.parse(certJSON);
+    return extractCertLicense(this.#encryptionKey, deployId, cert);
+  }
+
+  async updateLicense(certText: string) {
+    const settingService = this.#server.getService<SettingService>("settingService");
+    const deployId: string = await settingService.getSystemSettingValue("license", "deployId");
+
+    let license: RpdLicense;
+    try {
+      license = this.parseLicense(deployId, certText);
+    } catch (error) {
+      this.#server.getLogger().error("Parse license failed.", error);
+      throw new Error("Parse license failed.");
+    }
+
+    await settingService.setSystemSettingValue("license", "cert", certText);
+    this.#license = license;
+    return license;
+  }
+
   isExpired() {
     if (!this.#license) {
       return true;

package/src/plugins/license/actionHandlers/index.ts

@@ -1,4 +1,5 @@
 import { IPluginActionHandler } from "~/core/actionHandler";
 import * as getLicense from "./getLicense";
+import * as updateLicense from "./updateLicense";
 
-export default [getLicense] satisfies IPluginActionHandler[];
+export default [getLicense, updateLicense] satisfies IPluginActionHandler[];

package/src/plugins/license/actionHandlers/updateLicense.ts

@@ -0,0 +1,24 @@
+import { ActionHandlerContext } from "~/core/actionHandler";
+import { RapidPlugin } from "~/core/server";
+import LicenseService from "../LicenseService";
+
+export interface UpdateLicenseOptions {}
+
+export interface UpdateLicenseInput {
+  certText: string;
+}
+
+export const code = "updateLicense";
+
+export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, options: UpdateLicenseOptions) {
+  const { server, routerContext } = ctx;
+  const { response } = routerContext;
+
+  const input: UpdateLicenseInput = ctx.input;
+
+  const licenseService = server.getService<LicenseService>("licenseService");
+
+  const license = await licenseService.updateLicense(input.certText);
+
+  ctx.output = license;
+}

package/src/plugins/license/routes/index.ts

@@ -1,3 +1,4 @@
 import getLicense from "./getLicense";
+import updateLicense from "./updateLicense";
 
-export default [getLicense];
+export default [getLicense, updateLicense];

package/src/plugins/license/routes/updateLicense.ts

@@ -0,0 +1,15 @@
+import { RpdRoute } from "~/types";
+
+export default {
+  namespace: "svc",
+  name: "svc.updateLicense",
+  code: "svc.updateLicense",
+  type: "RESTful",
+  method: "POST",
+  endpoint: "/svc/license",
+  actions: [
+    {
+      code: "updateLicense",
+    },
+  ],
+} satisfies RpdRoute;

package/src/utilities/passwordUtility.ts

@@ -0,0 +1,26 @@
+import bcrypt from "bcryptjs";
+
+/**
+ * Generates password hash.
+ * @param password
+ * @param salt
+ * @returns
+ */
+export async function generatePasswordHash(password: string, salt?: number | string): Promise<string> {
+  if (!salt) {
+    salt = 10;
+  }
+  const passwordHash = await bcrypt.hash(password, salt);
+  return passwordHash;
+}
+
+/**
+ * Validates the password against the hash.
+ * @param password
+ * @param passwordHash
+ * @returns
+ */
+export async function validatePassword(password: string, passwordHash: string): Promise<boolean> {
+  const isMatch = await bcrypt.compare(password, passwordHash);
+  return isMatch;
+}