@whyour/qinglong 2.21.0-3 → 2.21.0-4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@whyour/qinglong",
3
3
  "packageManager": "pnpm@8.3.1",
4
- "version": "2.21.0-3",
4
+ "version": "2.21.0-4",
5
5
  "description": "Timed task management platform supporting Python3, JavaScript, Shell, Typescript",
6
6
  "repository": {
7
7
  "type": "git",
@@ -78,14 +78,22 @@ exports.default = ({ app }) => {
78
78
  const currentToken = doc.tokens.find((x) => x.value === headerToken);
79
79
  const keyMatch = pathLower.match(/\/open\/([a-z]+)\/*/);
80
80
  const key = keyMatch && keyMatch[1];
81
- if (doc.scopes.includes(key) &&
82
- currentToken &&
83
- currentToken.expiration >= Math.round(Date.now() / 1000)) {
84
- return next();
81
+ if (!doc.scopes.includes(key)) {
82
+ const err = new express_jwt_1.UnauthorizedError('credentials_bad_scheme', {
83
+ message: (0, i18n_1.t)('暂无权限'),
84
+ });
85
+ return next(err);
85
86
  }
87
+ if (!currentToken || currentToken.expiration < Math.round(Date.now() / 1000)) {
88
+ const err = new express_jwt_1.UnauthorizedError('invalid_token', {
89
+ message: (0, i18n_1.t)('Token 已失效'),
90
+ });
91
+ return next(err);
92
+ }
93
+ return next();
86
94
  }
87
95
  }
88
- const originPath = `${req.baseUrl}${req.path === '/' ? '' : req.path}`;
96
+ const originPath = `${req.baseUrl}${pathLower === '/' ? '' : pathLower}`;
89
97
  if (!headerToken &&
90
98
  originPath &&
91
99
  config_1.default.apiWhiteList.includes(originPath)) {
@@ -97,8 +105,8 @@ exports.default = ({ app }) => {
97
105
  }
98
106
  const errorCode = headerToken ? 'invalid_token' : 'credentials_required';
99
107
  const errorMessage = headerToken
100
- ? 'jwt malformed'
101
- : 'No authorization token was found';
108
+ ? (0, i18n_1.t)('Token 已失效')
109
+ : (0, i18n_1.t)('请先登录');
102
110
  const err = new express_jwt_1.UnauthorizedError(errorCode, { message: errorMessage });
103
111
  next(err);
104
112
  });
@@ -109,7 +117,7 @@ exports.default = ({ app }) => {
109
117
  '/api/user/notification/init',
110
118
  '/open/user/init',
111
119
  '/open/user/notification/init',
112
- ].includes(req.path)) {
120
+ ].includes(pathLower)) {
113
121
  return next();
114
122
  }
115
123
  const authInfo = (await store_1.shareStore.getAuthInfo()) || {};
@@ -84,7 +84,7 @@ const messages = {
84
84
  'wxPusher 服务的 TopicIds 和 Uids 至少配置一个才行': 'wxPusher requires at least one of TopicIds or Uids',
85
85
  'Url 或者 Body 中必须包含 $title': 'Url or Body must contain $title',
86
86
  '绝对路径必须在日志目录内或使用 /dev/null': 'Absolute path must be within log directory or use /dev/null',
87
- '请先登录!': 'Please login first!',
87
+ '请先登录': 'Please login first',
88
88
  '运行中...': 'Running...',
89
89
  '日志不存在...': 'Log does not exist...',
90
90
  '未分类': 'Uncategorized',