abler-api 1.0.80 → 1.0.81
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/pp-util.js +26 -8
- package/package.json +2 -2
package/dist/cjs/pp-util.js
CHANGED
|
@@ -1623,7 +1623,7 @@ class apiUtil$2 {
|
|
|
1623
1623
|
return apiUtil$2.apiFail(e, req);
|
|
1624
1624
|
}
|
|
1625
1625
|
}
|
|
1626
|
-
static async
|
|
1626
|
+
static async restoreOrLoadAppInfo(apiKey, req) {
|
|
1627
1627
|
let appInfo = await apiUtil$2.restoreObj(`${this.appAsPrefix}App_${apiKey}`, appSetting.tokenExpireTime);
|
|
1628
1628
|
if (!appInfo) {
|
|
1629
1629
|
appInfo = await dbUtil.dbQueryOneAndUnstringify(conf$2.dbSql.APP_QUERY, {
|
|
@@ -1631,7 +1631,7 @@ class apiUtil$2 {
|
|
|
1631
1631
|
}, "exData");
|
|
1632
1632
|
if (appInfo) {
|
|
1633
1633
|
// await generateCek(appInfo);
|
|
1634
|
-
await kvStorage.storeObj(
|
|
1634
|
+
await kvStorage.storeObj(`${this.appAsPrefix}App_${apiKey}`, appInfo, appSetting.tokenExpireTime);
|
|
1635
1635
|
}
|
|
1636
1636
|
}
|
|
1637
1637
|
// if (appInfo && !appInfo.cek && appSetting.e2eEncryptionNeeded) {
|
|
@@ -1653,7 +1653,7 @@ class apiUtil$2 {
|
|
|
1653
1653
|
encryptedContent: ''
|
|
1654
1654
|
}
|
|
1655
1655
|
};
|
|
1656
|
-
const appInfo = await this.
|
|
1656
|
+
const appInfo = await this.restoreOrLoadAppInfo(params.apiKey, options._res.req);
|
|
1657
1657
|
if (!appInfo) {
|
|
1658
1658
|
throw [errCfg.ACCESS_REFUSED, t_f$2("apiKey (%s) 无效", params.apiKey)];
|
|
1659
1659
|
}
|
|
@@ -1702,16 +1702,34 @@ class apiUtil$2 {
|
|
|
1702
1702
|
}
|
|
1703
1703
|
static async reqAppInfoNeeded(req) {
|
|
1704
1704
|
if (!req.appInfo) {
|
|
1705
|
-
|
|
1706
|
-
|
|
1707
|
-
throw [errCfg.ACCESS_REFUSED, t("必须在请求头中设置api-key")];
|
|
1708
|
-
}
|
|
1709
|
-
req.appInfo = await this.restoreAppInfo(apiKey, req);
|
|
1705
|
+
const apiKey = this.extractApiKey(req);
|
|
1706
|
+
req.appInfo = await this.restoreOrLoadAppInfo(apiKey, req);
|
|
1710
1707
|
if (!req.appInfo) {
|
|
1711
1708
|
throw [errCfg.ACCESS_REFUSED, t_f$2("api-key (%s) 无效", apiKey)];
|
|
1712
1709
|
}
|
|
1713
1710
|
}
|
|
1714
1711
|
}
|
|
1712
|
+
static extractApiKey(req, noErr) {
|
|
1713
|
+
if (!req.apiKey) {
|
|
1714
|
+
let apiKey = req.headers['x-api-key'] || req.headers['api-key'] || req.leInfo?.apiKey || req.userInfo?.apiKey;
|
|
1715
|
+
if (!apiKey) {
|
|
1716
|
+
if (noErr) return;
|
|
1717
|
+
throw [errCfg.ACCESS_REFUSED, t_f$2("必须在请求头中设置api-key")];
|
|
1718
|
+
}
|
|
1719
|
+
|
|
1720
|
+
// 不能用IP作为客户端主机识别,因为一台主机常常会有多个IP,而每次请求的IP可能会发生变化
|
|
1721
|
+
// 用户在 apiKey 加后缀 @xx 来区分同一ApiKey的不同客户端(服务器主机/进程),或者在请求头中增加 x-api-client-id 来设置客户端标识
|
|
1722
|
+
if (apiKey.includes("@")) {
|
|
1723
|
+
const two = apiKey.split("@");
|
|
1724
|
+
apiKey = two[0];
|
|
1725
|
+
req.apiClientId = two[1];
|
|
1726
|
+
} else {
|
|
1727
|
+
req.apiClientId = req.headers['x-api-client-id'] || req.headers['api-client-id'];
|
|
1728
|
+
}
|
|
1729
|
+
req.apiKey = apiKey;
|
|
1730
|
+
}
|
|
1731
|
+
return req.apiKey;
|
|
1732
|
+
}
|
|
1715
1733
|
static async verifyApiSignature(req) {
|
|
1716
1734
|
if (req.appInfo) {
|
|
1717
1735
|
return true;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "abler-api",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.81",
|
|
4
4
|
"description": "API服务相关工具",
|
|
5
5
|
"main": "./dist/cjs/pp-util.js",
|
|
6
6
|
"-module": "./dist/es/pp-util.js",
|
|
@@ -23,5 +23,5 @@
|
|
|
23
23
|
"basic-auth": "^2.0.1",
|
|
24
24
|
"node-cron": "^3.0.1"
|
|
25
25
|
},
|
|
26
|
-
"gitHead": "
|
|
26
|
+
"gitHead": "aa1ffa76c3eedf9ec6b343d5b32518a86f7bdfaf"
|
|
27
27
|
}
|