free-be-account 0.0.23 → 0.0.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +12 -12
- package/package.json +1 -1
- package/routers/mgmt/route.js +5 -1
package/index.js
CHANGED
|
@@ -466,10 +466,8 @@ module.exports = (app) => ({
|
|
|
466
466
|
let user;
|
|
467
467
|
|
|
468
468
|
// 用来做第三方集成身份认证的字段
|
|
469
|
-
let userid = req.body.UserId || req.header('UserId');
|
|
470
469
|
let appid = req.body.AppId || req.header('AppId');
|
|
471
470
|
let ts = req.body.Timestamp || req.header('Timestamp');
|
|
472
|
-
// md5(JSON.stringify({Timestamp:xxx, UserId: xxx, UserSecret:xxx }))
|
|
473
471
|
let sign = req.body.Sign || req.header('Sign');
|
|
474
472
|
|
|
475
473
|
if (cacheData.type === 'wx') {
|
|
@@ -478,22 +476,25 @@ module.exports = (app) => ({
|
|
|
478
476
|
} else if (cacheData.type === 'pwd') {
|
|
479
477
|
// login with username/email/phone and password
|
|
480
478
|
user = await req.app.models['account'].findOne({ id, Enabled: true, Deleted: false });
|
|
481
|
-
} else if (
|
|
479
|
+
} else if (appid && sign && ts) {
|
|
482
480
|
// 第三方系统集成
|
|
483
|
-
const tmpUser = await req.app.models['account'].findOne({ id:
|
|
481
|
+
const tmpUser = await req.app.models['account'].findOne({ id: appid, Enabled: true, Deleted: false });
|
|
484
482
|
|
|
485
483
|
if (!tmpUser) {
|
|
486
484
|
return false;
|
|
487
485
|
}
|
|
488
486
|
|
|
489
|
-
const tmpSign = crypto.MD5(
|
|
490
|
-
Timestamp: ts,
|
|
491
|
-
UserId: userid,
|
|
492
|
-
UserSecret: tmpUser.Secret
|
|
493
|
-
}));
|
|
487
|
+
const tmpSign = crypto.MD5(`${appid}${ts}${tmpUser.Secret}`);
|
|
494
488
|
|
|
495
489
|
if (tmpSign !== sign) {
|
|
496
|
-
req.app.logger.debug('user: ' +
|
|
490
|
+
req.app.logger.debug('user: ' + appid + ',sign: ' + sign + ',ts:' + ts + ',realSign: ' + tmpSign);
|
|
491
|
+
return false;
|
|
492
|
+
}
|
|
493
|
+
|
|
494
|
+
// 请求时间不能超过5分钟,且不能比当前时间大于10秒钟
|
|
495
|
+
const now = Date.now();
|
|
496
|
+
if (((now - ts) > 5 * 60 * 1000 )|| ((ts - now) > 10 * 1000)) {
|
|
497
|
+
req.app.logger.debug('user: ' + appid + ',sign: ' + sign + ',ts:' + ts + ',now: ' + now);
|
|
497
498
|
return false;
|
|
498
499
|
}
|
|
499
500
|
|
|
@@ -510,8 +511,7 @@ module.exports = (app) => ({
|
|
|
510
511
|
// 更新时间戳
|
|
511
512
|
tmpUser.LastCallTimestamp = ts;
|
|
512
513
|
await tmpUser.save();
|
|
513
|
-
}
|
|
514
|
-
else {
|
|
514
|
+
} else {
|
|
515
515
|
return false;
|
|
516
516
|
}
|
|
517
517
|
|
package/package.json
CHANGED
package/routers/mgmt/route.js
CHANGED
|
@@ -113,7 +113,8 @@ router.get('/:id',
|
|
|
113
113
|
'Org',
|
|
114
114
|
'Status',
|
|
115
115
|
'Permission',
|
|
116
|
-
'Labels'
|
|
116
|
+
'Labels',
|
|
117
|
+
'Secret',
|
|
117
118
|
];
|
|
118
119
|
|
|
119
120
|
return next();
|
|
@@ -207,6 +208,9 @@ router.post('/',
|
|
|
207
208
|
req.body.Password = encryptPwd(password, router.mdl.config.pwdEncryptMethod || 'md5');
|
|
208
209
|
}
|
|
209
210
|
|
|
211
|
+
// 随机生成appKey
|
|
212
|
+
req.body.Secret = crypto.randomPassword(32);
|
|
213
|
+
|
|
210
214
|
return next();
|
|
211
215
|
},
|
|
212
216
|
router.CreateDocument('account')
|