q-koa 13.4.3 → 13.4.5

package/core/app.js

@@ -222,6 +222,7 @@ class APP {
         this.app[appName].sign = async (user) => {
           const result = await jwt.sign(user, secret, {
             expiresIn,
+            algorithm: 'HS256',
           })
           return result
         }
@@ -248,7 +249,9 @@ class APP {
       }
 
       try {
-        const { user } = await verify(token, secret)
+        const { user } = await verify(token, secret, {
+          algorithms: ['HS256'],
+        })
         if (user) {
           if (this.config.log.request) {
             console.log('user id ---> ', appName, '--->', user.id, user.name)
@@ -893,15 +896,11 @@ class APP {
         const modelService = cloneTarget[b]
         const newB = Object.keys(modelService).reduce((_a, _b) => {
           const bindFn = modelService[_b].bind(this.app[appName])
-          return {
-            ..._a,
-            [_b]: bindFn,
-          }
+          _a[_b] = bindFn
+          return _a
         }, {})
-        return {
-          ...a,
-          [b]: newB,
-        }
+        a[b] = newB
+        return a
       }, {})
     }
 
@@ -914,10 +913,8 @@ class APP {
     const modelList = Object.keys(this.app[appName].model)
 
     const include = modelList.reduce((a, b) => {
-      return {
-        ...a,
-        [b]: [],
-      }
+      a[b] = []
+      return a
     }, {})
     this.app[appName] = _.defaultsDeep(
       {
@@ -1308,10 +1305,18 @@ class APP {
                 typeof where.id === 'string' &&
                 where.id.includes('/')
               ) {
+                const arr = where.id.split('?')
+
+                let obj = {}
+                if (arr[1] && arr[1].includes('id=')) {
+                  obj = {
+                    id: JSON.parse(arr[1].split('=')[1]),
+                  }
+                }
                 const _result = await _.get(
                   app[appName].controller,
-                  where.id.replace('/', '.')
-                )(ctx)
+                  arr[0].replace('/', '.')
+                )(ctx, obj)
                 where.id = _result
               }
 

package/core/file/plugins/common/controller.js

@@ -431,12 +431,17 @@ exports.syncModel = async (ctx) => {
   ctx.SUCCESS('ok')
 }
 
-exports.verify = async (ctx) => {
+exports.verify = async (ctx, _data) => {
   const { app, appName } = getAppByCtx(ctx)
-  const { code } = ctx.request.body
+  const { code } = _data || ctx.request.body
+  if (!code) {
+    ctx.SUCCESS(null)
+    return null
+  }
   const verify = util.promisify(jwt.verify)
   const result = await verify(code, 'token')
   ctx.SUCCESS(result)
+  return result
 }
 
 const expressFn = async ({ app, express_number: _express_number, mobile }) => {

package/core/file/plugins/log/controller.js

@@ -33,11 +33,12 @@ exports.clearWeixin = async (ctx) => {
 exports.push = async (ctx) => {
   const { app, appName } = getAppByCtx(ctx)
 
-  const { message = '测试通知' } = ctx.request.body
+  const { message = '测试通知', url } = ctx.request.body
 
   await app.service.log.push({
     app,
     message,
+    url,
   })
 
   ctx.SUCCESS('ok')

package/core/file/plugins/permission/config.js

@@ -4,7 +4,11 @@ module.exports = {
   multiple: false,
   availableSort: false,
   order: [],
-  select: [],
+  select: [
+    {
+      key: 'controller',
+    },
+  ],
   excludes: [],
   limit: 20,
   defaultOrder: [],
@@ -12,4 +16,4 @@ module.exports = {
   sortOrder: 1,
   reference: [],
   excludeAuth: [],
-};
+}

package/core/file/plugins/system/controller.js

@@ -78,13 +78,13 @@ exports.countAndMaxId = async (ctx, _data) => {
     ctx.SUCCESS(null)
     return null
   }
-  const count = await app.model[model].count()
-  const current = await app.model[model].findOne({
-    attributes: ['id', 'created_at'],
-    order: [['id', 'DESC']],
-  })
 
-  const current_max_id = current ? current.id : 0
+  const result = await app.sequelize.query(
+    `select * from INFORMATION_SCHEMA.TABLES where TABLE_SCHEMA = '${app.sequelize.config.database}' and TABLE_NAME = '${model}'`
+  )
+  const count = result[0][0].TABLE_ROWS
+
+  const current_max_id = result[0][0].AUTO_INCREMENT
 
   const lastMonth = await app.model[model].findOne({
     attributes: ['id'],
@@ -933,6 +933,40 @@ exports.checkIndex = async (ctx) => {
   }
 }
 
+exports.checkAttribute = async (ctx) => {
+  const { app, appName } = getAppByCtx(ctx)
+  const { model } = ctx.request.body
+
+  if (!model) return ctx.ERROR('model不能为空')
+
+  const result = await app.sequelize.getQueryInterface().describeTable(model)
+
+  const attributeList = Object.keys(result).filter(
+    (item) => !['id', 'created_at', 'createdid', 'updated_at'].includes(item)
+  )
+
+  const currentAttributeList = Object.keys(app.attributes[model]).filter(
+    (item) => {
+      return app.attributes[model][item].type !== Sequelize.VIRTUAL
+    }
+  )
+
+  let flag = true
+  if (attributeList.length !== currentAttributeList.length) {
+    flag = false
+  }
+
+  const current = attributeList.filter(
+    (item) => !currentAttributeList.includes(item)
+  )
+
+  ctx.SUCCESS({
+    isSame: flag,
+    current,
+    remote: [],
+  })
+}
+
 exports.dropIndex = async (ctx) => {
   const { app, appName } = getAppByCtx(ctx)
   const { model, key } = ctx.request.body

package/core/file/plugins/user/controller.js

@@ -342,14 +342,18 @@ exports.checkLogin = async (ctx) => {
     const mp_user_include = config.includes('mp')
       ? {
           model: app.model.mp_user,
+          attributes: ['openid', 'unionid'],
           where: {
             appid,
           },
         }
       : {
           model: app.model.mp_user,
+          attributes: ['openid', 'unionid'],
         }
+
     let result
+
     const includeDefault = [
       {
         model: app.model.github_user,
@@ -364,6 +368,7 @@ exports.checkLogin = async (ctx) => {
 
     if (app.appConfig.loginData) {
       const application = await getAppConfig({ app, config })
+
       const loginData = lodash.mergeWith(
         lodash.cloneDeep(app.appConfig.loginData),
         lodash.get(application, 'loginData', {}),
@@ -390,6 +395,7 @@ exports.checkLogin = async (ctx) => {
           ])
         ),
       }
+
       result = await app.model.user.findOne({
         where: {
           id: ctx.request[`${appName}-user`].id,

package/core/file/plugins/weixin/controller.js

@@ -94,8 +94,17 @@ exports.mp_getPhone = async (ctx) => {
     (!exist.mp_user.appid || exist.mp_user.appid === app_id)
 
   if (mobileExist) {
-    app.service.log.push({ app, message: `系统已存在该手机号${phoneNumber}` })
-    return ctx.ERROR('系统已存在该手机号')
+    const formatMobile = (mobile) => {
+      if (!mobile) return ''
+      return mobile.slice(0, 3) + '*****' + mobile.slice(8, mobile.length)
+    }
+
+    const user_id = getUserByCtx(ctx)
+    app.service.log.push({
+      app,
+      message: `系统已存在该手机号${phoneNumber};${user_id}`,
+    })
+    return ctx.ERROR(`系统已存在该手机号`)
   }
 
   const userResult = await app.model.mp_user.findOne({
@@ -1043,6 +1052,7 @@ exports.mp_pay = async (ctx) => {
     config = 'weixin_mp',
     pay_config = 'weixin_pay',
     profit_sharing = 'N',
+    mch_id = '',
   } = ctx.request.body
   if (price === 0) throw new Error('价格不能为0')
 
@@ -1066,7 +1076,7 @@ exports.mp_pay = async (ctx) => {
     key,
     pay_key: _pay_key,
     partner_key,
-  } = await appConfig.getObject(pay_config)
+  } = await appConfig.getObject(mch_id || pay_config)
 
   const pay_key = _pay_key || key || appName
   const { is_dev, site_host } = await appConfig.getObject('base')
@@ -1078,7 +1088,7 @@ exports.mp_pay = async (ctx) => {
 
   const wxpay = WXPay({
     appid: app_id,
-    mch_id: mchId,
+    mch_id: mchId || mch_id,
     partner_key, // 微信商户平台API密钥
   })
 
@@ -1675,6 +1685,7 @@ exports.checkPayOnly = async (ctx, _data) => {
   })
 
   ctx.SUCCESS({ prefix, out_trade_no, ...payResult })
+  return { prefix, out_trade_no, ...payResult }
 }
 
 exports.checkRefund = async (ctx, _data) => {

package/core/file/plugins/weixin/service.js

@@ -866,6 +866,60 @@ exports.removereceiver = async ({
   return res
 }
 
+const handleBillData = (result) => {
+  const arr = result.split('\r\n')
+  const list = arr.slice(1, arr.length - 3)
+  return {
+    header: arr[0],
+    list,
+    result: list.map((item) => {
+      const array = item.split(',')
+      const orderdate = array[20].substring(1).slice(2, 10)
+      const orderPrefix = array[6].substring(1).split('_')[1]
+      let order_id = 0
+      let prefix = ''
+      if (orderPrefix.includes('-')) {
+        order_id = Number(orderPrefix.split('-')[1])
+        prefix = orderPrefix.split('-')[0]
+      } else {
+        order_id = Number(orderPrefix)
+      }
+      let order_date
+      if (prefix) {
+        order_date = moment(array[0].substring(1)).format('YYYY-MM-DD') + ''
+      } else {
+        order_date = moment(
+          `${orderdate.slice(0, 4)}-${orderdate.slice(4, 6)}-${orderdate.slice(
+            6,
+            8
+          )}`
+        ).format('YYYY-MM-DD')
+      }
+      return {
+        created_at: array[0].substring(1),
+        transactionid: array[5].substring(1),
+        [`${[prefix, 'order_id'].filter(Boolean).join('_')}`]: order_id,
+        openid: array[7].substring(1),
+        price: Number(array[12].substring(1)),
+        refund_price: Number(array[16].substring(1)),
+        remark: array[20].substring(1),
+        rate_price: Number(array[22].substring(1)),
+        type: array[9].substring(1),
+        order_date,
+      }
+    }),
+    totalHeader: arr[arr.length - 3],
+    total: arr[arr.length - 2],
+    totalResult: {
+      number: Number(arr[arr.length - 2].split(',')[0].substring(1)),
+      total_price: Number(arr[arr.length - 2].split(',')[1].substring(1)),
+      refund_price: Number(arr[arr.length - 2].split(',')[2].substring(1)),
+      rate_price: Number(arr[arr.length - 2].split(',')[4].substring(1)),
+      price: Number(arr[arr.length - 2].split(',')[5].substring(1)),
+    },
+  }
+}
+
 exports.downloadBill = async ({ ctx, pay_config = 'weixin_pay', ...rest }) => {
   if (!ctx) throw new Error('?ctx')
   const { app, appName } = getAppByCtx(ctx)
@@ -887,58 +941,17 @@ exports.downloadBill = async ({ ctx, pay_config = 'weixin_pay', ...rest }) => {
 
   try {
     const result = await payObj.downloadBill(rest)
+    return handleBillData(result)
+  } catch {
+    return []
+  }
+}
 
-    const arr = result.split('\r\n')
-    const list = arr.slice(1, arr.length - 3)
-    return {
-      header: arr[0],
-      list,
-      result: list.map((item) => {
-        const array = item.split(',')
-        const orderdate = array[20].substring(1).slice(2, 10)
-        const orderPrefix = array[6].substring(1).split('_')[1]
-        let order_id = 0
-        let prefix = ''
-        if (orderPrefix.includes('-')) {
-          order_id = Number(orderPrefix.split('-')[1])
-          prefix = orderPrefix.split('-')[0]
-        } else {
-          order_id = Number(orderPrefix)
-        }
-        let order_date
-        if (prefix) {
-          order_date = moment(array[0].substring(1)).format('YYYY-MM-DD') + ''
-        } else {
-          order_date = moment(
-            `${orderdate.slice(0, 4)}-${orderdate.slice(
-              4,
-              6
-            )}-${orderdate.slice(6, 8)}`
-          ).format('YYYY-MM-DD')
-        }
-        return {
-          created_at: array[0].substring(1),
-          transactionid: array[5].substring(1),
-          [`${[prefix, 'order_id'].filter(Boolean).join('_')}`]: order_id,
-          openid: array[7].substring(1),
-          price: Number(array[12].substring(1)),
-          refund_price: Number(array[16].substring(1)),
-          remark: array[20].substring(1),
-          rate_price: Number(array[22].substring(1)),
-          type: array[9].substring(1),
-          order_date,
-        }
-      }),
-      totalHeader: arr[arr.length - 3],
-      total: arr[arr.length - 2],
-      totalResult: {
-        number: Number(arr[arr.length - 2].split(',')[0].substring(1)),
-        total_price: Number(arr[arr.length - 2].split(',')[1].substring(1)),
-        refund_price: Number(arr[arr.length - 2].split(',')[2].substring(1)),
-        rate_price: Number(arr[arr.length - 2].split(',')[4].substring(1)),
-        price: Number(arr[arr.length - 2].split(',')[5].substring(1)),
-      },
-    }
+exports.uploadBill = async ({ ctx, content }) => {
+  if (!ctx) throw new Error('?ctx')
+  if (!content) return []
+  try {
+    return handleBillData(content)
   } catch {
     return []
   }

package/core/file/services/weixinMP.js

@@ -123,6 +123,20 @@ const uploadPromise = (options) => {
   })
 }
 
+const https = require('https')
+
+// 1. 全局 HTTPS 连接池（微信专用）
+const wxHttpsAgent = new https.Agent({
+  keepAlive: true, // 开启长连接
+  keepAliveMsecs: 60000, // 空闲连接保留 60 秒
+  maxSockets: 30, // 最大并发连接（适配微信QPS，不超限）
+  maxFreeSockets: 10, // 保留空闲连接数
+  timeout: 8000, // 底层套接字超时
+  rejectUnauthorized: true,
+})
+
+axios.defaults.httpsAgent = wxHttpsAgent
+
 module.exports = class Singleton {
   constructor(config) {
     this.config = {

package/core/file/services/weixinOpen.js

@@ -1,6 +1,17 @@
 const util = require('util')
 const axios = require('axios')
+const https = require('https')
+// 1. 全局 HTTPS 连接池（微信专用）
+const wxHttpsAgent = new https.Agent({
+  keepAlive: true, // 开启长连接
+  keepAliveMsecs: 60000, // 空闲连接保留 60 秒
+  maxSockets: 30, // 最大并发连接（适配微信QPS，不超限）
+  maxFreeSockets: 10, // 保留空闲连接数
+  timeout: 8000, // 底层套接字超时
+  rejectUnauthorized: true,
+})
 
+axios.defaults.httpsAgent = wxHttpsAgent
 const { lodash } = require('q-koa')
 const getAccessTokenUrl =
   'https://api.weixin.qq.com/cgi-bin/token?grant_type=%s&appid=%s&secret=%s'

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "q-koa",
-  "version": "13.4.3",
+  "version": "13.4.5",
   "description": "",
   "main": "index.js",
   "scripts": {