vona-module-a-user 5.0.17 → 5.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/.metadata/index.d.ts +71 -0
- package/dist/bean/bean.passport.d.ts +4 -3
- package/dist/bean/bean.roleInner.d.ts +2 -2
- package/dist/config/config.d.ts +10 -0
- package/dist/index.js +159 -40
- package/dist/lib/auth.d.ts +1 -1
- package/dist/lib/role.d.ts +1 -1
- package/dist/lib/user.d.ts +1 -1
- package/dist/service/authTokenAdapter.d.ts +13 -0
- package/dist/service/redisToken.d.ts +17 -0
- package/dist/types/auth.d.ts +1 -1
- package/dist/types/role.d.ts +2 -2
- package/dist/types/user.d.ts +1 -1
- package/package.json +1 -1
|
@@ -18,10 +18,22 @@ declare module 'vona-module-a-aspect' {
|
|
|
18
18
|
declare module 'vona-module-a-user' {
|
|
19
19
|
interface GuardPassport {
|
|
20
20
|
}
|
|
21
|
+
interface GuardPassport {
|
|
22
|
+
get $beanFullName(): 'a-user.guard.passport';
|
|
23
|
+
get $onionName(): 'a-user:passport';
|
|
24
|
+
}
|
|
25
|
+
interface GuardRoleName {
|
|
26
|
+
}
|
|
21
27
|
interface GuardRoleName {
|
|
28
|
+
get $beanFullName(): 'a-user.guard.roleName';
|
|
29
|
+
get $onionName(): 'a-user:roleName';
|
|
22
30
|
}
|
|
23
31
|
interface GuardUserName {
|
|
24
32
|
}
|
|
33
|
+
interface GuardUserName {
|
|
34
|
+
get $beanFullName(): 'a-user.guard.userName';
|
|
35
|
+
get $onionName(): 'a-user:userName';
|
|
36
|
+
}
|
|
25
37
|
}
|
|
26
38
|
/** guard: end */
|
|
27
39
|
/** bean: begin */
|
|
@@ -58,6 +70,48 @@ declare module 'vona' {
|
|
|
58
70
|
}
|
|
59
71
|
}
|
|
60
72
|
/** bean: end */
|
|
73
|
+
/** service: begin */
|
|
74
|
+
export * from '../service/authTokenAdapter.ts';
|
|
75
|
+
export * from '../service/redisToken.ts';
|
|
76
|
+
import 'vona';
|
|
77
|
+
declare module 'vona-module-a-bean' {
|
|
78
|
+
interface IServiceRecord {
|
|
79
|
+
'a-user:authTokenAdapter': never;
|
|
80
|
+
'a-user:redisToken': never;
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
declare module 'vona-module-a-user' {
|
|
84
|
+
interface ServiceAuthTokenAdapter {
|
|
85
|
+
}
|
|
86
|
+
interface ServiceAuthTokenAdapter {
|
|
87
|
+
get $beanFullName(): 'a-user.service.authTokenAdapter';
|
|
88
|
+
get $onionName(): 'a-user:authTokenAdapter';
|
|
89
|
+
}
|
|
90
|
+
interface ServiceRedisToken {
|
|
91
|
+
}
|
|
92
|
+
interface ServiceRedisToken {
|
|
93
|
+
get $beanFullName(): 'a-user.service.redisToken';
|
|
94
|
+
get $onionName(): 'a-user:redisToken';
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
/** service: end */
|
|
98
|
+
/** service: begin */
|
|
99
|
+
import type { ServiceAuthTokenAdapter } from '../service/authTokenAdapter.ts';
|
|
100
|
+
import type { ServiceRedisToken } from '../service/redisToken.ts';
|
|
101
|
+
export interface IModuleService {
|
|
102
|
+
'authTokenAdapter': ServiceAuthTokenAdapter;
|
|
103
|
+
'redisToken': ServiceRedisToken;
|
|
104
|
+
}
|
|
105
|
+
/** service: end */
|
|
106
|
+
/** service: begin */
|
|
107
|
+
import 'vona';
|
|
108
|
+
declare module 'vona' {
|
|
109
|
+
interface IBeanRecordGeneral {
|
|
110
|
+
'a-user.service.authTokenAdapter': ServiceAuthTokenAdapter;
|
|
111
|
+
'a-user.service.redisToken': ServiceRedisToken;
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
/** service: end */
|
|
61
115
|
/** event: begin */
|
|
62
116
|
export * from '../bean/event.createUserAnonymous.ts';
|
|
63
117
|
export * from '../bean/event.signin.ts';
|
|
@@ -68,10 +122,22 @@ declare module 'vona' {
|
|
|
68
122
|
declare module 'vona-module-a-user' {
|
|
69
123
|
interface EventCreateUserAnonymous {
|
|
70
124
|
}
|
|
125
|
+
interface EventCreateUserAnonymous {
|
|
126
|
+
get $beanFullName(): 'a-user.event.createUserAnonymous';
|
|
127
|
+
get $onionName(): 'a-user:createUserAnonymous';
|
|
128
|
+
}
|
|
129
|
+
interface EventSignin {
|
|
130
|
+
}
|
|
71
131
|
interface EventSignin {
|
|
132
|
+
get $beanFullName(): 'a-user.event.signin';
|
|
133
|
+
get $onionName(): 'a-user:signin';
|
|
72
134
|
}
|
|
73
135
|
interface EventSignout {
|
|
74
136
|
}
|
|
137
|
+
interface EventSignout {
|
|
138
|
+
get $beanFullName(): 'a-user.event.signout';
|
|
139
|
+
get $onionName(): 'a-user:signout';
|
|
140
|
+
}
|
|
75
141
|
}
|
|
76
142
|
/** event: end */
|
|
77
143
|
/** event: begin */
|
|
@@ -108,6 +174,10 @@ declare module 'vona' {
|
|
|
108
174
|
declare module 'vona-module-a-user' {
|
|
109
175
|
interface MetaPrintTip {
|
|
110
176
|
}
|
|
177
|
+
interface MetaPrintTip {
|
|
178
|
+
get $beanFullName(): 'a-user.meta.printTip';
|
|
179
|
+
get $onionName(): 'a-user:printTip';
|
|
180
|
+
}
|
|
111
181
|
}
|
|
112
182
|
/** meta: end */
|
|
113
183
|
/** config: begin */
|
|
@@ -121,6 +191,7 @@ export declare class ScopeModuleAUser extends BeanScopeBase {
|
|
|
121
191
|
export interface ScopeModuleAUser {
|
|
122
192
|
util: BeanScopeUtil;
|
|
123
193
|
config: TypeModuleConfig<typeof config>;
|
|
194
|
+
service: IModuleService;
|
|
124
195
|
event: IModuleEvent;
|
|
125
196
|
}
|
|
126
197
|
import 'vona';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { IJwtClientRecord, IJwtSignOptions, IJwtToken, IPayloadDataBase } from 'vona-module-a-jwt';
|
|
1
|
+
import type { IJwtClientRecord, IJwtSignOptions, IJwtToken, IJwtVerifyOptions, IPayloadDataBase } from 'vona-module-a-jwt';
|
|
2
2
|
import type { IAuthBase, IAuthIdRecord, ISigninOptions } from '../types/auth.ts';
|
|
3
3
|
import type { IPassportBase } from '../types/passport.ts';
|
|
4
4
|
import type { IRoleBase } from '../types/role.ts';
|
|
@@ -24,11 +24,12 @@ export declare class BeanPassport extends BeanBase {
|
|
|
24
24
|
signinWithAnonymous(): Promise<void>;
|
|
25
25
|
createUserAnonymous(): Promise<IUserBase>;
|
|
26
26
|
kickOut(user: IUserBase): Promise<void>;
|
|
27
|
-
checkAuthToken(accessToken?: string, clientName?: keyof IJwtClientRecord): Promise<IPayloadDataBase | undefined>;
|
|
27
|
+
checkAuthToken(accessToken?: string, clientName?: keyof IJwtClientRecord, options?: IJwtVerifyOptions): Promise<IPayloadDataBase | undefined>;
|
|
28
28
|
refreshAuthToken(refreshToken: string): Promise<IJwtToken>;
|
|
29
29
|
createTempAuthToken(options?: IJwtSignOptions): Promise<string>;
|
|
30
30
|
createOauthAuthToken(options?: IJwtSignOptions): Promise<string>;
|
|
31
|
-
createOauthCode(
|
|
31
|
+
createOauthCode(options?: IJwtSignOptions): Promise<string>;
|
|
32
|
+
createOauthCodeFromOauthAuthToken(accessToken: string, options?: IJwtSignOptions): Promise<string>;
|
|
32
33
|
createAuthTokenFromOauthCode(code: string): Promise<IJwtToken>;
|
|
33
34
|
private _passportSerialize;
|
|
34
35
|
private _handlePayloadData;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
1
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
2
2
|
import type { IRoleBase } from '../types/role.ts';
|
|
3
3
|
import { BeanBase } from 'vona';
|
|
4
4
|
export declare class BeanRoleInner extends BeanBase {
|
|
@@ -6,5 +6,5 @@ export declare class BeanRoleInner extends BeanBase {
|
|
|
6
6
|
private get roleInnerAdapter();
|
|
7
7
|
findOneByName(name: string): Promise<IRoleBase | undefined>;
|
|
8
8
|
findOne(role: Partial<IRoleBase>): Promise<IRoleBase | undefined>;
|
|
9
|
-
findAllByUserId(userId: TableIdentity): Promise<IRoleBase[]>;
|
|
9
|
+
findAllByUserId(userId: TableIdentity): Promise<IRoleBase[] | undefined>;
|
|
10
10
|
}
|
package/dist/config/config.d.ts
CHANGED
|
@@ -12,4 +12,14 @@ export declare function config(_app: VonaApplication): {
|
|
|
12
12
|
authInner: keyof IServiceRecord;
|
|
13
13
|
roleInner: keyof IServiceRecord;
|
|
14
14
|
};
|
|
15
|
+
payloadData: {
|
|
16
|
+
fields: {
|
|
17
|
+
authId: string;
|
|
18
|
+
userId: string;
|
|
19
|
+
token: string;
|
|
20
|
+
};
|
|
21
|
+
};
|
|
22
|
+
redisToken: {
|
|
23
|
+
maxAge: number;
|
|
24
|
+
};
|
|
15
25
|
};
|
package/dist/index.js
CHANGED
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
import { BeanInfo, BeanBase, beanFullNameFromOnionName, BeanScopeBase } from 'vona';
|
|
1
|
+
import { BeanInfo, BeanBase, beanFullNameFromOnionName, createHash, uuidv4, BeanScopeBase } from 'vona';
|
|
2
2
|
import { catchError } from '@cabloy/utils';
|
|
3
3
|
import { Guard, Aspect } from 'vona-module-a-aspect';
|
|
4
|
-
import { Bean, Scope } from 'vona-module-a-bean';
|
|
4
|
+
import { Bean, Service, Scope } from 'vona-module-a-bean';
|
|
5
5
|
import { Event, BeanEventBase } from 'vona-module-a-event';
|
|
6
6
|
import { Meta } from 'vona-module-a-meta';
|
|
7
7
|
|
|
8
|
-
var _dec$
|
|
9
|
-
let GuardPassport = (_dec$
|
|
8
|
+
var _dec$d, _dec2$d, _class$d;
|
|
9
|
+
let GuardPassport = (_dec$d = Guard({
|
|
10
10
|
global: true,
|
|
11
11
|
public: false,
|
|
12
12
|
checkAuthToken: true
|
|
13
|
-
}), _dec2$
|
|
13
|
+
}), _dec2$d = BeanInfo({
|
|
14
14
|
module: "a-user"
|
|
15
|
-
}), _dec$
|
|
15
|
+
}), _dec$d(_class$d = _dec2$d(_class$d = class GuardPassport extends BeanBase {
|
|
16
16
|
async execute(options, next) {
|
|
17
17
|
// auth token
|
|
18
18
|
if (!this.bean.passport.getCurrent()) {
|
|
@@ -38,7 +38,7 @@ let GuardPassport = (_dec$b = Guard({
|
|
|
38
38
|
// next
|
|
39
39
|
return next();
|
|
40
40
|
}
|
|
41
|
-
}) || _class$
|
|
41
|
+
}) || _class$d) || _class$d);
|
|
42
42
|
|
|
43
43
|
let __roleAdapter;
|
|
44
44
|
function setRoleAdapter(roleAdapter) {
|
|
@@ -74,12 +74,12 @@ function $getUserIdSystem(_userName, userId) {
|
|
|
74
74
|
return userId;
|
|
75
75
|
}
|
|
76
76
|
|
|
77
|
-
var _dec$
|
|
78
|
-
let GuardRoleName = (_dec$
|
|
77
|
+
var _dec$c, _dec2$c, _class$c;
|
|
78
|
+
let GuardRoleName = (_dec$c = Guard({
|
|
79
79
|
passWhenMatched: true
|
|
80
|
-
}), _dec2$
|
|
80
|
+
}), _dec2$c = BeanInfo({
|
|
81
81
|
module: "a-user"
|
|
82
|
-
}), _dec$
|
|
82
|
+
}), _dec$c(_class$c = _dec2$c(_class$c = class GuardRoleName extends BeanBase {
|
|
83
83
|
async execute(options, next) {
|
|
84
84
|
if (!options.name) return this.app.throw(403);
|
|
85
85
|
const user = this.bean.passport.getCurrentUser();
|
|
@@ -93,14 +93,14 @@ let GuardRoleName = (_dec$a = Guard({
|
|
|
93
93
|
// next
|
|
94
94
|
return next();
|
|
95
95
|
}
|
|
96
|
-
}) || _class$
|
|
96
|
+
}) || _class$c) || _class$c);
|
|
97
97
|
|
|
98
|
-
var _dec$
|
|
99
|
-
let GuardUserName = (_dec$
|
|
98
|
+
var _dec$b, _dec2$b, _class$b;
|
|
99
|
+
let GuardUserName = (_dec$b = Guard({
|
|
100
100
|
passWhenMatched: true
|
|
101
|
-
}), _dec2$
|
|
101
|
+
}), _dec2$b = BeanInfo({
|
|
102
102
|
module: "a-user"
|
|
103
|
-
}), _dec$
|
|
103
|
+
}), _dec$b(_class$b = _dec2$b(_class$b = class GuardUserName extends BeanBase {
|
|
104
104
|
async execute(options, next) {
|
|
105
105
|
if (!options.name) return this.app.throw(403);
|
|
106
106
|
const user = this.bean.passport.getCurrentUser();
|
|
@@ -112,12 +112,12 @@ let GuardUserName = (_dec$9 = Guard({
|
|
|
112
112
|
// next
|
|
113
113
|
return next();
|
|
114
114
|
}
|
|
115
|
-
}) || _class$
|
|
115
|
+
}) || _class$b) || _class$b);
|
|
116
116
|
|
|
117
|
-
var _dec$
|
|
118
|
-
let BeanAuthInner = (_dec$
|
|
117
|
+
var _dec$a, _dec2$a, _class$a;
|
|
118
|
+
let BeanAuthInner = (_dec$a = Bean(), _dec2$a = BeanInfo({
|
|
119
119
|
module: "a-user"
|
|
120
|
-
}), _dec$
|
|
120
|
+
}), _dec$a(_class$a = _dec2$a(_class$a = class BeanAuthInner extends BeanBase {
|
|
121
121
|
constructor(...args) {
|
|
122
122
|
super(...args);
|
|
123
123
|
this._authInnerAdapter = void 0;
|
|
@@ -133,7 +133,7 @@ let BeanAuthInner = (_dec$8 = Bean(), _dec2$8 = BeanInfo({
|
|
|
133
133
|
if (String(auth.id).charAt(0) === '-') return auth;
|
|
134
134
|
return await this.authInnerAdapter.findOne(auth);
|
|
135
135
|
}
|
|
136
|
-
}) || _class$
|
|
136
|
+
}) || _class$a) || _class$a);
|
|
137
137
|
|
|
138
138
|
let __authAdapter;
|
|
139
139
|
function setAuthAdapter(authAdapter) {
|
|
@@ -146,10 +146,10 @@ function $getAuthIdSystem(_authName, authId) {
|
|
|
146
146
|
return authId;
|
|
147
147
|
}
|
|
148
148
|
|
|
149
|
-
var _dec$
|
|
150
|
-
let BeanPassport = (_dec$
|
|
149
|
+
var _dec$9, _dec2$9, _class$9;
|
|
150
|
+
let BeanPassport = (_dec$9 = Bean(), _dec2$9 = BeanInfo({
|
|
151
151
|
module: "a-user"
|
|
152
|
-
}), _dec$
|
|
152
|
+
}), _dec$9(_class$9 = _dec2$9(_class$9 = class BeanPassport extends BeanBase {
|
|
153
153
|
constructor(...args) {
|
|
154
154
|
super(...args);
|
|
155
155
|
this._authTokenAdapter = void 0;
|
|
@@ -250,10 +250,10 @@ let BeanPassport = (_dec$7 = Bean(), _dec2$7 = BeanInfo({
|
|
|
250
250
|
async kickOut(user) {
|
|
251
251
|
await this.authTokenAdapter.removeAll(user);
|
|
252
252
|
}
|
|
253
|
-
async checkAuthToken(accessToken, clientName) {
|
|
253
|
+
async checkAuthToken(accessToken, clientName, options) {
|
|
254
254
|
clientName = clientName ?? 'access';
|
|
255
255
|
const [payloadData, err] = await catchError(() => {
|
|
256
|
-
return this.bean.jwt.get(clientName).verify(accessToken);
|
|
256
|
+
return this.bean.jwt.get(clientName).verify(accessToken, options);
|
|
257
257
|
});
|
|
258
258
|
if (err) {
|
|
259
259
|
if (['access', 'refresh'].includes(clientName)) {
|
|
@@ -292,7 +292,7 @@ let BeanPassport = (_dec$7 = Bean(), _dec2$7 = BeanInfo({
|
|
|
292
292
|
authToken: 'nochange'
|
|
293
293
|
});
|
|
294
294
|
// jwt token
|
|
295
|
-
return await this.bean.jwt.
|
|
295
|
+
return await this.bean.jwt.createTempAuthToken(payloadData, options);
|
|
296
296
|
}
|
|
297
297
|
async createOauthAuthToken(options) {
|
|
298
298
|
// current
|
|
@@ -303,13 +303,24 @@ let BeanPassport = (_dec$7 = Bean(), _dec2$7 = BeanInfo({
|
|
|
303
303
|
authToken: 'nochange'
|
|
304
304
|
});
|
|
305
305
|
// jwt token
|
|
306
|
-
return await this.bean.jwt.
|
|
306
|
+
return await this.bean.jwt.createOauthAuthToken(payloadData, options);
|
|
307
307
|
}
|
|
308
|
-
async createOauthCode(
|
|
308
|
+
async createOauthCode(options) {
|
|
309
|
+
// current
|
|
310
|
+
const passport = this.getCurrent();
|
|
311
|
+
if (!passport) return this.app.throw(401);
|
|
312
|
+
// payloadData
|
|
313
|
+
const payloadData = await this._passportSerialize(passport, {
|
|
314
|
+
authToken: 'nochange'
|
|
315
|
+
});
|
|
316
|
+
// code
|
|
317
|
+
return await this.bean.jwt.createOauthCode(payloadData, options);
|
|
318
|
+
}
|
|
319
|
+
async createOauthCodeFromOauthAuthToken(accessToken, options) {
|
|
309
320
|
// payloadData
|
|
310
321
|
const payloadData = await this.bean.jwt.get('access').verify(accessToken);
|
|
311
322
|
if (!payloadData) return this.app.throw(401);
|
|
312
|
-
//
|
|
323
|
+
// code
|
|
313
324
|
return await this.bean.jwt.createOauthCode(payloadData, options);
|
|
314
325
|
}
|
|
315
326
|
async createAuthTokenFromOauthCode(code) {
|
|
@@ -340,12 +351,12 @@ let BeanPassport = (_dec$7 = Bean(), _dec2$7 = BeanInfo({
|
|
|
340
351
|
return payloadData2;
|
|
341
352
|
}
|
|
342
353
|
}
|
|
343
|
-
}) || _class$
|
|
354
|
+
}) || _class$9) || _class$9);
|
|
344
355
|
|
|
345
|
-
var _dec$
|
|
346
|
-
let BeanRoleInner = (_dec$
|
|
356
|
+
var _dec$8, _dec2$8, _class$8;
|
|
357
|
+
let BeanRoleInner = (_dec$8 = Bean(), _dec2$8 = BeanInfo({
|
|
347
358
|
module: "a-user"
|
|
348
|
-
}), _dec$
|
|
359
|
+
}), _dec$8(_class$8 = _dec2$8(_class$8 = class BeanRoleInner extends BeanBase {
|
|
349
360
|
constructor(...args) {
|
|
350
361
|
super(...args);
|
|
351
362
|
this._roleInnerAdapter = void 0;
|
|
@@ -366,12 +377,12 @@ let BeanRoleInner = (_dec$6 = Bean(), _dec2$6 = BeanInfo({
|
|
|
366
377
|
findAllByUserId(userId) {
|
|
367
378
|
return this.roleInnerAdapter.findAllByUserId(userId);
|
|
368
379
|
}
|
|
369
|
-
}) || _class$
|
|
380
|
+
}) || _class$8) || _class$8);
|
|
370
381
|
|
|
371
|
-
var _dec$
|
|
372
|
-
let BeanUserInner = (_dec$
|
|
382
|
+
var _dec$7, _dec2$7, _class$7;
|
|
383
|
+
let BeanUserInner = (_dec$7 = Bean(), _dec2$7 = BeanInfo({
|
|
373
384
|
module: "a-user"
|
|
374
|
-
}), _dec$
|
|
385
|
+
}), _dec$7(_class$7 = _dec2$7(_class$7 = class BeanUserInner extends BeanBase {
|
|
375
386
|
constructor(...args) {
|
|
376
387
|
super(...args);
|
|
377
388
|
this._userInnerAdapter = void 0;
|
|
@@ -401,6 +412,104 @@ let BeanUserInner = (_dec$5 = Bean(), _dec2$5 = BeanInfo({
|
|
|
401
412
|
remove(user) {
|
|
402
413
|
return this.userInnerAdapter.remove(user);
|
|
403
414
|
}
|
|
415
|
+
}) || _class$7) || _class$7);
|
|
416
|
+
|
|
417
|
+
var _dec$6, _dec2$6, _class$6;
|
|
418
|
+
let ServiceAuthTokenAdapter = (_dec$6 = Service(), _dec2$6 = BeanInfo({
|
|
419
|
+
module: "a-user"
|
|
420
|
+
}), _dec$6(_class$6 = _dec2$6(_class$6 = class ServiceAuthTokenAdapter extends BeanBase {
|
|
421
|
+
async create(payloadData) {
|
|
422
|
+
const authIdStr = this._getAuthId(payloadData)?.toString();
|
|
423
|
+
const token = authIdStr === '-1' ? createHash(authIdStr) : uuidv4();
|
|
424
|
+
const payloadDataNew = Object.assign({}, payloadData, {
|
|
425
|
+
[this.scope.config.payloadData.fields.token]: token
|
|
426
|
+
});
|
|
427
|
+
await this.scope.service.redisToken.create(payloadDataNew);
|
|
428
|
+
return payloadDataNew;
|
|
429
|
+
}
|
|
430
|
+
async retrieve(payloadData) {
|
|
431
|
+
return await this.scope.service.redisToken.retrieve(payloadData);
|
|
432
|
+
}
|
|
433
|
+
async verify(payloadData) {
|
|
434
|
+
return await this.scope.service.redisToken.verify(payloadData);
|
|
435
|
+
}
|
|
436
|
+
async refresh(payloadData) {
|
|
437
|
+
await this.scope.service.redisToken.refresh(payloadData);
|
|
438
|
+
}
|
|
439
|
+
async remove(payloadData) {
|
|
440
|
+
await this.scope.service.redisToken.remove(payloadData);
|
|
441
|
+
}
|
|
442
|
+
async removeAll(user) {
|
|
443
|
+
await this.scope.service.redisToken.removeAll(user);
|
|
444
|
+
}
|
|
445
|
+
_getAuthId(payloadData) {
|
|
446
|
+
return payloadData[this.scope.config.payloadData.fields.authId];
|
|
447
|
+
}
|
|
448
|
+
}) || _class$6) || _class$6);
|
|
449
|
+
|
|
450
|
+
var _dec$5, _dec2$5, _class$5;
|
|
451
|
+
let ServiceRedisToken = (_dec$5 = Service(), _dec2$5 = BeanInfo({
|
|
452
|
+
module: "a-user"
|
|
453
|
+
}), _dec$5(_class$5 = _dec2$5(_class$5 = class ServiceRedisToken extends BeanBase {
|
|
454
|
+
get redisAuth() {
|
|
455
|
+
return this.bean.redis.get('auth');
|
|
456
|
+
}
|
|
457
|
+
async verify(payloadData) {
|
|
458
|
+
const payloadData2 = await this.retrieve(payloadData);
|
|
459
|
+
if (!payloadData2) return false;
|
|
460
|
+
if (this._getToken(payloadData2) !== this._getToken(payloadData)) return false;
|
|
461
|
+
return true;
|
|
462
|
+
}
|
|
463
|
+
async retrieve(payloadData) {
|
|
464
|
+
const key = this._getAuthRedisKey(payloadData);
|
|
465
|
+
if (!key) return;
|
|
466
|
+
const token = await this.redisAuth.get(key);
|
|
467
|
+
if (!token) return;
|
|
468
|
+
return {
|
|
469
|
+
...payloadData,
|
|
470
|
+
[this.scope.config.payloadData.fields.token]: token
|
|
471
|
+
};
|
|
472
|
+
}
|
|
473
|
+
async create(payloadData) {
|
|
474
|
+
const key = this._getAuthRedisKey(payloadData);
|
|
475
|
+
if (!key || !this._getToken(payloadData)) return this.app.throw(401);
|
|
476
|
+
await this.redisAuth.set(key, this._getToken(payloadData), 'EX', this.scope.config.redisToken.maxAge);
|
|
477
|
+
}
|
|
478
|
+
async refresh(payloadData) {
|
|
479
|
+
const key = this._getAuthRedisKey(payloadData);
|
|
480
|
+
if (!key) return this.app.throw(401);
|
|
481
|
+
await this.redisAuth.expire(key, this.scope.config.redisToken.maxAge);
|
|
482
|
+
}
|
|
483
|
+
async remove(payloadData) {
|
|
484
|
+
const key = this._getAuthRedisKey(payloadData);
|
|
485
|
+
if (!key) return;
|
|
486
|
+
await this.redisAuth.del(key);
|
|
487
|
+
}
|
|
488
|
+
async removeAll(user) {
|
|
489
|
+
const keyPrefix = this.redisAuth.options.keyPrefix;
|
|
490
|
+
const keyPattern = this._getAuthRedisKeyPattern(user, keyPrefix);
|
|
491
|
+
const keys = await this.redisAuth.keys(keyPattern);
|
|
492
|
+
for (const fullKey of keys) {
|
|
493
|
+
const key = keyPrefix ? fullKey.substring(keyPrefix.length) : fullKey;
|
|
494
|
+
await this.redisAuth.del(key);
|
|
495
|
+
}
|
|
496
|
+
}
|
|
497
|
+
_getAuthRedisKey(payloadData) {
|
|
498
|
+
if (!this.ctx.instance) return;
|
|
499
|
+
return `authToken:${this.ctx.instance.id}:${this._getUserId(payloadData)}:${this._getAuthId(payloadData)}`;
|
|
500
|
+
}
|
|
501
|
+
_getAuthRedisKeyPattern(user, keyPrefix) {
|
|
502
|
+
return `${keyPrefix ?? ''}authToken:${this.ctx.instance.id}:${user.id}:*`;
|
|
503
|
+
}
|
|
504
|
+
_getToken(payloadData) {
|
|
505
|
+
return payloadData[this.scope.config.payloadData.fields.token];
|
|
506
|
+
}
|
|
507
|
+
_getAuthId(payloadData) {
|
|
508
|
+
return payloadData[this.scope.config.payloadData.fields.authId];
|
|
509
|
+
}
|
|
510
|
+
_getUserId(payloadData) {
|
|
511
|
+
return payloadData[this.scope.config.payloadData.fields.userId];
|
|
512
|
+
}
|
|
404
513
|
}) || _class$5) || _class$5);
|
|
405
514
|
|
|
406
515
|
var _dec$4, _dec2$4, _class$4;
|
|
@@ -444,11 +553,21 @@ function config(_app) {
|
|
|
444
553
|
refreshAuthToken: 'recreate'
|
|
445
554
|
},
|
|
446
555
|
adapter: {
|
|
447
|
-
authToken: '
|
|
556
|
+
authToken: 'a-user:authTokenAdapter',
|
|
448
557
|
passport: 'home-user:passportAdapter',
|
|
449
558
|
userInner: 'home-user:userInnerAdapter',
|
|
450
559
|
authInner: 'home-user:authInnerAdapter',
|
|
451
560
|
roleInner: 'home-user:roleInnerAdapter'
|
|
561
|
+
},
|
|
562
|
+
payloadData: {
|
|
563
|
+
fields: {
|
|
564
|
+
authId: 'authId',
|
|
565
|
+
userId: 'userId',
|
|
566
|
+
token: 'token'
|
|
567
|
+
}
|
|
568
|
+
},
|
|
569
|
+
redisToken: {
|
|
570
|
+
maxAge: 30 * 24 * 60 * 60
|
|
452
571
|
}
|
|
453
572
|
};
|
|
454
573
|
}
|
|
@@ -484,4 +603,4 @@ const Passport = {
|
|
|
484
603
|
admin: Admin
|
|
485
604
|
};
|
|
486
605
|
|
|
487
|
-
export { $getAuthId, $getAuthIdSystem, $getRoleId, $getRoleName, $getUserAnonymous, $getUserAvatar, $getUserId, $getUserIdSystem, $getUserLocale, $getUserName, BeanAuthInner, BeanPassport, BeanRoleInner, BeanUserInner, EventCreateUserAnonymous, EventSignin, EventSignout, GuardPassport, GuardRoleName, GuardUserName, MetaPrintTip, Passport, ScopeModuleAUser, config, setAuthAdapter, setRoleAdapter, setUserAdapter };
|
|
606
|
+
export { $getAuthId, $getAuthIdSystem, $getRoleId, $getRoleName, $getUserAnonymous, $getUserAvatar, $getUserId, $getUserIdSystem, $getUserLocale, $getUserName, BeanAuthInner, BeanPassport, BeanRoleInner, BeanUserInner, EventCreateUserAnonymous, EventSignin, EventSignout, GuardPassport, GuardRoleName, GuardUserName, MetaPrintTip, Passport, ScopeModuleAUser, ServiceAuthTokenAdapter, ServiceRedisToken, config, setAuthAdapter, setRoleAdapter, setUserAdapter };
|
package/dist/lib/auth.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
1
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
2
2
|
import type { IAuthAdapter, IAuthBase, IAuthIdRecord } from '../types/auth.ts';
|
|
3
3
|
export declare function setAuthAdapter(authAdapter: IAuthAdapter): void;
|
|
4
4
|
export declare function $getAuthId(user: IAuthBase): TableIdentity;
|
package/dist/lib/role.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
1
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
2
2
|
import type { IRoleAdapter, IRoleBase } from '../types/role.ts';
|
|
3
3
|
export declare function setRoleAdapter(roleAdapter: IRoleAdapter): void;
|
|
4
4
|
export declare function $getRoleId(role: IRoleBase): TableIdentity;
|
package/dist/lib/user.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { ILocaleInfos } from 'vona';
|
|
2
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
2
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
3
3
|
import type { IUserAdapter, IUserBase, IUserIdRecord } from '../types/user.ts';
|
|
4
4
|
export declare function setUserAdapter(userAdapter: IUserAdapter): void;
|
|
5
5
|
export declare function $getUserId(user: IUserBase): TableIdentity;
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { IPayloadDataBase } from 'vona-module-a-jwt';
|
|
2
|
+
import type { IAuthTokenAdapter } from '../types/authToken.ts';
|
|
3
|
+
import type { IUserBase } from '../types/user.ts';
|
|
4
|
+
import { BeanBase } from 'vona';
|
|
5
|
+
export declare class ServiceAuthTokenAdapter extends BeanBase implements IAuthTokenAdapter {
|
|
6
|
+
create(payloadData: IPayloadDataBase): Promise<IPayloadDataBase>;
|
|
7
|
+
retrieve(payloadData: IPayloadDataBase): Promise<IPayloadDataBase | undefined>;
|
|
8
|
+
verify(payloadData: IPayloadDataBase): Promise<boolean>;
|
|
9
|
+
refresh(payloadData: IPayloadDataBase): Promise<void>;
|
|
10
|
+
remove(payloadData: IPayloadDataBase): Promise<void>;
|
|
11
|
+
removeAll(user: IUserBase): Promise<void>;
|
|
12
|
+
private _getAuthId;
|
|
13
|
+
}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import type { IPayloadDataBase } from 'vona-module-a-jwt';
|
|
2
|
+
import type { IUserBase } from 'vona-module-a-user';
|
|
3
|
+
import { BeanBase } from 'vona';
|
|
4
|
+
export declare class ServiceRedisToken extends BeanBase {
|
|
5
|
+
private get redisAuth();
|
|
6
|
+
verify(payloadData: IPayloadDataBase): Promise<boolean>;
|
|
7
|
+
retrieve(payloadData: IPayloadDataBase): Promise<IPayloadDataBase | undefined>;
|
|
8
|
+
create(payloadData: IPayloadDataBase): Promise<undefined>;
|
|
9
|
+
refresh(payloadData: IPayloadDataBase): Promise<undefined>;
|
|
10
|
+
remove(payloadData: IPayloadDataBase): Promise<void>;
|
|
11
|
+
removeAll(user: IUserBase): Promise<void>;
|
|
12
|
+
private _getAuthRedisKey;
|
|
13
|
+
private _getAuthRedisKeyPattern;
|
|
14
|
+
private _getToken;
|
|
15
|
+
private _getAuthId;
|
|
16
|
+
private _getUserId;
|
|
17
|
+
}
|
package/dist/types/auth.d.ts
CHANGED
package/dist/types/role.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
1
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
2
2
|
export interface IRoleNameRecord {
|
|
3
3
|
admin: never;
|
|
4
4
|
}
|
|
@@ -14,5 +14,5 @@ export interface IRoleAdapter {
|
|
|
14
14
|
export interface IRoleInnerAdapter {
|
|
15
15
|
findOneByName(name: string): Promise<IRoleBase | undefined>;
|
|
16
16
|
findOne(role: Partial<IRoleBase>): Promise<IRoleBase | undefined>;
|
|
17
|
-
findAllByUserId(userId: TableIdentity): Promise<IRoleBase[]>;
|
|
17
|
+
findAllByUserId(userId: TableIdentity): Promise<IRoleBase[] | undefined>;
|
|
18
18
|
}
|
package/dist/types/user.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { ILocaleInfos } from 'vona';
|
|
2
|
-
import type { TableIdentity } from 'vona-module-a-
|
|
2
|
+
import type { TableIdentity } from 'vona-module-a-orm';
|
|
3
3
|
import type { IAuthUserProfile } from './authProfile.ts';
|
|
4
4
|
export interface IUserNameRecord {
|
|
5
5
|
admin: never;
|