vona-module-a-user 5.0.24 → 5.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/.metadata/index.d.ts +24 -0
- package/dist/bean/bean.passport.d.ts +1 -1
- package/dist/bean/cacheRedis.authToken.d.ts +5 -0
- package/dist/bean/guard.roleName.d.ts +2 -0
- package/dist/bean/guard.userName.d.ts +2 -0
- package/dist/config/config.d.ts +0 -3
- package/dist/index.js +89 -71
- package/dist/service/redisToken.d.ts +1 -2
- package/package.json +1 -1
|
@@ -107,6 +107,29 @@ declare module 'vona' {
|
|
|
107
107
|
}
|
|
108
108
|
}
|
|
109
109
|
/** service: end */
|
|
110
|
+
/** cacheRedis: begin */
|
|
111
|
+
export * from '../bean/cacheRedis.authToken.ts';
|
|
112
|
+
import { type IDecoratorCacheRedisOptions } from 'vona-module-a-cache';
|
|
113
|
+
declare module 'vona-module-a-cache' {
|
|
114
|
+
interface ICacheRedisRecord {
|
|
115
|
+
'a-user:authToken': IDecoratorCacheRedisOptions;
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
declare module 'vona-module-a-user' {
|
|
119
|
+
interface CacheRedisAuthToken {
|
|
120
|
+
}
|
|
121
|
+
interface CacheRedisAuthToken {
|
|
122
|
+
get $beanFullName(): 'a-user.cacheRedis.authToken';
|
|
123
|
+
get $onionName(): 'a-user:authToken';
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
/** cacheRedis: end */
|
|
127
|
+
/** cacheRedis: begin */
|
|
128
|
+
import type { CacheRedisAuthToken } from '../bean/cacheRedis.authToken.ts';
|
|
129
|
+
export interface IModuleCacheRedis {
|
|
130
|
+
'authToken': CacheRedisAuthToken;
|
|
131
|
+
}
|
|
132
|
+
/** cacheRedis: end */
|
|
110
133
|
/** event: begin */
|
|
111
134
|
export * from '../bean/event.activate.ts';
|
|
112
135
|
export * from '../bean/event.createUserAnonymous.ts';
|
|
@@ -209,6 +232,7 @@ export interface ScopeModuleAUser {
|
|
|
209
232
|
util: BeanScopeUtil;
|
|
210
233
|
config: TypeModuleConfig<typeof config>;
|
|
211
234
|
service: IModuleService;
|
|
235
|
+
cacheRedis: IModuleCacheRedis;
|
|
212
236
|
event: IModuleEvent;
|
|
213
237
|
}
|
|
214
238
|
import 'vona';
|
|
@@ -24,7 +24,7 @@ export declare class BeanPassport extends BeanBase {
|
|
|
24
24
|
signinMock(name?: keyof IUserNameRecord, options?: ISigninOptions): Promise<IJwtToken>;
|
|
25
25
|
signinWithAnonymous(): Promise<void>;
|
|
26
26
|
createUserAnonymous(): Promise<IUserBase>;
|
|
27
|
-
kickOut(user
|
|
27
|
+
kickOut(user?: IUserBase): Promise<void>;
|
|
28
28
|
checkAuthToken(accessToken?: string, clientName?: keyof IJwtClientRecord, options?: IJwtVerifyOptions): Promise<IPayloadDataBase | undefined>;
|
|
29
29
|
refreshAuthToken(refreshToken: string): Promise<IJwtToken>;
|
|
30
30
|
createTempAuthToken(options?: IJwtSignOptions): Promise<string>;
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import { BeanCacheRedisBase } from 'vona-module-a-cache';
|
|
2
|
+
export type TCacheRedisAuthTokenKey = string;
|
|
3
|
+
export type TCacheRedisAuthTokenData = string;
|
|
4
|
+
export declare class CacheRedisAuthToken extends BeanCacheRedisBase<TCacheRedisAuthTokenKey, TCacheRedisAuthTokenData> {
|
|
5
|
+
}
|
|
@@ -5,7 +5,9 @@ import { BeanBase } from 'vona';
|
|
|
5
5
|
export interface IGuardOptionsRoleName extends IDecoratorGuardOptions {
|
|
6
6
|
name?: keyof IRoleNameRecord | (keyof IRoleNameRecord)[];
|
|
7
7
|
passWhenMatched: boolean;
|
|
8
|
+
rejectWhenDismatched: boolean;
|
|
8
9
|
}
|
|
9
10
|
export declare class GuardRoleName extends BeanBase implements IGuardExecute {
|
|
10
11
|
execute(options: IGuardOptionsRoleName, next: Next): Promise<boolean>;
|
|
12
|
+
private _check;
|
|
11
13
|
}
|
|
@@ -5,7 +5,9 @@ import { BeanBase } from 'vona';
|
|
|
5
5
|
export interface IGuardOptionsUserName extends IDecoratorGuardOptions {
|
|
6
6
|
name?: keyof IUserNameRecord | (keyof IUserNameRecord)[];
|
|
7
7
|
passWhenMatched: boolean;
|
|
8
|
+
rejectWhenDismatched: boolean;
|
|
8
9
|
}
|
|
9
10
|
export declare class GuardUserName extends BeanBase implements IGuardExecute {
|
|
10
11
|
execute(options: IGuardOptionsUserName, next: Next): Promise<boolean>;
|
|
12
|
+
private _check;
|
|
11
13
|
}
|
package/dist/config/config.d.ts
CHANGED
package/dist/index.js
CHANGED
|
@@ -2,18 +2,19 @@ import { BeanInfo, BeanBase, beanFullNameFromOnionName, createHash, uuidv4, Bean
|
|
|
2
2
|
import { catchError } from '@cabloy/utils';
|
|
3
3
|
import { Guard, Aspect } from 'vona-module-a-aspect';
|
|
4
4
|
import { Bean, Service, Scope } from 'vona-module-a-bean';
|
|
5
|
+
import { CacheRedis, BeanCacheRedisBase } from 'vona-module-a-cache';
|
|
5
6
|
import { Event, BeanEventBase } from 'vona-module-a-event';
|
|
6
7
|
import { Meta } from 'vona-module-a-meta';
|
|
7
8
|
|
|
8
|
-
var _dec$
|
|
9
|
-
let GuardPassport = (_dec$
|
|
9
|
+
var _dec$f, _dec2$f, _class$f;
|
|
10
|
+
let GuardPassport = (_dec$f = Guard({
|
|
10
11
|
global: true,
|
|
11
12
|
public: false,
|
|
12
13
|
activated: true,
|
|
13
14
|
checkAuthToken: true
|
|
14
|
-
}), _dec2$
|
|
15
|
+
}), _dec2$f = BeanInfo({
|
|
15
16
|
module: "a-user"
|
|
16
|
-
}), _dec$
|
|
17
|
+
}), _dec$f(_class$f = _dec2$f(_class$f = class GuardPassport extends BeanBase {
|
|
17
18
|
async execute(options, next) {
|
|
18
19
|
// auth token
|
|
19
20
|
if (!this.bean.passport.getCurrent()) {
|
|
@@ -47,56 +48,74 @@ let GuardPassport = (_dec$e = Guard({
|
|
|
47
48
|
// next
|
|
48
49
|
return next();
|
|
49
50
|
}
|
|
50
|
-
}) || _class$
|
|
51
|
+
}) || _class$f) || _class$f);
|
|
51
52
|
|
|
52
|
-
var _dec$
|
|
53
|
-
let GuardRoleName = (_dec$
|
|
54
|
-
passWhenMatched: true
|
|
55
|
-
|
|
53
|
+
var _dec$e, _dec2$e, _class$e;
|
|
54
|
+
let GuardRoleName = (_dec$e = Guard({
|
|
55
|
+
passWhenMatched: true,
|
|
56
|
+
rejectWhenDismatched: true
|
|
57
|
+
}), _dec2$e = BeanInfo({
|
|
56
58
|
module: "a-user"
|
|
57
|
-
}), _dec$
|
|
59
|
+
}), _dec$e(_class$e = _dec2$e(_class$e = class GuardRoleName extends BeanBase {
|
|
58
60
|
async execute(options, next) {
|
|
59
|
-
|
|
61
|
+
const result = await this._check(options);
|
|
62
|
+
if (!result) {
|
|
63
|
+
if (options.rejectWhenDismatched) return this.app.throw(403);
|
|
64
|
+
} else {
|
|
65
|
+
if (options.passWhenMatched) return true;
|
|
66
|
+
}
|
|
67
|
+
// next
|
|
68
|
+
return next();
|
|
69
|
+
}
|
|
70
|
+
async _check(options) {
|
|
71
|
+
if (!options.name) return false;
|
|
60
72
|
const user = this.bean.passport.getCurrentUser();
|
|
61
|
-
if (!user || user.anonymous) return
|
|
73
|
+
if (!user || user.anonymous) return false;
|
|
62
74
|
const roles = this.bean.passport.getCurrentRoles();
|
|
63
|
-
if (!roles) return
|
|
75
|
+
if (!roles) return false;
|
|
64
76
|
const roleNames = roles?.map(item => item.name);
|
|
65
77
|
const optionsName = Array.isArray(options.name) ? options.name : [options.name];
|
|
66
|
-
if (!roleNames.some(roleName => optionsName.includes(roleName))) return
|
|
67
|
-
|
|
68
|
-
// next
|
|
69
|
-
return next();
|
|
78
|
+
if (!roleNames.some(roleName => optionsName.includes(roleName))) return false;
|
|
79
|
+
return true;
|
|
70
80
|
}
|
|
71
|
-
}) || _class$
|
|
81
|
+
}) || _class$e) || _class$e);
|
|
72
82
|
|
|
73
|
-
var _dec$
|
|
74
|
-
let GuardUserName = (_dec$
|
|
75
|
-
passWhenMatched: true
|
|
76
|
-
|
|
83
|
+
var _dec$d, _dec2$d, _class$d;
|
|
84
|
+
let GuardUserName = (_dec$d = Guard({
|
|
85
|
+
passWhenMatched: true,
|
|
86
|
+
rejectWhenDismatched: true
|
|
87
|
+
}), _dec2$d = BeanInfo({
|
|
77
88
|
module: "a-user"
|
|
78
|
-
}), _dec$
|
|
89
|
+
}), _dec$d(_class$d = _dec2$d(_class$d = class GuardUserName extends BeanBase {
|
|
79
90
|
async execute(options, next) {
|
|
80
|
-
|
|
91
|
+
const result = await this._check(options);
|
|
92
|
+
if (!result) {
|
|
93
|
+
if (options.rejectWhenDismatched) return this.app.throw(403);
|
|
94
|
+
} else {
|
|
95
|
+
if (options.passWhenMatched) return true;
|
|
96
|
+
}
|
|
97
|
+
// next
|
|
98
|
+
return next();
|
|
99
|
+
}
|
|
100
|
+
async _check(options) {
|
|
101
|
+
if (!options.name) return false;
|
|
81
102
|
const user = this.bean.passport.getCurrentUser();
|
|
82
|
-
if (!user || user.anonymous) return
|
|
103
|
+
if (!user || user.anonymous) return false;
|
|
83
104
|
const userName = user.name;
|
|
84
105
|
const optionsName = Array.isArray(options.name) ? options.name : [options.name];
|
|
85
|
-
if (!optionsName.includes(userName)) return
|
|
86
|
-
|
|
87
|
-
// next
|
|
88
|
-
return next();
|
|
106
|
+
if (!optionsName.includes(userName)) return false;
|
|
107
|
+
return true;
|
|
89
108
|
}
|
|
90
|
-
}) || _class$
|
|
109
|
+
}) || _class$d) || _class$d);
|
|
91
110
|
|
|
92
111
|
function $getAuthIdSystem(_authName, authId) {
|
|
93
112
|
return authId;
|
|
94
113
|
}
|
|
95
114
|
|
|
96
|
-
var _dec$
|
|
97
|
-
let BeanPassport = (_dec$
|
|
115
|
+
var _dec$c, _dec2$c, _class$c;
|
|
116
|
+
let BeanPassport = (_dec$c = Bean(), _dec2$c = BeanInfo({
|
|
98
117
|
module: "a-user"
|
|
99
|
-
}), _dec$
|
|
118
|
+
}), _dec$c(_class$c = _dec2$c(_class$c = class BeanPassport extends BeanBase {
|
|
100
119
|
constructor(...args) {
|
|
101
120
|
super(...args);
|
|
102
121
|
this._authTokenAdapter = void 0;
|
|
@@ -199,6 +218,7 @@ let BeanPassport = (_dec$b = Bean(), _dec2$b = BeanInfo({
|
|
|
199
218
|
return userAnonymous;
|
|
200
219
|
}
|
|
201
220
|
async kickOut(user) {
|
|
221
|
+
if (!user) return;
|
|
202
222
|
await this.authTokenAdapter.removeAll(user);
|
|
203
223
|
}
|
|
204
224
|
async checkAuthToken(accessToken, clientName, options) {
|
|
@@ -302,12 +322,12 @@ let BeanPassport = (_dec$b = Bean(), _dec2$b = BeanInfo({
|
|
|
302
322
|
return payloadData2;
|
|
303
323
|
}
|
|
304
324
|
}
|
|
305
|
-
}) || _class$
|
|
325
|
+
}) || _class$c) || _class$c);
|
|
306
326
|
|
|
307
|
-
var _dec$
|
|
308
|
-
let BeanRole = (_dec$
|
|
327
|
+
var _dec$b, _dec2$b, _class$b;
|
|
328
|
+
let BeanRole = (_dec$b = Bean(), _dec2$b = BeanInfo({
|
|
309
329
|
module: "a-user"
|
|
310
|
-
}), _dec$
|
|
330
|
+
}), _dec$b(_class$b = _dec2$b(_class$b = class BeanRole extends BeanBase {
|
|
311
331
|
constructor(...args) {
|
|
312
332
|
super(...args);
|
|
313
333
|
this._roleAdapter = void 0;
|
|
@@ -328,12 +348,12 @@ let BeanRole = (_dec$a = Bean(), _dec2$a = BeanInfo({
|
|
|
328
348
|
findAllByUserId(userId) {
|
|
329
349
|
return this.roleAdapter.findAllByUserId(userId);
|
|
330
350
|
}
|
|
331
|
-
}) || _class$
|
|
351
|
+
}) || _class$b) || _class$b);
|
|
332
352
|
|
|
333
|
-
var _dec$
|
|
334
|
-
let BeanUser = (_dec$
|
|
353
|
+
var _dec$a, _dec2$a, _class$a;
|
|
354
|
+
let BeanUser = (_dec$a = Bean(), _dec2$a = BeanInfo({
|
|
335
355
|
module: "a-user"
|
|
336
|
-
}), _dec$
|
|
356
|
+
}), _dec$a(_class$a = _dec2$a(_class$a = class BeanUser extends BeanBase {
|
|
337
357
|
constructor(...args) {
|
|
338
358
|
super(...args);
|
|
339
359
|
this._userAdapter = void 0;
|
|
@@ -386,12 +406,12 @@ let BeanUser = (_dec$9 = Bean(), _dec2$9 = BeanInfo({
|
|
|
386
406
|
remove(user) {
|
|
387
407
|
return this.userAdapter.remove(user);
|
|
388
408
|
}
|
|
389
|
-
}) || _class$
|
|
409
|
+
}) || _class$a) || _class$a);
|
|
390
410
|
|
|
391
|
-
var _dec$
|
|
392
|
-
let ServiceAuthTokenAdapter = (_dec$
|
|
411
|
+
var _dec$9, _dec2$9, _class$9;
|
|
412
|
+
let ServiceAuthTokenAdapter = (_dec$9 = Service(), _dec2$9 = BeanInfo({
|
|
393
413
|
module: "a-user"
|
|
394
|
-
}), _dec$
|
|
414
|
+
}), _dec$9(_class$9 = _dec2$9(_class$9 = class ServiceAuthTokenAdapter extends BeanBase {
|
|
395
415
|
async create(payloadData) {
|
|
396
416
|
const authIdStr = this._getAuthId(payloadData)?.toString();
|
|
397
417
|
const token = authIdStr === '-1' ? createHash(authIdStr) : uuidv4();
|
|
@@ -419,15 +439,12 @@ let ServiceAuthTokenAdapter = (_dec$8 = Service(), _dec2$8 = BeanInfo({
|
|
|
419
439
|
_getAuthId(payloadData) {
|
|
420
440
|
return payloadData[this.scope.config.payloadData.fields.authId];
|
|
421
441
|
}
|
|
422
|
-
}) || _class$
|
|
442
|
+
}) || _class$9) || _class$9);
|
|
423
443
|
|
|
424
|
-
var _dec$
|
|
425
|
-
let ServiceRedisToken = (_dec$
|
|
444
|
+
var _dec$8, _dec2$8, _class$8;
|
|
445
|
+
let ServiceRedisToken = (_dec$8 = Service(), _dec2$8 = BeanInfo({
|
|
426
446
|
module: "a-user"
|
|
427
|
-
}), _dec$
|
|
428
|
-
get redisAuth() {
|
|
429
|
-
return this.bean.redis.get('auth');
|
|
430
|
-
}
|
|
447
|
+
}), _dec$8(_class$8 = _dec2$8(_class$8 = class ServiceRedisToken extends BeanBase {
|
|
431
448
|
async verify(payloadData) {
|
|
432
449
|
const payloadData2 = await this.retrieve(payloadData);
|
|
433
450
|
if (!payloadData2) return false;
|
|
@@ -437,7 +454,7 @@ let ServiceRedisToken = (_dec$7 = Service(), _dec2$7 = BeanInfo({
|
|
|
437
454
|
async retrieve(payloadData) {
|
|
438
455
|
const key = this._getAuthRedisKey(payloadData);
|
|
439
456
|
if (!key) return;
|
|
440
|
-
const token = await this.
|
|
457
|
+
const token = await this.scope.cacheRedis.authToken.get(key);
|
|
441
458
|
if (!token) return;
|
|
442
459
|
return {
|
|
443
460
|
...payloadData,
|
|
@@ -447,33 +464,29 @@ let ServiceRedisToken = (_dec$7 = Service(), _dec2$7 = BeanInfo({
|
|
|
447
464
|
async create(payloadData) {
|
|
448
465
|
const key = this._getAuthRedisKey(payloadData);
|
|
449
466
|
if (!key || !this._getToken(payloadData)) return this.app.throw(401);
|
|
450
|
-
await this.
|
|
467
|
+
await this.scope.cacheRedis.authToken.set(this._getToken(payloadData), key);
|
|
451
468
|
}
|
|
452
469
|
async refresh(payloadData) {
|
|
453
470
|
const key = this._getAuthRedisKey(payloadData);
|
|
454
471
|
if (!key) return this.app.throw(401);
|
|
455
|
-
await this.
|
|
472
|
+
await this.scope.cacheRedis.authToken.expire(key);
|
|
456
473
|
}
|
|
457
474
|
async remove(payloadData) {
|
|
458
475
|
const key = this._getAuthRedisKey(payloadData);
|
|
459
476
|
if (!key) return;
|
|
460
|
-
await this.
|
|
477
|
+
await this.scope.cacheRedis.authToken.del(key);
|
|
461
478
|
}
|
|
462
479
|
async removeAll(user) {
|
|
463
|
-
const keyPrefix = this.
|
|
464
|
-
const
|
|
465
|
-
|
|
466
|
-
for (const fullKey of keys) {
|
|
467
|
-
const key = keyPrefix ? fullKey.substring(keyPrefix.length) : fullKey;
|
|
468
|
-
await this.redisAuth.del(key);
|
|
469
|
-
}
|
|
480
|
+
const keyPrefix = this._getAuthRedisKeyPrefix(user);
|
|
481
|
+
const keys = await this.scope.cacheRedis.authToken.lookupKeys(keyPrefix, true);
|
|
482
|
+
await this.scope.cacheRedis.authToken.mdel(keys);
|
|
470
483
|
}
|
|
471
484
|
_getAuthRedisKey(payloadData) {
|
|
472
485
|
if (!this.ctx.instance) return;
|
|
473
|
-
return
|
|
486
|
+
return `${this._getUserId(payloadData)}:${this._getAuthId(payloadData)}`;
|
|
474
487
|
}
|
|
475
|
-
|
|
476
|
-
return `${
|
|
488
|
+
_getAuthRedisKeyPrefix(user) {
|
|
489
|
+
return `${user.id}`;
|
|
477
490
|
}
|
|
478
491
|
_getToken(payloadData) {
|
|
479
492
|
return payloadData[this.scope.config.payloadData.fields.token];
|
|
@@ -484,7 +497,15 @@ let ServiceRedisToken = (_dec$7 = Service(), _dec2$7 = BeanInfo({
|
|
|
484
497
|
_getUserId(payloadData) {
|
|
485
498
|
return payloadData[this.scope.config.payloadData.fields.userId];
|
|
486
499
|
}
|
|
487
|
-
}) || _class$
|
|
500
|
+
}) || _class$8) || _class$8);
|
|
501
|
+
|
|
502
|
+
var _dec$7, _dec2$7, _class$7;
|
|
503
|
+
let CacheRedisAuthToken = (_dec$7 = CacheRedis({
|
|
504
|
+
ttl: 30 * 24 * 60 * 60 * 1000,
|
|
505
|
+
disableTransactionCompensate: true
|
|
506
|
+
}), _dec2$7 = BeanInfo({
|
|
507
|
+
module: "a-user"
|
|
508
|
+
}), _dec$7(_class$7 = _dec2$7(_class$7 = class CacheRedisAuthToken extends BeanCacheRedisBase {}) || _class$7) || _class$7);
|
|
488
509
|
|
|
489
510
|
var _dec$6, _dec2$6, _class$6;
|
|
490
511
|
let EventActivate = (_dec$6 = Event(), _dec2$6 = BeanInfo({
|
|
@@ -551,9 +572,6 @@ function config(_app) {
|
|
|
551
572
|
userId: 'userId',
|
|
552
573
|
token: 'token'
|
|
553
574
|
}
|
|
554
|
-
},
|
|
555
|
-
redisToken: {
|
|
556
|
-
maxAge: 30 * 24 * 60 * 60
|
|
557
575
|
}
|
|
558
576
|
};
|
|
559
577
|
}
|
|
@@ -600,4 +618,4 @@ function $getUserIdSystem(_userName, userId) {
|
|
|
600
618
|
return userId;
|
|
601
619
|
}
|
|
602
620
|
|
|
603
|
-
export { $getAuthIdSystem, $getUserIdSystem, BeanPassport, BeanRole, BeanUser, EventActivate, EventCreateUserAnonymous, EventRegister, EventSignin, EventSignout, GuardPassport, GuardRoleName, GuardUserName, MetaPrintTip, Passport, ScopeModuleAUser, ServiceAuthTokenAdapter, ServiceRedisToken, config };
|
|
621
|
+
export { $getAuthIdSystem, $getUserIdSystem, BeanPassport, BeanRole, BeanUser, CacheRedisAuthToken, EventActivate, EventCreateUserAnonymous, EventRegister, EventSignin, EventSignout, GuardPassport, GuardRoleName, GuardUserName, MetaPrintTip, Passport, ScopeModuleAUser, ServiceAuthTokenAdapter, ServiceRedisToken, config };
|
|
@@ -2,7 +2,6 @@ import type { IPayloadDataBase } from 'vona-module-a-jwt';
|
|
|
2
2
|
import type { IUserBase } from 'vona-module-a-user';
|
|
3
3
|
import { BeanBase } from 'vona';
|
|
4
4
|
export declare class ServiceRedisToken extends BeanBase {
|
|
5
|
-
private get redisAuth();
|
|
6
5
|
verify(payloadData: IPayloadDataBase): Promise<boolean>;
|
|
7
6
|
retrieve(payloadData: IPayloadDataBase): Promise<IPayloadDataBase | undefined>;
|
|
8
7
|
create(payloadData: IPayloadDataBase): Promise<undefined>;
|
|
@@ -10,7 +9,7 @@ export declare class ServiceRedisToken extends BeanBase {
|
|
|
10
9
|
remove(payloadData: IPayloadDataBase): Promise<void>;
|
|
11
10
|
removeAll(user: IUserBase): Promise<void>;
|
|
12
11
|
private _getAuthRedisKey;
|
|
13
|
-
private
|
|
12
|
+
private _getAuthRedisKeyPrefix;
|
|
14
13
|
private _getToken;
|
|
15
14
|
private _getAuthId;
|
|
16
15
|
private _getUserId;
|