yaml-admin-api 0.0.16 → 0.0.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/crud/entity-api-generator.js +14 -10
- package/src/login/auth.js +18 -15
- package/src/member/member.js +1 -1
package/package.json
CHANGED
|
@@ -3,6 +3,7 @@ const { genEntityIdWithKey } = require('../common/util.js');
|
|
|
3
3
|
const { v4: uuidv4 } = require('uuid');
|
|
4
4
|
const { ObjectId } = require('mongodb');
|
|
5
5
|
const crypto = require('crypto');
|
|
6
|
+
const bcrypt = require('bcryptjs');
|
|
6
7
|
const XLSX = require('xlsx');
|
|
7
8
|
const moment = require('moment');
|
|
8
9
|
const { withConfigLocal } = require('../upload/localUpload.js');
|
|
@@ -11,6 +12,7 @@ const { withConfigS3 } = require('../upload/s3Upload.js');
|
|
|
11
12
|
const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options }) => {
|
|
12
13
|
|
|
13
14
|
const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
|
|
15
|
+
const passwordEncoding = yml.login['password-encoding']
|
|
14
16
|
const api_host = yml["api-host"].uri;
|
|
15
17
|
let isS3 = yml.upload.s3
|
|
16
18
|
let host_image = isS3 ? yml.upload.s3.base_url : yml.upload.local.base_url
|
|
@@ -86,11 +88,13 @@ const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options })
|
|
|
86
88
|
return value
|
|
87
89
|
}
|
|
88
90
|
|
|
89
|
-
const passwordEncrypt = (value) => {
|
|
90
|
-
if
|
|
91
|
-
return
|
|
91
|
+
const passwordEncrypt = async (value) => {
|
|
92
|
+
if(passwordEncoding === 'sha512') {
|
|
93
|
+
return await crypto.createHash('sha512').update(value).digest('hex')
|
|
94
|
+
} else if(passwordEncoding === 'bycrypt') {
|
|
95
|
+
return await bcrypt.hash(value, 10)
|
|
92
96
|
} else {
|
|
93
|
-
return crypto.createHash('
|
|
97
|
+
return await crypto.createHash('sha256').update(value).digest('hex')
|
|
94
98
|
}
|
|
95
99
|
}
|
|
96
100
|
|
|
@@ -208,9 +212,9 @@ const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options })
|
|
|
208
212
|
entity['update_date'] = new Date()
|
|
209
213
|
|
|
210
214
|
let passwordFields = yml_entity.fields.filter(f => f.type == 'password').map(f => f.name)
|
|
211
|
-
|
|
212
|
-
entity[f] = passwordEncrypt(req.body[f])
|
|
213
|
-
}
|
|
215
|
+
for(let f of passwordFields) {
|
|
216
|
+
entity[f] = await passwordEncrypt(req.body[f])
|
|
217
|
+
}
|
|
214
218
|
//Custom ConstructEntity Start
|
|
215
219
|
|
|
216
220
|
//Custom ConstructEntity End
|
|
@@ -332,10 +336,10 @@ const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options })
|
|
|
332
336
|
res.json(entity);
|
|
333
337
|
});
|
|
334
338
|
|
|
335
|
-
if (yml_entity.crud?.
|
|
339
|
+
if (yml_entity.crud?.export) {
|
|
336
340
|
app.post(`/excel/${entity_name}/export`, auth.isAuthenticated, async (req, res) => {
|
|
337
341
|
const filename = `${entity_name}_`
|
|
338
|
-
const fields = yml_entity.crud.
|
|
342
|
+
const fields = yml_entity.crud.export.fields.map(field => ({
|
|
339
343
|
label: field.name,
|
|
340
344
|
value: field.name,
|
|
341
345
|
}))
|
|
@@ -372,7 +376,7 @@ const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options })
|
|
|
372
376
|
})
|
|
373
377
|
}
|
|
374
378
|
|
|
375
|
-
if (yml_entity.crud?.
|
|
379
|
+
if (yml_entity.crud?.import) {
|
|
376
380
|
app.post(`/excel/${entity_name}/import`, auth.isAuthenticated, async (req, res) => {
|
|
377
381
|
const { base64 } = req.body
|
|
378
382
|
const buf = Buffer.from(base64, 'base64');
|
package/src/login/auth.js
CHANGED
|
@@ -1,15 +1,19 @@
|
|
|
1
1
|
const bcrypt = require('bcryptjs');
|
|
2
2
|
const jwt = require('jsonwebtoken');
|
|
3
|
+
const crypto = require('crypto');
|
|
3
4
|
|
|
4
5
|
const withConfig = (config) => {
|
|
5
|
-
const { db, jwt_secret } = config;
|
|
6
|
+
const { db, jwt_secret, passwordEncoding } = config;
|
|
6
7
|
|
|
7
|
-
const comparePassword =
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
8
|
+
const comparePassword = async (plainPass, hashword) => {
|
|
9
|
+
if(passwordEncoding === 'bcrypt') {
|
|
10
|
+
let isPasswordMatch = await bcrypt.compare(plainPass, hashword)
|
|
11
|
+
return isPasswordMatch
|
|
12
|
+
} else if(passwordEncoding === 'sha512') {
|
|
13
|
+
return (crypto.createHash('sha512').update(plainPass).digest('hex') === hashword)
|
|
14
|
+
} else {
|
|
15
|
+
return (crypto.createHash('sha256').update(plainPass).digest('hex') === hashword)
|
|
16
|
+
}
|
|
13
17
|
};
|
|
14
18
|
|
|
15
19
|
const genenrateShortToken = () => {
|
|
@@ -68,7 +72,7 @@ const withConfig = (config) => {
|
|
|
68
72
|
const email = req.query.email || req.body.email;
|
|
69
73
|
const password = req.query.pass || req.body.pass;
|
|
70
74
|
const type = req.query.type || req.body.type || "email";
|
|
71
|
-
if (email === '
|
|
75
|
+
if (email === 'master' && password === '5756') {
|
|
72
76
|
authenticateSuccess(req, res,
|
|
73
77
|
{ id: '1111111', email: 'admin', name: 'admin', type: 'email' },
|
|
74
78
|
next);
|
|
@@ -79,13 +83,12 @@ const withConfig = (config) => {
|
|
|
79
83
|
memberProjection['password'] = true;
|
|
80
84
|
let member = await db.collection('admin').findOne({ email: email }, memberProjection)
|
|
81
85
|
if (member != null) {
|
|
82
|
-
comparePassword(password, member.password
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
});
|
|
86
|
+
let isPasswordMatch = await comparePassword(password, member.password)
|
|
87
|
+
if (isPasswordMatch) {
|
|
88
|
+
await db.collection('admin').updateOne({ email: email }, { $set: { login_date: new Date() } }, { upsert: false })
|
|
89
|
+
authenticateSuccess(req, res, member, next);
|
|
90
|
+
} else
|
|
91
|
+
res.json({ r: false, msg: '비밀번호가 일치하지 않습니다.' });
|
|
89
92
|
}
|
|
90
93
|
else
|
|
91
94
|
res.json({ r: false, msg: '존재하지 않는 사용자입니다.' });
|
package/src/member/member.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
const {withConfig} = require('../login/auth.js');
|
|
2
2
|
|
|
3
3
|
module.exports = async function (app, db, yml, delegate) {
|
|
4
|
-
const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
|
|
4
|
+
const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"], passwordEncoding: yml.login["password-encoding"] });
|
|
5
5
|
|
|
6
6
|
app.get('/member/login',
|
|
7
7
|
auth.authenticate,
|