From 6b67107b8c26f4a08eda3af8864df88f3f302161 Mon Sep 17 00:00:00 2001 From: ditiqi Date: Mon, 27 Jan 2025 22:43:07 +0800 Subject: [PATCH] ad --- apps/server/src/auth/auth.service.ts | 67 +++++++++++++++------------- 1 file changed, 37 insertions(+), 30 deletions(-) diff --git a/apps/server/src/auth/auth.service.ts b/apps/server/src/auth/auth.service.ts index 82a65b9..f7f679c 100755 --- a/apps/server/src/auth/auth.service.ts +++ b/apps/server/src/auth/auth.service.ts @@ -4,14 +4,9 @@ import { BadRequestException, Logger, InternalServerErrorException, - } from '@nestjs/common'; import { StaffService } from '../models/staff/staff.service'; -import { - db, - AuthSchema, - JwtPayload, -} from '@nice/common'; +import { db, AuthSchema, JwtPayload } from '@nice/common'; import * as argon2 from 'argon2'; import { JwtService } from '@nestjs/jwt'; import { redis } from '@server/utils/redis/redis.service'; @@ -24,14 +19,12 @@ import { TusService } from '@server/upload/tus.service'; import { extractFileIdFromNginxUrl } from '@server/upload/utils'; @Injectable() export class AuthService { - private logger = new Logger(AuthService.name) + private logger = new Logger(AuthService.name); constructor( private readonly staffService: StaffService, private readonly jwtService: JwtService, - private readonly sessionService: SessionService - ) { - - } + private readonly sessionService: SessionService, + ) {} async validateFileRequest(params: FileRequest): Promise { try { // 基础参数验证 @@ -39,27 +32,32 @@ export class AuthService { return { isValid: false, error: FileValidationErrorType.INVALID_URI }; } const fileId = extractFileIdFromNginxUrl(params.originalUri); - console.log(params.originalUri, fileId) + console.log(params.originalUri, fileId); const resource = await db.resource.findFirst({ where: { fileId } }); // 资源验证 if (!resource) { - return { isValid: false, error: FileValidationErrorType.RESOURCE_NOT_FOUND }; + return { + isValid: false, + error: FileValidationErrorType.RESOURCE_NOT_FOUND, + }; } // 处理公开资源 if (resource.isPublic) { - return { isValid: true, - resourceType: resource.type || 'unknown' + resourceType: resource.type || 'unknown', }; } // 处理私有资源 const token = extractTokenFromAuthorization(params.authorization); if (!token) { - return { isValid: false, error: FileValidationErrorType.AUTHORIZATION_REQUIRED }; + return { + isValid: false, + error: FileValidationErrorType.AUTHORIZATION_REQUIRED, + }; } - const payload: JwtPayload = await this.jwtService.verify(token) + const payload: JwtPayload = await this.jwtService.verify(token); if (!payload.sub) { return { isValid: false, error: FileValidationErrorType.INVALID_TOKEN }; } @@ -67,9 +65,8 @@ export class AuthService { return { isValid: true, userId: payload.sub, - resourceType: resource.type || 'unknown' + resourceType: resource.type || 'unknown', }; - } catch (error) { this.logger.error('File validation error:', error); return { isValid: false, error: FileValidationErrorType.UNKNOWN_ERROR }; @@ -93,7 +90,9 @@ export class AuthService { return { accessToken, refreshToken }; } - async signIn(data: z.infer): Promise { + async signIn( + data: z.infer, + ): Promise { const { username, password, phoneNumber } = data; let staff = await db.staff.findFirst({ @@ -113,7 +112,8 @@ export class AuthService { if (!staff.enabled) { throw new UnauthorizedException('帐号已禁用'); } - const isPasswordMatch = phoneNumber || await argon2.verify(staff.password, password); + const isPasswordMatch = + phoneNumber || (await argon2.verify(staff.password, password)); if (!isPasswordMatch) { throw new UnauthorizedException('帐号或密码错误'); } @@ -143,7 +143,7 @@ export class AuthService { const existingUser = await db.staff.findFirst({ where: { OR: [{ username }, { officerId }, { phoneNumber }], - deletedAt: null + deletedAt: null, }, }); @@ -155,7 +155,7 @@ export class AuthService { data: { ...data, domainId: data.deptId, - } + }, }); } async refreshToken(data: z.infer) { @@ -168,12 +168,17 @@ export class AuthService { throw new UnauthorizedException('用户会话已过期'); } - const session = await this.sessionService.getSession(payload.sub, sessionId); + const session = await this.sessionService.getSession( + payload.sub, + sessionId, + ); if (!session || session.refresh_token !== refreshToken) { throw new UnauthorizedException('用户会话已过期'); } - const user = await db.staff.findUnique({ where: { id: payload.sub, deletedAt: null } }); + const user = await db.staff.findUnique({ + where: { id: payload.sub, deletedAt: null }, + }); if (!user) { throw new UnauthorizedException('用户不存在'); } @@ -186,14 +191,17 @@ export class AuthService { const updatedSession = { ...session, access_token: accessToken, - access_token_expires_at: Date.now() + tokenConfig.accessToken.expirationMs, + access_token_expires_at: + Date.now() + tokenConfig.accessToken.expirationMs, }; await this.sessionService.saveSession( payload.sub, updatedSession, tokenConfig.accessToken.expirationTTL, ); - await redis.del(UserProfileService.instance.getProfileCacheKey(payload.sub)); + await redis.del( + UserProfileService.instance.getProfileCacheKey(payload.sub), + ); return { access_token: accessToken, access_token_expires_at: updatedSession.access_token_expires_at, @@ -212,7 +220,7 @@ export class AuthService { where: { id: user?.id }, data: { password: newPassword, - } + }, }); return { message: '密码已修改' }; @@ -232,5 +240,4 @@ export class AuthService { return { message: '注销成功' }; } - -} \ No newline at end of file +}