diff --git a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js index b6fbcd1..611ef3a 100644 --- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js @@ -3,6 +3,31 @@ const fs = require('fs'); const moment = require('moment') const uuid = require('uuid'); +async function check (ctx) { + try { + const { models } = ctx.fs.dc; + const { authorization } = ctx.headers; + const { utils: { oauthParseAuthHeader, oauthParseBody } } = ctx.app.fs + const keySplit = await oauthParseAuthHeader(authorization); + const existRes = await models.Application.findOne({ + where: { + appKey: keySplit[0], + appSecret: keySplit[1], + } + }) + if (!existRes) { + throw new Error('应用不存在'); + } else if (existRes.forbidden) { + throw new Error('应用已被禁用'); + } + ctx.status = 204; + } catch (error) { + ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); + ctx.status = 400; + ctx.body = error + } +} + async function edit (ctx, next) { let errMsg = '创建应用失败' const transaction = await ctx.fs.dc.orm.transaction(); @@ -131,5 +156,6 @@ module.exports = { edit, get, put, - del + del, + check, }; \ No newline at end of file diff --git a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js index 846346a..3cb99b3 100644 --- a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js @@ -17,4 +17,10 @@ module.exports = function (app, router, opts) { app.fs.api.logAttr['DEL/application/:appId'] = { content: '删除应用', visible: false }; router.del('/application/:appId', application.del); + app.fs.api.logAttr['GET/application/check'] = { content: '检查应用状态', visible: false }; + router.get('/application/check', application.check); + + app.fs.api.logAttr['POST/application'] = { content: '创建/修改应用', visible: false }; + router.post('/application', application.edit); + }; diff --git a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js new file mode 100644 index 0000000..88d6608 --- /dev/null +++ b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js @@ -0,0 +1,54 @@ +const fs = require('fs'); + +module.exports = function (app, opts) { + async function oauthParseAuthHeader (auth) { + if (!auth) { + throw new Error('参数无效: 未包含Authorization头'); + } + + const authSplit = auth.split('Basic'); + if (authSplit.length != 2) { + throw new Error('参数无效: Authorization头格式无效,请检查是否包含了"Basic "'); + } + + const authCode = authSplit[1]; + const apikey = Buffer.from(authCode, 'base64').toString(); + + const keySplit = apikey.split(':'); + if (keySplit.length != 2) { + throw new Error('参数无效:请检查Authorization头内容是否经过正确Base64编码'); + } + + return keySplit; + } + + async function oauthParseBody (body, type) { + let checked = true, token = ''; + if (type == 'apply' && body['grant_type'] != 'client_credentials') { + checked = false; + } else if (type == 'refresh') { + if (body['grant_type'] != 'refresh_token' || body['token'] == null) { + checked = false; + } else { + token = body['token']; + } + } else if (type == 'invalidate') { + if (body['token'] == null) { + checked = false; + } else { + token = body['token']; + } + } + + if (!checked) { + throw new Error('参数无效:请求正文中未包含正确的信息'); + } + + return token; + } + + return { + oauthParseAuthHeader, + oauthParseBody + } +} \ No newline at end of file diff --git a/code/VideoAccess-VCMP/api/config.js b/code/VideoAccess-VCMP/api/config.js index 014e51c..1106420 100644 --- a/code/VideoAccess-VCMP/api/config.js +++ b/code/VideoAccess-VCMP/api/config.js @@ -93,6 +93,7 @@ const product = { dev, exclude: [ { p: '/camera', o: 'GET' }, // 暂时滴 + { p: '/application/check', o: 'GET' }, // 暂时滴 ], // 不做认证的路由,也可以使用 exclude: ["*"] 跳过所有路由 redis: { host: IOTA_REDIS_SERVER_HOST,