Browse Source

(*)表PhoneValidateCode相关去除

master
zmh 2 years ago
parent
commit
4310e3e71c
  1. 74
      api/app/lib/controllers/auth/index.js
  2. 47
      api/app/lib/models/user.js
  3. 2
      api/app/lib/models/user_token.js
  4. 3
      api/app/lib/routes/auth/index.js

74
api/app/lib/controllers/auth/index.js

@ -19,31 +19,10 @@ async function login (ctx, next) {
attributes: { exclude: ['password'] },
where: {
username: params.username,
password: password,
del: false,
password: password
},
});
} else if (params.phone && params.code) {
const record = await models.PhoneValidateCode.findOne({
where: {
phone: phone,
code: code
}
});
if (!record) {
throw '验证码错误'
} else if (record.expired < new Date()) {
throw '验证码已失效'
}
userRes = await models.User.findOne({
attributes: { exclude: ['password'] },
where: {
phone: phone,
del: false,
},
});
}
if (userRes) {
if (userRes.forbidden) {
throw '用户已禁用'
@ -79,56 +58,6 @@ async function login (ctx, next) {
}
}
async function varfiyCode (ctx) {
try {
const { models } = ctx.fs.dc;
const { pushBySms, pushByEmail } = ctx.app.fs.utils
const { phone, sig, r } = ctx.request.body
// 伪造的请求可能由相同的sig参数组成
const checkSigUsed = await models.PhoneValidateCode.findOne({
where: { sig: sig }
});
if (checkSigUsed) {
throw '参数错误!'
}
// 验证sig正确性
const checkSig = Hex.stringify(SHA1(phone + r));
if (!r || !sig || sig != checkSig) {
throw '参数错误!'
}
let varifyCode = ''
for (let i = 0; i < 6; i++) {
varifyCode += Math.floor(Math.random() * 10)
}
// await pushBySms({
// phone: phone,
// templateCode: 'SMS_248250074',
// templateParam: {
// code: varifyCode
// },
// })
await models.PhoneValidateCode.create({
phone: phone,
code: varifyCode,
sig: sig,
expired: moment().add(10, 'minutes').format('YYYY-MM-DD HH:mm:ss')
})
ctx.status = 204;
} catch (error) {
ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
ctx.status = 400;
ctx.body = {
message: typeof error == 'string' ? error : '获取验证码失败'
}
}
}
async function logout (ctx) {
try {
const models = ctx.fs.dc.models;
@ -152,6 +81,5 @@ async function logout (ctx) {
module.exports = {
login,
varfiyCode,
logout,
};

47
api/app/lib/models/user.js

@ -31,54 +31,9 @@ module.exports = dc => {
primaryKey: false,
field: "password",
autoIncrement: false
},
displayName: {
type: DataTypes.STRING,
allowNull: false,
defaultValue: null,
comment: null,
primaryKey: false,
field: "display_name",
autoIncrement: false
},
del: {
type: DataTypes.BOOLEAN,
allowNull: true,
defaultValue: null,
comment: null,
primaryKey: false,
field: "del",
autoIncrement: false
},
rank: {
type: DataTypes.STRING,
allowNull: true,
defaultValue: null,
comment: null,
primaryKey: false,
field: "rank",
autoIncrement: false
},
phone: {
type: DataTypes.STRING,
allowNull: true,
defaultValue: null,
comment: null,
primaryKey: false,
field: "phone",
autoIncrement: false
},
forbidden: {
type: DataTypes.BOOLEAN,
allowNull: false,
defaultValue: null,
comment: null,
primaryKey: false,
field: "forbidden",
autoIncrement: false
}
}, {
tableName: "user",
tableName: "t_user",
comment: "",
indexes: []
});

2
api/app/lib/models/user_token.js

@ -33,7 +33,7 @@ module.exports = dc => {
autoIncrement: false
}
}, {
tableName: "user_token",
tableName: "t_user_token",
comment: "",
indexes: []
});

3
api/app/lib/routes/auth/index.js

@ -6,9 +6,6 @@ module.exports = function (app, router, opts) {
app.fs.api.logAttr['POST/login'] = { content: '登录', visible: true };
router.post('/login', auth.login);
app.fs.api.logAttr['POST/validate/phone'] = { content: '发送验证码', visible: true };
router.post('/validate/phone', auth.varfiyCode);
app.fs.api.logAttr['PUT/logout'] = { content: '登出', visible: false };
router.put('/logout', auth.logout);
};
Loading…
Cancel
Save