UNPKG

create-chuntianxiaozhu

Version:

春天小猪模板工具

160 lines (150 loc) 4.78 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
import { BadRequestException, Body, ClassSerializerInterceptor, Controller, Inject, Post, Res, UnauthorizedException, UseInterceptors, } from '@nestjs/common'; import { UserService } from 'api/common/user.service'; import { SkipAuth } from 'api/utils/decorator'; import { LoginDto } from './dtos/login.dto'; import { UserModel } from './models/user.model'; import { JwtService } from '@nestjs/jwt'; import { Response } from 'express'; import { RegisterDto } from './dtos/register.dto'; import { CACHE_MANAGER } from '@nestjs/cache-manager'; import { Cache } from 'cache-manager'; import { CodeDto } from './dtos/code.dto'; import { comparePass, encryptPass } from '../../utils/encrypt'; import { MergeAuthDto } from './dtos/mergeAuth.dto'; import { EmailService } from '../email/email.service'; import { SettleInCodePrefix } from 'api/utils/constants'; @Controller('auth') export class AuthController { constructor( private userService: UserService, private jwtService: JwtService, private emailService: EmailService, @Inject(CACHE_MANAGER) private cacheManager: Cache, ) {} async loginEmailCode(email, code) { const cacheManager = this.cacheManager; const authCode = await cacheManager.get(email); if (!code) { throw new BadRequestException('验证码不存在'); } if (authCode != code) { throw new BadRequestException('验证码不正确'); } let user = await this.userService.findUserByEmail(email); if (!user) { user = await this.userService.save({ email, }); } return user; } async loginPass(email, password) { const user = await this.userService.findUserByEmail(email); if (user == null) { throw new UnauthorizedException('用户不存在'); } if (!user.password) { throw new UnauthorizedException('未设置密码,无法使用密码登录'); } if (!comparePass(password, user.password)) { throw new UnauthorizedException('账号或者密码不正确'); } return user; } @UseInterceptors(ClassSerializerInterceptor) @Post('login') @SkipAuth() async login( @Body() loginDto: LoginDto, @Res({ passthrough: true }) res: Response, ) { const { email, password } = loginDto; const user = await this.loginPass(email, password); const payload = { sub: user.id, roles: (user.roles && user.roles.split(',')) || [], }; const accessToken = await this.jwtService.signAsync(payload); res.cookie('token', accessToken); return new UserModel(user); } @UseInterceptors(ClassSerializerInterceptor) @Post('register') @SkipAuth() async register(@Body() registerDto: RegisterDto) { const { email, password, authCode } = registerDto; const cacheManager = this.cacheManager; const code = await cacheManager.get(email); if (!code) { throw new BadRequestException('验证码不存在'); } if (code != authCode) { throw new BadRequestException('验证码不正确'); } const user = await this.userService.findUserByEmail(email); if (user) { throw new BadRequestException('用户已存在'); } const saveUser = await this.userService.save({ email, password: encryptPass(password), }); this.cacheManager.del(email); return new UserModel(saveUser); } @Post('code') @SkipAuth() async code(@Body() codeDto: CodeDto) { const { email } = codeDto; const result = await this.emailService.sendValidecode(email); if (!result) { throw new BadRequestException('获取验证码失败'); } await this.cacheManager.set(email, result, 360000); return true; } @Post('settlein/code') async settleInCode(@Body() codeDto: CodeDto) { const { email } = codeDto; const result = await this.emailService.sendSettleInCode(email); if (!result) { throw new BadRequestException('获取入驻验证码失败'); } await this.cacheManager.set(SettleInCodePrefix + email, result, 360000); return true; } @UseInterceptors(ClassSerializerInterceptor) @Post('merge/login') @SkipAuth() async mergeLogin( @Body() mergeAuthDto: MergeAuthDto, @Res({ passthrough: true }) res: Response, ) { const { email, code } = mergeAuthDto; const user = await this.loginEmailCode(email, code); // 判断是否是vip const roles = (user.roles && user.roles.split(',')) || []; const payload = { sub: user.id, roles, }; const accessToken = await this.jwtService.signAsync(payload); res.cookie('token', accessToken); return new UserModel(user); } @Post('logout') async logout(@Res({ passthrough: true }) res: Response) { res.clearCookie('token'); return true; } }