更新

2022-07-07 22:16:39 +08:00
parent 264ab8d979
commit a9a4bd0981
86 changed files with 1198 additions and 310 deletions
@@ -1,4 +0,0 @@
-/*系统启动后要做初始化*/
-module.exports = (app) => {
-    console.log("启动完成");
-}
@@ -1,11 +0,0 @@
-module.exports = {
-	doc:   "用户",
-	api:   true,//是否需要生成api接口
-	model: {
-		uid: {type: "STRING", comment: '用户id'},
-		age: {type: "INTEGER", comment: '年龄', defaultValue: 0},
-		age2: {type: "INTEGER", comment: '年龄', defaultValue: 0},
-	},
-}
-
-
@@ -1,8 +0,0 @@
-module.exports = {
-    doc  : "用户信息表",
-    model: {
-        uid  : {type: "STRING", comment: '用户id'},
-        phone: {type: "STRING", comment: '手机号', defaultValue: null,},
-
-    }
-}
@@ -0,0 +1,20 @@
+'use strict';
+
+module.exports = {
+	// path      : "cms/api/index",//可以覆盖自动生成的路由地址
+	params: {
+		"age": "int?"
+	},
+	fun   : async (ctx, app) => {
+		
+		const body = ctx.params
+		const User = await app.db.table("User").find()
+		//成功返回的2种方式
+		// ctx.body = app.res.success(User,"success",200)//"success",200可以省略
+		return User
+		
+		//异常返回的2种方式
+		// ctx.body = app.res.error(User, "error", 400)//"error",400可以省略
+		// return false
+	}
+}
@@ -0,0 +1,22 @@
+'use strict';
+
+module.exports = {
+	name:"加入房间",
+	doc:``,
+	params: {
+		"type": ["accountPassword"],//登录类型
+		"data": "object",//数据
+	},
+	fun   : async (ctx, app) => {
+		const {type, data} = ctx.params
+		if (await $components.login[type](data)) {
+			return $res.success({
+				token: await $components.jwt.sign({})
+			}, "登录成功")
+		}
+		
+		
+		return $res.error({}, "登录失败")
+		
+	}
+}
@@ -0,0 +1,12 @@
+module.exports = {
+	name  : "离开房间",
+	doc   : ``,
+	params: {
+		// "room_name": 'string',//房间
+		// "uid"      : 'string',//用户id
+	},
+	fun   : (socket, {msg, onname, callback}) => {
+		console.log('断线:', socket.id);
+		
+	}
+}
@@ -0,0 +1,20 @@
+module.exports = {
+	name  : "加入房间",
+	doc   : ``,
+	params: {
+		"room_name": 'string',//房间
+		"uid"      : 'string',//用户id
+	},
+	fun   : (socket, {msg, onname, callback}) => {
+		console.log('加入房间:', msg);
+		socket.join(msg.room_name)//加入房间
+		socket.emit('success', {
+			event: onname,
+			res  : app.res.success(""),
+		})
+		socket.to(msg.room_name).emit('success', {
+			event: onname,
+			res  : app.res.success(msg, "有人加入房间"),
+		})
+	}
+}
@@ -0,0 +1,12 @@
+module.exports = {
+	name  : "离开房间",
+	doc   : ``,
+	params: {
+		// "room_name": 'string',//房间
+		// "uid"      : 'string',//用户id
+	},
+	fun   : (socket, {msg, onname, callback}) => {
+		console.log('离开房间:', socket.id);
+		
+	}
+}
@@ -1,3 +0,0 @@
-module.exports = (app, msg, callback) => {
-	console.log('接收到的消息:', msg);
-}
@@ -0,0 +1,12 @@
+module.exports = {
+	doc:   "联系人表",
+	api:   true,//是否需要生成api接口
+	model: {
+		uid: {type: "STRING", comment: '用户id/群id'},
+		to_uid: {type: "STRING", comment: '接收人用户id'},
+		type: {type: "STRING", comment: '类型,单人/群:one/group'},
+		status: {type: "STRING", comment: '状态:已结束/未结束:y/n'},
+	},
+}
+
+
@@ -0,0 +1,20 @@
+module.exports = {
+	doc:   "消息表",
+	api:   true,//是否需要生成api接口
+	model: {
+		uid: {type: "STRING", comment: '发送人用户id'},
+		name: {type: "STRING", comment: '发送人名称'},
+		avatar: {type: "STRING", comment: '发送人头像'},
+		to_uid: {type: "STRING", comment: '接收人用户id'},
+		to_name: {type: "STRING", comment: '接收人名称'},
+		to_avatar: {type: "STRING", comment: '接收人头像'},
+		status: {type: "STRING", comment: '状态:已读/未读:y/n'},
+		type: {type: "STRING", comment: '消息类型：file / image / text / event'},
+		sendTime: {type: "STRING", comment: '消息发送时间'},
+		content: {type: "STRING", comment: '消息内容，如果type=file，此属性表示文件的URL地址'},
+		fileSize: {type: "STRING", comment: '文件大小'},
+		fileName: {type: "STRING", comment: '文件名称'},
+	},
+}
+
+
@@ -0,0 +1,10 @@
+module.exports = {
+	doc:   "自动回复表",
+	api:   true,//是否需要生成api接口
+	model: {
+		type: {type: "STRING", comment: '类型,自动回复/问候语:auto/hello'},
+		status: {type: "STRING", comment: '状态:显示/隐藏:y/n'},
+	},
+}
+
+
@@ -0,0 +1,39 @@
+module.exports = {
+	describe_name: "permission/权限管理",
+	testList     : [
+		{
+			test_name: "账号密码注册",
+			fun      : async (request, server) => {
+				const response = await request(server)
+					.post('/permission/api/registered')
+					.send({
+						type: "accountPassword",
+						data: {
+							account : "test",
+							password: "123456",
+						},
+					})
+				// expect(response.status).toEqual(200)
+				expect(response.body.status).toEqual(200)
+				expect(response.body.data).toHaveProperty('token')
+			}
+		},
+		{
+			test_name: "账号密码登录",
+			fun      : async (request, server) => {
+				const response = await request(server)
+					.post('/permission/api/login')
+					.send({
+						type: "accountPassword",
+						data: {
+							account : "test",
+							password: "123456",
+						},
+					})
+				// expect(response.status).toEqual(200)
+				expect(response.body.status).toEqual(200)
+				expect(response.body.data).toHaveProperty('token')
+			}
+		},
+	]
+}
@@ -0,0 +1,20 @@
+'use strict';
+
+module.exports = {
+	params: {
+		"type": ["accountPassword"],//登录类型
+		"data": "object",//数据
+	},
+	fun   : async (ctx, app) => {
+		const {type, data} = ctx.params
+		if (await $components.login[type](data)) {
+			return $res.success({
+				token: await $components.jwt.sign({})
+			}, "登录成功")
+		}
+		
+		
+		return $res.error({}, "登录失败")
+		
+	}
+}
@@ -0,0 +1,19 @@
+'use strict';
+
+module.exports = {
+	params: {
+		"type": ["accountPassword"],//注册类型
+		"data": "object",//数据
+	},
+	fun   : async (ctx, app) => {
+		const {type, data} = ctx.params
+		if (await $components.registered[type](data)) {
+			return $res.success({
+				token: await $components.jwt.sign({})
+			}, "注册成功")
+		}
+		
+		return $res.error({}, "登录失败")
+		
+	}
+}
@@ -0,0 +1,26 @@
+module.exports = {
+	//获取用户所属组织信息
+	async getUserToOrg(uid) {
+	
+	},
+	//获取用户所属分组信息
+	async getUserToGroup(uid) {
+	
+	},
+	//获取用户权限
+	async getUserToPermission(uid) {
+	
+	},
+	//获取用户角色信息
+	async getUserToRole(uid) {
+	
+	},
+	//获取用户组织/分组/角色/权限
+	async getUserAll(uid) {
+	
+	},
+	//获取组织下全部分组
+	async getOrgToGroupAll(uid) {
+	
+	},
+}
@@ -0,0 +1,23 @@
+const crypto = require('crypto');
+module.exports = {
+	// 随机数(盐值)
+	getRandomSalt() {
+		return Math.random().toString().slice(2, 5);
+	},
+	// 加密用户密码(原始密码,盐值)
+	// 密码同样是123456，由于采用了随机盐值，前后运算得出的结果是不同的。
+	// 这样带来的好处是，多个用户，同样的密码，攻击者需要进行多次运算才能够完全破解。
+	// 同样是纯数字3位短盐值，随机盐值破解所需的运算量，是固定盐值的1000倍。
+	cryptPwd(password, salt) {
+		
+		// 密码“加盐”
+		const saltPassword = password + ':' + salt;
+		// 加盐密码的md5值
+		const md5 = crypto.createHash('md5');
+		return md5.update(saltPassword).digest('hex');
+	},
+	// 密码验证,如果验证通过 返回 true
+	cryptPwdVerification(password, salt, user_password_md5) {
+		return this.cryptPwd(password, salt) === user_password_md5;
+	},
+}
@@ -0,0 +1,5 @@
+module.exports = {
+	secret   : 'sQ6CIfqS4SqF1zZqRZbCDAT5@T]X4fCD',//秘钥
+	algorithm: 'HS256',//数字签名或 MAC 算法
+	expiresIn: "7d",//有效期:例如：1000, "2 days", "10h", "7d". 数值被解释为秒数。如果使用字符串，请确保提供时间单位（天、小时等），否则默认使用毫秒单位（"120"等于"120ms"）。
+}
@@ -0,0 +1,17 @@
+const jwt = require("jsonwebtoken");
+const config = require("./config.js");
+
+module.exports = {
+	/**
+	 * 签发token
+	 * @param  {object} data 加入到签名里的数据.
+	 * @return {string} token 令牌.
+	 */
+	sign: (data) => jwt.sign(data, config.secret, {algorithm: config.algorithm, expiresIn: config.expiresIn}),
+	/**
+	 * 验证token
+	 * @param  {string} token 令牌.
+	 * @return {boolean} 验证通过返回true.
+	 */
+	verify: (token) => jwt.verify(token, config.secret, {algorithm: config.algorithm, expiresIn: config.expiresIn}),
+}
@@ -0,0 +1,15 @@
+/**
+ * app.components.login.accountPassword
+ * 账号密码登陆
+ * @param  {string} data.account 账号.
+ * @param  {string} data.password 密码.
+ * @return {object} res 验证是否通过.
+ */
+module.exports = async (data) => {
+	const {account, password} = data
+	const User = await app.db.table("User").where({account}).find()
+	if (!User) return false
+	const {salt} = User
+	const ver = app.components.encrypt.cryptPwdVerification(password, salt, User.password)
+	return ver
+}
@@ -0,0 +1,14 @@
+/**
+ * app.components.registered.accountPassword
+ * 账号密码注册
+ * @param  {string} data.account 账号.
+ * @param  {string} data.password 密码.
+ * @return {boolean} 注册 是否 成功.
+ */
+module.exports = async (data) => {
+	const {account, password} = data
+	const salt = app.components.encrypt.getRandomSalt()
+	const md5 = app.components.encrypt.cryptPwd(password, salt)
+	await app.db.table("User").data({account, password: md5, salt}).save()
+	return true
+}
@@ -0,0 +1,5 @@
+module.exports = {
+	path        : "app/*/api/*.js",
+	prefix      : "",//接口前缀
+	statusTobody: true,//是否跟随body结果(如需接口报错也返回200,那么设置为false)
+}
@@ -0,0 +1,18 @@
+'use strict';
+/**
+ * RBAC用户、角色、权限、组设
+ * saas的权限验证
+ */
+const config = require("./config")
+
+// 错误处理
+module.exports = {
+	sort   : 1, //排序
+	use    : true, // 是否使用
+	fun    : async (ctx, next, app) => {
+		
+		
+		await next()
+		
+	}
+}
@@ -0,0 +1,13 @@
+module.exports = {
+	doc:   "分组表",
+	api:   true,//是否需要生成api接口
+	model: {
+		gid: {type: "STRING", comment: '分组id'},
+		name: {type: "STRING", comment: '分组名称'},
+		to_gid: {type: "STRING", comment: '上级分组id'},
+		to_oid: {type: "STRING", comment: '所属组织id'},
+		
+	},
+}
+
+
@@ -0,0 +1,11 @@
+module.exports = {
+	doc:   "组织表",
+	api:   true,//是否需要生成api接口
+	model: {
+		oid: {type: "STRING", comment: '组织id'},
+		name: {type: "STRING", comment: '组织名称'},
+		general_management: {type: "STRING", comment: '是否为总管理平台(可以管理所有组织)'},
+	},
+}
+
+
@@ -0,0 +1,13 @@
+module.exports = {
+	doc:   "权限列表",
+	api:   true,//是否需要生成api接口
+	model: {
+		pid: {type: "STRING", comment: '权限id'},
+		to_pccode: {type: "STRING", comment: '所属权限分类码'},
+		name: {type: "STRING", comment: '权限名称'},
+		code: {type: "STRING", comment: '权限识别码'},
+		value: {type: "STRING", comment: '权限值'},
+	},
+}
+
+
@@ -0,0 +1,10 @@
+module.exports = {
+	doc:   "权限分类表",
+	api:   true,//是否需要生成api接口
+	model: {
+		name: {type: "STRING", comment: '权限分类名称'},
+		pccode: {type: "STRING", comment: '权限分类识别码'},
+	},
+}
+
+
@@ -0,0 +1,13 @@
+module.exports = {
+	doc:   "角色表",
+	api:   true,//是否需要生成api接口
+	model: {
+		rid: {type: "STRING", comment: '角色id'},
+		name: {type: "STRING", comment: '角色名称'},
+		to_rid: {type: "STRING", comment: '上级角色id'},
+		to_oid: {type: "STRING", comment: '所属组织id'},
+		to_gid: {type: "STRING", comment: '所属分组id'},
+	},
+}
+
+
@@ -0,0 +1,11 @@
+module.exports = {
+	doc:   "角色拥有的权限",
+	api:   true,//是否需要生成api接口
+	model: {
+		rpid: {type: "STRING", comment: '角色权限id'},
+		to_rid: {type: "STRING", comment: '角色id'},
+		to_pid: {type: "STRING", comment: '权限id'},
+	},
+}
+
+
@@ -0,0 +1,16 @@
+module.exports = {
+	doc:   "用户表",
+	api:   true,//是否需要生成api接口
+	model: {
+		uid: {type: "STRING", comment: '用户id'},
+		account: {type: "STRING", comment: '用户账号'},
+		password: {type: "STRING", comment: '用户加密密码'},
+		salt: {type: "STRING", comment: '用户加密随机数'},
+		to_oid: {type: "STRING", comment: '所属组织id'},
+		to_gid: {type: "STRING", comment: '所属分组id'},
+		to_rid: {type: "STRING", comment: '所属角色id'},
+		to_uid: {type: "STRING", comment: '上级用户id'},
+	},
+}
+
+
@@ -0,0 +1,20 @@
+module.exports = {
+	doc:   "用户资料表",
+	api:   true,//是否需要生成api接口
+	model: {
+		uid: {type: "STRING", comment: '用户id'},
+		account: {type: "STRING", comment: '用户账号'},
+		name: {type: "STRING", comment: '名称'},
+		avatar: {type: "STRING", comment: '头像'},
+		wechat_openid: {type: "STRING", comment: '微信openid'},
+		phone_number: {type: "STRING", comment: '手机号'},
+		age: {type: "STRING", comment: '年龄'},
+		sex: {type: "STRING", comment: '性别'},
+		province: {type: "STRING", comment: '省份'},
+		city: {type: "STRING", comment: '城市'},
+		area: {type: "STRING", comment: '地区'},
+		address: {type: "STRING", comment: '详细地址'},
+	},
+}
+
+
@@ -0,0 +1,39 @@
+module.exports = {
+	describe_name: "permission/权限管理",
+	testList     : [
+		{
+			test_name: "账号密码注册",
+			fun      : async (request, server) => {
+				const response = await request(server)
+					.post('/permission/api/registered')
+					.send({
+						type: "accountPassword",
+						data: {
+							account : "test",
+							password: "123456",
+						},
+					})
+				// expect(response.status).toEqual(200)
+				expect(response.body.status).toEqual(200)
+				expect(response.body.data).toHaveProperty('token')
+			}
+		},
+		{
+			test_name: "账号密码登录",
+			fun      : async (request, server) => {
+				const response = await request(server)
+					.post('/permission/api/login')
+					.send({
+						type: "accountPassword",
+						data: {
+							account : "test",
+							password: "123456",
+						},
+					})
+				// expect(response.status).toEqual(200)
+				expect(response.body.status).toEqual(200)
+				expect(response.body.data).toHaveProperty('token')
+			}
+		},
+	]
+}