95 lines
2.6 KiB
TypeScript
95 lines
2.6 KiB
TypeScript
import type { UserEntity } from '@/models/entity/user.entity';
|
|
import type { JwtConfig } from '@/types';
|
|
|
|
import { UsersService } from '@/modules/users/users.service';
|
|
import { Injectable, UnauthorizedException } from '@nestjs/common';
|
|
import { ConfigService } from '@nestjs/config';
|
|
import { JwtService } from '@nestjs/jwt';
|
|
import bcrypt from 'bcryptjs';
|
|
|
|
@Injectable()
|
|
export class AuthService {
|
|
constructor(
|
|
private usersService: UsersService,
|
|
private jwtService: JwtService,
|
|
private configService: ConfigService,
|
|
) {}
|
|
|
|
/**
|
|
* get user info
|
|
* @param username
|
|
*/
|
|
async getAccessCodes(username: string): Promise<string[]> {
|
|
const user = await this.usersService.findOne(username);
|
|
|
|
const mockCodes = [
|
|
// super
|
|
{
|
|
codes: ['AC_100100', 'AC_100110', 'AC_100120', 'AC_100010'],
|
|
userId: 0,
|
|
},
|
|
{
|
|
// admin
|
|
codes: ['AC_100010', 'AC_100020', 'AC_100030'],
|
|
userId: 1,
|
|
},
|
|
{
|
|
// user
|
|
codes: ['AC_1000001', 'AC_1000002'],
|
|
userId: 2,
|
|
},
|
|
];
|
|
|
|
return mockCodes.find((item) => item.userId === user.id)?.codes ?? [];
|
|
}
|
|
|
|
async getUserInfo(username: string): Promise<Omit<UserEntity, 'password'>> {
|
|
const user = await this.usersService.findOne(username);
|
|
const { password: _pass, ...userInfo } = user;
|
|
return userInfo;
|
|
}
|
|
|
|
/**
|
|
* user login
|
|
*/
|
|
async login(userEntity: UserEntity): Promise<any> {
|
|
const { id, roles, username } = userEntity;
|
|
|
|
const payload = { id, roles, username };
|
|
const { refreshSecret, refreshexpiresIn } =
|
|
this.configService.get<JwtConfig>('jwt');
|
|
return {
|
|
accessToken: await this.jwtService.signAsync(payload),
|
|
refreshToken: this.jwtService.sign(payload, {
|
|
expiresIn: refreshexpiresIn,
|
|
secret: refreshSecret,
|
|
}),
|
|
};
|
|
}
|
|
|
|
async refresh(refreshToken: string) {
|
|
try {
|
|
const payload = this.jwtService.verify(refreshToken, {
|
|
secret: this.configService.get<JwtConfig>('jwt').refreshSecret,
|
|
});
|
|
const user = await this.usersService.findOne(payload.username);
|
|
if (!user) {
|
|
throw new UnauthorizedException();
|
|
}
|
|
return this.login(user);
|
|
} catch {
|
|
throw new UnauthorizedException();
|
|
}
|
|
}
|
|
|
|
async validateUser(username: string, password: string): Promise<any> {
|
|
const user = await this.usersService.findOne(username);
|
|
if (user && (await bcrypt.compare(password, user.password))) {
|
|
// 使用 bcrypt.compare 验证密码
|
|
const { password: _pass, ...result } = user;
|
|
return result;
|
|
}
|
|
return null;
|
|
}
|
|
}
|