91 lines
2.4 KiB
JavaScript
91 lines
2.4 KiB
JavaScript
const crypto = require("crypto");
|
|
const baseModel = require("../../middleware/baseModel");
|
|
const { op } = baseModel;
|
|
|
|
const MAX_TOKENS_PER_USER = 5;
|
|
|
|
function hashPlainToken(plain) {
|
|
return crypto.createHash("sha256").update(plain, "utf8").digest("hex");
|
|
}
|
|
|
|
function generatePlainToken() {
|
|
return `waw_${crypto.randomBytes(24).toString("hex")}`;
|
|
}
|
|
|
|
/** 当前时间在 [start,end] 内且 status=active 的订阅 */
|
|
async function findActiveSubscriptionForUser(userId) {
|
|
const now = new Date();
|
|
return baseModel.biz_subscription.findOne({
|
|
where: {
|
|
user_id: userId,
|
|
status: "active",
|
|
start_time: { [op.lte]: now },
|
|
end_time: { [op.gte]: now },
|
|
},
|
|
order: [["id", "DESC"]],
|
|
});
|
|
}
|
|
|
|
async function createToken(body) {
|
|
const { user_id, token_name, expire_at } = body;
|
|
if (!user_id || !expire_at) throw new Error("缺少 user_id 或 expire_at");
|
|
const u = await baseModel.biz_user.findByPk(user_id);
|
|
if (!u) throw new Error("用户不存在");
|
|
if (u.status !== "active") throw new Error("用户已禁用");
|
|
|
|
const activeCount = await baseModel.biz_api_token.count({
|
|
where: { user_id, status: "active" },
|
|
});
|
|
if (activeCount >= MAX_TOKENS_PER_USER) {
|
|
throw new Error(`单用户最多 ${MAX_TOKENS_PER_USER} 个有效 Token`);
|
|
}
|
|
|
|
const sub = await findActiveSubscriptionForUser(user_id);
|
|
const plan_id = sub ? sub.plan_id : null;
|
|
|
|
const plain = generatePlainToken();
|
|
const token_hash = hashPlainToken(plain);
|
|
|
|
const row = await baseModel.biz_api_token.create({
|
|
user_id,
|
|
plan_id,
|
|
token_name: token_name || "default",
|
|
token_hash,
|
|
status: "active",
|
|
expire_at,
|
|
});
|
|
|
|
return {
|
|
row,
|
|
plain_token: plain,
|
|
warn: sub ? null : "当前无生效中的订阅,鉴权将失败",
|
|
};
|
|
}
|
|
|
|
async function revokeToken(body) {
|
|
const id = body.id;
|
|
if (id == null) throw new Error("缺少 id");
|
|
const row = await baseModel.biz_api_token.findByPk(id);
|
|
if (!row) throw new Error("Token 不存在");
|
|
await row.update({ status: "revoked" });
|
|
return row;
|
|
}
|
|
|
|
async function revokeAllForUser(userId) {
|
|
if (userId == null) throw new Error("缺少 user_id");
|
|
const [n] = await baseModel.biz_api_token.update(
|
|
{ status: "revoked" },
|
|
{ where: { user_id: userId, status: "active" } }
|
|
);
|
|
return n;
|
|
}
|
|
|
|
module.exports = {
|
|
hashPlainToken,
|
|
createToken,
|
|
revokeToken,
|
|
revokeAllForUser,
|
|
findActiveSubscriptionForUser,
|
|
MAX_TOKENS_PER_USER,
|
|
};
|