chore: 优化sms.checksms响应、完成sms登陆、给user.create改了个名儿
This commit is contained in:
@@ -15,6 +15,9 @@ import { Throttle, ThrottlerGuard } from '@nestjs/throttler';
|
||||
import { Response } from 'express';
|
||||
import { UserService } from 'src/user/user.service';
|
||||
import { AuthGuard } from './guards/auth.guard';
|
||||
import { SmsLoginDto } from './dto/sms-login.dto';
|
||||
import { SmsService } from 'src/sms/sms.service';
|
||||
import { UserSession } from 'src/user/entities/user-session.entity';
|
||||
|
||||
@Controller('auth')
|
||||
export class AuthController {
|
||||
@@ -22,26 +25,11 @@ export class AuthController {
|
||||
private readonly authService: AuthService,
|
||||
private readonly userService: UserService,
|
||||
private readonly userSessionService: UserSessionService,
|
||||
private readonly smsService: SmsService,
|
||||
) { }
|
||||
|
||||
// @Post('login')
|
||||
// @UseGuards(ThrottlerGuard)
|
||||
// @Throttle({ default: { limit: 20, ttl: 60000 } })
|
||||
// async login(@Body() loginDto: LoginDto) {
|
||||
// switch (loginDto.type) {
|
||||
// case 'password':
|
||||
// return this.authService.loginWithPassword(loginDto);
|
||||
// case 'phone':
|
||||
// return this.authService.loginWithPhone(loginDto);
|
||||
// case 'email':
|
||||
// return this.authService.loginWithEmail(loginDto);
|
||||
// default:
|
||||
// throw new BadRequestException('服务器错误');
|
||||
// }
|
||||
// }
|
||||
|
||||
private setUserSession(res: Response, sessionId: string) {
|
||||
res.cookie('session', sessionId, {
|
||||
private setUserSession(res: Response, session: UserSession) {
|
||||
res.cookie('session', session.sessionId, {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: 'lax',
|
||||
@@ -57,20 +45,22 @@ export class AuthController {
|
||||
) {
|
||||
const { identifier, password } = loginDto;
|
||||
const session = await this.authService.loginWithPassword(identifier, password);
|
||||
this.setUserSession(res, session.sessionId);
|
||||
this.setUserSession(res, session);
|
||||
return {
|
||||
user: await this.userService.findById(session.userId),
|
||||
};
|
||||
}
|
||||
|
||||
@Post('sms/send')
|
||||
async sendSms() {
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
@Post('login/sms')
|
||||
async loginBySms() {
|
||||
throw new NotImplementedException();
|
||||
async loginBySms(
|
||||
@Body() dto: SmsLoginDto,
|
||||
@Res({ passthrough: true }) res: Response,
|
||||
) {
|
||||
const { phone, code } = dto;
|
||||
await this.smsService.checkSms(phone, 'login', code);
|
||||
// 验证通过,(注册并)登陆
|
||||
const session = await this.authService.loginWithPhone(phone);
|
||||
this.setUserSession(res, session);
|
||||
}
|
||||
|
||||
@Post('passkey/login/options')
|
||||
|
||||
@@ -8,6 +8,7 @@ import { ConfigModule } from '@nestjs/config';
|
||||
import { VerificationModule } from 'src/verification/verification.module';
|
||||
import { AuthGuard } from './guards/auth.guard';
|
||||
import { OptionalAuthGuard } from './guards/optional-auth.guard';
|
||||
import { SmsModule } from 'src/sms/sms.module';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
@@ -15,6 +16,7 @@ import { OptionalAuthGuard } from './guards/optional-auth.guard';
|
||||
forwardRef(() => UserModule),
|
||||
TypeOrmModule.forFeature([UserSession]),
|
||||
VerificationModule,
|
||||
SmsModule,
|
||||
],
|
||||
controllers: [AuthController],
|
||||
providers: [AuthService, AuthGuard, OptionalAuthGuard],
|
||||
|
||||
@@ -11,7 +11,6 @@ export class AuthService {
|
||||
constructor(
|
||||
private readonly userService: UserService,
|
||||
private readonly userSessionService: UserSessionService,
|
||||
private readonly verificationService: VerificationService,
|
||||
) { }
|
||||
|
||||
async loginWithPassword(identifier: string, password: string) {
|
||||
@@ -51,27 +50,7 @@ export class AuthService {
|
||||
return this.userSessionService.createSession(userId);
|
||||
}
|
||||
|
||||
async loginWithPhone(data: { phone: string; code: string; }) {
|
||||
const { phone, code } = data;
|
||||
// 先判断验证码是否正确
|
||||
const isValid = this.verificationService.verifyPhoneCode(
|
||||
phone,
|
||||
code,
|
||||
'login',
|
||||
);
|
||||
switch (isValid) {
|
||||
case 0:
|
||||
break;
|
||||
case -1:
|
||||
throw new BadRequestException('验证码已过期');
|
||||
case -2:
|
||||
throw new BadRequestException('验证码错误');
|
||||
case -3:
|
||||
throw new BadRequestException('验证码已失效');
|
||||
default:
|
||||
throw new BadRequestException('验证码错误');
|
||||
}
|
||||
|
||||
async loginWithPhone(phone: string) {
|
||||
// 判断用户是否存在,若不存在则进行注册
|
||||
let user = await this.userService.findOne({ phone }, { withDeleted: true });
|
||||
if (user && user.deletedAt !== null) {
|
||||
@@ -80,7 +59,7 @@ export class AuthService {
|
||||
|
||||
if (!user) {
|
||||
// 执行注册操作
|
||||
user = await this.userService.create({ phone: phone });
|
||||
user = await this.userService.register({ phone });
|
||||
}
|
||||
|
||||
if (!user || !user.userId) {
|
||||
@@ -88,9 +67,7 @@ export class AuthService {
|
||||
throw new BadRequestException('请求失败,请稍后再试');
|
||||
}
|
||||
|
||||
return {
|
||||
userId: user.userId
|
||||
};
|
||||
return this.userSessionService.createSession(user.userId);
|
||||
}
|
||||
|
||||
private hashPassword(password: string, salt: string): string {
|
||||
|
||||
Reference in New Issue
Block a user