feat: 登录返回签名

Author: kuangshp

application.dev.yml

@@ -1,8 +1,10 @@
 PORT: 9000
 PREFIX: api
 
-# token过期时间为7天
-tokenExpire: 7
+# 正常token2小时
+tokenExpire: 2
+# 刷新过期时间为7天
+refreshTokenExpire: 7
 
 # 默认密码
 defaultPassword: 123456

src/api/login/login.controller.ts

@@ -1,14 +1,19 @@
-import { Body, Controller, Post } from '@nestjs/common';
+import { Body, Controller, Get, Post, Query } from '@nestjs/common';
 import { LoginDto } from './dto/login.dto';
 import { LoginService } from './login.service';
 import { LoginVo } from './vo/login.vo';
 
-@Controller('login')
+@Controller()
 export class LoginController {
   constructor(private readonly loginService: LoginService) {}
 
-  @Post()
+  @Post('login')
   async loginApi(@Body() req: LoginDto): Promise<LoginVo> {
     return await this.loginService.loginApi(req);
   }
+
+  @Get('refresh')
+  async refreshTokenApi(@Query('token') token: string): Promise<LoginVo> {
+    return await this.loginService.refreshTokenApi(token);
+  }
 }

src/api/login/login.service.ts

@@ -1,14 +1,13 @@
 import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
 import { InjectRepository } from '@nestjs/typeorm';
 import { LoggerService } from '@src/plugin/logger/logger.service';
 import { RedisService } from '@src/plugin/redis/redis.service';
 import { ToolsService } from '@src/plugin/tools/tools.service';
 import { Repository, SelectQueryBuilder } from 'typeorm';
 import { AccountEntity } from '../account/entities/account.entity';
 import { LoginDto } from './dto/login.dto';
-import { LoginVo } from './vo/login.vo';
-
-type findAccountType = Omit<AccountEntity, 'created_at' | 'updated_at'>;
+import { LoginAccountVo, LoginTokenDataVo, LoginVo } from './vo/login.vo';
 
 @Injectable()
 export class LoginService {
@@ -17,7 +16,8 @@ export class LoginService {
     private readonly accountRepository: Repository<AccountEntity>,
     private readonly toolsService: ToolsService,
     private readonly loggerService: LoggerService,
-    private readonly redisService: RedisService
+    private readonly redisService: RedisService,
+    private readonly configService: ConfigService
   ) {}
 
   /**
@@ -30,32 +30,15 @@ export class LoginService {
    */
   async loginApi(req: LoginDto): Promise<LoginVo> {
     const { username, password } = req;
-    const accountEntity:
-      | Pick<AccountEntity, 'id' | 'username' | 'status' | 'accountType' | 'password' | 'salt'>
-      | undefined = await this.queryLoginBuilder
+    const accountEntity: LoginAccountVo | undefined = await this.queryLoginBuilder
       .where('(account.username = :username)', { username: username })
       .getRawOne();
     if (accountEntity?.id) {
       console.log(accountEntity.password, '111', password);
       // 判断密码是否正确
       const saltPassword = this.toolsService.makePassword(password, accountEntity.salt);
       if (Object.is(saltPassword, accountEntity.password)) {
-        // 生成token存储到token表中并且返回给前端
-        const token = this.toolsService.uuidToken;
-        // 根据资源id获取资源信息
-        this.redisService.set(
-          token,
-          {
-            userInfo: accountEntity, // 用户信息
-          },
-          7 * 24 * 60 * 60
-        );
-        return {
-          id: accountEntity.id, // 账号id
-          username: accountEntity.username, // 用户名
-          accountType: accountEntity.accountType, // 账号类型:0普通账号,1是主账号,2是超管
-          token, // 登录的token
-        };
+        return await this.generateToken(accountEntity);
       } else {
         throw new HttpException('账号或密码错误', HttpStatus.OK);
       }
@@ -65,15 +48,35 @@ export class LoginService {
     }
   }
 
+  /**
+   * @Author: 水痕
+   * @Date: 2023-10-08 08:44:55
+   * @LastEditors: 水痕
+   * @Description:
+   * @param {string} token
+   * @return {*}
+   */
+  async refreshTokenApi(token: string): Promise<LoginVo> {
+    // 1.在redis中读取是否有这个token
+    const redisData = await this.redisService.get(token);
+    if (redisData) {
+      const redisDataObj = redisData as unknown as LoginTokenDataVo;
+      return await this.generateToken(redisDataObj.userInfo);
+    } else {
+      throw new HttpException(
+        JSON.stringify({ code: 10024, message: '你还没登录,请先登录' }),
+        HttpStatus.OK
+      );
+    }
+  }
   /**
    * @Author:
    * @Date: 2023-10-08 07:52:37
    * @LastEditors:
    * @Description: 内部使用查询数据
    * @return {*}
    */
-
-  private get queryLoginBuilder(): SelectQueryBuilder<findAccountType> {
+  private get queryLoginBuilder(): SelectQueryBuilder<LoginAccountVo> {
     return this.accountRepository
       .createQueryBuilder('account')
       .select('account.id', 'id')
@@ -83,4 +86,52 @@ export class LoginService {
       .addSelect('account.password', 'password')
       .addSelect('account.salt', 'salt');
   }
+
+  /**
+   * @Author: 水痕
+   * @Date: 2023-10-08 09:07:02
+   * @LastEditors: 水痕
+   * @Description: 内部生成token
+   * @param {LoginAccountVo} accountEntity
+   * @return {*}
+   */
+  private async generateToken(
+    accountEntity: LoginAccountVo
+  ): Promise<Promise<Promise<Promise<LoginVo>>>> {
+    // 生成token存储到token表中并且返回给前端
+    const tokenExpire: number = this.configService.get('tokenExpire') ?? 2;
+    const refreshTokenExpire: number = this.configService.get('refreshTokenExpire') ?? 7;
+    const token = this.toolsService.uuidToken;
+    const refreshToken = this.toolsService.uuidToken;
+    const sign = this.toolsService.uuidToken;
+    // 根据资源id获取资源信息
+    const redisData: LoginTokenDataVo = {
+      userInfo: accountEntity, // 用户信息
+      sign,
+    };
+    // 正常token
+    await this.redisService.set(token, redisData, tokenExpire * 60 * 60);
+    // 刷新token
+    await this.redisService.set(refreshToken, redisData, refreshTokenExpire * 24 * 60 * 60);
+    // 删除redis中历史的token,并且设置新的
+    const accountTokenKey = this.toolsService.generateLoginTokenKey(accountEntity.id);
+    const accountRefreshTokenKey = this.toolsService.generateLoginRefreshTokenKey(accountEntity.id);
+    const accountToken = (await this.redisService.get(accountTokenKey)) as unknown as string;
+    const accountRefreshToken = (await this.redisService.get(
+      accountRefreshTokenKey
+    )) as unknown as string;
+    console.log(accountToken, accountRefreshToken, '要删除的');
+    await this.redisService.del(accountToken);
+    await this.redisService.del(accountRefreshToken);
+    this.redisService.set(accountTokenKey, token, tokenExpire * 60 * 60);
+    this.redisService.set(accountRefreshTokenKey, refreshToken, refreshTokenExpire * 24 * 60 * 60);
+    return {
+      id: accountEntity.id, // 账号id
+      username: accountEntity.username, // 用户名
+      accountType: accountEntity.accountType, // 账号类型:0普通账号,1是主账号,2是超管
+      token, // 登录的token
+      refreshToken,
+      sign,
+    };
+  }
 }

src/api/login/vo/login.vo.ts

@@ -3,4 +3,20 @@ export class LoginVo {
   readonly username?: string; // 用户名
   readonly accountType?: number; // 账号类型:0普通账号,1是主账号,2是超管
   readonly token?: string; // 登录的token
+  readonly refreshToken?: string; // 刷新token
+  readonly sign!: string; // 签名key
+}
+
+export class LoginAccountVo {
+  readonly id!: number; // 账号id
+  readonly username!: string; // 用户名
+  readonly accountType!: number; // 账号类型:0普通账号,1是主账号,2是超管
+  readonly status!: number; // 状态0是正常,1是禁用
+  readonly password!: string; // 密码
+  readonly salt!: string; // 密码盐
+}
+
+export class LoginTokenDataVo {
+  readonly userInfo!: LoginAccountVo; // 用户基本信息
+  readonly sign!: string; // 签名key
 }

src/constants/index.ts

@@ -1,5 +1,8 @@
 /**项目前缀 */
 export const ADMIN_PREFIX = 'admin';
+/** redis中存储token前缀 */
+export const TOKEN_PREFIX = 'account_login_token';
+export const TOKEN_REFRESH_PREFIX = 'account_login_refresh_token';
 
 export * from './redis.cache';
 export * from './redis.limit';

src/guard/auth.guard.ts

@@ -26,10 +26,16 @@ export class AuthGuard implements CanActivate {
         request.user = result;
         return true;
       } else {
-        throw new HttpException('你传递token错误', HttpStatus.FORBIDDEN);
+        throw new HttpException(
+          JSON.stringify({ code: 10024, message: '你还没登录,请先登录' }),
+          HttpStatus.OK
+        );
       }
     } else {
-      throw new HttpException('请传递token', HttpStatus.FORBIDDEN);
+      throw new HttpException(
+        JSON.stringify({ code: 10024, message: '你还没登录,请先登录' }),
+        HttpStatus.OK
+      );
     }
   }
 }

src/plugin/tools/tools.service.ts

@@ -2,6 +2,7 @@ import { Injectable } from '@nestjs/common';
 import { Request } from 'express';
 import { v4 as uuidv4 } from 'uuid';
 import { getRandomNum, randomString, strToMd5 } from '@src/utils';
+import { TOKEN_PREFIX, TOKEN_REFRESH_PREFIX } from '@src/constants';
 
 @Injectable()
 export class ToolsService {
@@ -61,4 +62,27 @@ export class ToolsService {
   makePassword(password: string, salt: string): string {
     return strToMd5(`${password}_${salt}`);
   }
+
+  /**
+   * @Author: 水痕
+   * @Date: 2023-10-08 09:16:32
+   * @LastEditors: 水痕
+   * @Description: 登录token的key
+   * @param {number} accountId
+   * @return {*}
+   */
+  generateLoginTokenKey(accountId: number): string {
+    return `${TOKEN_PREFIX}_${accountId}`;
+  }
+  /**
+   * @Author: 水痕
+   * @Date: 2023-10-08 09:16:45
+   * @LastEditors: 水痕
+   * @Description: 刷新token的key
+   * @param {number} accountId
+   * @return {*}
+   */
+  generateLoginRefreshTokenKey(accountId: number): string {
+    return `${TOKEN_REFRESH_PREFIX}_${accountId}`;
+  }
 }