update jwt for app

UniqueStudio · Dec 30, 2020 · bd0f0e1 · ttzztztz · Dec 30, 2020 · ttzztztz
1 parent 6884cfb
commit bd0f0e1
Show file tree

Hide file tree

Showing 5 changed files with 99 additions and 6 deletions.
diff --git a/Back/model/check.ts b/Back/model/check.ts
@@ -2,7 +2,9 @@ import jwt from "jsonwebtoken";
 import { secret, accessTokenURL, filterUserKeys, filterMyKeys } from "./consts";
 import crypto from "crypto";
 import { User } from "../generated/prisma-client";
-import { redisClientGetAsync, redisClientSetAsync } from "../server";
+import { redisClientDelAsync, redisClientGetAsync, redisClientSetAsync } from "../server";
+
+export const longExpireTime = 1296000;// half of a month
 
 export const BACKEND_URL = process.env.BACKEND_URL;
 
@@ -37,6 +39,26 @@ export const signJWT = function(
     );
 };
 
+// 
+export const signLongJWT = function(
+    uid: string,
+    isAdmin: boolean,
+    username: string
+) {
+    let sign = jwt.sign(
+        {
+            uid: uid,
+            isAdmin: isAdmin,
+            username: username
+        },
+        secret,
+        {
+            expiresIn: longExpireTime  
+        }
+    );
+
+    return sign;
+};
 export const verifyJWT = function(token?: string) {
     if (!token) {
         throw new Error("No token provided");
@@ -129,3 +151,24 @@ export const filterUserAvatar = function(avatar: string) {
         ? avatar.replace(/^unique\:\/\//g, `${BACKEND_URL}user/avatar/`)
         : avatar.replace(/^http\:\/\//g, "https://");
 };
+
+
+export const verifyLongJWT = async function(shortJWT: string) {
+    if (!shortJWT) {
+        throw new Error("No short token provided")
+    }
+    let longJWT = await redisClientGetAsync(shortJWT);
+    if (longJWT) {
+        const authObj = verifyJWT(longJWT);
+        const uid = authObj.uid;
+        const isAdmin = authObj.isAdmin;
+        const username = authObj.username;
+        const newToken = signJWT(uid, isAdmin, username);
+        const newLongToken = signLongJWT(uid, isAdmin, username);
+        await redisClientDelAsync(shortJWT);
+        await redisClientSetAsync(newToken, newLongToken, "EX", longExpireTime);
+        return newToken;
+    } else {
+        throw new Error("No valid long token");
+    }
+}
diff --git a/Back/model/forum.ts b/Back/model/forum.ts
@@ -97,3 +97,9 @@ export const forumRuntime = async function(req: Request, res: Response) {
         res.json({ code: -1, msg: e.message });
     }
 };
+
+
+export const forumListTop = async function(req: Request, res: Response) {
+    req.header('Content-Type');
+    res.json({ code: 1, msg: 'unfinished'});
+}
diff --git a/Back/model/user.ts b/Back/model/user.ts
@@ -1,4 +1,4 @@
-import { prisma, User } from "../generated/prisma-client";
+import { prisma, User, UserCreateInput } from "../generated/prisma-client";
 import fetch from "node-fetch";
 import { scanningURL, userIDURL, getQRCodeURL, pagesize } from "./consts";
 import { Request, Response } from "express";
@@ -9,7 +9,10 @@ import {
     verifyJWT,
     filterMyInfo,
     filterUserInfo,
-    filterUsersInfo
+    filterUsersInfo,
+    verifyLongJWT,
+    signLongJWT,
+    longExpireTime
 } from "./check";
 import {
     pushMessage,
@@ -21,7 +24,7 @@ import { syncUpdateUser } from "./sync";
 import { setLockExpireIncr } from "./lock";
 import { filterUserAvatar } from "./check";
 import fs from "fs";
-import { MODE } from "../server";
+import { MODE, redisClientSetAsync } from "../server";
 
 export const userInfo = async function(req: Request, res: Response) {
     try {
@@ -180,6 +183,8 @@ export const userLoginByPwd = async function(req: Request, res: Response) {
         }
 
         const token = signJWT(userInfo.id, userInfo.isAdmin, userInfo.username);
+        const longToken = signLongJWT(userInfo.id, userInfo.isAdmin, userInfo.username);
+
         (async () =>
             await prisma.updateUser({
                 where: {
@@ -189,6 +194,9 @@ export const userLoginByPwd = async function(req: Request, res: Response) {
                     lastLogin: new Date()
                 }
             }))();
+        (async () => {
+            await redisClientSetAsync(token, longToken, "EX", longExpireTime);
+        })();
         res.json({
             code: 1,
             msg: {
@@ -384,6 +392,11 @@ export const userScan = async function(req: Request, res: Response) {
                         _user.isAdmin,
                         _user.username
                     );
+                    const longToken = signLongJWT(
+                        _user.id,
+                        _user.isAdmin, 
+                        _user.username
+                    );
                     (async () =>
                         await prisma.updateUser({
                             where: {
@@ -393,6 +406,9 @@ export const userScan = async function(req: Request, res: Response) {
                                 lastLogin: new Date()
                             }
                         }))();
+                    (async () => {
+                        await redisClientSetAsync(token, longToken, "EX", longExpireTime);
+                        })();
                     res.json({
                         code: 1,
                         msg: {
@@ -679,3 +695,23 @@ export const userAvatar = async function(req: Request, res: Response) {
         res.download(`./utils/defaultAvatar.png`);
     }
 };
+
+// when jwt expires send a post response to this api.
+//
+export const userUpdateJWT = async function(req: Request, res: Response) {
+    try {
+        const newToken = await verifyLongJWT(req.header("Authorization"));
+        res.json({code: 1, msg: newToken});
+    } catch (e) {
+        res.json({code: -1, msg: e.message})
+    }
+}
+
+export const registTest = async function (req: Request, res: Response) {
+    let {username, pwd, userid, nickname} = req.body;
+    pwd = addSaltPasswordOnce(pwd);
+    // console.log(req.body);
+    let userInput: UserCreateInput = {nickname: nickname , username: username, password: pwd, userid: userid, lastLogin: new Date()};
+    await prisma.createUser(userInput);
+    res.json({code: 1, msg: userInput});
+}
diff --git a/Back/server.ts b/Back/server.ts
@@ -29,7 +29,8 @@ import {
     userSearch,
     userRuntime,
     mentorMyMentees,
-    userAvatar
+    userAvatar,
+    userUpdateJWT
 } from "./model/user";
 import {
     threadDeleteHard,
@@ -55,7 +56,7 @@ import {
     postSearch,
     postInfo
 } from "./model/post";
-import { forumList, forumListSimple, forumRuntime } from "./model/forum";
+import { forumList, forumListSimple, forumRuntime, forumListTop } from "./model/forum";
 import {
     reportCreate,
     reportInfo,
@@ -185,11 +186,13 @@ app.post("/user/update/pwd", userPwdReset);
 app.post("/user/update/wx", userInfoUpdateFromWx);
 app.post("/user/mentor/set", mentorSet);
 app.post("/user/search", userSearch);
+app.post("/user/update/jwt", userUpdateJWT);
 
 //Forum
 app.get("/forum/list", forumList);
 app.get("/forum/runtime", forumRuntime);
 app.get("/forum/listSimple", forumListSimple);
+app.get("/forum/listTop", forumListTop);
 
 //Thread
 app.get("/thread/list/:fid/:page", threadList);
@@ -263,3 +266,4 @@ server.listen(7010, () => {
         `Rabbit WebServer / ${SERVER_VERSION} is running on port 7010.\nRedis:6379 , MySQL:3306 , graphQL:4466`
     );
 });
+
diff --git a/yarn.lock b/yarn.lock
@@ -0,0 +1,4 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,4 @@
		# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
This comment has been minimized. Sign in to view Copy link ttzztztz Dec 30, 2020 Contributor 删掉这个文件
		# yarn lockfile v1