Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
DCloud
hello_uni-id-pages
提交
bfdc9abf
H
hello_uni-id-pages
项目概览
DCloud
/
hello_uni-id-pages
通知
1054
Star
31
Fork
43
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
4
列表
看板
标记
里程碑
合并请求
2
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
H
hello_uni-id-pages
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
4
Issue
4
列表
看板
标记
里程碑
合并请求
2
合并请求
2
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
bfdc9abf
编写于
11月 25, 2022
作者:
C
chenruilong
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
feat(uni-id-co): 新增 URL化请求时鉴权签名验证
上级
84bfee97
变更
5
显示空白变更内容
内联
并排
Showing
5 changed file
with
46 addition
and
3 deletion
+46
-3
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/error.js
...d-pages/uniCloud/cloudfunctions/uni-id-co/common/error.js
+2
-1
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lang/en.js
...uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lang/en.js
+2
-1
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lang/zh-hans.js
...d-pages/uniCloud/cloudfunctions/uni-id-co/lang/zh-hans.js
+2
-1
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/index.js
...ges/uniCloud/cloudfunctions/uni-id-co/middleware/index.js
+1
-0
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/verify-request-sign.js
...loudfunctions/uni-id-co/middleware/verify-request-sign.js
+39
-0
未找到文件。
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/error.js
浏览文件 @
bfdc9abf
...
...
@@ -36,7 +36,8 @@ const ERROR = {
UNBIND_UNIQUE_LOGIN
:
'
uni-id-unbind-unique-login
'
,
UNBIND_PASSWORD_NOT_EXISTS
:
'
uni-id-unbind-password-not-exists
'
,
UNBIND_MOBILE_NOT_EXISTS
:
'
uni-id-unbind-mobile-not-exists
'
,
UNSUPPORTED_REQUEST
:
'
uni-id-unsupported-request
'
UNSUPPORTED_REQUEST
:
'
uni-id-unsupported-request
'
,
ILLEGAL_REQUEST
:
'
uni-id-illegal-request
'
}
function
isUniIdError
(
errCode
)
{
...
...
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lang/en.js
浏览文件 @
bfdc9abf
...
...
@@ -41,7 +41,8 @@ const sentence = {
'
uni-id-unbind-not-supported
'
:
'
Unbinding is not supported
'
,
'
uni-id-unbind-mobile-not-exists
'
:
'
This is the only way to login at the moment, please bind your phone number and then try to unbind
'
,
'
uni-id-unbind-password-not-exists
'
:
'
Please set a password first
'
,
'
uni-id-unsupported-request
'
:
'
Unsupported request
'
'
uni-id-unsupported-request
'
:
'
Unsupported request
'
,
'
uni-id-illegal-request
'
:
'
Illegal request
'
}
module
.
exports
=
{
...
...
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lang/zh-hans.js
浏览文件 @
bfdc9abf
...
...
@@ -41,7 +41,8 @@ const sentence = {
'
uni-id-unbind-not-supported
'
:
'
不支持解绑
'
,
'
uni-id-unbind-mobile-not-exists
'
:
'
这是当前唯一登录方式,请绑定手机号后再尝试解绑
'
,
'
uni-id-unbind-password-not-exists
'
:
'
请先设置密码在尝试解绑
'
,
'
uni-id-unsupported-request
'
:
'
不支持的请求方式
'
'
uni-id-unsupported-request
'
:
'
不支持的请求方式
'
,
'
uni-id-illegal-request
'
:
'
非法请求
'
}
module
.
exports
=
{
...
...
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/index.js
浏览文件 @
bfdc9abf
...
...
@@ -3,5 +3,6 @@ module.exports = {
uniIdLog
:
require
(
'
./uni-id-log
'
),
validate
:
require
(
'
./validate
'
),
accessControl
:
require
(
'
./access-control
'
),
verifyRequestSign
:
require
(
'
./verify-request-sign
'
),
...
require
(
'
./rbac
'
)
}
uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/verify-request-sign.js
0 → 100644
浏览文件 @
bfdc9abf
const
crypto
=
require
(
'
crypto
'
)
const
{
ERROR
}
=
require
(
'
../common/error
'
)
const
needSignFunctions
=
new
Set
([
'
externalRegister
'
,
'
externalLogin
'
])
module
.
exports
=
function
()
{
const
methodName
=
this
.
getMethodName
()
const
{
source
}
=
this
.
getClientInfo
()
// 非 HTTP 方式请求不需要鉴权
if
(
source
!==
'
http
'
)
return
// 指定接口需要鉴权
if
(
!
needSignFunctions
.
has
(
methodName
))
return
const
timeout
=
20
*
1000
// 请求超过20秒不能再请求,防止重放攻击
const
{
headers
,
body
:
_body
}
=
this
.
getHttpInfo
()
const
{
'
uni-id-nonce
'
:
nonce
,
'
uni-id-timestamp
'
:
timestamp
,
'
uni-id-signature
'
:
signature
}
=
headers
const
body
=
JSON
.
parse
(
_body
).
params
||
{}
const
bodyStr
=
Object
.
keys
(
body
)
.
sort
()
.
filter
(
item
=>
typeof
body
[
item
]
!==
'
object
'
)
.
map
(
item
=>
`
${
item
}
=
${
body
[
item
]}
`
)
.
join
(
'
&
'
)
if
(
isNaN
(
Number
(
timestamp
))
||
(
Number
(
timestamp
)
+
timeout
)
<
Date
.
now
())
{
throw
{
errCode
:
ERROR
.
ILLEGAL_REQUEST
}
}
const
reSignature
=
crypto
.
createHmac
(
'
sha256
'
,
`
${
this
.
config
.
requestAuthSecret
+
nonce
}
`
).
update
(
`
${
timestamp
}${
bodyStr
}
`
).
digest
(
'
hex
'
)
if
(
signature
!==
reSignature
.
toUpperCase
())
{
throw
{
errCode
:
ERROR
.
ILLEGAL_REQUEST
}
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录