From 80eec09b68a44deebca19edd3a37beb8882596b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=8A=8A=E9=87=8C?= <1227971437@qq.com> Date: Mon, 12 Apr 2021 21:13:45 +0800 Subject: [PATCH] =?UTF-8?q?uni-id=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- uni_modules/uni-config-center/changelog.md | 2 + uni_modules/uni-config-center/package.json | 80 ++++++++++++++++ uni_modules/uni-config-center/readme.md | 93 +++++++++++++++++++ uni_modules/uni-id/changelog.md | 20 +++- uni_modules/uni-id/package.json | 4 +- uni_modules/uni-id/readme.md | 64 ++++++------- .../cloudfunctions/common/uni-id/index.js | 2 +- .../cloudfunctions/common/uni-id/package.json | 4 +- 8 files changed, 230 insertions(+), 39 deletions(-) create mode 100644 uni_modules/uni-config-center/changelog.md create mode 100644 uni_modules/uni-config-center/package.json create mode 100644 uni_modules/uni-config-center/readme.md diff --git a/uni_modules/uni-config-center/changelog.md b/uni_modules/uni-config-center/changelog.md new file mode 100644 index 0000000..9b8f44d --- /dev/null +++ b/uni_modules/uni-config-center/changelog.md @@ -0,0 +1,2 @@ +## 0.0.1(2021-03-15) +- 初始化项目 diff --git a/uni_modules/uni-config-center/package.json b/uni_modules/uni-config-center/package.json new file mode 100644 index 0000000..aff7f18 --- /dev/null +++ b/uni_modules/uni-config-center/package.json @@ -0,0 +1,80 @@ +{ + "id": "uni-config-center", + "displayName": "uni-config-center", + "version": "0.0.1", + "description": "uniCloud 配置中心", + "keywords": [ + "配置", + "配置中心" +], + "repository": "", + "engines": { + "HBuilderX": "^3.1.0" + }, + "dcloudext": { + "category": [ + "uniCloud", + "云函数模板" + ], + "sale": { + "regular": { + "price": 0 + }, + "sourcecode": { + "price": 0 + } + }, + "contact": { + "qq": "" + }, + "declaration": { + "ads": "无", + "data": "无", + "permissions": "无" + }, + "npmurl": "" + }, + "directories": { + "example": "../../../scripts/dist" + }, + "uni_modules": { + "dependencies": [], + "encrypt": [], + "platforms": { + "cloud": { + "tcb": "y", + "aliyun": "y" + }, + "client": { + "App": { + "app-vue": "u", + "app-nvue": "u" + }, + "H5-mobile": { + "Safari": "u", + "Android Browser": "u", + "微信浏览器(Android)": "u", + "QQ浏览器(Android)": "u" + }, + "H5-pc": { + "Chrome": "u", + "IE": "u", + "Edge": "u", + "Firefox": "u", + "Safari": "u" + }, + "小程序": { + "微信": "u", + "阿里": "u", + "百度": "u", + "字节跳动": "u", + "QQ": "u" + }, + "快应用": { + "华为": "u", + "联盟": "u" + } + } + } + } +} diff --git a/uni_modules/uni-config-center/readme.md b/uni_modules/uni-config-center/readme.md new file mode 100644 index 0000000..b408ab2 --- /dev/null +++ b/uni_modules/uni-config-center/readme.md @@ -0,0 +1,93 @@ +# 为什么使用uni-config-center + +实际开发中很多插件需要配置文件才可以正常运行,如果每个插件都单独进行配置的话就会产生下面这样的目录结构 + +```bash +cloudfunctions +└─────common 公共模块 + ├─plugin-a // 插件A对应的目录 + │ ├─index.js + │ ├─config.json // plugin-a对应的配置文件 + │ └─other-file.cert // plugin-a依赖的其他文件 + └─plugin-b // plugin-b对应的目录 + ├─index.js + └─config.json // plugin-b对应的配置文件 +``` + +假设插件作者要发布一个项目模板,里面使用了很多需要配置的插件,无论是作者发布还是用户使用都是一个大麻烦。 + +uni-config-center就是用了统一管理这些配置文件的,使用uni-config-center后的目录结构如下 + +```bash +cloudfunctions +└─────common 公共模块 + ├─plugin-a // 插件A对应的目录 + │ └─index.js + ├─plugin-b // plugin-b对应的目录 + │ └─index.js + └─uni-config-center + ├─index.js // config-center入口文件 + ├─plugin-a + │ ├─config.json // plugin-a对应的配置文件 + │ └─other-file.cert // plugin-a依赖的其他文件 + └─plugin-b + └─config.json // plugin-b对应的配置文件 +``` + +使用uni-config-center后的优势 + +- 配置文件统一管理,对插件作者来说发布插件更简单了,对用户来说使用也更简单了 +- 支持对config.json设置schema,插件使用者在HBuilderX内编写config.json文件时会有更好的提示(后续HBuilderX会提供支持) + +# 用法 + +在要使用uni-config-center的公共模块或云函数内引入uni-config-center依赖,请参考:[使用公共模块](https://uniapp.dcloud.net.cn/uniCloud/cf-common) + +```js +const createConfig = require('uni-config-center') + +const uniIdConfig = createConfig({ + pluginId: 'uni-id', // 插件id + defaultConfig: { // 默认配置 + tokenExpiresIn: 7200, + tokenExpiresThreshold: 600, + }, + customMerge: function(defaultConfig, userConfig) { // 自定义默认配置和用户配置的合并规则,不设置的情况侠会对默认配置和用户配置进行深度合并 + // defaudltConfig 默认配置 + // userConfig 用户配置 + return Object.assign(defaultConfig, userConfig) + } +}) + + +// 以如下配置为例 +// { +// "tokenExpiresIn": 7200, +// "passwordErrorLimit": 6, +// "bindTokenToDevice": false, +// "passwordErrorRetryTime": 3600, +// "app-plus": { +// "tokenExpiresIn": 2592000 +// }, +// "service": { +// "sms": { +// "codeExpiresIn": 300 +// } +// } +// } + +// 获取配置 +uniIdConfig.config() // 获取全部配置,注意:uni-config-center内不存在对应插件目录时会返回空对象 +uniIdConfig.config('tokenExpiresIn') // 指定键值获取配置,返回:7200 +uniIdConfig.config('service.sms.codeExpiresIn') // 指定键值获取配置,返回:300 +uniIdConfig.config('tokenExpiresThreshold', 600) // 指定键值获取配置,如果不存在则取传入的默认值,返回:600 + +// 获取文件绝对路径 +uniIdConfig.resolve('custom-token.js') // 获取uni-config-center/uni-id/custom-token.js文件的路径 + +// 引用文件(require) +uniIDConfig.requireFile('custom-token.js') // 使用require方式引用uni-config-center/uni-id/custom-token.js文件。文件不存在时返回undefined,文件内有其他错误导致require失败时会抛出错误。 + +// 判断是否包含某文件 +uniIDConfig.hasFile('custom-token.js') // 配置目录是否包含某文件,true: 文件存在,false: 文件不存在 +``` \ No newline at end of file diff --git a/uni_modules/uni-id/changelog.md b/uni_modules/uni-id/changelog.md index 014eab1..1f3c47a 100644 --- a/uni_modules/uni-id/changelog.md +++ b/uni_modules/uni-id/changelog.md @@ -1,2 +1,18 @@ -## 3.0.5(2021-02-03) -- 调整为uni_modules目录规范 +## 3.0.11(2021-04-12) +- 修复3.0.7版本引出的多个用户访问时可能出现30201报错的Bug +## 3.0.10(2021-04-08) +- 优化错误提示 +## 3.0.9(2021-04-08) +- bindMobile接口支持通过一键登录的方式绑定 +- 优化错误提示 +## 3.0.8(2021-03-19) +- 修复 3.0.7版本某些情况下生成token报错的Bug +## 3.0.7(2021-03-19) +- 新增 支持uni-config-center,更新uni-id无须再担心配置被覆盖 [详情](https://uniapp.dcloud.io/uniCloud/uni-id?id=uni-config-center) +- 新增 自定义token内容,可以缓存角色权限之外的更多信息到客户端 [详情](https://uniapp.dcloud.io/uniCloud/uni-id?id=custom-token) +- 新增 支持传入context获取uni-id实例,防止单实例多并发时全局context混乱 [详情](https://uniapp.dcloud.io/uniCloud/uni-id?id=create-instance) +## 3.0.6(2021-03-05) +- 新增[uniID.wxBizDataCrypt](https://uniapp.dcloud.io/uniCloud/uni-id?id=%e5%be%ae%e4%bf%a1%e6%95%b0%e6%8d%ae%e8%a7%a3%e5%af%86)方法 +- 优化loginByApple方法,提高接口响应速度 +## 3.0.5(2021-02-03) +- 调整为uni_modules目录规范 diff --git a/uni_modules/uni-id/package.json b/uni_modules/uni-id/package.json index c4a987d..1222cfa 100644 --- a/uni_modules/uni-id/package.json +++ b/uni_modules/uni-id/package.json @@ -1,7 +1,7 @@ { "id": "uni-id", "displayName": "uni-id", - "version": "3.0.5", + "version": "3.0.11", "description": "简单、统一、可扩展的用户中心", "keywords": [ "uniid", @@ -38,7 +38,7 @@ "npmurl": "" }, "uni_modules": { - "dependencies": [], + "dependencies": ["uni-config-center"], "encrypt": [], "platforms": { "cloud": { diff --git a/uni_modules/uni-id/readme.md b/uni_modules/uni-id/readme.md index ea7751c..6890121 100644 --- a/uni_modules/uni-id/readme.md +++ b/uni_modules/uni-id/readme.md @@ -1,33 +1,33 @@ -**文档已移至[uni-id文档](https://uniapp.dcloud.net.cn/uniCloud/uni-id)** - -> 一般uni-id升级大版本时为不兼容更新,从低版本迁移到高版本请参考:[uni-id迁移指南](https://uniapp.dcloud.net.cn/uniCloud/uni-id?id=migration) - -## 重要升级说明 - -**uni-id 3.x版本,搭配的uniCloud admin版本需大于1.2.10。** - -### 缓存角色权限 - -自`uni-id 3.0.0`起,支持在token内缓存用户的角色权限,默认开启此功能,各登录接口的needPermission参数不再生效。如需关闭请在config内配置`"removePermissionAndRoleFromToken": true`。 - -为什么要缓存角色权限?要知道云数据库是按照读写次数来收取费用的,并且读写数据库会拖慢接口响应速度。未配置`"removePermissionAndRoleFromToken": true`的情况下,可以在调用checkToken接口时不查询数据库获取用户角色权限。 - -详细checkToken流程如下: - -![](https://vkceyugu.cdn.bspapp.com/VKCEYUGU-dc-site/ed45d350-5a4d-11eb-b997-9918a5dda011.jpg) - -可以看出,旧版token(removePermissionAndRoleFromToken为true时生成的)在checkToken时如需返回权限需要进行两次数据库查询。新版token不需要查库即可返回权限信息。 - -**注意** - -- 由于角色权限缓存在token内,可能会存在权限已经更新但是用户token未过期之前依然是旧版角色权限的情况。可以调短一些token过期时间来减少这种情况的影响。 -- admin角色token内不包含permission,如需自行判断用户是否有某个权限,要注意admin角色需要额外判断一下,写法如下 - ```js - const { - role, - permission - } = await uniID.checkToken(event.uniIdToken) - if(role.includes('admin') || permission.includes('your permission id')) { - // 当前角色拥有'your permission id'对应的权限 - } +**文档已移至[uni-id文档](https://uniapp.dcloud.net.cn/uniCloud/uni-id)** + +> 一般uni-id升级大版本时为不兼容更新,从低版本迁移到高版本请参考:[uni-id迁移指南](https://uniapp.dcloud.net.cn/uniCloud/uni-id?id=migration) + +## 重要升级说明 + +**uni-id 3.x版本,搭配的uniCloud admin版本需大于1.2.10。** + +### 缓存角色权限 + +自`uni-id 3.0.0`起,支持在token内缓存用户的角色权限,默认开启此功能,各登录接口的needPermission参数不再生效。如需关闭请在config内配置`"removePermissionAndRoleFromToken": true`。 + +为什么要缓存角色权限?要知道云数据库是按照读写次数来收取费用的,并且读写数据库会拖慢接口响应速度。未配置`"removePermissionAndRoleFromToken": true`的情况下,可以在调用checkToken接口时不查询数据库获取用户角色权限。 + +详细checkToken流程如下: + +![](https://vkceyugu.cdn.bspapp.com/VKCEYUGU-dc-site/ed45d350-5a4d-11eb-b997-9918a5dda011.jpg) + +可以看出,旧版token(removePermissionAndRoleFromToken为true时生成的)在checkToken时如需返回权限需要进行两次数据库查询。新版token不需要查库即可返回权限信息。 + +**注意** + +- 由于角色权限缓存在token内,可能会存在权限已经更新但是用户token未过期之前依然是旧版角色权限的情况。可以调短一些token过期时间来减少这种情况的影响。 +- admin角色token内不包含permission,如需自行判断用户是否有某个权限,要注意admin角色需要额外判断一下,写法如下 + ```js + const { + role, + permission + } = await uniID.checkToken(event.uniIdToken) + if(role.includes('admin') || permission.includes('your permission id')) { + // 当前角色拥有'your permission id'对应的权限 + } ``` \ No newline at end of file diff --git a/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/index.js b/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/index.js index 0be4585..0c3b4a7 100644 --- a/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/index.js +++ b/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/index.js @@ -1 +1 @@ -"use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}var t=e(require("fs")),r=e(require("path")),n=e(require("crypto")),i=e(require("querystring")),o=e(require("buffer")),s=e(require("stream")),a=e(require("util"));class c extends Error{constructor(e){super(e.message),this.errMsg=e.message||"",Object.defineProperties(this,{message:{get(){return`errCode: ${e.code||""} | errMsg: `+this.errMsg},set(e){this.errMsg=e}}})}}const u=Object.prototype.toString,f=Object.prototype.hasOwnProperty;function d(e,t){return f.call(e,t)}function l(e){return"[object Object]"===u.call(e)}function p(e){return"function"==typeof e}function m(e){return Object.prototype.toString.call(e).slice(8,-1).toLowerCase()}const h=/_(\w)/g,g=/[A-Z]/g;function y(e){return e.replace(h,(e,t)=>t?t.toUpperCase():"")}function w(e){return e.replace(g,e=>"_"+e.toLowerCase())}function v(e,t){let r,n;switch(t){case"snake2camel":n=y,r=h;break;case"camel2snake":n=w,r=g}for(const i in e)if(d(e,i)&&r.test(i)){const r=n(i);e[r]=e[i],delete e[i],l(e[r])?e[r]=v(e[r],t):Array.isArray(e[r])&&(e[r]=e[r].map(e=>v(e,t)))}return e}function b(e){return v(e,"snake2camel")}function _(e){return v(e,"camel2snake")}function S(e){return function(e,t="-"){e=e||new Date;const r=[];return r.push(e.getFullYear()),r.push(("00"+(e.getMonth()+1)).substr(-2)),r.push(("00"+e.getDate()).substr(-2)),r.join(t)}(e=e||new Date)+" "+function(e,t=":"){e=e||new Date;const r=[];return r.push(("00"+e.getHours()).substr(-2)),r.push(("00"+e.getMinutes()).substr(-2)),r.push(("00"+e.getSeconds()).substr(-2)),r.join(t)}(e)}function E(){"development"===process.env.NODE_ENV&&console.log(...arguments)}function x(e=6){let t="";for(let r=0;r0:t=f,r="年";break;case u>0:t=u,r="月";break;case c>0:t=c,r="天";break;case a>0:t=a,r="小时";break;case s>0:t=s,r="分钟";break;default:t=o,r="秒"}return`${t}${r}${i}`}const P=async function(){};function C(e){return P.constructor===e.constructor?async function(){const t=await e.apply(this,arguments);return l(t)&&t.msg&&(t.message=t.msg),t}:function(){const t=e.apply(this,arguments);return l(t)&&t.msg&&(t.message=t.msg),t}}const R=uniCloud.database(),A=R.collection("uni-id-users"),O=R.collection("opendb-verify-codes"),D=R.collection("uni-id-roles"),B=R.collection("uni-id-permissions");async function M({name:e,url:t,data:r,options:n,defaultOptions:i}){let o={};const s=_(Object.assign({},r));s&&s.access_token&&delete s.access_token;try{n=Object.assign({},i,n,{data:s}),o=await uniCloud.httpclient.request(t,n)}catch(t){return function(e,t){throw new c({code:t.code||-2,message:t.message||e+" fail"})}(e,t)}let a=o.data;const u=o.headers["content-type"];if(!Buffer.isBuffer(a)||0!==u.indexOf("text/plain")&&0!==u.indexOf("application/json"))Buffer.isBuffer(a)&&(a={buffer:a,contentType:u});else try{a=JSON.parse(a.toString())}catch(e){a=a.toString()}return b(function(e,t){if(t.errcode)throw new c({code:t.errcode||-2,message:t.errmsg||e+" fail"});return delete t.errcode,delete t.errmsg,{...t,errMsg:e+" ok",errCode:0}}(e,a||{errCode:-2,errMsg:"Request failed"}))}function N(e,t){let r="";if(t&&t.accessToken){r=`${e.indexOf("?")>-1?"&":"?"}access_token=${t.accessToken}`}return`${e}${r}`}class ${constructor(e){this.options=Object.assign({baseUrl:"https://api.weixin.qq.com",timeout:5e3},e)}async _requestWxOpenapi({name:e,url:t,data:r,options:n}){const i={method:"GET",dataType:"json",dataAsQueryString:!0,timeout:this.options.timeout};return await M({name:"auth."+e,url:`${this.options.baseUrl}${N(t,r)}`,data:r,options:n,defaultOptions:i})}async code2Session(e){return await this._requestWxOpenapi({name:"code2Session",url:"/sns/jscode2session",data:{grant_type:"authorization_code",appid:this.options.appId,secret:this.options.secret,js_code:e}})}async getOauthAccessToken(e){return await this._requestWxOpenapi({name:"getOauthAccessToken",url:"/sns/oauth2/access_token",data:{grant_type:"authorization_code",appid:this.options.appId,secret:this.options.secret,code:e}})}}const L={RSA:"RSA-SHA1",RSA2:"RSA-SHA256"};var K={code2Session:{returnValue:{openid:"userId"}}};class V extends class{constructor(e={}){if(!e.appId)throw new Error("appId required");if(!e.privateKey)throw new Error("privateKey required");const t={gateway:"https://openapi.alipay.com/gateway.do",timeout:5e3,charset:"utf-8",version:"1.0",signType:"RSA2",timeOffset:-(new Date).getTimezoneOffset()/60,keyType:"PKCS8"};e.sandbox&&(e.gateway="https://openapi.alipaydev.com/gateway.do"),this.options=Object.assign({},t,e);const r="PKCS8"===this.options.keyType?"PRIVATE KEY":"RSA PRIVATE KEY";this.options.privateKey=this._formatKey(this.options.privateKey,r),this.options.alipayPublicKey&&(this.options.alipayPublicKey=this._formatKey(this.options.alipayPublicKey,"PUBLIC KEY"))}_formatKey(e,t){return`-----BEGIN ${t}-----\n${e}\n-----END ${t}-----`}_formatUrl(e,t){let r=e;const n=["app_id","method","format","charset","sign_type","sign","timestamp","version","notify_url","return_url","auth_token","app_auth_token"];for(const e in t)if(n.indexOf(e)>-1){const n=encodeURIComponent(t[e]);r=`${r}${r.includes("?")?"&":"?"}${e}=${n}`,delete t[e]}return{execParams:t,url:r}}_getSign(e,t){const r=t.bizContent||null;delete t.bizContent;const i=Object.assign({method:e,appId:this.options.appId,charset:this.options.charset,version:this.options.version,signType:this.options.signType,timestamp:S((o=this.options.timeOffset,new Date(Date.now()+6e4*((new Date).getTimezoneOffset()+60*(o||0)))))},t);var o;r&&(i.bizContent=JSON.stringify(_(r)));const s=_(i),a=Object.keys(s).sort().map(e=>{let t=s[e];return"[object String]"!==Array.prototype.toString.call(t)&&(t=JSON.stringify(t)),`${e}=${t}`}).join("&"),c=n.createSign(L[this.options.signType]).update(a,"utf8").sign(this.options.privateKey,"base64");return Object.assign(s,{sign:c})}async _exec(e,t={},r={}){const n=this._getSign(e,t),{url:i,execParams:o}=this._formatUrl(this.options.gateway,n),{status:s,data:a}=await uniCloud.httpclient.request(i,{method:"POST",data:o,dataType:"text",timeout:this.options.timeout});if(200!==s)throw new Error("request fail");const c=JSON.parse(a),u=e.replace(/\./g,"_")+"_response",f=c[u],d=c.error_response;if(f){if(!r.validateSign||this._checkResponseSign(a,u)){if(!f.code||"10000"===f.code){return{errCode:0,errMsg:f.msg||"",...b(f)}}const e=f.sub_code?`${f.sub_code} ${f.sub_msg}`:""+(f.msg||"unkonwn error");throw new Error(e)}throw new Error("返回结果签名错误")}if(d)throw new Error(d.sub_msg||d.msg||"接口返回错误");throw new Error("request fail")}_checkResponseSign(e,t){if(!this.options.alipayPublicKey||""===this.options.alipayPublicKey)return console.warn("options.alipayPublicKey is empty"),!0;if(!e)return!1;const r=this._getSignStr(e,t),i=JSON.parse(e).sign,o=n.createVerify(L[this.options.signType]);return o.update(r,"utf8"),o.verify(this.options.alipayPublicKey,i,"base64")}_getSignStr(e,t){let r=e.trim();const n=e.indexOf(t+'"'),i=e.lastIndexOf('"sign"');return r=r.substr(n+t.length+1),r=r.substr(0,i),r=r.replace(/^[^{]*{/g,"{"),r=r.replace(/\}([^}]*)$/g,"}"),r}_notifyRSACheck(e,t,r){const i=Object.keys(e).sort().filter(e=>e).map(t=>{let r=e[t];return"[object String]"!==Array.prototype.toString.call(r)&&(r=JSON.stringify(r)),`${t}=${decodeURIComponent(r)}`}).join("&");return n.createVerify(L[r]).update(i,"utf8").verify(this.options.alipayPublicKey,t,"base64")}_checkNotifySign(e){const t=e.sign;if(!this.options.alipayPublicKey||!t)return!1;const r=e.sign_type||this.options.signType||"RSA2",n={...e};delete n.sign,n.sign_type=r;return!!this._notifyRSACheck(n,t,r)||(delete n.sign_type,this._notifyRSACheck(n,t,r))}_verifyNotify(e){if(!e.headers)throw new Error("通知格式不正确");let t;for(const r in e.headers)"content-type"===r.toLowerCase()&&(t=e.headers[r]);if(!1!==e.isBase64Encoded&&-1===t.indexOf("application/x-www-form-urlencoded"))throw new Error("通知格式不正确");const r=i.parse(e.body);if(this._checkNotifySign(r))return b(r);throw new Error("通知验签未通过")}}{constructor(e){super(e),this._protocols=K}async code2Session(e){return await this._exec("alipay.system.oauth.token",{grantType:"authorization_code",code:e})}}function U(e){var t=e[0];return t<"0"||t>"7"?"00"+e:e}function q(e){var t=e.toString(16);return t.length%2?"0"+t:t}function H(e){if(e<=127)return q(e);var t=q(e);return q(128+t.length/2)+t}function F(e,t){return e(t={exports:{}},t.exports),t.exports}var J=F((function(e,t){var r=o.Buffer;function n(e,t){for(var r in e)t[r]=e[r]}function i(e,t,n){return r(e,t,n)}r.from&&r.alloc&&r.allocUnsafe&&r.allocUnsafeSlow?e.exports=o:(n(o,t),t.Buffer=i),i.prototype=Object.create(r.prototype),n(r,i),i.from=function(e,t,n){if("number"==typeof e)throw new TypeError("Argument must not be a number");return r(e,t,n)},i.alloc=function(e,t,n){if("number"!=typeof e)throw new TypeError("Argument must be a number");var i=r(e);return void 0!==t?"string"==typeof n?i.fill(t,n):i.fill(t):i.fill(0),i},i.allocUnsafe=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return r(e)},i.allocUnsafeSlow=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return o.SlowBuffer(e)}})),G=(J.Buffer,J.Buffer);function z(e){if(this.buffer=null,this.writable=!0,this.readable=!0,!e)return this.buffer=G.alloc(0),this;if("function"==typeof e.pipe)return this.buffer=G.alloc(0),e.pipe(this),this;if(e.length||"object"==typeof e)return this.buffer=e,this.writable=!1,process.nextTick(function(){this.emit("end",e),this.readable=!1,this.emit("close")}.bind(this)),this;throw new TypeError("Unexpected data type ("+typeof e+")")}a.inherits(z,s),z.prototype.write=function(e){this.buffer=G.concat([this.buffer,G.from(e)]),this.emit("data",e)},z.prototype.end=function(e){e&&this.write(e),this.emit("end",e),this.emit("close"),this.writable=!1,this.readable=!1};var W=z,X=o.Buffer,Y=o.SlowBuffer,Z=Q;function Q(e,t){if(!X.isBuffer(e)||!X.isBuffer(t))return!1;if(e.length!==t.length)return!1;for(var r=0,n=0;n=128&&--n,n}var ce={derToJose:function(e,t){e=se(e);var r=ie(t),n=r+1,i=e.length,o=0;if(48!==e[o++])throw new Error('Could not find expected "seq"');var s=e[o++];if(129===s&&(s=e[o++]),i-o0)return function(e){if((e=String(e)).length>100)return;var t=/^(-?(?:\d+)?\.?\d+) *(milliseconds?|msecs?|ms|seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)?$/i.exec(e);if(!t)return;var r=parseFloat(t[1]);switch((t[2]||"ms").toLowerCase()){case"years":case"year":case"yrs":case"yr":case"y":return 315576e5*r;case"weeks":case"week":case"w":return 6048e5*r;case"days":case"day":case"d":return r*it;case"hours":case"hour":case"hrs":case"hr":case"h":return r*nt;case"minutes":case"minute":case"mins":case"min":case"m":return r*rt;case"seconds":case"second":case"secs":case"sec":case"s":return r*tt;case"milliseconds":case"millisecond":case"msecs":case"msec":case"ms":return r;default:return}}(e);if("number"===r&&isFinite(e))return t.long?function(e){var t=Math.abs(e);if(t>=it)return st(e,t,it,"day");if(t>=nt)return st(e,t,nt,"hour");if(t>=rt)return st(e,t,rt,"minute");if(t>=tt)return st(e,t,tt,"second");return e+" ms"}(e):function(e){var t=Math.abs(e);if(t>=it)return Math.round(e/it)+"d";if(t>=nt)return Math.round(e/nt)+"h";if(t>=rt)return Math.round(e/rt)+"m";if(t>=tt)return Math.round(e/tt)+"s";return e+"ms"}(e);throw new Error("val is not a non-empty string or a valid number. val="+JSON.stringify(e))};function st(e,t,r,n){var i=t>=1.5*r;return Math.round(e/r)+" "+n+(i?"s":"")}var at=function(e,t){var r=t||Math.floor(Date.now()/1e3);if("string"==typeof e){var n=ot(e);if(void 0===n)return;return Math.floor(r+n/1e3)}return"number"==typeof e?r+e:void 0},ct=F((function(e,t){var r;t=e.exports=J,r="object"==typeof process&&process.env&&process.env.NODE_DEBUG&&/\bsemver\b/i.test(process.env.NODE_DEBUG)?function(){var e=Array.prototype.slice.call(arguments,0);e.unshift("SEMVER"),console.log.apply(console,e)}:function(){},t.SEMVER_SPEC_VERSION="2.0.0";var n=Number.MAX_SAFE_INTEGER||9007199254740991,i=t.re=[],o=t.src=[],s=0,a=s++;o[a]="0|[1-9]\\d*";var c=s++;o[c]="[0-9]+";var u=s++;o[u]="\\d*[a-zA-Z-][a-zA-Z0-9-]*";var f=s++;o[f]="("+o[a]+")\\.("+o[a]+")\\.("+o[a]+")";var d=s++;o[d]="("+o[c]+")\\.("+o[c]+")\\.("+o[c]+")";var l=s++;o[l]="(?:"+o[a]+"|"+o[u]+")";var p=s++;o[p]="(?:"+o[c]+"|"+o[u]+")";var m=s++;o[m]="(?:-("+o[l]+"(?:\\."+o[l]+")*))";var h=s++;o[h]="(?:-?("+o[p]+"(?:\\."+o[p]+")*))";var g=s++;o[g]="[0-9A-Za-z-]+";var y=s++;o[y]="(?:\\+("+o[g]+"(?:\\."+o[g]+")*))";var w=s++,v="v?"+o[f]+o[m]+"?"+o[y]+"?";o[w]="^"+v+"$";var b="[v=\\s]*"+o[d]+o[h]+"?"+o[y]+"?",_=s++;o[_]="^"+b+"$";var S=s++;o[S]="((?:<|>)?=?)";var E=s++;o[E]=o[c]+"|x|X|\\*";var x=s++;o[x]=o[a]+"|x|X|\\*";var k=s++;o[k]="[v=\\s]*("+o[x]+")(?:\\.("+o[x]+")(?:\\.("+o[x]+")(?:"+o[m]+")?"+o[y]+"?)?)?";var j=s++;o[j]="[v=\\s]*("+o[E]+")(?:\\.("+o[E]+")(?:\\.("+o[E]+")(?:"+o[h]+")?"+o[y]+"?)?)?";var T=s++;o[T]="^"+o[S]+"\\s*"+o[k]+"$";var I=s++;o[I]="^"+o[S]+"\\s*"+o[j]+"$";var P=s++;o[P]="(?:^|[^\\d])(\\d{1,16})(?:\\.(\\d{1,16}))?(?:\\.(\\d{1,16}))?(?:$|[^\\d])";var C=s++;o[C]="(?:~>?)";var R=s++;o[R]="(\\s*)"+o[C]+"\\s+",i[R]=new RegExp(o[R],"g");var A=s++;o[A]="^"+o[C]+o[k]+"$";var O=s++;o[O]="^"+o[C]+o[j]+"$";var D=s++;o[D]="(?:\\^)";var B=s++;o[B]="(\\s*)"+o[D]+"\\s+",i[B]=new RegExp(o[B],"g");var M=s++;o[M]="^"+o[D]+o[k]+"$";var N=s++;o[N]="^"+o[D]+o[j]+"$";var $=s++;o[$]="^"+o[S]+"\\s*("+b+")$|^$";var L=s++;o[L]="^"+o[S]+"\\s*("+v+")$|^$";var K=s++;o[K]="(\\s*)"+o[S]+"\\s*("+b+"|"+o[k]+")",i[K]=new RegExp(o[K],"g");var V=s++;o[V]="^\\s*("+o[k]+")\\s+-\\s+("+o[k]+")\\s*$";var U=s++;o[U]="^\\s*("+o[j]+")\\s+-\\s+("+o[j]+")\\s*$";var q=s++;o[q]="(<|>)?=?\\s*\\*";for(var H=0;H<35;H++)r(H,o[H]),i[H]||(i[H]=new RegExp(o[H]));function F(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof J)return e;if("string"!=typeof e)return null;if(e.length>256)return null;if(!(t.loose?i[_]:i[w]).test(e))return null;try{return new J(e,t)}catch(e){return null}}function J(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof J){if(e.loose===t.loose)return e;e=e.version}else if("string"!=typeof e)throw new TypeError("Invalid Version: "+e);if(e.length>256)throw new TypeError("version is longer than 256 characters");if(!(this instanceof J))return new J(e,t);r("SemVer",e,t),this.options=t,this.loose=!!t.loose;var o=e.trim().match(t.loose?i[_]:i[w]);if(!o)throw new TypeError("Invalid Version: "+e);if(this.raw=e,this.major=+o[1],this.minor=+o[2],this.patch=+o[3],this.major>n||this.major<0)throw new TypeError("Invalid major version");if(this.minor>n||this.minor<0)throw new TypeError("Invalid minor version");if(this.patch>n||this.patch<0)throw new TypeError("Invalid patch version");o[4]?this.prerelease=o[4].split(".").map((function(e){if(/^[0-9]+$/.test(e)){var t=+e;if(t>=0&&t=0;)"number"==typeof this.prerelease[r]&&(this.prerelease[r]++,r=-2);-1===r&&this.prerelease.push(0)}t&&(this.prerelease[0]===t?isNaN(this.prerelease[1])&&(this.prerelease=[t,0]):this.prerelease=[t,0]);break;default:throw new Error("invalid increment argument: "+e)}return this.format(),this.raw=this.version,this},t.inc=function(e,t,r,n){"string"==typeof r&&(n=r,r=void 0);try{return new J(e,r).inc(t,n).version}catch(e){return null}},t.diff=function(e,t){if(Z(e,t))return null;var r=F(e),n=F(t),i="";if(r.prerelease.length||n.prerelease.length){i="pre";var o="prerelease"}for(var s in r)if(("major"===s||"minor"===s||"patch"===s)&&r[s]!==n[s])return i+s;return o},t.compareIdentifiers=z;var G=/^[0-9]+$/;function z(e,t){var r=G.test(e),n=G.test(t);return r&&n&&(e=+e,t=+t),e===t?0:r&&!n?-1:n&&!r?1:e0}function Y(e,t,r){return W(e,t,r)<0}function Z(e,t,r){return 0===W(e,t,r)}function Q(e,t,r){return 0!==W(e,t,r)}function ee(e,t,r){return W(e,t,r)>=0}function te(e,t,r){return W(e,t,r)<=0}function re(e,t,r,n){switch(t){case"===":return"object"==typeof e&&(e=e.version),"object"==typeof r&&(r=r.version),e===r;case"!==":return"object"==typeof e&&(e=e.version),"object"==typeof r&&(r=r.version),e!==r;case"":case"=":case"==":return Z(e,r,n);case"!=":return Q(e,r,n);case">":return X(e,r,n);case">=":return ee(e,r,n);case"<":return Y(e,r,n);case"<=":return te(e,r,n);default:throw new TypeError("Invalid operator: "+t)}}function ne(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof ne){if(e.loose===!!t.loose)return e;e=e.value}if(!(this instanceof ne))return new ne(e,t);r("comparator",e,t),this.options=t,this.loose=!!t.loose,this.parse(e),this.semver===ie?this.value="":this.value=this.operator+this.semver.version,r("comp",this)}t.rcompareIdentifiers=function(e,t){return z(t,e)},t.major=function(e,t){return new J(e,t).major},t.minor=function(e,t){return new J(e,t).minor},t.patch=function(e,t){return new J(e,t).patch},t.compare=W,t.compareLoose=function(e,t){return W(e,t,!0)},t.rcompare=function(e,t,r){return W(t,e,r)},t.sort=function(e,r){return e.sort((function(e,n){return t.compare(e,n,r)}))},t.rsort=function(e,r){return e.sort((function(e,n){return t.rcompare(e,n,r)}))},t.gt=X,t.lt=Y,t.eq=Z,t.neq=Q,t.gte=ee,t.lte=te,t.cmp=re,t.Comparator=ne;var ie={};function oe(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof oe)return e.loose===!!t.loose&&e.includePrerelease===!!t.includePrerelease?e:new oe(e.raw,t);if(e instanceof ne)return new oe(e.value,t);if(!(this instanceof oe))return new oe(e,t);if(this.options=t,this.loose=!!t.loose,this.includePrerelease=!!t.includePrerelease,this.raw=e,this.set=e.split(/\s*\|\|\s*/).map((function(e){return this.parseRange(e.trim())}),this).filter((function(e){return e.length})),!this.set.length)throw new TypeError("Invalid SemVer Range: "+e);this.format()}function se(e){return!e||"x"===e.toLowerCase()||"*"===e}function ae(e,t,r,n,i,o,s,a,c,u,f,d,l){return((t=se(r)?"":se(n)?">="+r+".0.0":se(i)?">="+r+"."+n+".0":">="+t)+" "+(a=se(c)?"":se(u)?"<"+(+c+1)+".0.0":se(f)?"<"+c+"."+(+u+1)+".0":d?"<="+c+"."+u+"."+f+"-"+d:"<="+a)).trim()}function ce(e,t,n){for(var i=0;i0){var o=e[i].semver;if(o.major===t.major&&o.minor===t.minor&&o.patch===t.patch)return!0}return!1}return!0}function ue(e,t,r){try{t=new oe(t,r)}catch(e){return!1}return t.test(e)}function fe(e,t,r,n){var i,o,s,a,c;switch(e=new J(e,n),t=new oe(t,n),r){case">":i=X,o=te,s=Y,a=">",c=">=";break;case"<":i=Y,o=ee,s=X,a="<",c="<=";break;default:throw new TypeError('Must provide a hilo val of "<" or ">"')}if(ue(e,t,n))return!1;for(var u=0;u=0.0.0")),d=d||e,l=l||e,i(e.semver,d.semver,n)?d=e:s(e.semver,l.semver,n)&&(l=e)})),d.operator===a||d.operator===c)return!1;if((!l.operator||l.operator===a)&&o(e,l.semver))return!1;if(l.operator===c&&s(e,l.semver))return!1}return!0}ne.prototype.parse=function(e){var t=this.options.loose?i[$]:i[L],r=e.match(t);if(!r)throw new TypeError("Invalid comparator: "+e);this.operator=r[1],"="===this.operator&&(this.operator=""),r[2]?this.semver=new J(r[2],this.options.loose):this.semver=ie},ne.prototype.toString=function(){return this.value},ne.prototype.test=function(e){return r("Comparator.test",e,this.options.loose),this.semver===ie||("string"==typeof e&&(e=new J(e,this.options)),re(e,this.operator,this.semver,this.options))},ne.prototype.intersects=function(e,t){if(!(e instanceof ne))throw new TypeError("a Comparator is required");var r;if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),""===this.operator)return r=new oe(e.value,t),ue(this.value,r,t);if(""===e.operator)return r=new oe(this.value,t),ue(e.semver,r,t);var n=!(">="!==this.operator&&">"!==this.operator||">="!==e.operator&&">"!==e.operator),i=!("<="!==this.operator&&"<"!==this.operator||"<="!==e.operator&&"<"!==e.operator),o=this.semver.version===e.semver.version,s=!(">="!==this.operator&&"<="!==this.operator||">="!==e.operator&&"<="!==e.operator),a=re(this.semver,"<",e.semver,t)&&(">="===this.operator||">"===this.operator)&&("<="===e.operator||"<"===e.operator),c=re(this.semver,">",e.semver,t)&&("<="===this.operator||"<"===this.operator)&&(">="===e.operator||">"===e.operator);return n||i||o&&s||a||c},t.Range=oe,oe.prototype.format=function(){return this.range=this.set.map((function(e){return e.join(" ").trim()})).join("||").trim(),this.range},oe.prototype.toString=function(){return this.range},oe.prototype.parseRange=function(e){var t=this.options.loose;e=e.trim();var n=t?i[U]:i[V];e=e.replace(n,ae),r("hyphen replace",e),e=e.replace(i[K],"$1$2$3"),r("comparator trim",e,i[K]),e=(e=(e=e.replace(i[R],"$1~")).replace(i[B],"$1^")).split(/\s+/).join(" ");var o=t?i[$]:i[L],s=e.split(" ").map((function(e){return function(e,t){return r("comp",e,t),e=function(e,t){return e.trim().split(/\s+/).map((function(e){return function(e,t){r("caret",e,t);var n=t.loose?i[N]:i[M];return e.replace(n,(function(t,n,i,o,s){var a;return r("caret",e,t,n,i,o,s),se(n)?a="":se(i)?a=">="+n+".0.0 <"+(+n+1)+".0.0":se(o)?a="0"===n?">="+n+"."+i+".0 <"+n+"."+(+i+1)+".0":">="+n+"."+i+".0 <"+(+n+1)+".0.0":s?(r("replaceCaret pr",s),a="0"===n?"0"===i?">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+i+"."+(+o+1):">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+(+i+1)+".0":">="+n+"."+i+"."+o+"-"+s+" <"+(+n+1)+".0.0"):(r("no pr"),a="0"===n?"0"===i?">="+n+"."+i+"."+o+" <"+n+"."+i+"."+(+o+1):">="+n+"."+i+"."+o+" <"+n+"."+(+i+1)+".0":">="+n+"."+i+"."+o+" <"+(+n+1)+".0.0"),r("caret return",a),a}))}(e,t)})).join(" ")}(e,t),r("caret",e),e=function(e,t){return e.trim().split(/\s+/).map((function(e){return function(e,t){var n=t.loose?i[O]:i[A];return e.replace(n,(function(t,n,i,o,s){var a;return r("tilde",e,t,n,i,o,s),se(n)?a="":se(i)?a=">="+n+".0.0 <"+(+n+1)+".0.0":se(o)?a=">="+n+"."+i+".0 <"+n+"."+(+i+1)+".0":s?(r("replaceTilde pr",s),a=">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+(+i+1)+".0"):a=">="+n+"."+i+"."+o+" <"+n+"."+(+i+1)+".0",r("tilde return",a),a}))}(e,t)})).join(" ")}(e,t),r("tildes",e),e=function(e,t){return r("replaceXRanges",e,t),e.split(/\s+/).map((function(e){return function(e,t){e=e.trim();var n=t.loose?i[I]:i[T];return e.replace(n,(function(t,n,i,o,s,a){r("xRange",e,t,n,i,o,s,a);var c=se(i),u=c||se(o),f=u||se(s);return"="===n&&f&&(n=""),c?t=">"===n||"<"===n?"<0.0.0":"*":n&&f?(u&&(o=0),s=0,">"===n?(n=">=",u?(i=+i+1,o=0,s=0):(o=+o+1,s=0)):"<="===n&&(n="<",u?i=+i+1:o=+o+1),t=n+i+"."+o+"."+s):u?t=">="+i+".0.0 <"+(+i+1)+".0.0":f&&(t=">="+i+"."+o+".0 <"+i+"."+(+o+1)+".0"),r("xRange return",t),t}))}(e,t)})).join(" ")}(e,t),r("xrange",e),e=function(e,t){return r("replaceStars",e,t),e.trim().replace(i[q],"")}(e,t),r("stars",e),e}(e,this.options)}),this).join(" ").split(/\s+/);return this.options.loose&&(s=s.filter((function(e){return!!e.match(o)}))),s=s.map((function(e){return new ne(e,this.options)}),this)},oe.prototype.intersects=function(e,t){if(!(e instanceof oe))throw new TypeError("a Range is required");return this.set.some((function(r){return r.every((function(r){return e.set.some((function(e){return e.every((function(e){return r.intersects(e,t)}))}))}))}))},t.toComparators=function(e,t){return new oe(e,t).set.map((function(e){return e.map((function(e){return e.value})).join(" ").trim().split(" ")}))},oe.prototype.test=function(e){if(!e)return!1;"string"==typeof e&&(e=new J(e,this.options));for(var t=0;t":0===t.prerelease.length?t.patch++:t.prerelease.push(0),t.raw=t.format();case"":case">=":r&&!X(r,t)||(r=t);break;case"<":case"<=":break;default:throw new Error("Unexpected operation: "+e.operator)}}))}if(r&&e.test(r))return r;return null},t.validRange=function(e,t){try{return new oe(e,t).range||"*"}catch(e){return null}},t.ltr=function(e,t,r){return fe(e,t,"<",r)},t.gtr=function(e,t,r){return fe(e,t,">",r)},t.outside=fe,t.prerelease=function(e,t){var r=F(e,t);return r&&r.prerelease.length?r.prerelease:null},t.intersects=function(e,t,r){return e=new oe(e,r),t=new oe(t,r),e.intersects(t)},t.coerce=function(e){if(e instanceof J)return e;if("string"!=typeof e)return null;var t=e.match(i[P]);if(null==t)return null;return F(t[1]+"."+(t[2]||"0")+"."+(t[3]||"0"))}})),ut=(ct.SEMVER_SPEC_VERSION,ct.re,ct.src,ct.parse,ct.valid,ct.clean,ct.SemVer,ct.inc,ct.diff,ct.compareIdentifiers,ct.rcompareIdentifiers,ct.major,ct.minor,ct.patch,ct.compare,ct.compareLoose,ct.rcompare,ct.sort,ct.rsort,ct.gt,ct.lt,ct.eq,ct.neq,ct.gte,ct.lte,ct.cmp,ct.Comparator,ct.Range,ct.toComparators,ct.satisfies,ct.maxSatisfying,ct.minSatisfying,ct.minVersion,ct.validRange,ct.ltr,ct.gtr,ct.outside,ct.prerelease,ct.intersects,ct.coerce,ct.satisfies(process.version,"^6.12.0 || >=8.0.0")),ft=["RS256","RS384","RS512","ES256","ES384","ES512"],dt=["RS256","RS384","RS512"],lt=["HS256","HS384","HS512"];ut&&(ft.splice(3,0,"PS256","PS384","PS512"),dt.splice(3,0,"PS256","PS384","PS512"));var pt=/^\s+|\s+$/g,mt=/^[-+]0x[0-9a-f]+$/i,ht=/^0b[01]+$/i,gt=/^0o[0-7]+$/i,yt=/^(?:0|[1-9]\d*)$/,wt=parseInt;function vt(e){return e!=e}function bt(e,t){return function(e,t){for(var r=-1,n=e?e.length:0,i=Array(n);++r-1&&e%1==0&&e-1&&e%1==0&&e<=9007199254740991}(e.length)&&!function(e){var t=Dt(e)?kt.call(e):"";return"[object Function]"==t||"[object GeneratorFunction]"==t}(e)}function Dt(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}function Bt(e){return!!e&&"object"==typeof e}var Mt=function(e,t,r,n){var i;e=Ot(e)?e:(i=e)?bt(i,function(e){return Ot(e)?Pt(e):Ct(e)}(i)):[],r=r&&!n?function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||Bt(e)&&"[object Symbol]"==kt.call(e)}(e))return NaN;if(Dt(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=Dt(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(pt,"");var r=ht.test(e);return r||gt.test(e)?wt(e.slice(2),r?2:8):mt.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(r):0;var o=e.length;return r<0&&(r=It(o+r,0)),function(e){return"string"==typeof e||!At(e)&&Bt(e)&&"[object String]"==kt.call(e)}(e)?r<=o&&e.indexOf(t,r)>-1:!!o&&function(e,t,r){if(t!=t)return function(e,t,r,n){for(var i=e.length,o=r+(n?1:-1);n?o--:++o-1},Nt=Object.prototype.toString;var $t=function(e){return!0===e||!1===e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Boolean]"==Nt.call(e)},Lt=/^\s+|\s+$/g,Kt=/^[-+]0x[0-9a-f]+$/i,Vt=/^0b[01]+$/i,Ut=/^0o[0-7]+$/i,qt=parseInt,Ht=Object.prototype.toString;function Ft(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}var Jt=function(e){return"number"==typeof e&&e==function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==Ht.call(e)}(e))return NaN;if(Ft(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=Ft(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(Lt,"");var r=Vt.test(e);return r||Ut.test(e)?qt(e.slice(2),r?2:8):Kt.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(e)},Gt=Object.prototype.toString;var zt=function(e){return"number"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Number]"==Gt.call(e)};var Wt=Function.prototype,Xt=Object.prototype,Yt=Wt.toString,Zt=Xt.hasOwnProperty,Qt=Yt.call(Object),er=Xt.toString,tr=function(e,t){return function(r){return e(t(r))}}(Object.getPrototypeOf,Object);var rr=function(e){if(!function(e){return!!e&&"object"==typeof e}(e)||"[object Object]"!=er.call(e)||function(e){var t=!1;if(null!=e&&"function"!=typeof e.toString)try{t=!!(e+"")}catch(e){}return t}(e))return!1;var t=tr(e);if(null===t)return!0;var r=Zt.call(t,"constructor")&&t.constructor;return"function"==typeof r&&r instanceof r&&Yt.call(r)==Qt},nr=Object.prototype.toString,ir=Array.isArray;var or=function(e){return"string"==typeof e||!ir(e)&&function(e){return!!e&&"object"==typeof e}(e)&&"[object String]"==nr.call(e)},sr=/^\s+|\s+$/g,ar=/^[-+]0x[0-9a-f]+$/i,cr=/^0b[01]+$/i,ur=/^0o[0-7]+$/i,fr=parseInt,dr=Object.prototype.toString;function lr(e,t){var r;if("function"!=typeof t)throw new TypeError("Expected a function");return e=function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==dr.call(e)}(e))return NaN;if(pr(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=pr(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(sr,"");var r=cr.test(e);return r||ur.test(e)?fr(e.slice(2),r?2:8):ar.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(e),function(){return--e>0&&(r=t.apply(this,arguments)),e<=1&&(t=void 0),r}}function pr(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}var mr=function(e){return lr(2,e)},hr=["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512","none"];ut&&hr.splice(3,0,"PS256","PS384","PS512");var gr={expiresIn:{isValid:function(e){return Jt(e)||or(e)&&e},message:'"expiresIn" should be a number of seconds or string representing a timespan'},notBefore:{isValid:function(e){return Jt(e)||or(e)&&e},message:'"notBefore" should be a number of seconds or string representing a timespan'},audience:{isValid:function(e){return or(e)||Array.isArray(e)},message:'"audience" must be a string or array'},algorithm:{isValid:Mt.bind(null,hr),message:'"algorithm" must be a valid string enum value'},header:{isValid:rr,message:'"header" must be an object'},encoding:{isValid:or,message:'"encoding" must be a string'},issuer:{isValid:or,message:'"issuer" must be a string'},subject:{isValid:or,message:'"subject" must be a string'},jwtid:{isValid:or,message:'"jwtid" must be a string'},noTimestamp:{isValid:$t,message:'"noTimestamp" must be a boolean'},keyid:{isValid:or,message:'"keyid" must be a string'},mutatePayload:{isValid:$t,message:'"mutatePayload" must be a boolean'}},yr={iat:{isValid:zt,message:'"iat" should be a number of seconds'},exp:{isValid:zt,message:'"exp" should be a number of seconds'},nbf:{isValid:zt,message:'"nbf" should be a number of seconds'}};function wr(e,t,r,n){if(!rr(r))throw new Error('Expected "'+n+'" to be a plain object.');Object.keys(r).forEach((function(i){var o=e[i];if(o){if(!o.isValid(r[i]))throw new Error(o.message)}else if(!t)throw new Error('"'+i+'" is not allowed in "'+n+'"')}))}var vr={audience:"aud",issuer:"iss",subject:"sub",jwtid:"jti"},br=["expiresIn","notBefore","noTimestamp","audience","issuer","subject","jwtid"],_r=function(e,t,r,n){var i;if("function"!=typeof r||n||(n=r,r={}),r||(r={}),r=Object.assign({},r),i=n||function(e,t){if(e)throw e;return t},r.clockTimestamp&&"number"!=typeof r.clockTimestamp)return i(new Xe("clockTimestamp must be a number"));if(void 0!==r.nonce&&("string"!=typeof r.nonce||""===r.nonce.trim()))return i(new Xe("nonce must be a non-empty string"));var o=r.clockTimestamp||Math.floor(Date.now()/1e3);if(!e)return i(new Xe("jwt must be provided"));if("string"!=typeof e)return i(new Xe("jwt must be a string"));var s,a=e.split(".");if(3!==a.length)return i(new Xe("jwt malformed"));try{s=ze(e,{complete:!0})}catch(e){return i(e)}if(!s)return i(new Xe("invalid token"));var c,u=s.header;if("function"==typeof t){if(!n)return i(new Xe("verify must be called asynchronous if secret or public key is provided as a callback"));c=t}else c=function(e,r){return r(null,t)};return c(u,(function(t,n){if(t)return i(new Xe("error in secret or public key callback: "+t.message));var c,f=""!==a[2].trim();if(!f&&n)return i(new Xe("jwt signature is required"));if(f&&!n)return i(new Xe("secret or public key must be provided"));if(f||r.algorithms||(r.algorithms=["none"]),r.algorithms||(r.algorithms=~n.toString().indexOf("BEGIN CERTIFICATE")||~n.toString().indexOf("BEGIN PUBLIC KEY")?ft:~n.toString().indexOf("BEGIN RSA PUBLIC KEY")?dt:lt),!~r.algorithms.indexOf(s.header.alg))return i(new Xe("invalid algorithm"));try{c=Ge.verify(e,s.header.alg,n)}catch(e){return i(e)}if(!c)return i(new Xe("invalid signature"));var d=s.payload;if(void 0!==d.nbf&&!r.ignoreNotBefore){if("number"!=typeof d.nbf)return i(new Xe("invalid nbf value"));if(d.nbf>o+(r.clockTolerance||0))return i(new Ze("jwt not active",new Date(1e3*d.nbf)))}if(void 0!==d.exp&&!r.ignoreExpiration){if("number"!=typeof d.exp)return i(new Xe("invalid exp value"));if(o>=d.exp+(r.clockTolerance||0))return i(new et("jwt expired",new Date(1e3*d.exp)))}if(r.audience){var l=Array.isArray(r.audience)?r.audience:[r.audience];if(!(Array.isArray(d.aud)?d.aud:[d.aud]).some((function(e){return l.some((function(t){return t instanceof RegExp?t.test(e):t===e}))})))return i(new Xe("jwt audience invalid. expected: "+l.join(" or ")))}if(r.issuer&&("string"==typeof r.issuer&&d.iss!==r.issuer||Array.isArray(r.issuer)&&-1===r.issuer.indexOf(d.iss)))return i(new Xe("jwt issuer invalid. expected: "+r.issuer));if(r.subject&&d.sub!==r.subject)return i(new Xe("jwt subject invalid. expected: "+r.subject));if(r.jwtid&&d.jti!==r.jwtid)return i(new Xe("jwt jwtid invalid. expected: "+r.jwtid));if(r.nonce&&d.nonce!==r.nonce)return i(new Xe("jwt nonce invalid. expected: "+r.nonce));if(r.maxAge){if("number"!=typeof d.iat)return i(new Xe("iat required when maxAge is specified"));var p=at(r.maxAge,d.iat);if(void 0===p)return i(new Xe('"maxAge" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'));if(o>=p+(r.clockTolerance||0))return i(new et("maxAge exceeded",new Date(1e3*p)))}if(!0===r.complete){var m=s.signature;return i(null,{header:u,payload:d,signature:m})}return i(null,d)}))},Sr=function(e,t,r,n){"function"==typeof r?(n=r,r={}):r=r||{};var i="object"==typeof e&&!Buffer.isBuffer(e),o=Object.assign({alg:r.algorithm||"HS256",typ:i?"JWT":void 0,kid:r.keyid},r.header);function s(e){if(n)return n(e);throw e}if(!t&&"none"!==r.algorithm)return s(new Error("secretOrPrivateKey must have a value"));if(void 0===e)return s(new Error("payload is required"));if(i){try{!function(e){wr(yr,!0,e,"payload")}(e)}catch(e){return s(e)}r.mutatePayload||(e=Object.assign({},e))}else{var a=br.filter((function(e){return void 0!==r[e]}));if(a.length>0)return s(new Error("invalid "+a.join(",")+" option for "+typeof e+" payload"))}if(void 0!==e.exp&&void 0!==r.expiresIn)return s(new Error('Bad "options.expiresIn" option the payload already has an "exp" property.'));if(void 0!==e.nbf&&void 0!==r.notBefore)return s(new Error('Bad "options.notBefore" option the payload already has an "nbf" property.'));try{!function(e){wr(gr,!1,e,"options")}(r)}catch(e){return s(e)}var c=e.iat||Math.floor(Date.now()/1e3);if(r.noTimestamp?delete e.iat:i&&(e.iat=c),void 0!==r.notBefore){try{e.nbf=at(r.notBefore,c)}catch(e){return s(e)}if(void 0===e.nbf)return s(new Error('"notBefore" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}if(void 0!==r.expiresIn&&"object"==typeof e){try{e.exp=at(r.expiresIn,c)}catch(e){return s(e)}if(void 0===e.exp)return s(new Error('"expiresIn" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}Object.keys(vr).forEach((function(t){var n=vr[t];if(void 0!==r[t]){if(void 0!==e[n])return s(new Error('Bad "options.'+t+'" option. The payload already has an "'+n+'" property.'));e[n]=r[t]}}));var u=r.encoding||"utf8";if("function"!=typeof n)return Ge.sign({header:o,payload:e,secret:t,encoding:u});n=n&&mr(n),Ge.createSign({header:o,privateKey:t,payload:e,encoding:u}).once("error",n).once("done",(function(e){n(null,e)}))};let Er=[];class xr{constructor(e){this.fetched=!1,this.options=Object.assign({baseUrl:"https://appleid.apple.com",timeout:1e4},e)}async _fetch(e,t){const{baseUrl:r}=this.options;return uniCloud.httpclient.request(r+e,t)}async verifyIdentityToken(e){const t=e.split(".")[0],r=JSON.parse(Buffer.from(t,"base64").toString()).kid;if(!Er.length)try{Er=await this.getAuthKeys()}catch(e){return{code:10705,msg:e.message}}let n=this.getUsedKey(Er,r);if(!Object.keys(n).length&&!this.fetched){try{Er=await this.getAuthKeys()}catch(e){return{code:10705,msg:e.message}}n=this.getUsedKey(Er,r)}let i=null;try{i=_r(e,function(e,t){var r=Buffer.from(e,"base64"),n=Buffer.from(t,"base64"),i=r.toString("hex"),o=n.toString("hex");i=U(i),o=U(o);var s=i.length/2,a=o.length/2,c=H(s),u=H(a),f="30"+H(s+a+c.length/2+u.length/2+2)+"02"+c+i+"02"+u+o;return"-----BEGIN RSA PUBLIC KEY-----\n"+Buffer.from(f,"hex").toString("base64").match(/.{1,64}/g).join("\n")+"\n-----END RSA PUBLIC KEY-----\n"}(n.n,n.e),{algorithms:n.alg})}catch(e){return{code:10705,msg:e.message}}return{code:0,msg:i}}async getAuthKeys(){const{status:e,data:t}=await this._fetch("/auth/keys",{method:"GET",dataType:"json",timeout:this.options.timeout});if(this.fetched=!0,200!==e)throw new Error("request fail");return t.keys}getUsedKey(e,t){let r={};for(let n=0;n upRes",await A.doc(e.uid).update({avatar:e.avatar})),{code:0,msg:"头像设置成功"}},updatePwd:async function(e){const t=await A.doc(e.uid).get();if(t&&t.data&&t.data.length>0){if(0===this._checkPwd(t.data[0],e.oldPassword).code){const{passwordHash:r,version:n}=this.encryptPwd(e.newPassword),i={password:r,token:[]};n&&(i.password_secret_version=n);return E("upRes",await A.doc(t.data[0]._id).update(i)),{code:0,msg:"修改成功"}}return{code:40202,msg:"旧密码错误"}}return{code:40201,msg:"用户不存在"}},updateUser:async function(e){const t=e.uid;return t?(delete e.uid,E("update -> upRes",await A.doc(t).update(e)),{code:0,msg:"修改成功"}):{code:80101,msg:"缺少uid参数"}},_getAlipayApi:function({platform:e}={}){const t=e||this.context.PLATFORM;if(!t)throw new Error("未能获取客户端平台信息,请主动传入platform");const r=this._getConfig(t);if(!r.oauth||!r.oauth.alipay)throw new Error(`请在公用模块uni-id的config.json或init方法中添加${t}平台支付宝登录配置项`);return["appid","privateKey"].forEach(e=>{if(!r.oauth.alipay[e])throw new Error(`请在公用模块uni-id的config.json或init方法中添加配置项:${t}.oauth.alipay.${e}`)}),jr({...r.oauth.alipay,clientType:t})},_getValidInviteCode:async function({inviteCode:e}){let t,r=10;e?(r=1,t=e):t=Ir();let n=!1;try{for(;r>0&&!n;){r--;if(0===(await A.where({invite_code:t}).get()).data.length){n=!0;break}t=Ir()}return n?{code:0,inviteCode:t}:e?{code:80401,msg:"邀请码重复,设置失败"}:{code:80402,msg:"邀请码设置失败稍后再试"}}catch(e){return{code:90001,msg:"数据库读写异常"}}},_addUser:async function(e,t={}){const r=this._getConfig(),n={...e,register_date:Date.now(),register_ip:this.context.CLIENTIP},i=(await A.add(n)).id;let o;if(r.removePermissionAndRoleFromToken){const e=t.needPermission;o=await this.createToken({uid:i,needPermission:e})}else{const t=e.role||[];let r;r=0===t.length||t.includes("admin")?[]:await this._getPermissionListByRoleList(t),o=await this.createToken({uid:i,role:t,permission:r})}const{token:s,tokenExpired:a}=o;return await A.doc(i).update({token:[s]}),{token:s,tokenExpired:a,uid:i,type:"register",userInfo:Object.assign({},n,{token:s})}},_loginExec:async function(e,t={}){if(1===e.status)return{code:10001,msg:"账号已禁用"};const r=this._getConfig();let n=e.token||[];"string"==typeof n&&(n=[n]);const i=this._getExpiredToken(n);let o;if(n=n.filter(e=>-1===i.indexOf(e)),r.removePermissionAndRoleFromToken){const r=t.needPermission;o=await this.createToken({uid:e._id,needPermission:r})}else{const t=e.role||[];let r;r=0===t.length||t.includes("admin")?[]:await this._getPermissionListByRoleList(t),o=await this.createToken({uid:e._id,role:t,permission:r})}const{token:s,tokenExpired:a}=o;n.push(s),e.token=n;const c={last_login_date:Date.now(),last_login_ip:this.context.CLIENTIP,token:n,...t.extraData};await A.doc(e._id).update(c);const u=Object.assign({},e,c);return{code:0,msg:"登录成功",token:s,uid:u._id,username:u.username,type:"login",userInfo:u,tokenExpired:a}},_registerExec:async function(e,t={}){const{my_invite_code:r}=e;if(this._getConfig().autoSetInviteCode||r){const t=await this._getValidInviteCode({inviteCode:r});if(t.code>0)return t;e.my_invite_code=t.inviteCode}return{code:0,msg:"注册成功",...await this._addUser(e,t)}},_getWeixinApi:function({platform:e}={}){const t=e||this.context.PLATFORM;if(!t)throw new Error("未能获取客户端平台信息,请主动传入platform");const r=this._getConfig(t);if(!r.oauth||!r.oauth.weixin)throw new Error(`请在公用模块uni-id的config.json或init方法中添加${t}平台微信登录配置项`);return["appid","appsecret"].forEach(e=>{if(!r.oauth.weixin[e])throw new Error(`请在公用模块uni-id的config.json或init方法中添加配置项:${t}.oauth.weixin.${e}`)}),kr({...r.oauth.weixin,clientType:t})},acceptInvite:async function({uid:e,inviteCode:t}){const r=await A.where({_id:Pr.neq(e),inviter_uid:Pr.not(Pr.all([e])),my_invite_code:t}).get();if(1!==r.data.length)return{code:80501,msg:"邀请码无效"};const n=[r.data[0]._id].concat(r.data[0].inviter_uid||[]),i=await A.doc(e).field({my_invite_code:!0,inviter_uid:!0}).get();if(0===i.data.length)return{code:80502,msg:"uid错误用户不存在"};if(i.data[0].inviter_uid&&i.data[0].inviter_uid.length>0)return{code:80503,msg:"邀请码不可修改"};const o=Date.now();return await A.doc(e).update({inviter_uid:n,invite_time:o}),await A.where({inviter_uid:e}).update({inviter_uid:Pr.push(n)}),{code:0,msg:"邀请码填写成功"}},getInvitedUser:async function({uid:e,level:t=1,limit:r=20,offset:n=0,needTotal:i=!1}){const o={code:0,msg:"获取邀请列表成功",invitedUser:(await A.where({["inviter_uid."+(t-1)]:e}).field({_id:!0,username:!0,mobile:!0,invite_time:!0}).orderBy("invite_time","desc").skip(n).limit(r).get()).data};if(i){const r=await A.where({["inviter_uid."+(t-1)]:e}).count();o.total=r.total}return o},setUserInviteCode:async function({uid:e,myInviteCode:t}){const r=await this._getValidInviteCode({inviteCode:t});return r.code>0?r:(await A.doc(e).update({my_invite_code:r.inviteCode}),{code:0,msg:"邀请码设置成功",myInviteCode:r.inviteCode})},loginByAlipay:async function(e){let t=e;"string"==typeof e&&(t={code:e});const r=t.needPermission,n=t.platform||this.context.PLATFORM,{openid:i}=await this._getAlipayApi({platform:n}).code2Session(t.code);if(!i)return{code:10501,msg:"获取openid失败"};const o=await A.where({ali_openid:i}).get();if(o&&o.data&&o.data.length>0){const e=o.data[0],t=await this._loginExec(e,{needPermission:r});if(0!==t.code)return t;const{userInfo:n}=t;return{...t,openid:i,mobileConfirmed:1===n.mobile_confirmed,emailConfirmed:1===n.email_confirmed}}{const e={ali_openid:i};e.my_invite_code=t.myInviteCode,e.role=t.role;const n=await this._registerExec(e,{needPermission:r});return 0!==n.code?n:{...n,openid:i,mobileConfirmed:!1,emailConfirmed:!1}}},loginByEmail:async function({email:e,code:t,password:r,myInviteCode:n,type:i,needPermission:o,role:s}){const a=await this.verifyCode({email:e,code:t,type:i||"login"});if(0!==a.code)return a;const c={email:e,email_confirmed:1},u=await A.where(c).get();if(E("userInDB:",u),u&&u.data&&u.data.length>0){if("register"===i)return{code:10301,msg:"此邮箱已注册"};const t=u.data[0],r=await this._loginExec(t,{needPermission:o});return 0!==r.code?r:{...r,email:e}}{if("login"===i)return{code:10302,msg:"此邮箱尚未注册"};const t={email:e,email_confirmed:1};if(r){const{passwordHash:e,version:n}=this.encryptPwd(r);t.password=e,n&&(t.password_secret_version=n)}t.my_invite_code=n,t.role=s;const a=await this._registerExec(t,{needPermission:o});return 0!==a.code?a:{...a,email:e}}},loginBySms:async function({mobile:e,code:t,password:r,inviteCode:n,myInviteCode:i,type:o,needPermission:s,role:a}){const c=this._getConfig();if(c.forceInviteCode&&!o)throw new Error("[loginBySms]强制使用邀请码注册时,需指明type为register还是login");const u=await this.verifyCode({mobile:e,code:t,type:o||"login"});if(0!==u.code)return u;const f={mobile:e,mobile_confirmed:1},d=await A.where(f).get();if(d&&d.data&&d.data.length>0){if("register"===o)return{code:10201,msg:"此手机号已注册"};const t=d.data[0],r=await this._loginExec(t,{needPermission:s});return 0!==r.code?r:{...r,mobile:e}}{const t=Date.now();if("login"===o)return{code:10203,msg:"此手机号尚未注册"};const u={mobile:e,mobile_confirmed:1,register_ip:this.context.CLIENTIP,register_date:t};if(r){const{passwordHash:e,version:t}=this.encryptPwd(r);u.password=e,t&&(u.password_secret_version=t)}if(n){const e=await A.where({my_invite_code:n}).get();if(1!==e.data.length)return{code:10202,msg:"邀请码无效"};u.inviter_uid=[e.data[0]._id].concat(e.data[0].inviter_uid||[]),u.invite_time=t}else if(c.forceInviteCode)return{code:10202,msg:"邀请码无效"};u.my_invite_code=i,u.role=a;const f=await this._registerExec(u,{needPermission:s});return 0!==f.code?f:{...f,mobile:e}}},loginByWeixin:async function(e){let t=e;"string"==typeof e&&(t={code:e});const r=t.needPermission,n=t.platform||this.context.PLATFORM,{openid:i,unionid:o,sessionKey:s}=await this._getWeixinApi({platform:n})["mp-weixin"===n?"code2Session":"getOauthAccessToken"](t.code);if(!i)return{code:10401,msg:"获取openid失败"};const a=Cr.command,c=[{wx_openid:{[n]:i}}];o&&c.push({wx_unionid:o});const u=await A.where(a.or(...c)).get();if(u&&u.data&&u.data.length>0){const e=u.data[0],t={wx_openid:{[n]:i}};o&&(t.wx_unionid=o);const a=await this._loginExec(e,{needPermission:r,extraData:t});if(0!==a.code)return a;const{userInfo:c}=a;return{...a,openid:i,unionid:o,sessionKey:s,mobileConfirmed:1===c.mobile_confirmed,emailConfirmed:1===c.email_confirmed}}{const e={wx_openid:{[n]:i},wx_unionid:o},a=t.myInviteCode;e.my_invite_code=a,e.role=t.role;const c=await this._registerExec(e,{needPermission:r});return 0!==c.code?c:{...c,openid:i,unionid:o,sessionKey:s,mobileConfirmed:!1,emailConfirmed:!1}}},loginByUniverify:async function({openid:e,access_token:t,password:r,inviteCode:n,myInviteCode:i,type:o,needPermission:s,role:a}){const c=this._getConfig(),u=c&&c.service&&c.service.univerify;if(!u)throw new Error("请在config.json或init方法中配置service.univerify下一键登录相关参数");const f=["apiKey","apiSecret"];for(let e=0,t=f.length;e0){if("register"===o)return{code:10601,msg:"此手机号已注册"};const e=p.data[0],t=await this._loginExec(e,{needPermission:s});return 0!==t.code?t:{...t,mobile:l}}if("login"===o)return{code:10602,msg:"此手机号尚未注册"};const m=Date.now(),h={mobile:l,my_invite_code:i,mobile_confirmed:1,role:a};if(r){const{passwordHash:e,version:t}=this.encryptPwd(r);h.password=e,t&&(h.password_secret_version=t)}if(n){let e=await A.where({my_invite_code:n}).get();if(1!==e.data.length)return{code:10202,msg:"邀请码无效"};e=e.data[0],h.inviter_uid=[e._id].concat(e.inviter_uid||[]),h.invite_time=m}else if(c.forceInviteCode)return{code:10202,msg:"邀请码无效"};h.my_invite_code=i;const g=await this._registerExec(h,{needPermission:s});return 0!==g.code?g:{...g,mobile:l}},loginByApple:async function({nickName:e,fullName:t,email:r,authorizationCode:n,identityToken:i,realUserStatus:o,inviteCode:s,myInviteCode:a,type:c,needPermission:u,platform:f,role:d}){const l=this._getConfig(),p=l&&l["app-plus"]&&l["app-plus"].oauth&&l["app-plus"].oauth.apple;if(!p)throw new Error("请在config.json或init方法中,app-plus.oauth.apple 下配置相关参数");const{bundleId:m}=p;if(!m)throw new Error("请在config.json或init方法中 app-plus.oauth.apple 下配置bundleId");if(!i)throw new Error("[loginByApple] 苹果登录需要传递identityToken");const h=f||this.context.PLATFORM;t=e||(t&&Object.keys(t).length>0?t.familyName+t.givenName:"");const{code:g,msg:y}=await Tr({clientType:h}).verifyIdentityToken(i);if(0!==g)return{code:g,msg:y};const{iss:w,sub:v,aud:b,email:_}=y;if("https://appleid.apple.com"!==w)return{code:10706,msg:"签发机构检验失败"};if(!v)return{code:10701,msg:"获取用户唯一标识符失败"};if(m!==b)return{code:10702,msg:"bundleId校验失败,请确认配置后重试"};const S=t||"新用户"+_.split("@")[0],E=await A.where({apple_openid:v}).get();if(E&&E.data&&E.data.length>0){if("register"===c)return{code:10703,msg:"此账户已注册"};const e=E.data[0],t=await this._loginExec(e,{needPermission:u});return 0!==t.code?t:{...t,openid:v}}if("login"===c)return{code:10704,msg:"此账户尚未注册"};const x={nickname:S,apple_openid:v,my_invite_code:a,role:d},k=await this._registerExec(x,{needPermission:u});return 0!==k.code?k:{...k,openid:v}},login:async function({username:e,password:t,queryField:r=[],needPermission:n}){const i=Rr.command,o=[];r&&r.length||(r=["username"]);const s={email:{email_confirmed:1},mobile:{mobile_confirmed:1}};r.forEach(t=>{o.push({[t]:e,...s[t]})});const a=await A.where(i.or(...o)).limit(1).get(),c=this.context.CLIENTIP,{passwordErrorLimit:u,passwordErrorRetryTime:f}=this._getConfig();if(E("userInDB:",a),0===a.data.length)return{code:10101,msg:"用户不存在"};const d=a.data[0];let l=d.login_ip_limit||[];l=l.filter(e=>e.last_error_time>Date.now()-1e3*f);let p=l.find(e=>e.ip===c);if(p&&p.error_times>=u)return{code:10103,msg:`密码错误次数过多,请${I(p.last_error_time+1e3*f)}再试。`};const m=this._checkPwd(d,t);if(0===m.code){const e=l.indexOf(p);e>-1&&l.splice(e,1);const t={login_ip_limit:l},{passwordHash:r,passwordVersion:i}=m;r&&i&&(t.password=r,t.password_secret_version=i);const o=await this._loginExec(d,{needPermission:n,extraData:t});return o.code,o}return p?(p.error_times++,p.last_error_time=Date.now()):(p={ip:c,error_times:1,last_error_time:Date.now()},l.push(p)),await A.doc(d._id).update({login_ip_limit:l}),{code:10102,msg:"密码错误"}},register:async function(e){const t=[],r=[{name:"username",desc:"用户名"},{name:"email",desc:"邮箱",extraCond:{email_confirmed:1}},{name:"mobile",desc:"手机号",extraCond:{mobile_confirmed:1}}],n=e.needPermission;if(void 0!==n&&delete e.needPermission,r.forEach(r=>{const n=r.name;e[n]&&e[n].trim()&&t.push({[n]:e[n],...r.extraCond})}),0===t.length)return{code:20101,msg:"用户名、邮箱、手机号不可同时为空"};const{username:i,email:o,mobile:s,myInviteCode:a}=e,c=Ar.command,u=await A.where(c.or(...t)).get();if(u&&u.data.length>0){const t=u.data[0];for(let n=0;nt[e]===i.extraCond[e])),t[i.name]===e[i.name]&&o)return{code:20102,msg:i.desc+"已存在"}}}const{passwordHash:f,version:d}=this.encryptPwd(e.password);e.password=f,d&&(e.password_secret_version=d),e.my_invite_code=a,delete e.myInviteCode;const l=await this._registerExec(e,{needPermission:n});return 0!==l.code?l:{...l,username:i,email:o,mobile:s}},logout:async function(e){const t=await this.checkToken(e);if(t.code&&t.code>0)return t;const r=Or.command;return await A.doc(t.uid).update({token:r.pull(e)}),{code:0,msg:"退出成功"}},getRoleByUid:async function({uid:e}){if(!e)return{code:"PARAMETER_ERROR",msg:"用户Id不能为空"};const t=await A.doc(e).get();return 0===t.data.length?{code:"USER_NOT_EXIST",msg:"用户不存在"}:{code:0,msg:"获取角色成功",role:t.data[0].role||[]}},getPermissionByRole:async function({roleID:e}){if(!e)return{code:"PARAMETER_ERROR",msg:"角色ID不能为空"};if("admin"===e){return{code:0,msg:"获取权限成功",permission:(await B.limit(1e4).get()).data.map(e=>e.permission_id)}}const t=await D.where({role_id:e}).get();return 0===t.data.length?{code:"ROLE_NOT_EXIST",msg:"角色不存在"}:{code:0,msg:"获取权限成功",permission:t.data[0].permission||[]}},getPermissionByUid:async function({uid:e}){const t=await A.aggregate().match({_id:e}).project({role:!0}).unwind("$role").lookup({from:"uni-id-roles",localField:"role",foreignField:"role_id",as:"roleDetail"}).unwind("$roleDetail").replaceRoot({newRoot:"$roleDetail"}).end(),r=[];return t.data.forEach(e=>{Array.prototype.push.apply(r,e.permission)}),{code:0,msg:"获取权限成功",permission:k(r)}},bindRole:async function({uid:e,roleList:t,reset:r=!1}){const n={};return"string"==typeof t&&(t=[t]),n.role=r?t:Dr.push(t),await A.doc(e).update(n),{code:0,msg:"角色绑定成功"}},bindPermission:async function({roleID:e,permissionList:t,reset:r=!1}){const n={};return"string"==typeof t&&(t=[t]),n.permission=r?t:Dr.push(t),await D.where({role_id:e}).update(n),{code:0,msg:"权限绑定成功"}},unbindRole:async function({uid:e,roleList:t}){return"string"==typeof t&&(t=[t]),await A.doc(e).update({role:Dr.pull(Dr.in(t))}),{code:0,msg:"角色解绑成功"}},unbindPermission:async function({roleID:e,permissionList:t}){return"string"==typeof t&&(t=[t]),await D.where({role_id:e}).update({permission:Dr.pull(Dr.in(t))}),{code:0,msg:"权限解绑成功"}},addRole:async function({roleID:e,roleName:t,comment:r,permission:n=[]}){return e?"admin"===e?{code:"PARAMETER_ERROR",msg:"不可新增roleID为admin的角色"}:(await D.add({role_id:e,role_name:t,comment:r,permission:n,create_date:Date.now()}),{code:0,msg:"角色新增成功"}):{code:"PARAMETER_ERROR",msg:"roleID不能为空"}},addPermission:async function({permissionID:e,permissionName:t,comment:r}){return e?(await B.add({permission_id:e,permission_name:t,comment:r,create_date:Date.now()}),{code:0,msg:"权限新增成功"}):{code:"PARAMETER_ERROR",msg:"permissionID不能为空"}},getRoleList:async function({limit:e=20,offset:t=0,needTotal:r=!0}){const n={code:0,msg:"获取角色列表成功",roleList:(await D.skip(t).limit(e).get()).data};if(r){const{total:e}=await D.where({_id:Dr.exists(!0)}).count();n.total=e}return n},getRoleInfo:async function(e){const t=await D.where({role_id:e}).get();return 0===t.data.length?{code:"ROLE_ID_NOT_EXISTS",msg:"角色ID不存在"}:{code:0,...t.data[0]}},updateRole:async function({roleID:e,roleName:t,comment:r,permission:n}){return e?(await D.where({role_id:e}).update({role_name:t,comment:r,permission:n}),{code:0,msg:"角色更新成功"}):{code:"PARAMETER_ERROR",msg:"参数错误,roleID不能为空"}},deleteRole:async function({roleID:e}){const t=m(e);if("string"===t)e=[e];else if("array"!==t)throw new Error("roleID只能为字符串或者数组");return await D.where({role_id:Dr.in(e)}).remove(),await A.where({role:Dr.elemMatch(Dr.in(e))}).update({role:Dr.pullAll(e)}),{code:0,msg:"角色删除成功"}},getPermissionList:async function({limit:e=20,offset:t=0,needTotal:r=!0}){const n={code:0,msg:"获取权限列表成功",permissionList:(await B.skip(t).limit(e).get()).data};if(r){const{total:e}=await B.where({_id:Dr.exists(!0)}).count();n.total=e}return n},getPermissionInfo:async function(e){const t=await B.where({permission_id:e}).get();return 0===t.data.length?{code:"PERMISSION_ID_NOT_EXISTS",msg:"权限ID不存在"}:{code:0,...t.data[0]}},updatePermission:async function({permissionID:e,permissionName:t,comment:r}){return e?(await B.where({permission_id:e}).update({permission_name:t,comment:r}),{code:0,msg:"权限更新成功"}):{code:"PARAMETER_ERROR",msg:"参数错误,permissionID不能为空"}},deletePermission:async function({permissionID:e}){const t=m(e);if("string"===t)e=[e];else if("array"!==t)throw new Error("permissionID只能为字符串或者数组");return await B.where({permission_id:Dr.in(e)}).remove(),await D.where({permission:Dr.elemMatch(Dr.in(e))}).update({permission:Dr.pullAll(e)}),{code:0,msg:"权限删除成功"}},bindAlipay:async function({uid:e,code:t,platform:r}){const n=r||this.context.PLATFORM,{openid:i}=await this._getAlipayApi({platform:n}).code2Session(t);if(!i)return{code:60401,msg:"获取openid失败"};const o=await A.where({ali_openid:i}).get();return o&&o.data&&o.data.length>0?{code:60402,msg:"支付宝绑定失败,此账号已被绑定"}:(await A.doc(e).update({ali_openid:i}),{code:0,openid:i,msg:"绑定成功"})},bindEmail:async function({uid:e,email:t,code:r}){const n=await A.where({email:t,email_confirmed:1}).count();if(n&&n.total>0)return{code:60201,msg:"此邮箱已被绑定"};if(r){const e=await this.verifyCode({email:t,code:r,type:"bind"});if(0!==e.code)return e}return E("bindEmail -> upRes",await A.doc(e).update({email:t,email_confirmed:1})),{code:0,msg:"邮箱绑定成功"}},bindMobile:async function({uid:e,mobile:t,code:r}){const n=await A.where({mobile:t,mobile_confirmed:1}).count();if(n&&n.total>0)return{code:60101,msg:"此手机号已被绑定"};if(r){const e=await this.verifyCode({mobile:t,code:r,type:"bind"});if(0!==e.code)return e}return E("bindMobile -> upRes",await A.doc(e).update({mobile:t,mobile_confirmed:1})),{code:0,msg:"手机号码绑定成功"}},bindWeixin:async function({uid:e,code:t,platform:r}){const n=r||this.context.PLATFORM,{openid:i,unionid:o}=await this._getWeixinApi({platform:n})["mp-weixin"===n?"code2Session":"getOauthAccessToken"](t);if(!i)return{code:60301,msg:"获取openid失败"};const s=Br.command,a=[{wx_openid:{[n]:i}}];o&&a.push({wx_unionid:o});const c=await A.where(s.or(...a)).get();if(c&&c.data&&c.data.length>0)return{code:60302,msg:"微信绑定失败,此微信账号已被绑定"};const u={wx_openid:{[n]:i}};return o&&(u.wx_unionid=o),await A.doc(e).update(u),{code:0,openid:i,unionid:o,msg:"绑定成功"}},unbindAlipay:async function(e){const t=Mr.command,r=await A.doc(e).update({ali_openid:t.remove()});return E("upRes:",r),1===r.updated?{code:0,msg:"支付宝解绑成功"}:{code:70401,msg:"支付宝解绑失败,请稍后再试"}},unbindEmail:async function({uid:e,email:t,code:r}){if(r){const e=await this.verifyCode({email:t,code:r,type:"unbind"});if(0!==e.code)return e}const n=Nr.command;return 1===(await A.where({_id:e,email:t}).update({email:n.remove(),email_confirmed:n.remove()})).updated?{code:0,msg:"邮箱解绑成功"}:{code:70201,msg:"邮箱解绑失败,请稍后再试"}},unbindMobile:async function({uid:e,mobile:t,code:r}){if(r){const e=await this.verifyCode({mobile:t,code:r,type:"unbind"});if(0!==e.code)return e}const n=$r.command;return 1===(await A.where({_id:e,mobile:t}).update({mobile:n.remove(),mobile_confirmed:n.remove()})).updated?{code:0,msg:"手机号解绑成功"}:{code:70101,msg:"手机号解绑失败,请稍后再试"}},unbindWeixin:async function(e){const t=Lr.command,r=await A.doc(e).update({wx_openid:t.remove(),wx_unionid:t.remove()});return E("upRes:",r),1===r.updated?{code:0,msg:"微信解绑成功"}:{code:70301,msg:"微信解绑失败,请稍后再试"}},code2SessionAlipay:async function(e){let t=e;"string"==typeof e&&(t={code:e});try{const e=t.platform||this.context.PLATFORM,r=await this._getAlipayApi({platform:e}).code2Session(t.code);return r.openid?{code:0,msg:"",...r}:{code:80701,msg:"获取openid失败"}}catch(e){return{code:80702,msg:e.message}}},code2SessionWeixin:async function(e){let t=e;"string"==typeof e&&(t={code:e});try{const e=t.platform||this.context.PLATFORM,r=await this._getWeixinApi({platform:e})["mp-weixin"===e?"code2Session":"getOauthAccessToken"](t.code);return r.openid?{code:0,msg:"",...r}:{code:80601,msg:"获取openid失败"}}catch(e){return{code:80602,msg:e.message}}},verifyAppleIdentityToken:async function({identityToken:e,platform:t}){const r=t||this.context.PLATFORM,{code:n,msg:i}=await Tr({clientType:r}).verifyIdentityToken(e);return 0!==n?{code:n,msg:i}:{code:n,msg:"验证通过",...i}},wxBizDataCrypt:async function({code:e,sessionKey:t,encryptedData:r,iv:i}){if(!r)return{code:80805,msg:"encryptedData不可为空"};if(!i)return{code:80806,msg:"iv不可为空"};if(!e&&!t)return{code:80804,msg:"code或sessionKey必须有其中一个"};const o=this._getWeixinApi();if(!t){const r=await o.code2Session(e);if(!r.sessionKey)return{code:80801,msg:"sessionKey获取失败"};t=r.sessionKey}t=Buffer.from(t,"base64"),r=Buffer.from(r,"base64"),i=Buffer.from(i,"base64");try{var s=n.createDecipheriv("aes-128-cbc",t,i);s.setAutoPadding(!0);var a=s.update(r,"binary","utf8");a+=s.final("utf8"),a=JSON.parse(a)}catch(e){return{code:80802,msg:"解密失败:"+e.message}}return a.watermark.appid!==o.options.appId?{code:80803,msg:"appid不匹配"}:{code:0,msg:"解密成功",...a}},encryptPwd:function(e,{value:t,version:r}={}){if(!t){const e=this._getConfig(),{passwordSecret:n}=e;if("array"===m(n)){const e=n.sort((e,t)=>e.version-t.version);t=e[e.length-1].value,r=e[e.length-1].version}else t=n}if(!t)throw new Error("passwordSecret不正确");const i=n.createHmac("sha1",t.toString("ascii"));return i.update(e),{passwordHash:i.digest("hex"),version:r}},checkToken:async function(e,{needPermission:t,needUserInfo:r=!0}={}){const n=this._getConfig();try{const i=this._verifyToken(e);if(i.code)return i;const{uid:o,needPermission:s,role:a,permission:c,exp:u}=i,f=a&&c;t=void 0===t?s:t;const d=n.removePermissionAndRoleFromToken||!f||r,l=!n.removePermissionAndRoleFromToken&&!f||n.removePermissionAndRoleFromToken&&f||n.tokenExpiresThreshold&&u-Date.now()/1e3-1===r.indexOf(e)),t.push(e.token),await A.doc(o).update({token:t,last_login_date:Date.now(),last_login_ip:this.context.CLIENTIP}),{...m,...e}}return m}catch(e){return{code:90001,msg:"数据库读写异常:"+e.message,err:e}}},createToken:function({uid:e,needPermission:t,role:r,permission:n}){if(!e)return{code:30101,msg:"缺少uid参数"};const i={uid:e,needPermission:t,role:r,permission:n},o=this._getConfig();if(!this.interceptorMap.has("customToken")){const e={...i};return this._createTokenInternal({signContent:e,config:o})}const s=this.interceptorMap.get("customToken");if("function"!==m(s))throw new Error("custom-token.js应导出一个function");const a=s(i);return a instanceof Promise?a.then(e=>this._createTokenInternal({signContent:e,config:o})):this._createTokenInternal({signContent:a,config:o})},_checkPwd:function(e,t){if(!t)return{code:1,message:"密码不能为空"};const{password:r,password_secret_version:n}=e,i=this._getConfig(),{passwordSecret:o}=i,s=m(o);if("string"===s){const{passwordHash:e}=this.encryptPwd(t,{value:o});return e===r?{code:0,message:"密码校验通过"}:{code:2,message:"密码不正确"}}if("array"!==s)throw new Error("config内passwordSecret类型错误,只可设置string类型和array类型");const a=o.sort((e,t)=>e.version-t.version);let c;if(c=n?a.find(e=>e.version===n):a[0],!c)return{code:3,message:"secretVersion不正确"};const u=a[a.length-1],{passwordHash:f}=this.encryptPwd(t,c);if(f===r){const e={code:0,message:"密码校验通过"};if(c!==u){const{passwordHash:r,version:n}=this.encryptPwd(t,u);e.passwordHash=r,e.passwordVersion=n}return e}return{code:4,message:""}},_verifyToken:function(e){const t=this._getConfig();let r;try{r=_r(e,t.tokenSecret)}catch(e){return"TokenExpiredError"===e.name?{code:30203,msg:"token已过期,请重新登录",err:e}:{code:30204,msg:"非法token",err:e}}return t.bindTokenToDevice&&r.clientId!==this._getClientUaHash()?{code:30201,msg:"token不合法,请重新登录"}:r},_getExpiredToken:function(e){const t=this._getConfig(),r=[];return e.forEach(e=>{try{_r(e,t.tokenSecret)}catch(t){r.push(e)}}),r},_getPermissionListByRoleList:async function(e){if(!Array.isArray(e))return[];if(0===e.length)return[];if(e.includes("admin")){return(await B.limit(500).get()).data.map(e=>e.permission_id)}const t=await D.where({role_id:Kr.in(e)}).get(),r=[];return t.data.forEach(e=>{Array.prototype.push.apply(r,e.permission)}),k(r)},_getClientUaHash:function(){const e=n.createHash("md5"),t=/MicroMessenger/i.test(this.context.CLIENTUA)?this.context.CLIENTUA.replace(/(MicroMessenger\S+).*/i,"$1"):this.context.CLIENTUA;return e.update(t),e.digest("hex")},_createTokenInternal:function({signContent:e,config:t}){return"object"!==m(e)?{code:30101,msg:"token对应的payload为对象且必须包含uid"}:e.uid?(t.bindTokenToDevice&&(e.clientId=this._getClientUaHash.bind(this)()),{token:Sr(e,t.tokenSecret,{expiresIn:t.tokenExpiresIn}),tokenExpired:Date.now()+1e3*t.tokenExpiresIn}):{code:30101,msg:"token对应的payload必须包含uid"}},setVerifyCode:async function({mobile:e,email:t,code:r,expiresIn:n,type:i}){if(!e&&!t||e&&t)return{code:50101,msg:"手机号和邮箱必须且只能给定其中一个"};r||(r=x()),n||(n=180);const o=Date.now(),s={mobile:e,email:t,type:i,code:r,state:0,ip:this.context.CLIENTIP,created_at:o,expired_at:o+1e3*n};return E("addRes",await O.add(s)),{code:0,mobile:e,email:t}},verifyCode:async function({mobile:e,email:t,code:r,type:n}){if(!e&&!t||e&&t)return{code:50201,msg:"手机号和邮箱必须且只能给定其中一个"};const i=Vr.command,o=Date.now(),s={mobile:e,email:t,type:n,code:r,state:0,expired_at:i.gt(o)},a=await O.where(s).orderBy("created_at","desc").limit(1).get();if(E("verifyRecord:",a),a&&a.data&&a.data.length>0){const e=a.data[0];return E("upRes",await O.doc(e._id).update({state:1})),{code:0,msg:"验证通过"}}return{code:50202,msg:"验证码错误或已失效"}},sendSmsCode:async function({mobile:e,code:t,type:r,templateId:n}){if(!e)throw new Error("手机号码不可为空");if(t||(t=x()),!r)throw new Error("验证码类型不可为空");const i=this._getConfig();let o=i&&i.service&&i.service.sms;if(!o)throw new Error("请在config.json或init方法中配置service.sms下短信相关参数");o=Object.assign({codeExpiresIn:300},o);const s=["smsKey","smsSecret"];if(!n&&!o.name)throw new Error("不传入templateId时应在config.json或init方法内service.sms下配置name字段以正确使用uniID_code模板");for(let e=0,t=s.length;e=0?o:{code:0,msg:"验证码发送成功"}}catch(e){return{code:50301,msg:"验证码发送失败, "+e.message}}}});let qr;try{qr=require("uni-config-center")}catch(e){}class Hr{constructor({context:e,config:t}={}){const r=qr&&qr({pluginId:"uni-id"});this.pluginConfig=r,this.config=t||this._getConfigContent(),this.context=e,this.interceptorMap=new Map,r&&r.hasFile("custom-token.js")&&this.setInterceptor("customToken",require(r.resolve("custom-token.js")))}_getConfigContent(){if(this.pluginConfig&&this.pluginConfig.hasFile("config.json")){this._hasConfigFile=!0;try{return this.pluginConfig.config()}catch(e){return}}const e=r.resolve(__dirname,"config.json");this._hasConfigFile=t.existsSync(e);try{return require(e)}catch(e){}}init(e){this.config=e}setInterceptor(e,t){this.interceptorMap.set(e,t)}_getConfig(e){const t=this.config&&0!==Object.keys(this.config).length;if(this._hasConfigFile&&!t)throw new Error("请在确保公用模块uni-id的config.json内格式正确(不可包含注释)");if(!t)throw new Error("请在公用模块uni-id的config.json或init方法中内添加配置项");const r=Object.assign(this.config,this.config[e||this.context.PLATFORM])||{},n=Object.assign({bindTokenToDevice:!0},r);return["passwordSecret","tokenSecret","tokenExpiresIn","passwordErrorLimit","passwordErrorRetryTime"].forEach(e=>{if(!n||!n[e])throw new Error("请在公用模块uni-id的config.json或init方法中内添加配置项:"+e)}),n}}for(const e in Ur)Hr.prototype[e]=C(Ur[e]);function Fr({context:e=global.__ctx__,config:t}={}){const r=new Hr({context:e,config:t}),n=new Proxy(r,{get(e,t){if(t in e)return"function"==typeof e[t]?e[t].bind(n):e[t]}});return n}Hr.prototype.createInstance=Fr;var Jr=Fr();module.exports=Jr; +"use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}var t=e(require("fs")),r=e(require("path")),n=e(require("crypto")),i=e(require("querystring")),o=e(require("buffer")),s=e(require("stream")),a=e(require("util"));class c extends Error{constructor(e){super(e.message),this.errMsg=e.message||"",Object.defineProperties(this,{message:{get(){return`errCode: ${e.code||""} | errMsg: `+this.errMsg},set(e){this.errMsg=e}}})}}const u=Object.prototype.toString,f=Object.prototype.hasOwnProperty;function d(e,t){return f.call(e,t)}function l(e){return"[object Object]"===u.call(e)}function p(e){return"function"==typeof e}function m(e){return Object.prototype.toString.call(e).slice(8,-1).toLowerCase()}const h=/_(\w)/g,g=/[A-Z]/g;function y(e){return e.replace(h,(e,t)=>t?t.toUpperCase():"")}function w(e){return e.replace(g,e=>"_"+e.toLowerCase())}function v(e,t){let r,n;switch(t){case"snake2camel":n=y,r=h;break;case"camel2snake":n=w,r=g}for(const i in e)if(d(e,i)&&r.test(i)){const r=n(i);e[r]=e[i],delete e[i],l(e[r])?e[r]=v(e[r],t):Array.isArray(e[r])&&(e[r]=e[r].map(e=>v(e,t)))}return e}function b(e){return v(e,"snake2camel")}function _(e){return v(e,"camel2snake")}function E(e){return function(e,t="-"){e=e||new Date;const r=[];return r.push(e.getFullYear()),r.push(("00"+(e.getMonth()+1)).substr(-2)),r.push(("00"+e.getDate()).substr(-2)),r.join(t)}(e=e||new Date)+" "+function(e,t=":"){e=e||new Date;const r=[];return r.push(("00"+e.getHours()).substr(-2)),r.push(("00"+e.getMinutes()).substr(-2)),r.push(("00"+e.getSeconds()).substr(-2)),r.join(t)}(e)}function S(){"development"===process.env.NODE_ENV&&console.log(...arguments)}function x(e=6){let t="";for(let r=0;r0:t=f,r="年";break;case u>0:t=u,r="月";break;case c>0:t=c,r="天";break;case a>0:t=a,r="小时";break;case s>0:t=s,r="分钟";break;default:t=o,r="秒"}return`${t}${r}${i}`}const I=async function(){};function C(e){return I.constructor===e.constructor?async function(){const t=await e.apply(this,arguments);return l(t)&&t.msg&&(t.message=t.msg),t}:function(){const t=e.apply(this,arguments);return l(t)&&t.msg&&(t.message=t.msg),t}}const R=uniCloud.database(),A=R.collection("uni-id-users"),O=R.collection("opendb-verify-codes"),D=R.collection("uni-id-roles"),B=R.collection("uni-id-permissions");async function M({name:e,url:t,data:r,options:n,defaultOptions:i}){let o={};const s=_(Object.assign({},r));s&&s.access_token&&delete s.access_token;try{n=Object.assign({},i,n,{data:s}),o=await uniCloud.httpclient.request(t,n)}catch(t){return function(e,t){throw new c({code:t.code||-2,message:t.message||e+" fail"})}(e,t)}let a=o.data;const u=o.headers["content-type"];if(!Buffer.isBuffer(a)||0!==u.indexOf("text/plain")&&0!==u.indexOf("application/json"))Buffer.isBuffer(a)&&(a={buffer:a,contentType:u});else try{a=JSON.parse(a.toString())}catch(e){a=a.toString()}return b(function(e,t){if(t.errcode)throw new c({code:t.errcode||-2,message:t.errmsg||e+" fail"});return delete t.errcode,delete t.errmsg,{...t,errMsg:e+" ok",errCode:0}}(e,a||{errCode:-2,errMsg:"Request failed"}))}function N(e,t){let r="";if(t&&t.accessToken){r=`${e.indexOf("?")>-1?"&":"?"}access_token=${t.accessToken}`}return`${e}${r}`}class ${constructor(e){this.options=Object.assign({baseUrl:"https://api.weixin.qq.com",timeout:5e3},e)}async _requestWxOpenapi({name:e,url:t,data:r,options:n}){const i={method:"GET",dataType:"json",dataAsQueryString:!0,timeout:this.options.timeout};return await M({name:"auth."+e,url:`${this.options.baseUrl}${N(t,r)}`,data:r,options:n,defaultOptions:i})}async code2Session(e){return await this._requestWxOpenapi({name:"code2Session",url:"/sns/jscode2session",data:{grant_type:"authorization_code",appid:this.options.appId,secret:this.options.secret,js_code:e}})}async getOauthAccessToken(e){return await this._requestWxOpenapi({name:"getOauthAccessToken",url:"/sns/oauth2/access_token",data:{grant_type:"authorization_code",appid:this.options.appId,secret:this.options.secret,code:e}})}}const L={RSA:"RSA-SHA1",RSA2:"RSA-SHA256"};var K={code2Session:{returnValue:{openid:"userId"}}};class V extends class{constructor(e={}){if(!e.appId)throw new Error("appId required");if(!e.privateKey)throw new Error("privateKey required");const t={gateway:"https://openapi.alipay.com/gateway.do",timeout:5e3,charset:"utf-8",version:"1.0",signType:"RSA2",timeOffset:-(new Date).getTimezoneOffset()/60,keyType:"PKCS8"};e.sandbox&&(e.gateway="https://openapi.alipaydev.com/gateway.do"),this.options=Object.assign({},t,e);const r="PKCS8"===this.options.keyType?"PRIVATE KEY":"RSA PRIVATE KEY";this.options.privateKey=this._formatKey(this.options.privateKey,r),this.options.alipayPublicKey&&(this.options.alipayPublicKey=this._formatKey(this.options.alipayPublicKey,"PUBLIC KEY"))}_formatKey(e,t){return`-----BEGIN ${t}-----\n${e}\n-----END ${t}-----`}_formatUrl(e,t){let r=e;const n=["app_id","method","format","charset","sign_type","sign","timestamp","version","notify_url","return_url","auth_token","app_auth_token"];for(const e in t)if(n.indexOf(e)>-1){const n=encodeURIComponent(t[e]);r=`${r}${r.includes("?")?"&":"?"}${e}=${n}`,delete t[e]}return{execParams:t,url:r}}_getSign(e,t){const r=t.bizContent||null;delete t.bizContent;const i=Object.assign({method:e,appId:this.options.appId,charset:this.options.charset,version:this.options.version,signType:this.options.signType,timestamp:E((o=this.options.timeOffset,new Date(Date.now()+6e4*((new Date).getTimezoneOffset()+60*(o||0)))))},t);var o;r&&(i.bizContent=JSON.stringify(_(r)));const s=_(i),a=Object.keys(s).sort().map(e=>{let t=s[e];return"[object String]"!==Array.prototype.toString.call(t)&&(t=JSON.stringify(t)),`${e}=${t}`}).join("&"),c=n.createSign(L[this.options.signType]).update(a,"utf8").sign(this.options.privateKey,"base64");return Object.assign(s,{sign:c})}async _exec(e,t={},r={}){const n=this._getSign(e,t),{url:i,execParams:o}=this._formatUrl(this.options.gateway,n),{status:s,data:a}=await uniCloud.httpclient.request(i,{method:"POST",data:o,dataType:"text",timeout:this.options.timeout});if(200!==s)throw new Error("request fail");const c=JSON.parse(a),u=e.replace(/\./g,"_")+"_response",f=c[u],d=c.error_response;if(f){if(!r.validateSign||this._checkResponseSign(a,u)){if(!f.code||"10000"===f.code){return{errCode:0,errMsg:f.msg||"",...b(f)}}const e=f.sub_code?`${f.sub_code} ${f.sub_msg}`:""+(f.msg||"unkonwn error");throw new Error(e)}throw new Error("返回结果签名错误")}if(d)throw new Error(d.sub_msg||d.msg||"接口返回错误");throw new Error("request fail")}_checkResponseSign(e,t){if(!this.options.alipayPublicKey||""===this.options.alipayPublicKey)return console.warn("options.alipayPublicKey is empty"),!0;if(!e)return!1;const r=this._getSignStr(e,t),i=JSON.parse(e).sign,o=n.createVerify(L[this.options.signType]);return o.update(r,"utf8"),o.verify(this.options.alipayPublicKey,i,"base64")}_getSignStr(e,t){let r=e.trim();const n=e.indexOf(t+'"'),i=e.lastIndexOf('"sign"');return r=r.substr(n+t.length+1),r=r.substr(0,i),r=r.replace(/^[^{]*{/g,"{"),r=r.replace(/\}([^}]*)$/g,"}"),r}_notifyRSACheck(e,t,r){const i=Object.keys(e).sort().filter(e=>e).map(t=>{let r=e[t];return"[object String]"!==Array.prototype.toString.call(r)&&(r=JSON.stringify(r)),`${t}=${decodeURIComponent(r)}`}).join("&");return n.createVerify(L[r]).update(i,"utf8").verify(this.options.alipayPublicKey,t,"base64")}_checkNotifySign(e){const t=e.sign;if(!this.options.alipayPublicKey||!t)return!1;const r=e.sign_type||this.options.signType||"RSA2",n={...e};delete n.sign,n.sign_type=r;return!!this._notifyRSACheck(n,t,r)||(delete n.sign_type,this._notifyRSACheck(n,t,r))}_verifyNotify(e){if(!e.headers)throw new Error("通知格式不正确");let t;for(const r in e.headers)"content-type"===r.toLowerCase()&&(t=e.headers[r]);if(!1!==e.isBase64Encoded&&-1===t.indexOf("application/x-www-form-urlencoded"))throw new Error("通知格式不正确");const r=i.parse(e.body);if(this._checkNotifySign(r))return b(r);throw new Error("通知验签未通过")}}{constructor(e){super(e),this._protocols=K}async code2Session(e){return await this._exec("alipay.system.oauth.token",{grantType:"authorization_code",code:e})}}function U(e){var t=e[0];return t<"0"||t>"7"?"00"+e:e}function q(e){var t=e.toString(16);return t.length%2?"0"+t:t}function H(e){if(e<=127)return q(e);var t=q(e);return q(128+t.length/2)+t}function F(e,t){return e(t={exports:{}},t.exports),t.exports}var J=F((function(e,t){var r=o.Buffer;function n(e,t){for(var r in e)t[r]=e[r]}function i(e,t,n){return r(e,t,n)}r.from&&r.alloc&&r.allocUnsafe&&r.allocUnsafeSlow?e.exports=o:(n(o,t),t.Buffer=i),i.prototype=Object.create(r.prototype),n(r,i),i.from=function(e,t,n){if("number"==typeof e)throw new TypeError("Argument must not be a number");return r(e,t,n)},i.alloc=function(e,t,n){if("number"!=typeof e)throw new TypeError("Argument must be a number");var i=r(e);return void 0!==t?"string"==typeof n?i.fill(t,n):i.fill(t):i.fill(0),i},i.allocUnsafe=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return r(e)},i.allocUnsafeSlow=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return o.SlowBuffer(e)}})),G=(J.Buffer,J.Buffer);function z(e){if(this.buffer=null,this.writable=!0,this.readable=!0,!e)return this.buffer=G.alloc(0),this;if("function"==typeof e.pipe)return this.buffer=G.alloc(0),e.pipe(this),this;if(e.length||"object"==typeof e)return this.buffer=e,this.writable=!1,process.nextTick(function(){this.emit("end",e),this.readable=!1,this.emit("close")}.bind(this)),this;throw new TypeError("Unexpected data type ("+typeof e+")")}a.inherits(z,s),z.prototype.write=function(e){this.buffer=G.concat([this.buffer,G.from(e)]),this.emit("data",e)},z.prototype.end=function(e){e&&this.write(e),this.emit("end",e),this.emit("close"),this.writable=!1,this.readable=!1};var W=z,X=o.Buffer,Y=o.SlowBuffer,Z=Q;function Q(e,t){if(!X.isBuffer(e)||!X.isBuffer(t))return!1;if(e.length!==t.length)return!1;for(var r=0,n=0;n=128&&--n,n}var ce={derToJose:function(e,t){e=se(e);var r=ie(t),n=r+1,i=e.length,o=0;if(48!==e[o++])throw new Error('Could not find expected "seq"');var s=e[o++];if(129===s&&(s=e[o++]),i-o0)return function(e){if((e=String(e)).length>100)return;var t=/^(-?(?:\d+)?\.?\d+) *(milliseconds?|msecs?|ms|seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)?$/i.exec(e);if(!t)return;var r=parseFloat(t[1]);switch((t[2]||"ms").toLowerCase()){case"years":case"year":case"yrs":case"yr":case"y":return 315576e5*r;case"weeks":case"week":case"w":return 6048e5*r;case"days":case"day":case"d":return r*it;case"hours":case"hour":case"hrs":case"hr":case"h":return r*nt;case"minutes":case"minute":case"mins":case"min":case"m":return r*rt;case"seconds":case"second":case"secs":case"sec":case"s":return r*tt;case"milliseconds":case"millisecond":case"msecs":case"msec":case"ms":return r;default:return}}(e);if("number"===r&&isFinite(e))return t.long?function(e){var t=Math.abs(e);if(t>=it)return st(e,t,it,"day");if(t>=nt)return st(e,t,nt,"hour");if(t>=rt)return st(e,t,rt,"minute");if(t>=tt)return st(e,t,tt,"second");return e+" ms"}(e):function(e){var t=Math.abs(e);if(t>=it)return Math.round(e/it)+"d";if(t>=nt)return Math.round(e/nt)+"h";if(t>=rt)return Math.round(e/rt)+"m";if(t>=tt)return Math.round(e/tt)+"s";return e+"ms"}(e);throw new Error("val is not a non-empty string or a valid number. val="+JSON.stringify(e))};function st(e,t,r,n){var i=t>=1.5*r;return Math.round(e/r)+" "+n+(i?"s":"")}var at=function(e,t){var r=t||Math.floor(Date.now()/1e3);if("string"==typeof e){var n=ot(e);if(void 0===n)return;return Math.floor(r+n/1e3)}return"number"==typeof e?r+e:void 0},ct=F((function(e,t){var r;t=e.exports=J,r="object"==typeof process&&process.env&&process.env.NODE_DEBUG&&/\bsemver\b/i.test(process.env.NODE_DEBUG)?function(){var e=Array.prototype.slice.call(arguments,0);e.unshift("SEMVER"),console.log.apply(console,e)}:function(){},t.SEMVER_SPEC_VERSION="2.0.0";var n=Number.MAX_SAFE_INTEGER||9007199254740991,i=t.re=[],o=t.src=[],s=0,a=s++;o[a]="0|[1-9]\\d*";var c=s++;o[c]="[0-9]+";var u=s++;o[u]="\\d*[a-zA-Z-][a-zA-Z0-9-]*";var f=s++;o[f]="("+o[a]+")\\.("+o[a]+")\\.("+o[a]+")";var d=s++;o[d]="("+o[c]+")\\.("+o[c]+")\\.("+o[c]+")";var l=s++;o[l]="(?:"+o[a]+"|"+o[u]+")";var p=s++;o[p]="(?:"+o[c]+"|"+o[u]+")";var m=s++;o[m]="(?:-("+o[l]+"(?:\\."+o[l]+")*))";var h=s++;o[h]="(?:-?("+o[p]+"(?:\\."+o[p]+")*))";var g=s++;o[g]="[0-9A-Za-z-]+";var y=s++;o[y]="(?:\\+("+o[g]+"(?:\\."+o[g]+")*))";var w=s++,v="v?"+o[f]+o[m]+"?"+o[y]+"?";o[w]="^"+v+"$";var b="[v=\\s]*"+o[d]+o[h]+"?"+o[y]+"?",_=s++;o[_]="^"+b+"$";var E=s++;o[E]="((?:<|>)?=?)";var S=s++;o[S]=o[c]+"|x|X|\\*";var x=s++;o[x]=o[a]+"|x|X|\\*";var k=s++;o[k]="[v=\\s]*("+o[x]+")(?:\\.("+o[x]+")(?:\\.("+o[x]+")(?:"+o[m]+")?"+o[y]+"?)?)?";var j=s++;o[j]="[v=\\s]*("+o[S]+")(?:\\.("+o[S]+")(?:\\.("+o[S]+")(?:"+o[h]+")?"+o[y]+"?)?)?";var T=s++;o[T]="^"+o[E]+"\\s*"+o[k]+"$";var P=s++;o[P]="^"+o[E]+"\\s*"+o[j]+"$";var I=s++;o[I]="(?:^|[^\\d])(\\d{1,16})(?:\\.(\\d{1,16}))?(?:\\.(\\d{1,16}))?(?:$|[^\\d])";var C=s++;o[C]="(?:~>?)";var R=s++;o[R]="(\\s*)"+o[C]+"\\s+",i[R]=new RegExp(o[R],"g");var A=s++;o[A]="^"+o[C]+o[k]+"$";var O=s++;o[O]="^"+o[C]+o[j]+"$";var D=s++;o[D]="(?:\\^)";var B=s++;o[B]="(\\s*)"+o[D]+"\\s+",i[B]=new RegExp(o[B],"g");var M=s++;o[M]="^"+o[D]+o[k]+"$";var N=s++;o[N]="^"+o[D]+o[j]+"$";var $=s++;o[$]="^"+o[E]+"\\s*("+b+")$|^$";var L=s++;o[L]="^"+o[E]+"\\s*("+v+")$|^$";var K=s++;o[K]="(\\s*)"+o[E]+"\\s*("+b+"|"+o[k]+")",i[K]=new RegExp(o[K],"g");var V=s++;o[V]="^\\s*("+o[k]+")\\s+-\\s+("+o[k]+")\\s*$";var U=s++;o[U]="^\\s*("+o[j]+")\\s+-\\s+("+o[j]+")\\s*$";var q=s++;o[q]="(<|>)?=?\\s*\\*";for(var H=0;H<35;H++)r(H,o[H]),i[H]||(i[H]=new RegExp(o[H]));function F(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof J)return e;if("string"!=typeof e)return null;if(e.length>256)return null;if(!(t.loose?i[_]:i[w]).test(e))return null;try{return new J(e,t)}catch(e){return null}}function J(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof J){if(e.loose===t.loose)return e;e=e.version}else if("string"!=typeof e)throw new TypeError("Invalid Version: "+e);if(e.length>256)throw new TypeError("version is longer than 256 characters");if(!(this instanceof J))return new J(e,t);r("SemVer",e,t),this.options=t,this.loose=!!t.loose;var o=e.trim().match(t.loose?i[_]:i[w]);if(!o)throw new TypeError("Invalid Version: "+e);if(this.raw=e,this.major=+o[1],this.minor=+o[2],this.patch=+o[3],this.major>n||this.major<0)throw new TypeError("Invalid major version");if(this.minor>n||this.minor<0)throw new TypeError("Invalid minor version");if(this.patch>n||this.patch<0)throw new TypeError("Invalid patch version");o[4]?this.prerelease=o[4].split(".").map((function(e){if(/^[0-9]+$/.test(e)){var t=+e;if(t>=0&&t=0;)"number"==typeof this.prerelease[r]&&(this.prerelease[r]++,r=-2);-1===r&&this.prerelease.push(0)}t&&(this.prerelease[0]===t?isNaN(this.prerelease[1])&&(this.prerelease=[t,0]):this.prerelease=[t,0]);break;default:throw new Error("invalid increment argument: "+e)}return this.format(),this.raw=this.version,this},t.inc=function(e,t,r,n){"string"==typeof r&&(n=r,r=void 0);try{return new J(e,r).inc(t,n).version}catch(e){return null}},t.diff=function(e,t){if(Z(e,t))return null;var r=F(e),n=F(t),i="";if(r.prerelease.length||n.prerelease.length){i="pre";var o="prerelease"}for(var s in r)if(("major"===s||"minor"===s||"patch"===s)&&r[s]!==n[s])return i+s;return o},t.compareIdentifiers=z;var G=/^[0-9]+$/;function z(e,t){var r=G.test(e),n=G.test(t);return r&&n&&(e=+e,t=+t),e===t?0:r&&!n?-1:n&&!r?1:e0}function Y(e,t,r){return W(e,t,r)<0}function Z(e,t,r){return 0===W(e,t,r)}function Q(e,t,r){return 0!==W(e,t,r)}function ee(e,t,r){return W(e,t,r)>=0}function te(e,t,r){return W(e,t,r)<=0}function re(e,t,r,n){switch(t){case"===":return"object"==typeof e&&(e=e.version),"object"==typeof r&&(r=r.version),e===r;case"!==":return"object"==typeof e&&(e=e.version),"object"==typeof r&&(r=r.version),e!==r;case"":case"=":case"==":return Z(e,r,n);case"!=":return Q(e,r,n);case">":return X(e,r,n);case">=":return ee(e,r,n);case"<":return Y(e,r,n);case"<=":return te(e,r,n);default:throw new TypeError("Invalid operator: "+t)}}function ne(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof ne){if(e.loose===!!t.loose)return e;e=e.value}if(!(this instanceof ne))return new ne(e,t);r("comparator",e,t),this.options=t,this.loose=!!t.loose,this.parse(e),this.semver===ie?this.value="":this.value=this.operator+this.semver.version,r("comp",this)}t.rcompareIdentifiers=function(e,t){return z(t,e)},t.major=function(e,t){return new J(e,t).major},t.minor=function(e,t){return new J(e,t).minor},t.patch=function(e,t){return new J(e,t).patch},t.compare=W,t.compareLoose=function(e,t){return W(e,t,!0)},t.rcompare=function(e,t,r){return W(t,e,r)},t.sort=function(e,r){return e.sort((function(e,n){return t.compare(e,n,r)}))},t.rsort=function(e,r){return e.sort((function(e,n){return t.rcompare(e,n,r)}))},t.gt=X,t.lt=Y,t.eq=Z,t.neq=Q,t.gte=ee,t.lte=te,t.cmp=re,t.Comparator=ne;var ie={};function oe(e,t){if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),e instanceof oe)return e.loose===!!t.loose&&e.includePrerelease===!!t.includePrerelease?e:new oe(e.raw,t);if(e instanceof ne)return new oe(e.value,t);if(!(this instanceof oe))return new oe(e,t);if(this.options=t,this.loose=!!t.loose,this.includePrerelease=!!t.includePrerelease,this.raw=e,this.set=e.split(/\s*\|\|\s*/).map((function(e){return this.parseRange(e.trim())}),this).filter((function(e){return e.length})),!this.set.length)throw new TypeError("Invalid SemVer Range: "+e);this.format()}function se(e){return!e||"x"===e.toLowerCase()||"*"===e}function ae(e,t,r,n,i,o,s,a,c,u,f,d,l){return((t=se(r)?"":se(n)?">="+r+".0.0":se(i)?">="+r+"."+n+".0":">="+t)+" "+(a=se(c)?"":se(u)?"<"+(+c+1)+".0.0":se(f)?"<"+c+"."+(+u+1)+".0":d?"<="+c+"."+u+"."+f+"-"+d:"<="+a)).trim()}function ce(e,t,n){for(var i=0;i0){var o=e[i].semver;if(o.major===t.major&&o.minor===t.minor&&o.patch===t.patch)return!0}return!1}return!0}function ue(e,t,r){try{t=new oe(t,r)}catch(e){return!1}return t.test(e)}function fe(e,t,r,n){var i,o,s,a,c;switch(e=new J(e,n),t=new oe(t,n),r){case">":i=X,o=te,s=Y,a=">",c=">=";break;case"<":i=Y,o=ee,s=X,a="<",c="<=";break;default:throw new TypeError('Must provide a hilo val of "<" or ">"')}if(ue(e,t,n))return!1;for(var u=0;u=0.0.0")),d=d||e,l=l||e,i(e.semver,d.semver,n)?d=e:s(e.semver,l.semver,n)&&(l=e)})),d.operator===a||d.operator===c)return!1;if((!l.operator||l.operator===a)&&o(e,l.semver))return!1;if(l.operator===c&&s(e,l.semver))return!1}return!0}ne.prototype.parse=function(e){var t=this.options.loose?i[$]:i[L],r=e.match(t);if(!r)throw new TypeError("Invalid comparator: "+e);this.operator=r[1],"="===this.operator&&(this.operator=""),r[2]?this.semver=new J(r[2],this.options.loose):this.semver=ie},ne.prototype.toString=function(){return this.value},ne.prototype.test=function(e){return r("Comparator.test",e,this.options.loose),this.semver===ie||("string"==typeof e&&(e=new J(e,this.options)),re(e,this.operator,this.semver,this.options))},ne.prototype.intersects=function(e,t){if(!(e instanceof ne))throw new TypeError("a Comparator is required");var r;if(t&&"object"==typeof t||(t={loose:!!t,includePrerelease:!1}),""===this.operator)return r=new oe(e.value,t),ue(this.value,r,t);if(""===e.operator)return r=new oe(this.value,t),ue(e.semver,r,t);var n=!(">="!==this.operator&&">"!==this.operator||">="!==e.operator&&">"!==e.operator),i=!("<="!==this.operator&&"<"!==this.operator||"<="!==e.operator&&"<"!==e.operator),o=this.semver.version===e.semver.version,s=!(">="!==this.operator&&"<="!==this.operator||">="!==e.operator&&"<="!==e.operator),a=re(this.semver,"<",e.semver,t)&&(">="===this.operator||">"===this.operator)&&("<="===e.operator||"<"===e.operator),c=re(this.semver,">",e.semver,t)&&("<="===this.operator||"<"===this.operator)&&(">="===e.operator||">"===e.operator);return n||i||o&&s||a||c},t.Range=oe,oe.prototype.format=function(){return this.range=this.set.map((function(e){return e.join(" ").trim()})).join("||").trim(),this.range},oe.prototype.toString=function(){return this.range},oe.prototype.parseRange=function(e){var t=this.options.loose;e=e.trim();var n=t?i[U]:i[V];e=e.replace(n,ae),r("hyphen replace",e),e=e.replace(i[K],"$1$2$3"),r("comparator trim",e,i[K]),e=(e=(e=e.replace(i[R],"$1~")).replace(i[B],"$1^")).split(/\s+/).join(" ");var o=t?i[$]:i[L],s=e.split(" ").map((function(e){return function(e,t){return r("comp",e,t),e=function(e,t){return e.trim().split(/\s+/).map((function(e){return function(e,t){r("caret",e,t);var n=t.loose?i[N]:i[M];return e.replace(n,(function(t,n,i,o,s){var a;return r("caret",e,t,n,i,o,s),se(n)?a="":se(i)?a=">="+n+".0.0 <"+(+n+1)+".0.0":se(o)?a="0"===n?">="+n+"."+i+".0 <"+n+"."+(+i+1)+".0":">="+n+"."+i+".0 <"+(+n+1)+".0.0":s?(r("replaceCaret pr",s),a="0"===n?"0"===i?">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+i+"."+(+o+1):">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+(+i+1)+".0":">="+n+"."+i+"."+o+"-"+s+" <"+(+n+1)+".0.0"):(r("no pr"),a="0"===n?"0"===i?">="+n+"."+i+"."+o+" <"+n+"."+i+"."+(+o+1):">="+n+"."+i+"."+o+" <"+n+"."+(+i+1)+".0":">="+n+"."+i+"."+o+" <"+(+n+1)+".0.0"),r("caret return",a),a}))}(e,t)})).join(" ")}(e,t),r("caret",e),e=function(e,t){return e.trim().split(/\s+/).map((function(e){return function(e,t){var n=t.loose?i[O]:i[A];return e.replace(n,(function(t,n,i,o,s){var a;return r("tilde",e,t,n,i,o,s),se(n)?a="":se(i)?a=">="+n+".0.0 <"+(+n+1)+".0.0":se(o)?a=">="+n+"."+i+".0 <"+n+"."+(+i+1)+".0":s?(r("replaceTilde pr",s),a=">="+n+"."+i+"."+o+"-"+s+" <"+n+"."+(+i+1)+".0"):a=">="+n+"."+i+"."+o+" <"+n+"."+(+i+1)+".0",r("tilde return",a),a}))}(e,t)})).join(" ")}(e,t),r("tildes",e),e=function(e,t){return r("replaceXRanges",e,t),e.split(/\s+/).map((function(e){return function(e,t){e=e.trim();var n=t.loose?i[P]:i[T];return e.replace(n,(function(t,n,i,o,s,a){r("xRange",e,t,n,i,o,s,a);var c=se(i),u=c||se(o),f=u||se(s);return"="===n&&f&&(n=""),c?t=">"===n||"<"===n?"<0.0.0":"*":n&&f?(u&&(o=0),s=0,">"===n?(n=">=",u?(i=+i+1,o=0,s=0):(o=+o+1,s=0)):"<="===n&&(n="<",u?i=+i+1:o=+o+1),t=n+i+"."+o+"."+s):u?t=">="+i+".0.0 <"+(+i+1)+".0.0":f&&(t=">="+i+"."+o+".0 <"+i+"."+(+o+1)+".0"),r("xRange return",t),t}))}(e,t)})).join(" ")}(e,t),r("xrange",e),e=function(e,t){return r("replaceStars",e,t),e.trim().replace(i[q],"")}(e,t),r("stars",e),e}(e,this.options)}),this).join(" ").split(/\s+/);return this.options.loose&&(s=s.filter((function(e){return!!e.match(o)}))),s=s.map((function(e){return new ne(e,this.options)}),this)},oe.prototype.intersects=function(e,t){if(!(e instanceof oe))throw new TypeError("a Range is required");return this.set.some((function(r){return r.every((function(r){return e.set.some((function(e){return e.every((function(e){return r.intersects(e,t)}))}))}))}))},t.toComparators=function(e,t){return new oe(e,t).set.map((function(e){return e.map((function(e){return e.value})).join(" ").trim().split(" ")}))},oe.prototype.test=function(e){if(!e)return!1;"string"==typeof e&&(e=new J(e,this.options));for(var t=0;t":0===t.prerelease.length?t.patch++:t.prerelease.push(0),t.raw=t.format();case"":case">=":r&&!X(r,t)||(r=t);break;case"<":case"<=":break;default:throw new Error("Unexpected operation: "+e.operator)}}))}if(r&&e.test(r))return r;return null},t.validRange=function(e,t){try{return new oe(e,t).range||"*"}catch(e){return null}},t.ltr=function(e,t,r){return fe(e,t,"<",r)},t.gtr=function(e,t,r){return fe(e,t,">",r)},t.outside=fe,t.prerelease=function(e,t){var r=F(e,t);return r&&r.prerelease.length?r.prerelease:null},t.intersects=function(e,t,r){return e=new oe(e,r),t=new oe(t,r),e.intersects(t)},t.coerce=function(e){if(e instanceof J)return e;if("string"!=typeof e)return null;var t=e.match(i[I]);if(null==t)return null;return F(t[1]+"."+(t[2]||"0")+"."+(t[3]||"0"))}})),ut=(ct.SEMVER_SPEC_VERSION,ct.re,ct.src,ct.parse,ct.valid,ct.clean,ct.SemVer,ct.inc,ct.diff,ct.compareIdentifiers,ct.rcompareIdentifiers,ct.major,ct.minor,ct.patch,ct.compare,ct.compareLoose,ct.rcompare,ct.sort,ct.rsort,ct.gt,ct.lt,ct.eq,ct.neq,ct.gte,ct.lte,ct.cmp,ct.Comparator,ct.Range,ct.toComparators,ct.satisfies,ct.maxSatisfying,ct.minSatisfying,ct.minVersion,ct.validRange,ct.ltr,ct.gtr,ct.outside,ct.prerelease,ct.intersects,ct.coerce,ct.satisfies(process.version,"^6.12.0 || >=8.0.0")),ft=["RS256","RS384","RS512","ES256","ES384","ES512"],dt=["RS256","RS384","RS512"],lt=["HS256","HS384","HS512"];ut&&(ft.splice(3,0,"PS256","PS384","PS512"),dt.splice(3,0,"PS256","PS384","PS512"));var pt=/^\s+|\s+$/g,mt=/^[-+]0x[0-9a-f]+$/i,ht=/^0b[01]+$/i,gt=/^0o[0-7]+$/i,yt=/^(?:0|[1-9]\d*)$/,wt=parseInt;function vt(e){return e!=e}function bt(e,t){return function(e,t){for(var r=-1,n=e?e.length:0,i=Array(n);++r-1&&e%1==0&&e-1&&e%1==0&&e<=9007199254740991}(e.length)&&!function(e){var t=Dt(e)?kt.call(e):"";return"[object Function]"==t||"[object GeneratorFunction]"==t}(e)}function Dt(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}function Bt(e){return!!e&&"object"==typeof e}var Mt=function(e,t,r,n){var i;e=Ot(e)?e:(i=e)?bt(i,function(e){return Ot(e)?It(e):Ct(e)}(i)):[],r=r&&!n?function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||Bt(e)&&"[object Symbol]"==kt.call(e)}(e))return NaN;if(Dt(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=Dt(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(pt,"");var r=ht.test(e);return r||gt.test(e)?wt(e.slice(2),r?2:8):mt.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(r):0;var o=e.length;return r<0&&(r=Pt(o+r,0)),function(e){return"string"==typeof e||!At(e)&&Bt(e)&&"[object String]"==kt.call(e)}(e)?r<=o&&e.indexOf(t,r)>-1:!!o&&function(e,t,r){if(t!=t)return function(e,t,r,n){for(var i=e.length,o=r+(n?1:-1);n?o--:++o-1},Nt=Object.prototype.toString;var $t=function(e){return!0===e||!1===e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Boolean]"==Nt.call(e)},Lt=/^\s+|\s+$/g,Kt=/^[-+]0x[0-9a-f]+$/i,Vt=/^0b[01]+$/i,Ut=/^0o[0-7]+$/i,qt=parseInt,Ht=Object.prototype.toString;function Ft(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}var Jt=function(e){return"number"==typeof e&&e==function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==Ht.call(e)}(e))return NaN;if(Ft(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=Ft(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(Lt,"");var r=Vt.test(e);return r||Ut.test(e)?qt(e.slice(2),r?2:8):Kt.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(e)},Gt=Object.prototype.toString;var zt=function(e){return"number"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Number]"==Gt.call(e)};var Wt=Function.prototype,Xt=Object.prototype,Yt=Wt.toString,Zt=Xt.hasOwnProperty,Qt=Yt.call(Object),er=Xt.toString,tr=function(e,t){return function(r){return e(t(r))}}(Object.getPrototypeOf,Object);var rr=function(e){if(!function(e){return!!e&&"object"==typeof e}(e)||"[object Object]"!=er.call(e)||function(e){var t=!1;if(null!=e&&"function"!=typeof e.toString)try{t=!!(e+"")}catch(e){}return t}(e))return!1;var t=tr(e);if(null===t)return!0;var r=Zt.call(t,"constructor")&&t.constructor;return"function"==typeof r&&r instanceof r&&Yt.call(r)==Qt},nr=Object.prototype.toString,ir=Array.isArray;var or=function(e){return"string"==typeof e||!ir(e)&&function(e){return!!e&&"object"==typeof e}(e)&&"[object String]"==nr.call(e)},sr=/^\s+|\s+$/g,ar=/^[-+]0x[0-9a-f]+$/i,cr=/^0b[01]+$/i,ur=/^0o[0-7]+$/i,fr=parseInt,dr=Object.prototype.toString;function lr(e,t){var r;if("function"!=typeof t)throw new TypeError("Expected a function");return e=function(e){var t=function(e){if(!e)return 0===e?e:0;if((e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==dr.call(e)}(e))return NaN;if(pr(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=pr(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(sr,"");var r=cr.test(e);return r||ur.test(e)?fr(e.slice(2),r?2:8):ar.test(e)?NaN:+e}(e))===1/0||e===-1/0){return 17976931348623157e292*(e<0?-1:1)}return e==e?e:0}(e),r=t%1;return t==t?r?t-r:t:0}(e),function(){return--e>0&&(r=t.apply(this,arguments)),e<=1&&(t=void 0),r}}function pr(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}var mr=function(e){return lr(2,e)},hr=["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512","none"];ut&&hr.splice(3,0,"PS256","PS384","PS512");var gr={expiresIn:{isValid:function(e){return Jt(e)||or(e)&&e},message:'"expiresIn" should be a number of seconds or string representing a timespan'},notBefore:{isValid:function(e){return Jt(e)||or(e)&&e},message:'"notBefore" should be a number of seconds or string representing a timespan'},audience:{isValid:function(e){return or(e)||Array.isArray(e)},message:'"audience" must be a string or array'},algorithm:{isValid:Mt.bind(null,hr),message:'"algorithm" must be a valid string enum value'},header:{isValid:rr,message:'"header" must be an object'},encoding:{isValid:or,message:'"encoding" must be a string'},issuer:{isValid:or,message:'"issuer" must be a string'},subject:{isValid:or,message:'"subject" must be a string'},jwtid:{isValid:or,message:'"jwtid" must be a string'},noTimestamp:{isValid:$t,message:'"noTimestamp" must be a boolean'},keyid:{isValid:or,message:'"keyid" must be a string'},mutatePayload:{isValid:$t,message:'"mutatePayload" must be a boolean'}},yr={iat:{isValid:zt,message:'"iat" should be a number of seconds'},exp:{isValid:zt,message:'"exp" should be a number of seconds'},nbf:{isValid:zt,message:'"nbf" should be a number of seconds'}};function wr(e,t,r,n){if(!rr(r))throw new Error('Expected "'+n+'" to be a plain object.');Object.keys(r).forEach((function(i){var o=e[i];if(o){if(!o.isValid(r[i]))throw new Error(o.message)}else if(!t)throw new Error('"'+i+'" is not allowed in "'+n+'"')}))}var vr={audience:"aud",issuer:"iss",subject:"sub",jwtid:"jti"},br=["expiresIn","notBefore","noTimestamp","audience","issuer","subject","jwtid"],_r=function(e,t,r,n){var i;if("function"!=typeof r||n||(n=r,r={}),r||(r={}),r=Object.assign({},r),i=n||function(e,t){if(e)throw e;return t},r.clockTimestamp&&"number"!=typeof r.clockTimestamp)return i(new Xe("clockTimestamp must be a number"));if(void 0!==r.nonce&&("string"!=typeof r.nonce||""===r.nonce.trim()))return i(new Xe("nonce must be a non-empty string"));var o=r.clockTimestamp||Math.floor(Date.now()/1e3);if(!e)return i(new Xe("jwt must be provided"));if("string"!=typeof e)return i(new Xe("jwt must be a string"));var s,a=e.split(".");if(3!==a.length)return i(new Xe("jwt malformed"));try{s=ze(e,{complete:!0})}catch(e){return i(e)}if(!s)return i(new Xe("invalid token"));var c,u=s.header;if("function"==typeof t){if(!n)return i(new Xe("verify must be called asynchronous if secret or public key is provided as a callback"));c=t}else c=function(e,r){return r(null,t)};return c(u,(function(t,n){if(t)return i(new Xe("error in secret or public key callback: "+t.message));var c,f=""!==a[2].trim();if(!f&&n)return i(new Xe("jwt signature is required"));if(f&&!n)return i(new Xe("secret or public key must be provided"));if(f||r.algorithms||(r.algorithms=["none"]),r.algorithms||(r.algorithms=~n.toString().indexOf("BEGIN CERTIFICATE")||~n.toString().indexOf("BEGIN PUBLIC KEY")?ft:~n.toString().indexOf("BEGIN RSA PUBLIC KEY")?dt:lt),!~r.algorithms.indexOf(s.header.alg))return i(new Xe("invalid algorithm"));try{c=Ge.verify(e,s.header.alg,n)}catch(e){return i(e)}if(!c)return i(new Xe("invalid signature"));var d=s.payload;if(void 0!==d.nbf&&!r.ignoreNotBefore){if("number"!=typeof d.nbf)return i(new Xe("invalid nbf value"));if(d.nbf>o+(r.clockTolerance||0))return i(new Ze("jwt not active",new Date(1e3*d.nbf)))}if(void 0!==d.exp&&!r.ignoreExpiration){if("number"!=typeof d.exp)return i(new Xe("invalid exp value"));if(o>=d.exp+(r.clockTolerance||0))return i(new et("jwt expired",new Date(1e3*d.exp)))}if(r.audience){var l=Array.isArray(r.audience)?r.audience:[r.audience];if(!(Array.isArray(d.aud)?d.aud:[d.aud]).some((function(e){return l.some((function(t){return t instanceof RegExp?t.test(e):t===e}))})))return i(new Xe("jwt audience invalid. expected: "+l.join(" or ")))}if(r.issuer&&("string"==typeof r.issuer&&d.iss!==r.issuer||Array.isArray(r.issuer)&&-1===r.issuer.indexOf(d.iss)))return i(new Xe("jwt issuer invalid. expected: "+r.issuer));if(r.subject&&d.sub!==r.subject)return i(new Xe("jwt subject invalid. expected: "+r.subject));if(r.jwtid&&d.jti!==r.jwtid)return i(new Xe("jwt jwtid invalid. expected: "+r.jwtid));if(r.nonce&&d.nonce!==r.nonce)return i(new Xe("jwt nonce invalid. expected: "+r.nonce));if(r.maxAge){if("number"!=typeof d.iat)return i(new Xe("iat required when maxAge is specified"));var p=at(r.maxAge,d.iat);if(void 0===p)return i(new Xe('"maxAge" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'));if(o>=p+(r.clockTolerance||0))return i(new et("maxAge exceeded",new Date(1e3*p)))}if(!0===r.complete){var m=s.signature;return i(null,{header:u,payload:d,signature:m})}return i(null,d)}))},Er=function(e,t,r,n){"function"==typeof r?(n=r,r={}):r=r||{};var i="object"==typeof e&&!Buffer.isBuffer(e),o=Object.assign({alg:r.algorithm||"HS256",typ:i?"JWT":void 0,kid:r.keyid},r.header);function s(e){if(n)return n(e);throw e}if(!t&&"none"!==r.algorithm)return s(new Error("secretOrPrivateKey must have a value"));if(void 0===e)return s(new Error("payload is required"));if(i){try{!function(e){wr(yr,!0,e,"payload")}(e)}catch(e){return s(e)}r.mutatePayload||(e=Object.assign({},e))}else{var a=br.filter((function(e){return void 0!==r[e]}));if(a.length>0)return s(new Error("invalid "+a.join(",")+" option for "+typeof e+" payload"))}if(void 0!==e.exp&&void 0!==r.expiresIn)return s(new Error('Bad "options.expiresIn" option the payload already has an "exp" property.'));if(void 0!==e.nbf&&void 0!==r.notBefore)return s(new Error('Bad "options.notBefore" option the payload already has an "nbf" property.'));try{!function(e){wr(gr,!1,e,"options")}(r)}catch(e){return s(e)}var c=e.iat||Math.floor(Date.now()/1e3);if(r.noTimestamp?delete e.iat:i&&(e.iat=c),void 0!==r.notBefore){try{e.nbf=at(r.notBefore,c)}catch(e){return s(e)}if(void 0===e.nbf)return s(new Error('"notBefore" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}if(void 0!==r.expiresIn&&"object"==typeof e){try{e.exp=at(r.expiresIn,c)}catch(e){return s(e)}if(void 0===e.exp)return s(new Error('"expiresIn" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60'))}Object.keys(vr).forEach((function(t){var n=vr[t];if(void 0!==r[t]){if(void 0!==e[n])return s(new Error('Bad "options.'+t+'" option. The payload already has an "'+n+'" property.'));e[n]=r[t]}}));var u=r.encoding||"utf8";if("function"!=typeof n)return Ge.sign({header:o,payload:e,secret:t,encoding:u});n=n&&mr(n),Ge.createSign({header:o,privateKey:t,payload:e,encoding:u}).once("error",n).once("done",(function(e){n(null,e)}))};let Sr=[];class xr{constructor(e){this.fetched=!1,this.options=Object.assign({baseUrl:"https://appleid.apple.com",timeout:1e4},e)}async _fetch(e,t){const{baseUrl:r}=this.options;return uniCloud.httpclient.request(r+e,t)}async verifyIdentityToken(e){const t=e.split(".")[0],r=JSON.parse(Buffer.from(t,"base64").toString()).kid;if(!Sr.length)try{Sr=await this.getAuthKeys()}catch(e){return{code:10705,msg:e.message}}let n=this.getUsedKey(Sr,r);if(!Object.keys(n).length&&!this.fetched){try{Sr=await this.getAuthKeys()}catch(e){return{code:10705,msg:e.message}}n=this.getUsedKey(Sr,r)}let i=null;try{i=_r(e,function(e,t){var r=Buffer.from(e,"base64"),n=Buffer.from(t,"base64"),i=r.toString("hex"),o=n.toString("hex");i=U(i),o=U(o);var s=i.length/2,a=o.length/2,c=H(s),u=H(a),f="30"+H(s+a+c.length/2+u.length/2+2)+"02"+c+i+"02"+u+o;return"-----BEGIN RSA PUBLIC KEY-----\n"+Buffer.from(f,"hex").toString("base64").match(/.{1,64}/g).join("\n")+"\n-----END RSA PUBLIC KEY-----\n"}(n.n,n.e),{algorithms:n.alg})}catch(e){return{code:10705,msg:e.message}}return{code:0,msg:i}}async getAuthKeys(){const{status:e,data:t}=await this._fetch("/auth/keys",{method:"GET",dataType:"json",timeout:this.options.timeout});if(this.fetched=!0,200!==e)throw new Error("request fail");return t.keys}getUsedKey(e,t){let r={};for(let n=0;n upRes",await A.doc(e.uid).update({avatar:e.avatar})),{code:0,msg:"头像设置成功"}},updatePwd:async function(e){const t=await A.doc(e.uid).get();if(t&&t.data&&t.data.length>0){if(0===this._checkPwd(t.data[0],e.oldPassword).code){const{passwordHash:r,version:n}=this.encryptPwd(e.newPassword),i={password:r,token:[]};n&&(i.password_secret_version=n);return S("upRes",await A.doc(t.data[0]._id).update(i)),{code:0,msg:"修改成功"}}return{code:40202,msg:"旧密码错误"}}return{code:40201,msg:"用户不存在"}},updateUser:async function(e){const t=e.uid;return t?(delete e.uid,S("update -> upRes",await A.doc(t).update(e)),{code:0,msg:"修改成功"}):{code:80101,msg:"缺少uid参数"}},_getAlipayApi:function({platform:e}={}){const t=e||this.context.PLATFORM;if(!t)throw new Error("未能获取客户端平台信息,请主动传入platform");const r=this._getConfig(t);if(!r.oauth||!r.oauth.alipay)throw new Error(`请在公用模块uni-id的config.json或init方法中添加${t}平台支付宝登录配置项`);return["appid","privateKey"].forEach(e=>{if(!r.oauth.alipay[e])throw new Error(`请在公用模块uni-id的config.json或init方法中添加配置项:${t}.oauth.alipay.${e}`)}),jr({...r.oauth.alipay,clientType:t})},_getValidInviteCode:async function({inviteCode:e}){let t,r=10;e?(r=1,t=e):t=Pr();let n=!1;try{for(;r>0&&!n;){r--;if(0===(await A.where({invite_code:t}).get()).data.length){n=!0;break}t=Pr()}return n?{code:0,inviteCode:t}:e?{code:80401,msg:"邀请码重复,设置失败"}:{code:80402,msg:"邀请码设置失败稍后再试"}}catch(e){return{code:90001,msg:"数据库读写异常"}}},_addUser:async function(e,t={}){const r=this._getConfig(),n={...e,register_date:Date.now(),register_ip:this.context.CLIENTIP},i=(await A.add(n)).id;let o;if(r.removePermissionAndRoleFromToken){const e=t.needPermission;o=await this.createToken({uid:i,needPermission:e})}else{const t=e.role||[];let r;r=0===t.length||t.includes("admin")?[]:await this._getPermissionListByRoleList(t),o=await this.createToken({uid:i,role:t,permission:r})}const{token:s,tokenExpired:a}=o;return await A.doc(i).update({token:[s]}),{token:s,tokenExpired:a,uid:i,type:"register",userInfo:Object.assign({},n,{token:s})}},_loginExec:async function(e,t={}){if(1===e.status)return{code:10001,msg:"账号已禁用"};const r=this._getConfig();let n=e.token||[];"string"==typeof n&&(n=[n]);const i=this._getExpiredToken(n);let o;if(n=n.filter(e=>-1===i.indexOf(e)),r.removePermissionAndRoleFromToken){const r=t.needPermission;o=await this.createToken({uid:e._id,needPermission:r})}else{const t=e.role||[];let r;r=0===t.length||t.includes("admin")?[]:await this._getPermissionListByRoleList(t),o=await this.createToken({uid:e._id,role:t,permission:r})}const{token:s,tokenExpired:a}=o;n.push(s),e.token=n;const c={last_login_date:Date.now(),last_login_ip:this.context.CLIENTIP,token:n,...t.extraData};await A.doc(e._id).update(c);const u=Object.assign({},e,c);return{code:0,msg:"登录成功",token:s,uid:u._id,username:u.username,type:"login",userInfo:u,tokenExpired:a}},_registerExec:async function(e,t={}){const{my_invite_code:r}=e;if(this._getConfig().autoSetInviteCode||r){const t=await this._getValidInviteCode({inviteCode:r});if(t.code>0)return t;e.my_invite_code=t.inviteCode}return{code:0,msg:"注册成功",...await this._addUser(e,t)}},_getWeixinApi:function({platform:e}={}){const t=e||this.context.PLATFORM;if(!t)throw new Error("未能获取客户端平台信息,请主动传入platform");const r=this._getConfig(t);if(!r.oauth||!r.oauth.weixin)throw new Error(`请在公用模块uni-id的config.json或init方法中添加${t}平台微信登录配置项`);return["appid","appsecret"].forEach(e=>{if(!r.oauth.weixin[e])throw new Error(`请在公用模块uni-id的config.json或init方法中添加配置项:${t}.oauth.weixin.${e}`)}),kr({...r.oauth.weixin,clientType:t})},acceptInvite:async function({uid:e,inviteCode:t}){const r=await A.where({_id:Ir.neq(e),inviter_uid:Ir.not(Ir.all([e])),my_invite_code:t}).get();if(1!==r.data.length)return{code:80501,msg:"邀请码无效"};const n=[r.data[0]._id].concat(r.data[0].inviter_uid||[]),i=await A.doc(e).field({my_invite_code:!0,inviter_uid:!0}).get();if(0===i.data.length)return{code:80502,msg:"uid错误用户不存在"};if(i.data[0].inviter_uid&&i.data[0].inviter_uid.length>0)return{code:80503,msg:"邀请码不可修改"};const o=Date.now();return await A.doc(e).update({inviter_uid:n,invite_time:o}),await A.where({inviter_uid:e}).update({inviter_uid:Ir.push(n)}),{code:0,msg:"邀请码填写成功"}},getInvitedUser:async function({uid:e,level:t=1,limit:r=20,offset:n=0,needTotal:i=!1}){const o={code:0,msg:"获取邀请列表成功",invitedUser:(await A.where({["inviter_uid."+(t-1)]:e}).field({_id:!0,username:!0,mobile:!0,invite_time:!0}).orderBy("invite_time","desc").skip(n).limit(r).get()).data};if(i){const r=await A.where({["inviter_uid."+(t-1)]:e}).count();o.total=r.total}return o},setUserInviteCode:async function({uid:e,myInviteCode:t}){const r=await this._getValidInviteCode({inviteCode:t});return r.code>0?r:(await A.doc(e).update({my_invite_code:r.inviteCode}),{code:0,msg:"邀请码设置成功",myInviteCode:r.inviteCode})},loginByAlipay:async function(e){let t=e;"string"==typeof e&&(t={code:e});const r=t.needPermission,n=t.platform||this.context.PLATFORM,{openid:i}=await this._getAlipayApi({platform:n}).code2Session(t.code);if(!i)return{code:10501,msg:"获取openid失败"};const o=await A.where({ali_openid:i}).get();if(o&&o.data&&o.data.length>0){const e=o.data[0],t=await this._loginExec(e,{needPermission:r});if(0!==t.code)return t;const{userInfo:n}=t;return{...t,openid:i,mobileConfirmed:1===n.mobile_confirmed,emailConfirmed:1===n.email_confirmed}}{const e={ali_openid:i};e.my_invite_code=t.myInviteCode,e.role=t.role;const n=await this._registerExec(e,{needPermission:r});return 0!==n.code?n:{...n,openid:i,mobileConfirmed:!1,emailConfirmed:!1}}},loginByEmail:async function({email:e,code:t,password:r,myInviteCode:n,type:i,needPermission:o,role:s}){const a=await this.verifyCode({email:e,code:t,type:i||"login"});if(0!==a.code)return a;const c={email:e,email_confirmed:1},u=await A.where(c).get();if(S("userInDB:",u),u&&u.data&&u.data.length>0){if("register"===i)return{code:10301,msg:"此邮箱已注册"};const t=u.data[0],r=await this._loginExec(t,{needPermission:o});return 0!==r.code?r:{...r,email:e}}{if("login"===i)return{code:10302,msg:"此邮箱尚未注册"};const t={email:e,email_confirmed:1};if(r){const{passwordHash:e,version:n}=this.encryptPwd(r);t.password=e,n&&(t.password_secret_version=n)}t.my_invite_code=n,t.role=s;const a=await this._registerExec(t,{needPermission:o});return 0!==a.code?a:{...a,email:e}}},loginBySms:async function({mobile:e,code:t,password:r,inviteCode:n,myInviteCode:i,type:o,needPermission:s,role:a}){const c=this._getConfig();if(c.forceInviteCode&&!o)throw new Error("[loginBySms]强制使用邀请码注册时,需指明type为register还是login");const u=await this.verifyCode({mobile:e,code:t,type:o||"login"});if(0!==u.code)return u;const f={mobile:e,mobile_confirmed:1},d=await A.where(f).get();if(d&&d.data&&d.data.length>0){if("register"===o)return{code:10201,msg:"此手机号已注册"};const t=d.data[0],r=await this._loginExec(t,{needPermission:s});return 0!==r.code?r:{...r,mobile:e}}{const t=Date.now();if("login"===o)return{code:10203,msg:"此手机号尚未注册"};const u={mobile:e,mobile_confirmed:1,register_ip:this.context.CLIENTIP,register_date:t};if(r){const{passwordHash:e,version:t}=this.encryptPwd(r);u.password=e,t&&(u.password_secret_version=t)}if(n){const e=await A.where({my_invite_code:n}).get();if(1!==e.data.length)return{code:10202,msg:"邀请码无效"};u.inviter_uid=[e.data[0]._id].concat(e.data[0].inviter_uid||[]),u.invite_time=t}else if(c.forceInviteCode)return{code:10202,msg:"邀请码无效"};u.my_invite_code=i,u.role=a;const f=await this._registerExec(u,{needPermission:s});return 0!==f.code?f:{...f,mobile:e}}},loginByWeixin:async function(e){let t=e;"string"==typeof e&&(t={code:e});const r=t.needPermission,n=t.platform||this.context.PLATFORM,{openid:i,unionid:o,sessionKey:s}=await this._getWeixinApi({platform:n})["mp-weixin"===n?"code2Session":"getOauthAccessToken"](t.code);if(!i)return{code:10401,msg:"获取openid失败"};const a=Cr.command,c=[{wx_openid:{[n]:i}}];o&&c.push({wx_unionid:o});const u=await A.where(a.or(...c)).get();if(u&&u.data&&u.data.length>0){const e=u.data[0],t={wx_openid:{[n]:i}};o&&(t.wx_unionid=o);const a=await this._loginExec(e,{needPermission:r,extraData:t});if(0!==a.code)return a;const{userInfo:c}=a;return{...a,openid:i,unionid:o,sessionKey:s,mobileConfirmed:1===c.mobile_confirmed,emailConfirmed:1===c.email_confirmed}}{const e={wx_openid:{[n]:i},wx_unionid:o},a=t.myInviteCode;e.my_invite_code=a,e.role=t.role;const c=await this._registerExec(e,{needPermission:r});return 0!==c.code?c:{...c,openid:i,unionid:o,sessionKey:s,mobileConfirmed:!1,emailConfirmed:!1}}},loginByUniverify:async function({openid:e,access_token:t,password:r,inviteCode:n,myInviteCode:i,type:o,needPermission:s,role:a}){const c=this._getConfig(),u=c&&c.service&&c.service.univerify;if(!u)throw new Error("请在config.json中配置service.univerify下一键登录相关参数");if(c.forceInviteCode&&!o)throw new Error("[loginByUniverify] 强制使用邀请码注册时,需指明type为register还是login");const f=await Rr({...u,openid:e,access_token:t});if(0!==f.code)return f;const d=String(f.phoneNumber),l=await A.where({mobile:d}).get();if(l&&l.data&&l.data.length>0){if("register"===o)return{code:10601,msg:"此手机号已注册"};const e=l.data[0],t=await this._loginExec(e,{needPermission:s});return 0!==t.code?t:{...t,mobile:d}}if("login"===o)return{code:10602,msg:"此手机号尚未注册"};const p=Date.now(),m={mobile:d,my_invite_code:i,mobile_confirmed:1,role:a};if(r){const{passwordHash:e,version:t}=this.encryptPwd(r);m.password=e,t&&(m.password_secret_version=t)}if(n){let e=await A.where({my_invite_code:n}).get();if(1!==e.data.length)return{code:10202,msg:"邀请码无效"};e=e.data[0],m.inviter_uid=[e._id].concat(e.inviter_uid||[]),m.invite_time=p}else if(c.forceInviteCode)return{code:10202,msg:"邀请码无效"};m.my_invite_code=i;const h=await this._registerExec(m,{needPermission:s});return 0!==h.code?h:{...h,mobile:d}},loginByApple:async function({nickName:e,fullName:t,email:r,authorizationCode:n,identityToken:i,realUserStatus:o,inviteCode:s,myInviteCode:a,type:c,needPermission:u,platform:f,role:d}){const l=this._getConfig(),p=l&&l["app-plus"]&&l["app-plus"].oauth&&l["app-plus"].oauth.apple;if(!p)throw new Error("请在config.json或init方法中,app-plus.oauth.apple 下配置相关参数");const{bundleId:m}=p;if(!m)throw new Error("请在config.json或init方法中 app-plus.oauth.apple 下配置bundleId");if(!i)throw new Error("[loginByApple] 苹果登录需要传递identityToken");const h=f||this.context.PLATFORM;t=e||(t&&Object.keys(t).length>0?t.familyName+t.givenName:"");const{code:g,msg:y}=await Tr({clientType:h}).verifyIdentityToken(i);if(0!==g)return{code:g,msg:y};const{iss:w,sub:v,aud:b,email:_}=y;if("https://appleid.apple.com"!==w)return{code:10706,msg:"签发机构检验失败"};if(!v)return{code:10701,msg:"获取用户唯一标识符失败"};if(m!==b)return{code:10702,msg:"bundleId校验失败,请确认配置后重试"};const E=t||"新用户"+_.split("@")[0],S=await A.where({apple_openid:v}).get();if(S&&S.data&&S.data.length>0){if("register"===c)return{code:10703,msg:"此账户已注册"};const e=S.data[0],t=await this._loginExec(e,{needPermission:u});return 0!==t.code?t:{...t,openid:v}}if("login"===c)return{code:10704,msg:"此账户尚未注册"};const x={nickname:E,apple_openid:v,my_invite_code:a,role:d},k=await this._registerExec(x,{needPermission:u});return 0!==k.code?k:{...k,openid:v}},login:async function({username:e,password:t,queryField:r=[],needPermission:n}){const i=Ar.command,o=[];r&&r.length||(r=["username"]);const s={email:{email_confirmed:1},mobile:{mobile_confirmed:1}};r.forEach(t=>{o.push({[t]:e,...s[t]})});const a=await A.where(i.or(...o)).limit(1).get(),c=this.context.CLIENTIP,{passwordErrorLimit:u,passwordErrorRetryTime:f}=this._getConfig();if(S("userInDB:",a),0===a.data.length)return{code:10101,msg:"用户不存在"};const d=a.data[0];let l=d.login_ip_limit||[];l=l.filter(e=>e.last_error_time>Date.now()-1e3*f);let p=l.find(e=>e.ip===c);if(p&&p.error_times>=u)return{code:10103,msg:`密码错误次数过多,请${P(p.last_error_time+1e3*f)}再试。`};const m=this._checkPwd(d,t);if(0===m.code){const e=l.indexOf(p);e>-1&&l.splice(e,1);const t={login_ip_limit:l},{passwordHash:r,passwordVersion:i}=m;r&&i&&(t.password=r,t.password_secret_version=i);const o=await this._loginExec(d,{needPermission:n,extraData:t});return o.code,o}return p?(p.error_times++,p.last_error_time=Date.now()):(p={ip:c,error_times:1,last_error_time:Date.now()},l.push(p)),await A.doc(d._id).update({login_ip_limit:l}),{code:10102,msg:"密码错误"}},register:async function(e){const t=[],r=[{name:"username",desc:"用户名"},{name:"email",desc:"邮箱",extraCond:{email_confirmed:1}},{name:"mobile",desc:"手机号",extraCond:{mobile_confirmed:1}}],n=e.needPermission;if(void 0!==n&&delete e.needPermission,r.forEach(r=>{const n=r.name;e[n]&&e[n].trim()&&t.push({[n]:e[n],...r.extraCond})}),0===t.length)return{code:20101,msg:"用户名、邮箱、手机号不可同时为空"};const{username:i,email:o,mobile:s,myInviteCode:a}=e,c=Or.command,u=await A.where(c.or(...t)).get();if(u&&u.data.length>0){const t=u.data[0];for(let n=0;nt[e]===i.extraCond[e])),t[i.name]===e[i.name]&&o)return{code:20102,msg:i.desc+"已存在"}}}const{passwordHash:f,version:d}=this.encryptPwd(e.password);e.password=f,d&&(e.password_secret_version=d),e.my_invite_code=a,delete e.myInviteCode;const l=await this._registerExec(e,{needPermission:n});return 0!==l.code?l:{...l,username:i,email:o,mobile:s}},logout:async function(e){const t=await this.checkToken(e);if(t.code&&t.code>0)return t;const r=Dr.command;return await A.doc(t.uid).update({token:r.pull(e)}),{code:0,msg:"退出成功"}},getRoleByUid:async function({uid:e}){if(!e)return{code:"PARAMETER_ERROR",msg:"用户Id不能为空"};const t=await A.doc(e).get();return 0===t.data.length?{code:"USER_NOT_EXIST",msg:"用户不存在"}:{code:0,msg:"获取角色成功",role:t.data[0].role||[]}},getPermissionByRole:async function({roleID:e}){if(!e)return{code:"PARAMETER_ERROR",msg:"角色ID不能为空"};if("admin"===e){return{code:0,msg:"获取权限成功",permission:(await B.limit(1e4).get()).data.map(e=>e.permission_id)}}const t=await D.where({role_id:e}).get();return 0===t.data.length?{code:"ROLE_NOT_EXIST",msg:"角色不存在"}:{code:0,msg:"获取权限成功",permission:t.data[0].permission||[]}},getPermissionByUid:async function({uid:e}){const t=await A.aggregate().match({_id:e}).project({role:!0}).unwind("$role").lookup({from:"uni-id-roles",localField:"role",foreignField:"role_id",as:"roleDetail"}).unwind("$roleDetail").replaceRoot({newRoot:"$roleDetail"}).end(),r=[];return t.data.forEach(e=>{Array.prototype.push.apply(r,e.permission)}),{code:0,msg:"获取权限成功",permission:k(r)}},bindRole:async function({uid:e,roleList:t,reset:r=!1}){const n={};return"string"==typeof t&&(t=[t]),n.role=r?t:Br.push(t),await A.doc(e).update(n),{code:0,msg:"角色绑定成功"}},bindPermission:async function({roleID:e,permissionList:t,reset:r=!1}){const n={};return"string"==typeof t&&(t=[t]),n.permission=r?t:Br.push(t),await D.where({role_id:e}).update(n),{code:0,msg:"权限绑定成功"}},unbindRole:async function({uid:e,roleList:t}){return"string"==typeof t&&(t=[t]),await A.doc(e).update({role:Br.pull(Br.in(t))}),{code:0,msg:"角色解绑成功"}},unbindPermission:async function({roleID:e,permissionList:t}){return"string"==typeof t&&(t=[t]),await D.where({role_id:e}).update({permission:Br.pull(Br.in(t))}),{code:0,msg:"权限解绑成功"}},addRole:async function({roleID:e,roleName:t,comment:r,permission:n=[]}){return e?"admin"===e?{code:"PARAMETER_ERROR",msg:"不可新增roleID为admin的角色"}:(await D.add({role_id:e,role_name:t,comment:r,permission:n,create_date:Date.now()}),{code:0,msg:"角色新增成功"}):{code:"PARAMETER_ERROR",msg:"roleID不能为空"}},addPermission:async function({permissionID:e,permissionName:t,comment:r}){return e?(await B.add({permission_id:e,permission_name:t,comment:r,create_date:Date.now()}),{code:0,msg:"权限新增成功"}):{code:"PARAMETER_ERROR",msg:"permissionID不能为空"}},getRoleList:async function({limit:e=20,offset:t=0,needTotal:r=!0}){const n={code:0,msg:"获取角色列表成功",roleList:(await D.skip(t).limit(e).get()).data};if(r){const{total:e}=await D.where({_id:Br.exists(!0)}).count();n.total=e}return n},getRoleInfo:async function(e){const t=await D.where({role_id:e}).get();return 0===t.data.length?{code:"ROLE_ID_NOT_EXISTS",msg:"角色ID不存在"}:{code:0,...t.data[0]}},updateRole:async function({roleID:e,roleName:t,comment:r,permission:n}){return e?(await D.where({role_id:e}).update({role_name:t,comment:r,permission:n}),{code:0,msg:"角色更新成功"}):{code:"PARAMETER_ERROR",msg:"参数错误,roleID不能为空"}},deleteRole:async function({roleID:e}){const t=m(e);if("string"===t)e=[e];else if("array"!==t)throw new Error("roleID只能为字符串或者数组");return await D.where({role_id:Br.in(e)}).remove(),await A.where({role:Br.elemMatch(Br.in(e))}).update({role:Br.pullAll(e)}),{code:0,msg:"角色删除成功"}},getPermissionList:async function({limit:e=20,offset:t=0,needTotal:r=!0}){const n={code:0,msg:"获取权限列表成功",permissionList:(await B.skip(t).limit(e).get()).data};if(r){const{total:e}=await B.where({_id:Br.exists(!0)}).count();n.total=e}return n},getPermissionInfo:async function(e){const t=await B.where({permission_id:e}).get();return 0===t.data.length?{code:"PERMISSION_ID_NOT_EXISTS",msg:"权限ID不存在"}:{code:0,...t.data[0]}},updatePermission:async function({permissionID:e,permissionName:t,comment:r}){return e?(await B.where({permission_id:e}).update({permission_name:t,comment:r}),{code:0,msg:"权限更新成功"}):{code:"PARAMETER_ERROR",msg:"参数错误,permissionID不能为空"}},deletePermission:async function({permissionID:e}){const t=m(e);if("string"===t)e=[e];else if("array"!==t)throw new Error("permissionID只能为字符串或者数组");return await B.where({permission_id:Br.in(e)}).remove(),await D.where({permission:Br.elemMatch(Br.in(e))}).update({permission:Br.pullAll(e)}),{code:0,msg:"权限删除成功"}},bindAlipay:async function({uid:e,code:t,platform:r}){const n=r||this.context.PLATFORM,{openid:i}=await this._getAlipayApi({platform:n}).code2Session(t);if(!i)return{code:60401,msg:"获取openid失败"};const o=await A.where({ali_openid:i}).get();return o&&o.data&&o.data.length>0?{code:60402,msg:"支付宝绑定失败,此账号已被绑定"}:(await A.doc(e).update({ali_openid:i}),{code:0,openid:i,msg:"绑定成功"})},bindEmail:async function({uid:e,email:t,code:r}){const n=await A.where({email:t,email_confirmed:1}).count();if(n&&n.total>0)return{code:60201,msg:"此邮箱已被绑定"};if(r){const e=await this.verifyCode({email:t,code:r,type:"bind"});if(0!==e.code)return e}return S("bindEmail -> upRes",await A.doc(e).update({email:t,email_confirmed:1})),{code:0,msg:"邮箱绑定成功",email:t}},bindMobile:async function({uid:e,mobile:t,code:r,openid:n,access_token:i,type:o="sms"}){if("univerify"===o){const e=this._getConfig(),r=e&&e.service&&e.service.univerify;if(!r)throw new Error("请在config.json中配置service.univerify下一键登录相关参数");const o=await Rr({...r,openid:n,access_token:i});if(0!==o.code)return o;t=""+o.phoneNumber}const s=await A.where({mobile:t,mobile_confirmed:1}).count();if(s&&s.total>0)return{code:60101,msg:"此手机号已被绑定"};if("sms"===o&&r){const e=await this.verifyCode({mobile:t,code:r,type:"bind"});if(0!==e.code)return e}return S("bindMobile -> upRes",await A.doc(e).update({mobile:t,mobile_confirmed:1})),{code:0,msg:"手机号码绑定成功",mobile:t}},bindWeixin:async function({uid:e,code:t,platform:r}){const n=r||this.context.PLATFORM,{openid:i,unionid:o}=await this._getWeixinApi({platform:n})["mp-weixin"===n?"code2Session":"getOauthAccessToken"](t);if(!i)return{code:60301,msg:"获取openid失败"};const s=Mr.command,a=[{wx_openid:{[n]:i}}];o&&a.push({wx_unionid:o});const c=await A.where(s.or(...a)).get();if(c&&c.data&&c.data.length>0)return{code:60302,msg:"微信绑定失败,此微信账号已被绑定"};const u={wx_openid:{[n]:i}};return o&&(u.wx_unionid=o),await A.doc(e).update(u),{code:0,openid:i,unionid:o,msg:"绑定成功"}},unbindAlipay:async function(e){const t=Nr.command,r=await A.doc(e).update({ali_openid:t.remove()});return S("upRes:",r),1===r.updated?{code:0,msg:"支付宝解绑成功"}:{code:70401,msg:"支付宝解绑失败,请稍后再试"}},unbindEmail:async function({uid:e,email:t,code:r}){if(r){const e=await this.verifyCode({email:t,code:r,type:"unbind"});if(0!==e.code)return e}const n=$r.command;return 1===(await A.where({_id:e,email:t}).update({email:n.remove(),email_confirmed:n.remove()})).updated?{code:0,msg:"邮箱解绑成功"}:{code:70201,msg:"邮箱解绑失败,请稍后再试"}},unbindMobile:async function({uid:e,mobile:t,code:r}){if(r){const e=await this.verifyCode({mobile:t,code:r,type:"unbind"});if(0!==e.code)return e}const n=Lr.command;return 1===(await A.where({_id:e,mobile:t}).update({mobile:n.remove(),mobile_confirmed:n.remove()})).updated?{code:0,msg:"手机号解绑成功"}:{code:70101,msg:"手机号解绑失败,请稍后再试"}},unbindWeixin:async function(e){const t=Kr.command,r=await A.doc(e).update({wx_openid:t.remove(),wx_unionid:t.remove()});return S("upRes:",r),1===r.updated?{code:0,msg:"微信解绑成功"}:{code:70301,msg:"微信解绑失败,请稍后再试"}},code2SessionAlipay:async function(e){let t=e;"string"==typeof e&&(t={code:e});try{const e=t.platform||this.context.PLATFORM,r=await this._getAlipayApi({platform:e}).code2Session(t.code);return r.openid?{code:0,msg:"",...r}:{code:80701,msg:"获取openid失败"}}catch(e){return{code:80702,msg:e.message}}},code2SessionWeixin:async function(e){let t=e;"string"==typeof e&&(t={code:e});try{const e=t.platform||this.context.PLATFORM,r=await this._getWeixinApi({platform:e})["mp-weixin"===e?"code2Session":"getOauthAccessToken"](t.code);return r.openid?{code:0,msg:"",...r}:{code:80601,msg:"获取openid失败"}}catch(e){return{code:80602,msg:e.message}}},verifyAppleIdentityToken:async function({identityToken:e,platform:t}){const r=t||this.context.PLATFORM,{code:n,msg:i}=await Tr({clientType:r}).verifyIdentityToken(e);return 0!==n?{code:n,msg:i}:{code:n,msg:"验证通过",...i}},wxBizDataCrypt:async function({code:e,sessionKey:t,encryptedData:r,iv:i}){if(!r)return{code:80805,msg:"encryptedData不可为空"};if(!i)return{code:80806,msg:"iv不可为空"};if(!e&&!t)return{code:80804,msg:"code或sessionKey必须有其中一个"};const o=this._getWeixinApi();if(!t){const r=await o.code2Session(e);if(!r.sessionKey)return{code:80801,msg:"sessionKey获取失败"};t=r.sessionKey}t=Buffer.from(t,"base64"),r=Buffer.from(r,"base64"),i=Buffer.from(i,"base64");try{var s=n.createDecipheriv("aes-128-cbc",t,i);s.setAutoPadding(!0);var a=s.update(r,"binary","utf8");a+=s.final("utf8"),a=JSON.parse(a)}catch(e){return{code:80802,msg:"解密失败:"+e.message}}return a.watermark.appid!==o.options.appId?{code:80803,msg:"appid不匹配"}:{code:0,msg:"解密成功",...a}},encryptPwd:function(e,{value:t,version:r}={}){if(!t){const e=this._getConfig(),{passwordSecret:n}=e;if("array"===m(n)){const e=n.sort((e,t)=>e.version-t.version);t=e[e.length-1].value,r=e[e.length-1].version}else t=n}if(!t)throw new Error("passwordSecret不正确");const i=n.createHmac("sha1",t.toString("ascii"));return i.update(e),{passwordHash:i.digest("hex"),version:r}},checkToken:async function(e,{needPermission:t,needUserInfo:r=!0}={}){const n=this._getConfig();try{const i=this._verifyToken(e);if(i.code)return i;const{uid:o,needPermission:s,role:a,permission:c,exp:u}=i,f=a&&c;t=void 0===t?s:t;const d=n.removePermissionAndRoleFromToken||!f||r,l=!n.removePermissionAndRoleFromToken&&!f||n.removePermissionAndRoleFromToken&&f||n.tokenExpiresThreshold&&u-Date.now()/1e3-1===r.indexOf(e)),t.push(e.token),await A.doc(o).update({token:t,last_login_date:Date.now(),last_login_ip:this.context.CLIENTIP}),{...m,...e}}return m}catch(e){return{code:90001,msg:"数据库读写异常:"+e.message,err:e}}},createToken:function({uid:e,needPermission:t,role:r,permission:n}){if(!e)return{code:30101,msg:"缺少uid参数"};const i={uid:e,needPermission:t,role:r,permission:n},o=this._getConfig();if(!this.interceptorMap.has("customToken")){const e={...i};return this._createTokenInternal({signContent:e,config:o})}const s=this.interceptorMap.get("customToken");if("function"!==m(s))throw new Error("custom-token.js应导出一个function");const a=s(i);return a instanceof Promise?a.then(e=>this._createTokenInternal({signContent:e,config:o})):this._createTokenInternal({signContent:a,config:o})},_checkPwd:function(e,t){if(!t)return{code:1,message:"密码不能为空"};const{password:r,password_secret_version:n}=e,i=this._getConfig(),{passwordSecret:o}=i,s=m(o);if("string"===s){const{passwordHash:e}=this.encryptPwd(t,{value:o});return e===r?{code:0,message:"密码校验通过"}:{code:2,message:"密码不正确"}}if("array"!==s)throw new Error("config内passwordSecret类型错误,只可设置string类型和array类型");const a=o.sort((e,t)=>e.version-t.version);let c;if(c=n?a.find(e=>e.version===n):a[0],!c)return{code:3,message:"secretVersion不正确"};const u=a[a.length-1],{passwordHash:f}=this.encryptPwd(t,c);if(f===r){const e={code:0,message:"密码校验通过"};if(c!==u){const{passwordHash:r,version:n}=this.encryptPwd(t,u);e.passwordHash=r,e.passwordVersion=n}return e}return{code:4,message:""}},_verifyToken:function(e){const t=this._getConfig();let r;try{r=_r(e,t.tokenSecret)}catch(e){return"TokenExpiredError"===e.name?{code:30203,msg:"token已过期,请重新登录",err:e}:{code:30204,msg:"非法token",err:e}}return t.bindTokenToDevice&&r.clientId!==this._getClientUaHash()?{code:30201,msg:"token不合法,请重新登录"}:r},_getExpiredToken:function(e){const t=this._getConfig(),r=[];return e.forEach(e=>{try{_r(e,t.tokenSecret)}catch(t){r.push(e)}}),r},_getPermissionListByRoleList:async function(e){if(!Array.isArray(e))return[];if(0===e.length)return[];if(e.includes("admin")){return(await B.limit(500).get()).data.map(e=>e.permission_id)}const t=await D.where({role_id:Vr.in(e)}).get(),r=[];return t.data.forEach(e=>{Array.prototype.push.apply(r,e.permission)}),k(r)},_getClientUaHash:function(){const e=n.createHash("md5"),t=/MicroMessenger/i.test(this.context.CLIENTUA)?this.context.CLIENTUA.replace(/(MicroMessenger\S+).*/i,"$1"):this.context.CLIENTUA;return e.update(t),e.digest("hex")},_createTokenInternal:function({signContent:e,config:t}){return"object"!==m(e)?{code:30101,msg:"token对应的payload为对象且必须包含uid"}:e.uid?(t.bindTokenToDevice&&(e.clientId=this._getClientUaHash()),{token:Er(e,t.tokenSecret,{expiresIn:t.tokenExpiresIn}),tokenExpired:Date.now()+1e3*t.tokenExpiresIn}):{code:30101,msg:"token对应的payload必须包含uid"}},setVerifyCode:async function({mobile:e,email:t,code:r,expiresIn:n,type:i}){if(!e&&!t||e&&t)return{code:50101,msg:"手机号和邮箱必须且只能给定其中一个"};r||(r=x()),n||(n=180);const o=Date.now(),s={mobile:e,email:t,type:i,code:r,state:0,ip:this.context.CLIENTIP,created_at:o,expired_at:o+1e3*n};return S("addRes",await O.add(s)),{code:0,mobile:e,email:t}},verifyCode:async function({mobile:e,email:t,code:r,type:n}){if(!e&&!t||e&&t)return{code:50201,msg:"手机号和邮箱必须且只能给定其中一个"};const i=Ur.command,o=Date.now(),s={mobile:e,email:t,type:n,code:r,state:0,expired_at:i.gt(o)},a=await O.where(s).orderBy("created_at","desc").limit(1).get();if(S("verifyRecord:",a),a&&a.data&&a.data.length>0){const e=a.data[0];return S("upRes",await O.doc(e._id).update({state:1})),{code:0,msg:"验证通过"}}return{code:50202,msg:"验证码错误或已失效"}},sendSmsCode:async function({mobile:e,code:t,type:r,templateId:n}){if(!e)throw new Error("手机号码不可为空");if(t||(t=x()),!r)throw new Error("验证码类型不可为空");const i=this._getConfig();let o=i&&i.service&&i.service.sms;if(!o)throw new Error("请在config.json或init方法中配置service.sms下短信相关参数");o=Object.assign({codeExpiresIn:300},o);const s=["smsKey","smsSecret"];if(!n&&!o.name)throw new Error("不传入templateId时应在config.json或init方法内service.sms下配置name字段以正确使用uniID_code模板");for(let e=0,t=s.length;e=0?o:{code:0,msg:"验证码发送成功"}}catch(e){return{code:50301,msg:"验证码发送失败, "+e.message}}}});let Hr;try{Hr=require("uni-config-center")}catch(e){}const Fr="\n传入配置的方式有以下几种:\n- 在uni-config-center公共模块的uni-id目录下放置config.json文件(推荐)\n- 在uni-id公共模块的目录下放置config.json文件\n- 使用init方法传入配置\n- 如果使用uni-config-center且HBuilderX版本低于3.1.8,批量上传云函数及公共模块后需要再单独上传一次uni-id";class Jr{constructor({context:e,config:t}={}){const r=Hr&&Hr({pluginId:"uni-id"});this.pluginConfig=r,this.config=t||this._getConfigContent(),Object.defineProperty(this,"context",{get:()=>e||global.__ctx__}),this.interceptorMap=new Map,r&&r.hasFile("custom-token.js")&&this.setInterceptor("customToken",require(r.resolve("custom-token.js")))}_getConfigContent(){if(this.pluginConfig&&this.pluginConfig.hasFile("config.json")){this._hasConfigFile=!0;try{return this.pluginConfig.config()}catch(e){return}}const e=r.resolve(__dirname,"config.json");this._hasConfigFile=t.existsSync(e);try{return require(e)}catch(e){}}init(e){this.config=e}setInterceptor(e,t){this.interceptorMap.set(e,t)}_getConfig(e){const t=this.config&&0!==Object.keys(this.config).length;if(this._hasConfigFile&&!t)throw new Error("请确保公用模块uni-id对应的配置文件格式正确(不可包含注释)"+Fr);if(!t)throw new Error("公用模块uni-id缺少配置信息"+Fr);const r=Object.assign(this.config,this.config[e||this.context.PLATFORM])||{},n=Object.assign({bindTokenToDevice:!0},r);return["passwordSecret","tokenSecret","tokenExpiresIn","passwordErrorLimit","passwordErrorRetryTime"].forEach(e=>{if(!n||!n[e])throw new Error("请在公用模块uni-id的配置信息中内添加配置项:"+e)}),n}}for(const e in qr)Jr.prototype[e]=C(qr[e]);function Gr({context:e,config:t}={}){const r=new Jr({context:e,config:t}),n=new Proxy(r,{get(e,t){if(t in e)return"function"==typeof e[t]?e[t].bind(n):e[t]}});return n}Jr.prototype.createInstance=Gr;var zr=Gr();module.exports=zr; diff --git a/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/package.json b/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/package.json index 6ad20fc..eead247 100644 --- a/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/package.json +++ b/uni_modules/uni-id/uniCloud/cloudfunctions/common/uni-id/package.json @@ -1,6 +1,6 @@ { "name": "uni-id", - "version": "3.0.8", + "version": "3.0.11", "description": "uni-id for uniCloud", "main": "index.js", "homepage": "https://uniapp.dcloud.io/uniCloud/uni-id", @@ -13,4 +13,4 @@ "dependencies": { "uni-config-center": "file:../../../../../uni-config-center/uniCloud/cloudfunctions/common/uni-config-center" } -} +} \ No newline at end of file -- GitLab