Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
DCloud
uni-starter
提交
812b079d
U
uni-starter
项目概览
DCloud
/
uni-starter
通知
4684
Star
229
Fork
210
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
3
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
U
uni-starter
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
3
Issue
3
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
812b079d
编写于
5月 23, 2021
作者:
DCloud_JSON
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Update index.js
上级
d827251d
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
309 addition
and
309 deletion
+309
-309
uniCloud-aliyun/cloudfunctions/uni-id-cf/index.js
uniCloud-aliyun/cloudfunctions/uni-id-cf/index.js
+309
-309
未找到文件。
uniCloud-aliyun/cloudfunctions/uni-id-cf/index.js
浏览文件 @
812b079d
'
use strict
'
;
let
uniID
=
require
(
'
uni-id
'
)
const
uniCaptcha
=
require
(
'
uni-captcha
'
)
const
createConfig
=
require
(
'
uni-config-center
'
)
const
uniIdConfig
=
createConfig
({
pluginId
:
'
uni-id
'
}).
_config
const
db
=
uniCloud
.
database
()
const
dbCmd
=
db
.
command
'
use strict
'
;
let
uniID
=
require
(
'
uni-id
'
)
const
uniCaptcha
=
require
(
'
uni-captcha
'
)
const
createConfig
=
require
(
'
uni-config-center
'
)
const
uniIdConfig
=
createConfig
({
pluginId
:
'
uni-id
'
}).
_config
const
db
=
uniCloud
.
database
()
const
dbCmd
=
db
.
command
exports
.
main
=
async
(
event
,
context
)
=>
{
//UNI_WYQ:这里的uniID换成新的,保证多人访问不会冲突
//UNI_WYQ:这里的uniID换成新的,保证多人访问不会冲突
uniID
=
uniID
.
createInstance
({
context
})
console
.
log
(
'
event :
'
+
JSON
.
stringify
(
event
))
/*
...
...
@@ -17,7 +17,7 @@ exports.main = async (event, context) => {
params:业务数据内容
uniIdToken:系统自动传递的token,数据来源客户端的 uni.getStorageSync('uni_id_token')
*/
const
{
action
,
uniIdToken
,
params
}
=
event
;
const
{
action
,
uniIdToken
}
=
event
;
let
params
=
event
.
params
||
{};
/*
2.在某些操作之前我们要对用户对身份进行校验(也就是要检查用户的token)再将得到的uid写入params.uid
...
...
@@ -36,117 +36,117 @@ exports.main = async (event, context) => {
用户就这样轻易地伪造了他人的uid传递给服务端,有一句话叫:前端从来的数据是不可信任的
所以这里我们需要将uniID.checkToken返回的uid写入到params.uid
*/
let
noCheckAction
=
[
'
register
'
,
'
checkToken
'
,
'
login
'
,
'
logout
'
,
'
sendSmsCode
'
,
'
createCaptcha
'
,
'
verifyCaptcha
'
,
'
refreshCaptcha
'
,
'
inviteLogin
'
,
'
login_by_weixin
'
,
'
login_by_univerify
'
,
'
login_by_apple
'
,
'
loginBySms
'
,
'
resetPwdBySmsCode
'
]
if
(
!
noCheckAction
.
includes
(
action
))
{
if
(
!
uniIdToken
)
{
return
{
code
:
403
,
msg
:
'
缺少token
'
}
}
let
payload
=
await
uniID
.
checkToken
(
uniIdToken
)
if
(
payload
.
code
&&
payload
.
code
>
0
)
{
return
payload
}
params
.
uid
=
payload
.
uid
}
//3.注册成功后创建新用户的积分表方法
async
function
registerSuccess
(
uid
)
{
await
db
.
collection
(
'
uni-id-scores
'
).
add
({
user_id
:
uid
,
score
:
1
,
type
:
1
,
balance
:
1
,
comment
:
""
,
create_date
:
Date
.
now
()
})
}
//4.记录成功登录的日志方法
const
loginLog
=
async
(
res
=
{},
type
=
'
login
'
)
=>
{
const
now
=
Date
.
now
()
const
uniIdLogCollection
=
db
.
collection
(
'
uni-id-log
'
)
let
logData
=
{
deviceId
:
params
.
deviceId
||
context
.
DEVICEID
,
ip
:
params
.
ip
||
context
.
CLIENTIP
,
type
,
ua
:
context
.
CLIENTUA
,
create_date
:
now
};
Object
.
assign
(
logData
,
res
.
code
===
0
?
{
user_id
:
res
.
uid
,
state
:
1
}
:
{
state
:
0
})
if
(
res
.
type
==
'
register
'
)
{
await
registerSuccess
(
res
.
uid
)
}
return
await
uniIdLogCollection
.
add
(
logData
)
}
let
noCheckAction
=
[
'
register
'
,
'
checkToken
'
,
'
login
'
,
'
logout
'
,
'
sendSmsCode
'
,
'
createCaptcha
'
,
'
verifyCaptcha
'
,
'
refreshCaptcha
'
,
'
inviteLogin
'
,
'
login_by_weixin
'
,
'
login_by_univerify
'
,
'
login_by_apple
'
,
'
loginBySms
'
,
'
resetPwdBySmsCode
'
]
if
(
!
noCheckAction
.
includes
(
action
))
{
if
(
!
uniIdToken
)
{
return
{
code
:
403
,
msg
:
'
缺少token
'
}
}
let
payload
=
await
uniID
.
checkToken
(
uniIdToken
)
if
(
payload
.
code
&&
payload
.
code
>
0
)
{
return
payload
}
params
.
uid
=
payload
.
uid
}
//3.注册成功后创建新用户的积分表方法
async
function
registerSuccess
(
uid
)
{
await
db
.
collection
(
'
uni-id-scores
'
).
add
({
user_id
:
uid
,
score
:
1
,
type
:
1
,
balance
:
1
,
comment
:
""
,
create_date
:
Date
.
now
()
})
}
//4.记录成功登录的日志方法
const
loginLog
=
async
(
res
=
{},
type
=
'
login
'
)
=>
{
const
now
=
Date
.
now
()
const
uniIdLogCollection
=
db
.
collection
(
'
uni-id-log
'
)
let
logData
=
{
deviceId
:
params
.
deviceId
||
context
.
DEVICEID
,
ip
:
params
.
ip
||
context
.
CLIENTIP
,
type
,
ua
:
context
.
CLIENTUA
,
create_date
:
now
};
Object
.
assign
(
logData
,
res
.
code
===
0
?
{
user_id
:
res
.
uid
,
state
:
1
}
:
{
state
:
0
})
if
(
res
.
type
==
'
register
'
)
{
await
registerSuccess
(
res
.
uid
)
}
return
await
uniIdLogCollection
.
add
(
logData
)
}
let
res
=
{}
switch
(
action
)
{
//根据action的值执行对应的操作
case
'
bind_mobile_by_univerify
'
:
let
{
appid
,
apiKey
,
apiSecret
}
=
uniIdConfig
.
service
.
univerify
let
univerifyRes
=
await
uniCloud
.
getPhoneNumber
({
provider
:
'
univerify
'
,
appid
,
apiKey
,
apiSecret
,
access_token
:
params
.
access_token
,
openid
:
params
.
openid
})
if
(
univerifyRes
.
code
===
0
)
{
res
=
await
uniID
.
bindMobile
({
uid
:
params
.
uid
,
mobile
:
univerifyRes
.
phoneNumber
})
res
.
mobile
=
univerifyRes
.
phoneNumber
}
break
;
case
'
bind_mobile_by_sms
'
:
console
.
log
({
uid
:
params
.
uid
,
mobile
:
params
.
mobile
,
code
:
params
.
code
});
res
=
await
uniID
.
bindMobile
({
uid
:
params
.
uid
,
mobile
:
params
.
mobile
,
code
:
params
.
code
})
console
.
log
(
res
);
break
;
case
'
register
'
:
var
{
username
,
password
,
nickname
}
=
params
if
(
/^1
\d{10}
$/
.
test
(
username
))
{
return
{
code
:
401
,
msg
:
'
用户名不能是手机号
'
}
};
if
(
/^
(\w
-*
\.
*
)
+@
(\w
-
?)
+
(\.\w{2,})
+$/
.
test
(
username
))
{
return
{
code
:
401
,
msg
:
'
用户名不能是邮箱
'
}
}
res
=
await
uniID
.
register
({
username
,
password
,
nickname
});
if
(
res
.
code
===
0
)
{
await
registerSuccess
(
res
.
uid
)
}
break
;
switch
(
action
)
{
//根据action的值执行对应的操作
case
'
bind_mobile_by_univerify
'
:
let
{
appid
,
apiKey
,
apiSecret
}
=
uniIdConfig
.
service
.
univerify
let
univerifyRes
=
await
uniCloud
.
getPhoneNumber
({
provider
:
'
univerify
'
,
appid
,
apiKey
,
apiSecret
,
access_token
:
params
.
access_token
,
openid
:
params
.
openid
})
if
(
univerifyRes
.
code
===
0
)
{
res
=
await
uniID
.
bindMobile
({
uid
:
params
.
uid
,
mobile
:
univerifyRes
.
phoneNumber
})
res
.
mobile
=
univerifyRes
.
phoneNumber
}
break
;
case
'
bind_mobile_by_sms
'
:
console
.
log
({
uid
:
params
.
uid
,
mobile
:
params
.
mobile
,
code
:
params
.
code
});
res
=
await
uniID
.
bindMobile
({
uid
:
params
.
uid
,
mobile
:
params
.
mobile
,
code
:
params
.
code
})
console
.
log
(
res
);
break
;
case
'
register
'
:
var
{
username
,
password
,
nickname
}
=
params
if
(
/^1
\d{10}
$/
.
test
(
username
))
{
return
{
code
:
401
,
msg
:
'
用户名不能是手机号
'
}
};
if
(
/^
(\w
-*
\.
*
)
+@
(\w
-
?)
+
(\.\w{2,})
+$/
.
test
(
username
))
{
return
{
code
:
401
,
msg
:
'
用户名不能是邮箱
'
}
}
res
=
await
uniID
.
register
({
username
,
password
,
nickname
});
if
(
res
.
code
===
0
)
{
await
registerSuccess
(
res
.
uid
)
}
break
;
case
'
login
'
:
//防止黑客恶意破解登录,连续登录失败一定次数后,需要用户提供验证码
const
getNeedCaptcha
=
async
()
=>
{
...
...
@@ -165,192 +165,192 @@ exports.main = async (event, context) => {
.
get
();
return
recentRecord
.
data
.
filter
(
item
=>
item
.
state
===
0
).
length
===
recordSize
;
}
let
passed
=
false
;
let
needCaptcha
=
await
getNeedCaptcha
();
console
.
log
(
'
needCaptcha
'
,
needCaptcha
);
if
(
needCaptcha
)
{
res
=
await
uniCaptcha
.
verify
({
...
params
,
scene
:
'
login
'
})
if
(
res
.
code
===
0
)
passed
=
true
;
}
if
(
!
needCaptcha
||
passed
)
{
res
=
await
uniID
.
login
({
...
params
,
queryField
:
[
'
username
'
,
'
email
'
,
'
mobile
'
]
});
await
loginLog
(
res
);
needCaptcha
=
await
getNeedCaptcha
();
}
res
.
needCaptcha
=
needCaptcha
;
break
;
case
'
login_by_weixin
'
:
res
=
await
uniID
.
loginByWeixin
(
params
);
await
uniID
.
updateUser
({
uid
:
res
.
uid
,
username
:
"
微信用户
"
});
res
.
userInfo
.
username
=
"
微信用户
"
await
loginLog
(
res
)
break
;
case
'
login_by_univerify
'
:
res
=
await
uniID
.
loginByuniverify
(
params
)
await
loginLog
(
res
)
break
;
case
'
login_by_apple
'
:
res
=
await
uniID
.
loginByApple
(
params
)
await
loginLog
(
res
)
break
;
case
'
checkToken
'
:
res
=
await
uniID
.
checkToken
(
uniIdToken
);
break
;
case
'
logout
'
:
res
=
await
uniID
.
logout
(
uniIdToken
)
break
;
case
'
sendSmsCode
'
:
// 测试期间短信统一用 123456 正式项目删除即可
return
uniID
.
setVerifyCode
({
mobile
:
params
.
mobile
,
code
:
'
123456
'
,
type
:
params
.
type
})
// 简单限制一下客户端调用频率
const
ipLimit
=
await
db
.
collection
(
'
uni-verify
'
).
where
({
ip
:
context
.
CLIENTIP
,
created_at
:
dbCmd
.
gt
(
Date
.
now
()
-
60000
)
}).
get
()
if
(
ipLimit
.
data
.
length
>
0
)
{
return
{
code
:
429
,
msg
:
'
请求过于频繁
'
}
}
const
templateId
=
'
11753
'
// 替换为自己申请的模板id
if
(
!
templateId
)
{
return
{
code
:
500
,
msg
:
'
sendSmsCode需要传入自己的templateId,参考https://uniapp.dcloud.net.cn/uniCloud/uni-id?id=sendsmscode
'
}
}
const
randomStr
=
'
00000
'
+
Math
.
floor
(
Math
.
random
()
*
1000000
)
const
code
=
randomStr
.
substring
(
randomStr
.
length
-
6
)
res
=
await
uniID
.
sendSmsCode
({
mobile
:
params
.
mobile
,
code
,
type
:
params
.
type
,
templateId
})
await
loginLog
(
res
)
break
;
case
'
loginBySms
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
if
(
!
/^1
\d{10}
$/
.
test
(
params
.
mobile
))
{
return
{
code
:
500
,
msg
:
'
手机号码填写错误
'
}
}
res
=
await
uniID
.
loginBySms
(
params
)
await
loginLog
(
res
)
break
;
case
'
inviteLogin
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
res
=
await
uniID
.
loginBySms
({
...
params
,
type
:
'
register
'
})
break
;
case
'
resetPwdBySmsCode
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
if
(
!
/^1
\d{10}
$/
.
test
(
params
.
mobile
))
{
return
{
code
:
500
,
msg
:
'
手机号码填写错误
'
}
}
let
loginBySmsRes
=
await
uniID
.
loginBySms
(
params
)
console
.
log
(
loginBySmsRes
);
if
(
loginBySmsRes
.
code
===
0
)
{
res
=
await
uniID
.
resetPwd
({
password
:
params
.
password
,
"
uid
"
:
loginBySmsRes
.
uid
})
}
else
{
return
loginBySmsRes
}
break
;
case
'
getInviteCode
'
:
res
=
await
uniID
.
getUserInfo
({
uid
:
params
.
uid
,
field
:
[
'
my_invite_code
'
]
})
if
(
res
.
code
===
0
)
{
res
.
myInviteCode
=
res
.
userInfo
.
my_invite_code
delete
res
.
userInfo
}
break
;
case
'
getInvitedUser
'
:
res
=
await
uniID
.
getInvitedUser
(
params
)
break
;
case
'
updatePwd
'
:
res
=
await
uniID
.
updatePwd
({
uid
:
params
.
uid
,
...
params
})
break
;
case
'
createCaptcha
'
:
res
=
await
uniCaptcha
.
create
(
params
)
break
;
case
'
refreshCaptcha
'
:
res
=
await
uniCaptcha
.
refresh
(
params
)
break
;
case
'
registerAdmin
'
:
var
{
username
,
password
}
=
params
let
{
total
}
=
await
db
.
collection
(
'
uni-id-users
'
).
where
({
role
:
'
admin
'
}).
count
()
if
(
total
)
{
return
{
code
:
10001
,
message
:
'
超级管理员已存在,请登录...
'
}
}
return
this
.
ctx
.
uniID
.
register
({
username
,
password
,
role
:
[
"
admin
"
]
})
break
;
default
:
res
=
{
code
:
403
,
msg
:
'
非法访问
'
}
break
;
}
//返回数据给客户端
return
res
let
passed
=
false
;
let
needCaptcha
=
await
getNeedCaptcha
();
console
.
log
(
'
needCaptcha
'
,
needCaptcha
);
if
(
needCaptcha
)
{
res
=
await
uniCaptcha
.
verify
({
...
params
,
scene
:
'
login
'
})
if
(
res
.
code
===
0
)
passed
=
true
;
}
if
(
!
needCaptcha
||
passed
)
{
res
=
await
uniID
.
login
({
...
params
,
queryField
:
[
'
username
'
,
'
email
'
,
'
mobile
'
]
});
await
loginLog
(
res
);
needCaptcha
=
await
getNeedCaptcha
();
}
res
.
needCaptcha
=
needCaptcha
;
break
;
case
'
login_by_weixin
'
:
res
=
await
uniID
.
loginByWeixin
(
params
);
await
uniID
.
updateUser
({
uid
:
res
.
uid
,
username
:
"
微信用户
"
});
res
.
userInfo
.
username
=
"
微信用户
"
await
loginLog
(
res
)
break
;
case
'
login_by_univerify
'
:
res
=
await
uniID
.
loginByuniverify
(
params
)
await
loginLog
(
res
)
break
;
case
'
login_by_apple
'
:
res
=
await
uniID
.
loginByApple
(
params
)
await
loginLog
(
res
)
break
;
case
'
checkToken
'
:
res
=
await
uniID
.
checkToken
(
uniIdToken
);
break
;
case
'
logout
'
:
res
=
await
uniID
.
logout
(
uniIdToken
)
break
;
case
'
sendSmsCode
'
:
// 测试期间短信统一用 123456 正式项目删除即可
return
uniID
.
setVerifyCode
({
mobile
:
params
.
mobile
,
code
:
'
123456
'
,
type
:
params
.
type
})
// 简单限制一下客户端调用频率
const
ipLimit
=
await
db
.
collection
(
'
uni-verify
'
).
where
({
ip
:
context
.
CLIENTIP
,
created_at
:
dbCmd
.
gt
(
Date
.
now
()
-
60000
)
}).
get
()
if
(
ipLimit
.
data
.
length
>
0
)
{
return
{
code
:
429
,
msg
:
'
请求过于频繁
'
}
}
const
templateId
=
'
11753
'
// 替换为自己申请的模板id
if
(
!
templateId
)
{
return
{
code
:
500
,
msg
:
'
sendSmsCode需要传入自己的templateId,参考https://uniapp.dcloud.net.cn/uniCloud/uni-id?id=sendsmscode
'
}
}
const
randomStr
=
'
00000
'
+
Math
.
floor
(
Math
.
random
()
*
1000000
)
const
code
=
randomStr
.
substring
(
randomStr
.
length
-
6
)
res
=
await
uniID
.
sendSmsCode
({
mobile
:
params
.
mobile
,
code
,
type
:
params
.
type
,
templateId
})
await
loginLog
(
res
)
break
;
case
'
loginBySms
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
if
(
!
/^1
\d{10}
$/
.
test
(
params
.
mobile
))
{
return
{
code
:
500
,
msg
:
'
手机号码填写错误
'
}
}
res
=
await
uniID
.
loginBySms
(
params
)
await
loginLog
(
res
)
break
;
case
'
inviteLogin
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
res
=
await
uniID
.
loginBySms
({
...
params
,
type
:
'
register
'
})
break
;
case
'
resetPwdBySmsCode
'
:
if
(
!
params
.
code
)
{
return
{
code
:
500
,
msg
:
'
请填写验证码
'
}
}
if
(
!
/^1
\d{10}
$/
.
test
(
params
.
mobile
))
{
return
{
code
:
500
,
msg
:
'
手机号码填写错误
'
}
}
let
loginBySmsRes
=
await
uniID
.
loginBySms
(
params
)
console
.
log
(
loginBySmsRes
);
if
(
loginBySmsRes
.
code
===
0
)
{
res
=
await
uniID
.
resetPwd
({
password
:
params
.
password
,
"
uid
"
:
loginBySmsRes
.
uid
})
}
else
{
return
loginBySmsRes
}
break
;
case
'
getInviteCode
'
:
res
=
await
uniID
.
getUserInfo
({
uid
:
params
.
uid
,
field
:
[
'
my_invite_code
'
]
})
if
(
res
.
code
===
0
)
{
res
.
myInviteCode
=
res
.
userInfo
.
my_invite_code
delete
res
.
userInfo
}
break
;
case
'
getInvitedUser
'
:
res
=
await
uniID
.
getInvitedUser
(
params
)
break
;
case
'
updatePwd
'
:
res
=
await
uniID
.
updatePwd
({
uid
:
params
.
uid
,
...
params
})
break
;
case
'
createCaptcha
'
:
res
=
await
uniCaptcha
.
create
(
params
)
break
;
case
'
refreshCaptcha
'
:
res
=
await
uniCaptcha
.
refresh
(
params
)
break
;
case
'
registerAdmin
'
:
var
{
username
,
password
}
=
params
let
{
total
}
=
await
db
.
collection
(
'
uni-id-users
'
).
where
({
role
:
'
admin
'
}).
count
()
if
(
total
)
{
return
{
code
:
10001
,
message
:
'
超级管理员已存在,请登录...
'
}
}
return
this
.
ctx
.
uniID
.
register
({
username
,
password
,
role
:
[
"
admin
"
]
})
break
;
default
:
res
=
{
code
:
403
,
msg
:
'
非法访问
'
}
break
;
}
//返回数据给客户端
return
res
};
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录