修改系统内部获取token方式

back/api/log.ts

@@ -6,6 +6,7 @@ import config from '../config';
 import { getFileContentByName, readDirs } from '../config/util';
 import { join } from 'path';
 const route = Router();
+const blacklist = ['.tmp'];
 
 export default (app: Router) => {
   app.use('/logs', route);
@@ -13,7 +14,7 @@ export default (app: Router) => {
   route.get('/', async (req: Request, res: Response, next: NextFunction) => {
     const logger: Logger = Container.get('logger');
     try {
-      const result = readDirs(config.logPath, config.logPath);
+      const result = readDirs(config.logPath, config.logPath, blacklist);
       res.send({
         code: 200,
         data: result,
@@ -29,6 +30,9 @@ export default (app: Router) => {
     async (req: Request, res: Response, next: NextFunction) => {
       const logger: Logger = Container.get('logger');
       try {
+        if (blacklist.includes(req.path)) {
+          return res.send({ code: 403, message: '暂无权限' });
+        }
         const filePath = join(
           config.logPath,
           (req.query.path || '') as string,

back/api/open.ts

@@ -25,7 +25,7 @@ export default (app: Router) => {
     '/apps',
     celebrate({
       body: Joi.object({
-        name: Joi.string().optional().allow(''),
+        name: Joi.string().optional().allow('').disallow('system'),
         scopes: Joi.array().items(Joi.string().required()),
       }),
     }),

back/config/index.ts

@@ -69,6 +69,7 @@ export default {
     'cookie.sh',
     'crontab.list',
     'env.sh',
+    'token.json',
   ],
   writePathList: [configPath, scriptPath],
   bakPath,

back/loaders/express.ts

@@ -80,13 +80,6 @@ export default ({ app }: { app: Application }) => {
     ) {
       return next();
     }
-    const remoteAddress = req.socket.remoteAddress;
-    if (
-      remoteAddress === '::ffff:127.0.0.1' &&
-      originPath === '/api/crons/status'
-    ) {
-      return next();
-    }
 
     const data = fs.readFileSync(config.authConfigFile, 'utf8');
     if (data) {

back/services/open.ts

@@ -90,7 +90,9 @@ export default class OpenService {
     }
     try {
       const result = await this.find(condition);
-      return result.map((x) => ({ ...x, tokens: [] }));
+      return result
+        .filter((x) => x.name !== 'system')
+        .map((x) => ({ ...x, tokens: [] }));
     } catch (error) {
       throw error;
     }
@@ -142,4 +144,35 @@ export default class OpenService {
       return { code: 400, message: 'client_id或client_seret有误' };
     }
   }
+
+  public async findSystemToken(): Promise<{
+    value: string;
+    expiration: number;
+  }> {
+    let systemApp = (await AppModel.findOne({
+      where: { name: 'system' },
+    })) as App;
+    if (!systemApp) {
+      systemApp = await this.create({
+        name: 'system',
+        scopes: ['crons'],
+      } as App);
+    }
+    const nowTime = Math.round(Date.now() / 1000);
+    let token;
+    if (
+      !systemApp.tokens ||
+      !systemApp.tokens.length ||
+      nowTime > [...systemApp.tokens].pop()!.expiration
+    ) {
+      const authToken = await this.authToken({
+        client_id: systemApp.client_id,
+        client_secret: systemApp.client_secret,
+      });
+      token = authToken.data;
+    } else {
+      token = [...systemApp.tokens].pop();
+    }
+    return token;
+  }
 }