修复token唯一性验证

2025-05-22 22:36:06 +08:00 · 2021-06-30 12:16:05 +08:00 · 2021-06-30 12:16:05 +08:00 · e7aff6d1d6
commit e7aff6d1d6
parent b1bee910b2
4 changed files with 7 additions and 6 deletions
--- a/back/api/auth.ts
+++ b/back/api/auth.ts
@ -4,7 +4,7 @@ import { Logger } from 'winston';
 import * as fs from 'fs';
 import config from '../config';
 import jwt from 'jsonwebtoken';
-import { createPassword } from '../config/util';
+import { createRandomString } from '../config/util';
 import crypto from 'crypto';
 const route = Router();

@ -25,7 +25,7 @@ export default (app: Router) => {
              authInfo.username === 'admin' &&
              authInfo.password === 'adminadmin'
            ) {
-              const newPassword = createPassword(16, 22);
+              const newPassword = createRandomString(16, 22);
              fs.writeFileSync(
                config.authConfigFile,
                JSON.stringify({
@ -42,7 +42,7 @@ export default (app: Router) => {
              username == authInfo.username &&
              password == authInfo.password
            ) {
-              const data = createPassword(50, 100);
+              const data = createRandomString(50, 100);
              let token = jwt.sign({ data }, config.secret as any, {
                expiresIn: 60 * 60 * 24 * 3,
                algorithm: 'HS384',
--- a/back/config/index.ts
+++ b/back/config/index.ts
@ -1,5 +1,6 @@
 import dotenv from 'dotenv';
 import path from 'path';
+import { createRandomString } from './util';

 process.env.NODE_ENV = process.env.NODE_ENV || 'development';

@ -34,7 +35,7 @@ if (configFound.error) {
 export default {
  port: parseInt(process.env.PORT as string, 10),
  cronPort: parseInt(process.env.CRON_PORT as string, 10),
-  secret: process.env.SECRET,
+  secret: process.env.SECRET || createRandomString(16, 32),
  logs: {
    level: process.env.LOG_LEVEL || 'silly',
  },
--- a/back/config/util.ts
+++ b/back/config/util.ts
@ -27,7 +27,7 @@ export function getLastModifyFilePath(dir: string) {
  return filePath;
 }

-export function createPassword(min: number, max: number): string {
+export function createRandomString(min: number, max: number): string {
  const num = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'];
  const english = [
    'a',
--- a/back/loaders/express.ts
+++ b/back/loaders/express.ts
@ -18,7 +18,7 @@ export default ({ app }: { app: Application }) => {
    }),
  );
  app.use((req, res, next) => {
-    if (req.url && req.url.includes('/api/login')) {
+    if (req.url && req.path.includes('/api/login')) {
      return next();
    }
    const data = fs.readFileSync(config.authConfigFile, 'utf8');