fix: jwt verfiy

patch/bootstrap.js

@@ -9,7 +9,7 @@ Object.assign(global, { isDev: false })
 const result = ts.transpileModule(
   readFileSync(appConfigFile, { encoding: 'utf-8' }),
   {
-    compilerOptions: { module: ts.ModuleKind.CommonJS },
+    compilerOptions: { module: ts.ModuleKind.CommonJS, esModuleInterop: true },
   },
 )
 const complied = result.outputText

patch/v3.30.0.js

@@ -0,0 +1,7 @@
+// patch for version lower than v2.0.0-alpha.1
+
+const bootstrap = require('./bootstrap')
+
+bootstrap(async (db) => {
+  await db.collection('users').updateMany({}, { $unset: { authCode: 1 } })
+})

src/app.config.ts

@@ -1,7 +1,10 @@
 import cluster from 'cluster'
 import { argv } from 'zx-cjs'
 
-import { cwd, isDev, isTest } from './global/env.global'
+export const isDev = process.env.NODE_ENV == 'development'
+
+export const isTest = !!process.env.TEST
+export const cwd = process.cwd()
 
 export const PORT = argv.port || process.env.PORT || 2333
 export const API_VERSION = 2

src/common/decorator/current-user.decorator.ts

@@ -7,3 +7,9 @@ export const CurrentUser = createParamDecorator(
     return getNestExecutionContextRequest(ctx).user
   },
 )
+
+export const CurrentUserToken = createParamDecorator(
+  (data: unknown, ctx: ExecutionContext) => {
+    return getNestExecutionContextRequest(ctx).token
+  },
+)

src/common/guard/auth.guard.ts

@@ -35,12 +35,12 @@ export class AuthGuard implements CanActivate {
       headers.authorization || headers.Authorization || query.token
 
     if (!Authorization) {
-      throw new UnauthorizedException()
+      throw new UnauthorizedException('未登录')
     }
     const jwt = Authorization.replace(/[Bb]earer /, '')
     const ok = await this.jwtService.verify(jwt)
     if (!ok) {
-      throw new UnauthorizedException()
+      throw new UnauthorizedException('身份过期')
     }
 
     request.user = await this.configs.getMaster()

src/global/env.global.ts

@@ -1,4 +1 @@
-export const isDev = process.env.NODE_ENV == 'development'
+export { isDev, cwd, isTest } from '~/app.config'
-
-export const isTest = !!process.env.TEST
-export const cwd = process.cwd()

src/modules/user/user.controller.ts

@@ -3,7 +3,10 @@ import { ApiOperation } from '@nestjs/swagger'
 
 import { Auth } from '~/common/decorator/auth.decorator'
 import { HttpCache } from '~/common/decorator/cache.decorator'
-import { CurrentUser } from '~/common/decorator/current-user.decorator'
+import {
+  CurrentUser,
+  CurrentUserToken,
+} from '~/common/decorator/current-user.decorator'
 import { BanInDemo } from '~/common/decorator/demo.decorator'
 import { IpLocation, IpRecord } from '~/common/decorator/ip.decorator'
 import { ApiName } from '~/common/decorator/openapi.decorator'
@@ -79,8 +82,9 @@ export class UserController {
     return await this.userService.patchUserData(user, body)
   }
 
-  @Post('signout')
+  @Post('logout')
-  async singout(@CurrentUser() user: any) {
+  @Auth()
-    return this.userService.signout(user.token)
+  async singout(@CurrentUserToken() token: string) {
+    return this.userService.signout(token)
   }
 }

src/processors/helper/helper.jwt.service.ts

@@ -6,7 +6,6 @@ import { Injectable } from '@nestjs/common'
 
 import { CLUSTER, SECURITY } from '~/app.config'
 import { RedisKeys } from '~/constants/cache.constant'
-import { isTest } from '~/global/env.global'
 import { getRedisKey, md5 } from '~/utils'
 
 import { CacheService } from '../cache/cache.service'
@@ -49,9 +48,13 @@ export class JWTService {
   }
 
   async verify(token: string) {
+    if (isDev && token == 'dev_token_for_test') {
+      return true
+    }
+
     try {
       verify(token, this.secret)
-      return isDev && !isTest ? true : await this.isTokenInRedis(token)
+      return await this.isTokenInRedis(token)
     } catch (er) {
       console.debug(er, token)
 

src/utils/tool.util.ts

@@ -108,3 +108,31 @@ export const hashString = function (str, seed = 0) {
     Math.imul(h1 ^ (h1 >>> 13), 3266489909)
   return 4294967296 * (2097151 & h2) + (h1 >>> 0)
 }
+
+export async function* asyncPool<T = any>(
+  concurrency: number,
+  iterable: T[],
+  iteratorFn: (item: T, arr: T[]) => any,
+) {
+  const executing = new Set<Promise<any>>()
+  async function consume() {
+    const [promise, value] = await Promise.race(executing)
+    executing.delete(promise)
+    return value
+  }
+  for (const item of iterable) {
+    // Wrap iteratorFn() in an async fn to ensure we get a promise.
+    // Then expose such promise, so it's possible to later reference and
+    // remove it from the executing pool.
+    const promise = (async () => await iteratorFn(item, iterable))().then(
+      (value) => [promise, value],
+    )
+    executing.add(promise)
+    if (executing.size >= concurrency) {
+      yield await consume()
+    }
+  }
+  while (executing.size) {
+    yield await consume()
+  }
+}