62 lines
1.7 KiB
TypeScript
62 lines
1.7 KiB
TypeScript
import { GMUserModel } from '@db/GMUser';
|
|
import { GMUserGroupModel } from '@db/GMUserGroup'
|
|
import { GMGroupModel } from '@db/GMGroup'
|
|
import { GMRecordModel } from '@db/GMRecord'
|
|
import { ApiModel } from '@db/Api';
|
|
|
|
module.exports = () => {
|
|
return async function tokenParser(ctx, next) {
|
|
|
|
if (!ctx.request.headers || !ctx.request.headers.token) {
|
|
console.error('token not found');
|
|
ctx.body = {
|
|
"status": "error",
|
|
"data": "账号未登录"
|
|
};
|
|
return;
|
|
}
|
|
const user = await GMUserModel.getGmAccountByToken(ctx.request.headers.token);
|
|
if (!user) {
|
|
console.error('token invalid');
|
|
ctx.body = {
|
|
"status": "error",
|
|
"data": "账号未登录"
|
|
};
|
|
return;
|
|
}
|
|
const url = ctx.request.url;
|
|
let apiResult = await ApiModel.getApi(url);
|
|
if(!apiResult) {
|
|
ctx.body = {
|
|
"status": "error",
|
|
"data": "未找到该接口"
|
|
};
|
|
return;
|
|
}
|
|
let userGroups = await GMUserGroupModel.getUserGroupByUid(user.uid, 1);
|
|
let flag = 0;
|
|
for(let userGroup of userGroups) {
|
|
let { groupId } = userGroup;
|
|
let group = await GMGroupModel.getGroupById(groupId);
|
|
if(group) {
|
|
if(group.apis.includes(apiResult.apiId)) {
|
|
flag = 1; break;
|
|
}
|
|
}
|
|
}
|
|
if(flag != 1) {
|
|
ctx.body = {
|
|
"status": "error",
|
|
"data": "您没有权限访问该接口"
|
|
};
|
|
return;
|
|
}
|
|
ctx.user = user;
|
|
await next();
|
|
if(ctx.request.method == "POST") {
|
|
await GMRecordModel.createRecord(user?user.uid:0, ctx.request.url, JSON.stringify(ctx.request.body||{}), JSON.stringify(ctx.body||{}));
|
|
}
|
|
};
|
|
};
|
|
|