feat(cgi & cli): supporting login and release with access-token

Author: elliothux

packages/cgi/src/modules/materials/materials.controller.ts

@@ -1,14 +1,15 @@
 import {
+  Body,
   Controller,
   Get,
-  Post,
   Param,
-  UseInterceptors,
-  UploadedFile,
+  Post,
   Query,
+  UploadedFile,
+  UseInterceptors,
 } from '@nestjs/common';
 import { FileInterceptor } from '@nestjs/platform-express';
-import { Maybe, FileInterceptorUploadedFile, WithKeywords } from '../../types';
+import { FileInterceptorUploadedFile, Maybe, WithKeywords } from '../../types';
 import {
   CGICodeMap,
   CGIResponse,
@@ -18,6 +19,7 @@ import {
   warn,
 } from '../../utils';
 import { RequestId } from '../../decorators';
+import { UserService } from '../user/user.service';
 import { MaterialsService } from './materials.service';
 import {
   createLibPackageSoftLink,
@@ -26,12 +28,16 @@ import {
   parseLibs,
   saveMaterialsPackage,
 } from './materials.utils';
+import { UploadLibParams } from './materials.interface';
 
 let cgiMaterialsService: Maybe<MaterialsService> = null;
 
 @Controller('/cgi/materials')
 export class MaterialsController {
-  constructor(private readonly materialsService: MaterialsService) {
+  constructor(
+    private readonly materialsService: MaterialsService,
+    private readonly userServices: UserService,
+  ) {
     cgiMaterialsService = materialsService;
   }
 
@@ -75,14 +81,26 @@ export class MaterialsController {
   async uploadLibPackage(
     @RequestId() requestId,
     @UploadedFile() file: FileInterceptorUploadedFile,
+    @Body() { username, accessToken }: UploadLibParams,
     @Param('libName') libName: string,
     @Param('version') version: string,
   ) {
     infoRequest(requestId, 'materials.controller.uploadLibPackage', {
       libName,
       version,
       filename: file.filename,
+      body: { username, accessToken: '*' },
     });
+
+    const token = await this.userServices.getAccessToken(username);
+    if (token !== accessToken) {
+      warn('materials.controller.uploadLibPackage', 'invalid access-token', {
+        username,
+        token,
+      });
+      return CGIResponse.failed(requestId, CGICodeMap.InvalidAccessToken);
+    }
+
     const packagePath = await saveMaterialsPackage(
       libName,
       version,

packages/cgi/src/modules/materials/materials.interface.ts

@@ -0,0 +1,4 @@
+export interface UploadLibParams {
+  username: string;
+  accessToken: string;
+}

packages/cgi/src/modules/materials/materials.modules.ts

@@ -1,13 +1,15 @@
 import { Global, Module } from '@nestjs/common';
 import { TypeOrmModule } from '@nestjs/typeorm';
+import { UserService } from '../user/user.service';
+import { UserEntity } from '../user/user.entity';
 import { MaterialsService } from './materials.service';
 import { MaterialsController } from './materials.controller';
 import { MaterialsEntity } from './materials.entity';
 
 @Global()
 @Module({
-  imports: [TypeOrmModule.forFeature([MaterialsEntity])],
-  providers: [MaterialsService],
+  imports: [TypeOrmModule.forFeature([MaterialsEntity, UserEntity])],
+  providers: [MaterialsService, UserService],
   controllers: [MaterialsController],
   exports: [MaterialsService],
 })

packages/cgi/src/modules/user/user.controller.ts

@@ -9,7 +9,11 @@ import {
 import { QueryParams, Maybe, WithKeywords } from '../../types';
 import { RequestId, UserName } from '../../decorators';
 import { UserService } from './user.service';
-import { CreateUserParams, UpdateUserParams } from './user.interface';
+import {
+  CheckTokenParams,
+  CreateUserParams,
+  UpdateUserParams,
+} from './user.interface';
 
 let cgiUserService: Maybe<UserService> = null;
 
@@ -64,6 +68,33 @@ export class UserController {
     return CGIResponse.success(requestId, result);
   }
 
+  @Get('/access_token')
+  async checkAccessToken(
+    @RequestId() requestId,
+    @Query() { token, username }: CheckTokenParams,
+  ) {
+    infoRequest(requestId, 'user.controller.checkAccessToken', {
+      token,
+      username,
+    });
+
+    if (!(await this.userService.checkUserExists(username))) {
+      warn(
+        'user.controller.checkAccessToken',
+        `User "${username}" not exists`,
+        {
+          requestId,
+        },
+      );
+      return CGIResponse.failed(requestId, CGICodeMap.UserNotExists);
+    }
+
+    const accessToken = await this.userService.getAccessToken(username);
+    const result = { tokenValid: token === accessToken };
+    infoResponse(requestId, 'user.controller.checkAccessToken', { result });
+    return CGIResponse.success(requestId, result);
+  }
+
   @Post('/access_token/:id')
   async generateAccessToken(
     @RequestId() requestId,

packages/cgi/src/modules/user/user.interface.ts

@@ -6,3 +6,8 @@ export type CreateUserParams = Pick<
 >;
 
 export type UpdateUserParams = CreateUserParams;
+
+export interface CheckTokenParams {
+  username: string;
+  token: string;
+}

packages/cgi/src/modules/user/user.service.ts

@@ -14,11 +14,15 @@ export class UserService {
   ) {}
 
   public async getUserEntityById(id: number) {
-    return this.userRepository.findOne(id);
+    const result = await this.userRepository.findOne(id);
+    result && delete result.__developerAccessToken;
+    return result;
   }
 
   public async getUserEntityByName(name: string) {
-    return this.userRepository.findOne({ name });
+    const result = await this.userRepository.findOne({ name });
+    result && delete result.__developerAccessToken;
+    return result;
   }
 
   public async queryUserEntities({
@@ -41,8 +45,11 @@ export class UserService {
       where,
     };
 
+    const result = await this.userRepository.find(options);
+    result?.forEach(i => delete i.__developerAccessToken);
+
     return {
-      data: await this.userRepository.find(options),
+      data: result,
       total: await this.userRepository.count({ where }),
     };
   }
@@ -89,4 +96,9 @@ export class UserService {
     const count = await this.userRepository.count({ name });
     return count > 0;
   }
+
+  public async getAccessToken(name: string) {
+    const result = await this.userRepository.findOne({ name });
+    return result?.__developerAccessToken;
+  }
 }

packages/cgi/src/utils/response.ts

@@ -52,6 +52,7 @@ export enum CGICodeMap {
   UserNotExists = 700002,
   UploadResourceCallbackError = 80001,
   DeleteResourceCallbackError = 80002,
+  InvalidAccessToken = 80003,
 }
 
 const CGIReasonMap: { [key in CGICodeMap]: string } = {
@@ -68,6 +69,7 @@ const CGIReasonMap: { [key in CGICodeMap]: string } = {
     'upload resource callback occurred error',
   [CGICodeMap.DeleteResourceCallbackError]:
     'delete resource callback occurred error',
+  [CGICodeMap.InvalidAccessToken]: 'invalid access-token',
 };
 
 export type PromiseResult<T> = Promise<[null, T] | [Error, null]>;

packages/cli/src/commands/index.ts

@@ -2,3 +2,4 @@ export * from './create';
 export * from './release';
 export * from './dev';
 export * from './dist';
+export * from './login';

packages/cli/src/commands/login.ts

@@ -0,0 +1,50 @@
+import * as inquirer from 'inquirer';
+import { curl, error, getLibConfig, getLibPaths, writeAccessToken, deleteAccessToken, done } from '../utils';
+
+export async function login() {
+  const root = process.cwd();
+  const paths = getLibPaths(root, '');
+  const { server } = getLibConfig(paths);
+
+  const { username, accessToken } = await inquirer.prompt([
+    {
+      type: 'input',
+      name: 'username',
+      message: 'username',
+      required: true,
+    },
+    {
+      type: 'input',
+      name: 'accessToken',
+      message: 'access-token',
+      required: true,
+    },
+  ]);
+
+  const { data } = await curl(`${server}/cgi/user/access_token?username=${username}&token=${accessToken}`, {
+    method: 'GET',
+    timeout: 10 * 1000,
+    contentType: 'application/json',
+  });
+
+  if (data.code !== 0) {
+    error(data.message || `Unknown error with code: "${data.code}"`);
+    process.exit();
+  }
+
+  if (!data?.data?.tokenValid) {
+    error('Invalid access-token');
+    process.exit();
+  }
+
+  await writeAccessToken(server, username, accessToken);
+  done(`User "${username}" login success for "${server}"`);
+}
+
+export async function logout() {
+  const root = process.cwd();
+  const paths = getLibPaths(root, '');
+  const { server } = getLibConfig(paths);
+  await deleteAccessToken(server);
+  done('logged out');
+}

packages/cli/src/commands/release/index.ts

@@ -1,91 +1,6 @@
-import * as path from 'path';
-import * as tar from 'tar';
-import * as semver from 'semver';
-import { MaterialsLibConfig } from '@vize/types';
-import { dist } from '../dist';
-import { curl, error, getLibPaths, getLibVersion, getLibConfig, LibPaths } from '../../utils';
+import { Releaser } from './releaser';
 
 export function release() {
   const releaser = new Releaser();
   return releaser.runRelease();
 }
-
-class Releaser {
-  constructor() {
-    this.paths = getLibPaths();
-    this.config = getLibConfig(this.paths);
-  }
-
-  private readonly paths: LibPaths;
-
-  private readonly config: MaterialsLibConfig;
-
-  private getURI(suffix = '') {
-    return `${this.config.releaseTo}/cgi/materials/versions/${this.config.libName}${suffix}`;
-  }
-
-  private checkVersionValid = async (): Promise<Maybe<string>> => {
-    const currentVersion = getLibVersion(this.paths.root);
-    const uri = this.getURI();
-    let data;
-    try {
-      const result = await curl(uri, {
-        method: 'GET',
-        timeout: 10 * 1000,
-        contentType: 'application/json',
-      });
-      data = result.data;
-    } catch (e) {
-      console.error(e);
-      throw new Error('Get versions failed');
-    }
-
-    const {
-      code,
-      data: { current: onlineVersion },
-    } = JSON.parse(data);
-    if (code !== 0) {
-      throw new Error(`Request "${uri}" error: code = ${code}`);
-    }
-
-    if (!onlineVersion) {
-      return currentVersion;
-    }
-
-    return semver.gt(currentVersion, onlineVersion) ? currentVersion : null;
-  };
-
-  private createReleasePackage = async (version: string) => {
-    const targetPath = path.resolve(this.paths.temp, `${this.config.libName}_${version}.tgz`);
-
-    await tar.c(
-      {
-        gzip: true,
-        file: targetPath,
-        preservePaths: false,
-      },
-      ['src', 'dist', './.vizerc', './package.json', './package-lock.json'],
-    );
-    return targetPath;
-  };
-
-  private uploadReleasePackage = async (version: string, packagePath: string) => {
-    const uri = this.getURI(`/${version}`);
-    const { data } = await curl(uri, {
-      method: 'POST',
-      files: packagePath,
-    });
-    console.log(data.toString());
-  };
-
-  public runRelease = async () => {
-    const version = await this.checkVersionValid();
-    if (!version) {
-      return error(`Materials version already exists.`);
-    }
-
-    await dist();
-    const packagePath: string = await this.createReleasePackage(version);
-    await this.uploadReleasePackage(version, packagePath);
-  };
-}