✨ feat: session改为redis存储

apis/User/GetUserInfo.js

@@ -1,7 +1,8 @@
-const API = require("../../lib/API");
-const db = require("../../plugin/DataBase/db");
-const AccessControl = require("../../lib/AccessControl");
-const { BaseStdResponse } = require("../../BaseStdResponse");
+const API = require("../../lib/API")
+const db = require("../../plugin/DataBase/db")
+const AccessControl = require("../../lib/AccessControl")
+const Redis = require('../../plugin/DataBase/Redis')
+const { BaseStdResponse } = require("../../BaseStdResponse")
 
 class GetRepoList extends API {
     constructor() {
@@ -28,7 +29,7 @@ class GetRepoList extends API {
                 ...BaseStdResponse.ACCESS_DENIED
             })
 
-        let sql = 'SELECT uuid, session, username, permission AS roles, avatar, email, registTime FROM users WHERE uuid = ?'
+        let sql = 'SELECT uuid, username, permission AS roles, avatar, email, registTime FROM users WHERE uuid = ?'
         let rows = await db.query(sql, [uuid])
 
         if (!rows || rows.length === 0)
@@ -37,9 +38,14 @@ class GetRepoList extends API {
                 msg: '获取用户信息失败！'
             })
 
+        const userSession = await Redis.get(`userSession:${uuid}`)
+
         res.json({
             ...BaseStdResponse.OK,
-            data: rows[0]
+            data: {
+                ...rows[0],
+                session: userSession
+            }
         })
     }
 }

apis/User/Login.js

@@ -1,9 +1,9 @@
-const { v4: uuidv4 } = require('uuid');
-const API = require("../../lib/API");
-const bcryptjs = require('bcryptjs');
-const { BaseStdResponse } = require("../../BaseStdResponse");
-const db = require("../../plugin/DataBase/db");
-const Redis = require('../../plugin/DataBase/Redis');
+const { v4: uuidv4 } = require('uuid')
+const API = require("../../lib/API")
+const bcryptjs = require('bcryptjs')
+const { BaseStdResponse } = require("../../BaseStdResponse")
+const db = require("../../plugin/DataBase/db")
+const Redis = require('../../plugin/DataBase/Redis')
 
 // 用户登录
 class Login extends API {
@@ -52,31 +52,30 @@ class Login extends API {
                 msg: '用户名或密码错误'
             })
 
-        const session = uuidv4();
-        const time = new Date().getTime()
+        const session = uuidv4()
+        await Redis.set(`userSession:${rows[0].uuid}`, session, {
+            exp: 2592000
+        })
 
-        sql = 'UPDATE users SET session = ?, lastTime = ? WHERE id = ?';
-        let result = await db.query(sql, [session, time, rows[0].id]);
+        res.json({
+            ...BaseStdResponse.OK,
+            data: {
+                uuid: rows[0].uuid,
+                username: rows[0].username,
+                session,
+                roles: rows[0].permission || [],
+                vip: rows[0].vip,
+                ic_count: rows[0].ic_count,
+                lepao_count: rows[0].lepao_count,
+                crouse_count: rows[0].crouse_count,
+                avatar: rows[0].avatar,
+                email: rows[0].email
+            }
+        })
 
-        if (result && result.affectedRows > 0) {
-            res.json({
-                ...BaseStdResponse.OK,
-                data: {
-                    uuid: rows[0].uuid,
-                    username: rows[0].username,
-                    session,
-                    roles: rows[0].permission || [],
-                    vip: rows[0].vip,
-                    ic_count: rows[0].ic_count,
-                    lepao_count: rows[0].lepao_count,
-                    crouse_count: rows[0].crouse_count,
-                    avatar: rows[0].avatar,
-                    email: rows[0].email
-                }
-            });
-        } else {
-            res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '登录失败！' });
-        }
+        const time = new Date().getTime()
+        sql = 'UPDATE users SET lastTime = ? WHERE id = ?';
+        await db.query(sql, [time, rows[0].id]);
     }
 }
 

apis/User/Register.js

@@ -93,8 +93,8 @@ class Register extends API {
         const hashPassword = bcryptjs.hashSync(password, 10);
         const time = new Date().getTime()
 
-        sql = 'INSERT INTO users (uuid, username, session, email, password, registTime) VALUES (?, ?, ?, ?, ?, ?)';
-        let result = await db.query(sql, [uuid, username, session, email, hashPassword, time]);
+        sql = 'INSERT INTO users (uuid, username, email, password, registTime) VALUES (?, ?, ?, ?, ?)';
+        let result = await db.query(sql, [uuid, username, email, hashPassword, time]);
 
         if (result && result.affectedRows > 0) {
             // 注册成功后删除邮箱对应的验证码 避免注册失败后重复获取

apis/User/uniLogin/Login.js

@@ -2,6 +2,7 @@ const API = require("../../../lib/API")
 const axios = require('axios')
 const { v4: uuidv4 } = require('uuid')
 const db = require("../../../plugin/DataBase/db")
+const Redis = require('../../../plugin/DataBase/Redis')
 const config = require('../../../config.json')
 const { BaseStdResponse } = require("../../../BaseStdResponse")
 
@@ -51,8 +52,8 @@ class Login extends API {
                 uuid = uuidv4()
                 username = `用户${uuid.slice(0, 8)}`
 
-                let regSql = 'INSERT INTO users (uuid, username, session, registTime, social_uid, social_type, nickname, avatar, email) VALUES (?,?,?,?,?,?,?,?,?) '
-                let regRows = await db.query(regSql, [uuid, username, session, time, social_uid, type || 'qq', nickname, faceimg, '未设置'])
+                let regSql = 'INSERT INTO users (uuid, username, registTime, social_uid, social_type, nickname, avatar, email) VALUES (?,?,?,?,?,?,?,?) '
+                let regRows = await db.query(regSql, [uuid, username, time, social_uid, type || 'qq', nickname, faceimg, '未设置'])
                 if (!regRows || regRows.affectedRows !== 1) {
                     this.logger.error(`聚合登录用户注册失败！数据库错误`)
                     return res.json({
@@ -61,23 +62,16 @@ class Login extends API {
                     })
                 }
             }
-
             else {
-                let updateSql = 'UPDATE users SET session = ?, lastTime = ?, avatar = ?, nickname = ? WHERE social_uid = ? AND social_type = ?'
-                let updateRows = await db.query(updateSql, [session, time, faceimg, nickname, social_uid, type || 'qq'])
-                if (!updateRows || updateRows.affectedRows !== 1) {
-                    this.logger.error(`聚合登录用户登录失败！数据库错误`)
-                    return res.json({
-                        ...BaseStdResponse.ERR,
-                        msg: '用户登录失败！请稍后再试'
-                    })
-                }
-
                 uuid = selectRows[0].uuid
                 username = selectRows[0].username
                 permission = selectRows[0].permission
             }
 
+            await Redis.set(`userSession:${uuid}`, session, {
+                exp: 2592000
+            })
+
             res.json({
                 ...BaseStdResponse.OK,
                 data: {
@@ -93,6 +87,11 @@ class Login extends API {
 
             // 增加登录记录
             try {
+                if (selectRows.length !== 0) {
+                    let updateSql = 'UPDATE users SET lastTime = ?, avatar = ?, nickname = ? WHERE social_uid = ? AND social_type = ?'
+                    await db.query(updateSql, [time, faceimg, nickname, social_uid, type || 'qq'])
+                }
+
                 const userAgent = req.headers['user-agent']
                 let insertSql = 'INSERT INTO login_history (uuid, time, deviceInfo, type, ip) VALUES (?, ?, ?, ?, ?)'
                 await db.query(insertSql, [uuid, time, { 'ua': userAgent }, type || 'qq', ip])
@@ -109,4 +108,4 @@ class Login extends API {
     }
 }
 
-module.exports.Login = Login;
+module.exports.Login = Login

lib/AccessControl.js

@@ -1,17 +1,16 @@
-const db = require('../plugin/DataBase/db');
+const db = require('../plugin/DataBase/db')
+const Redis = require('../plugin/DataBase/Redis')
 
 class AccessControl {
     async checkSession(uuid, session) {
-        const sql = 'SELECT uuid, session FROM users WHERE uuid = ? AND session = ?';
-        const rows = await db.query(sql, [uuid, session]);
-        return rows.length > 0;
+        return (await Redis.get(`userSession:${uuid}`)) === session
     }
 
     async getPermission(uuid) {
-        const sql = 'SELECT permission FROM users WHERE uuid = ?';
-        const rows = await db.query(sql, [uuid]);
+        const sql = 'SELECT permission FROM users WHERE uuid = ?'
+        const rows = await db.query(sql, [uuid])
 
-        return rows[0].permission || [];
+        return rows[0].permission || []
     }
 
     async checkJwAccount(uuid, username) {
@@ -19,7 +18,7 @@ class AccessControl {
         const rows = await db.query(sql, [uuid, username]);
         if (!rows || rows.length !== 1 || !rows[0].password)
             return false
-        return rows[0].password;
+        return rows[0].password
     }
 }