调整配置读取方式

2023-05-08 21:48:42 +08:00 · 2023-05-08 21:48:42 +08:00 · 4f74504b14
commit 4f74504b14
parent 1ed899bfac
3 changed files with 40 additions and 31 deletions
--- a/src/api.server.ts
+++ b/src/api.server.ts
@ -38,7 +38,7 @@ export class ApiServer {
    })

    this.server.register(apiAuthPlugin, {
-      secret: config.api.token_secret,
+      secret: { private: config.api.token_secret_private, public: config.api.token_secret_public },
      expiresIn: config.api.token_expiresIn,
    })
    if (process.env.NODE_ENV !== 'production') {
--- a/src/config/config.ts
+++ b/src/config/config.ts
@ -1,29 +1,47 @@
-import * as dotenv from "dotenv";
-const NODE_ENV = process.env.NODE_ENV || "development";
+import * as dotenv from 'dotenv'
+import assert from 'assert'
+const NODE_ENV = process.env.NODE_ENV || 'development'

-dotenv.config();
-let path;
+dotenv.config()
+let path
 switch (process.env.NODE_ENV) {
-  case "test":
-    path = `${__dirname}/../../.env.development`;
-    break;
-  case "production":
-    path = `${__dirname}/../../.env.production`;
-    break;
+  case 'test':
+    path = `${__dirname}/../../.env.development`
+    break
+  case 'production':
+    path = `${__dirname}/../../.env.production`
+    break
  default:
-    path = `${__dirname}/../../.env.development`;
+    path = `${__dirname}/../../.env.development`
 }
-dotenv.config({ path: path, debug: NODE_ENV === "development" });
+dotenv.config({ path: path, debug: NODE_ENV === 'development' })
+
+assert(process.env.API_TOKEN_SECRET_PRIVATE, 'API_TOKEN_SECRET_PRIVATE not set')
+assert(process.env.API_TOKEN_SECRET_PUBLIC, 'API_TOKEN_SECRET_PUBLIC not set')
+assert(process.env.API_TOKEN_EXPIRESIN, 'API_TOKEN_EXPIRESIN not set')
+
+const privateKey = `
+-----BEGIN PRIVATE KEY-----
+${process.env.API_TOKEN_SECRET_PRIVATE}
+-----END PRIVATE KEY-----
+`
+const publicKey = `
+-----BEGIN PUBLIC KEY-----
+${process.env.API_TOKEN_SECRET_PUBLIC}
+-----END PUBLIC KEY-----
+`
+
 let baseConfig = {
  api: {
    port: parseInt(process.env.API_PORT),
    host: process.env.API_HOST,
-    token_secret: process.env.API_TOKEN_SECRET,
+    token_secret_private: privateKey,
+    token_secret_public: publicKey,
    token_expiresIn: process.env.API_TOKEN_EXPIRESIN,
  },

  db_main: process.env.DB_MAIN,
  db_second: process.env.DB_SECOND,
-};
+}

-export default baseConfig;
+export default baseConfig
--- a/src/plugins/apiauth.ts
+++ b/src/plugins/apiauth.ts
@ -14,25 +14,16 @@ declare module 'fastify' {
 }

 export interface ApiAuthOptions {
-  secret: string
+  secret: {
+    private: string
+    public: string
+  }
  expiresIn: string
 }
-const privateKey = `
-----BEGIN PRIVATE KEY-----
-${process.env.API_TOKEN_SECRET_PRIVATE}
-----END PRIVATE KEY-----
-`
-const publicKey = `
-----BEGIN PUBLIC KEY-----
-${process.env.API_TOKEN_SECRET_PUBLIC}
-----END PUBLIC KEY-----
-`
+
 const apiAuthPlugin: FastifyPluginAsync<ApiAuthOptions> = async function (fastify, opts) {
  fastify.register(require('@fastify/jwt'), {
-    secret: {
-      private: privateKey,
-      public: publicKey,
-    },
+    secret: opts.secret,
    sign: { expiresIn: opts.expiresIn, algorithm: 'EdDSA' },
  })
  // 只有路由配置的role为anon才不需要过滤