diff --git a/src/bin/express.js b/src/bin/express.js index 0edce13..9476443 100644 --- a/src/bin/express.js +++ b/src/bin/express.js @@ -169,9 +169,10 @@ app.use(function(err, req, res, next) { err_status: err.status, err_message: err.message }); - if (req.path.startsWith('/api')) { - res.json({ errcode: 10, errmsg: err.message }); - } else { + res.json({ errcode: 10, errmsg: err.message }); + // if (req.path.startsWith('/api')) { + + // } else { // TODO: // res.render('error', { @@ -179,7 +180,7 @@ app.use(function(err, req, res, next) { // error: err, // title: err.status // }); - } + // } }); export default app; diff --git a/src/controllers/common/index.js b/src/controllers/common/index.js index fa89d36..6097040 100644 --- a/src/controllers/common/index.js +++ b/src/controllers/common/index.js @@ -1,11 +1,12 @@ import { Router } from 'express'; import testCtrl from './test'; +import permission from './../../middleware/permission' const router = new Router(); // TODO: -router.get('/test', testCtrl); +router.get('/test',permission, testCtrl); diff --git a/src/controllers/common/test.js b/src/controllers/common/test.js index 43bf9f2..7013cc8 100644 --- a/src/controllers/common/test.js +++ b/src/controllers/common/test.js @@ -28,10 +28,12 @@ export default function(req, res, next) { // }); -User.findOne({username: "yulixing"}).populate({path: 'permissions'}).exec((err, res) => { - console.log(res) - console.log(res.permissions) -}) +// User.findOne({username: "yulixing"}).populate({path: 'permissions'}).exec((err, res) => { +// console.log(res) +// console.log(res.permissions) +// }) - res.send({}); + res.send({ + p: req.user + }); } diff --git a/src/controllers/sys/index.js b/src/controllers/sys/index.js index 49d6788..e835764 100644 --- a/src/controllers/sys/index.js +++ b/src/controllers/sys/index.js @@ -1,11 +1,26 @@ import { Router } from 'express'; -import userListCtrl from './user-list'; +import {userListCtrl, userEditCtrl} from './users'; +import {permissionListCtrl, permissionEditCtrl, permissionAddCtrl, permissionDelCtrl} from './permission'; const router = new Router(); -router.get('/user-list', userListCtrl); +// 用户列表 +router.get('/users/list', userListCtrl); +router.post('/users/edit', userEditCtrl); + + +// 权限管理 +router.get('/permission/list', permissionListCtrl); +router.post('/permission/edit', permissionEditCtrl); +router.post('/permission/add', permissionAddCtrl); +router.post('/permission/del', permissionDelCtrl); + + + + + export default router; diff --git a/src/controllers/sys/permission.js b/src/controllers/sys/permission.js new file mode 100644 index 0000000..1629ce4 --- /dev/null +++ b/src/controllers/sys/permission.js @@ -0,0 +1,77 @@ +import { Role } from '../../models/admin/User'; + +async function permissionListCtrl(req, res, next) { + try { + const result = await Role.find({}); + res.send({ + errcode: 0, + permissionList: result + }); + } catch (err) { + next(err); + } +} + +async function permissionEditCtrl(req, res, next) { + const body = req.body; + const rolename = body.rolename; + delete body.rolename; + + try { + const searchResult = await Role.findOne({ rolename }); + if (searchResult) { + const updateResult = await Role.updateOne({ rolename }, body); + res.send({ + errcode: 0 + }); + } else { + res.send({ + errcode: 1, + errmsg: '角色不存在。' + }); + } + } catch (err) { + next(err); + } +} + +async function permissionAddCtrl(req, res, next) { + const body = req.body; + const newRole = new Role(body); + try { + const searchResult = await Role.findOne({ rolename: body.rolename }); + if (searchResult !== null) { + res.send({ + errcode: 1, + errmsg: '已有该角色,不可重复' + }); + } else { + await newRole.save(); + res.send({ + errcode: 0 + }); + } + } catch (err) { + next(err); + } +} + +async function permissionDelCtrl(req, res, next) { + const body = req.body; + try { + const delResult = await Role.deleteOne({ rolename: body.rolename }); + console.log(delResult); + res.send({ + errcode: 0 + }); + } catch (err) { + next(err); + } +} + +export { + permissionListCtrl, + permissionEditCtrl, + permissionAddCtrl, + permissionDelCtrl +}; diff --git a/src/controllers/sys/user-admin.js b/src/controllers/sys/user-admin.js new file mode 100644 index 0000000..e69de29 diff --git a/src/controllers/sys/user-list.js b/src/controllers/sys/users.js similarity index 52% rename from src/controllers/sys/user-list.js rename to src/controllers/sys/users.js index 8c57238..c7145bb 100644 --- a/src/controllers/sys/user-list.js +++ b/src/controllers/sys/users.js @@ -1,8 +1,9 @@ import ldap from 'ldapjs'; import config from '../../../config/config'; import { User, LdapUser } from '../../models/admin/User'; +import combPer from '../../utils/comb-permissions'; -export default function(req, res, next) { +async function userListCtrl(req, res, next) { const client = ldap.createClient({ url: config.ldap.url }); @@ -13,7 +14,7 @@ export default function(req, res, next) { }; const data = []; - client.bind(config.ldap.user, config.ldap.pwd, function(err, bindRes) { + client.bind(config.ldap.user, config.ldap.password, function(err, bindRes) { if (err) next(err); client.search('ou=people,dc=kingsome,dc=cn', opts, function( err, @@ -31,25 +32,26 @@ export default function(req, res, next) { try { let users = data; users = users.map(user => { - user.userinfo = user.uidNumber; + user.userInfo = user.uidNumber; return user; }); - const delResult = await LdapUser.remove({}); + const delResult = await LdapUser.deleteMany({}); const saveResult = await LdapUser.insertMany(data); // 取出完整用户信息 // 首次查询 let compUserList = await LdapUser.find({}).populate({ - path: 'userinfo' + path: 'userInfo' }); compUserList.map(async user => { - if (!user.userinfo) { + console.log(user.cn); + if (!user.userInfo) { const newUser = new User({ _id: user.uidNumber, username: user.uid, - fullname: user.sn + fullname: user.cn }); await newUser.save(); } @@ -57,11 +59,22 @@ export default function(req, res, next) { // 再次查询 compUserList = await LdapUser.find({}).populate({ - path: 'userinfo' + path: 'userInfo', + populate: { + path: 'permissions' + } + }); + + compUserList = compUserList.map(user => { + let permissions = user.userInfo.permissions; + permissions = combPer(permissions); + let userInfo = user.userInfo; + userInfo.permissions = permissions; + return userInfo; }); res.send({ - res: compUserList + userList: compUserList }); client.unbind(); } catch (err) { @@ -71,3 +84,29 @@ export default function(req, res, next) { }); }); } + +async function userEditCtrl(req, res, next) { + const body = req.body; + console.log(body); + const username = body.username; + delete body.username; + try { + const searchResult = await LdapUser.findOne({ uid: username }); + console.log(searchResult); + if (searchResult) { + await User.updateOne({ username }, body); + res.send({ + errcode: 0 + }); + } else { + res.send({ + errcode: 1, + errmsg: '用户不存在' + }); + } + } catch (err) { + next(err); + } +} + +export { userListCtrl, userEditCtrl }; diff --git a/src/controllers/users/index.js b/src/controllers/user/index.js similarity index 66% rename from src/controllers/users/index.js rename to src/controllers/user/index.js index cc07b0c..cde46da 100644 --- a/src/controllers/users/index.js +++ b/src/controllers/user/index.js @@ -1,12 +1,12 @@ import { Router } from 'express'; import loginCtrl from './login'; -import userInfoCtrl from './user-info'; +import userInfoCtrl from './info'; const router = new Router(); router.post('/login', loginCtrl); -router.get('/user-info', userInfoCtrl); +router.get('/info', userInfoCtrl); export default router; diff --git a/src/controllers/users/user-info.js b/src/controllers/user/info.js similarity index 70% rename from src/controllers/users/user-info.js rename to src/controllers/user/info.js index 60e12af..88fe280 100644 --- a/src/controllers/users/user-info.js +++ b/src/controllers/user/info.js @@ -1,8 +1,10 @@ import jwt from 'jsonwebtoken'; import config from '../../../config/config'; -import { User } from '../../models/admin/User'; +import { LdapUser } from '../../models/admin/User'; +import combPer from '../../utils/comb-permissions'; export default function(req, res, next) { + console.log('获用户信息') const BearerToken = req.headers.authorization; console.log(BearerToken); if (!BearerToken) { @@ -32,35 +34,30 @@ export default function(req, res, next) { // 获取用户信息 try { const username = decode.username; - const searchResult = await User.findOne({ username }).populate({ - path: 'permissions' + const searchResult = await LdapUser.findOne({ uid: username }).populate({ + path: 'userInfo', + populate: { + path: 'permissions' + } }).exec(); - console.log(searchResult); if (!searchResult) { res.send({ errcode: 1, errmsg: '用户信息发生异常。' }); } else { - let permissions = [...searchResult.permissions]; - permissions = permissions.map(permission => { - return permission.permissions; - }); - permissions = permissions.reduce((pre, cur) => { - return pre.concat([...cur]); - }, []); - - const userInfo = JSON.parse(JSON.stringify(searchResult)); - userInfo.permits = permissions; - + let permissions = [...searchResult.userInfo.permissions]; + permissions = combPer(permissions); + const userInfo = JSON.parse(JSON.stringify(searchResult.userInfo)); + userInfo.permissions = permissions; res.send({ errcode: 0, userInfo }); } } catch (err) { - next(err); + throw err; } } }); diff --git a/src/controllers/users/login.js b/src/controllers/user/login.js similarity index 85% rename from src/controllers/users/login.js rename to src/controllers/user/login.js index 86676de..0e2b4fb 100644 --- a/src/controllers/users/login.js +++ b/src/controllers/user/login.js @@ -4,6 +4,7 @@ import config from '../../../config/config'; import {User} from '../../models/admin/User'; export default function(req, res, next) { + console.log('登录') const body = req.body; const client = ldap.createClient({ url: config.ldap.url @@ -15,7 +16,7 @@ export default function(req, res, next) { }; const data = []; - client.bind(config.ldap.user, config.ldap.pwd, function(err, bindRes) { + client.bind(config.ldap.user, config.ldap.password, function(err, bindRes) { if (err) next(err); client.search('ou=people,dc=kingsome,dc=cn', opts, function( err, @@ -34,8 +35,7 @@ export default function(req, res, next) { // 用户存在,验证密码 const user = data[0]; const dn = user.dn; - client.bind('cn=虞丽星,ou=people,dc=kingsome,dc=cn', 'yulixing123456', async function(err, verifyRes) { - // client.bind(dn, body.pwd, async function(err, verifyRes) { + client.bind(dn, body.password, async function(err, verifyRes) { // 登录成功 if (err === null) { const token = jwt.sign( @@ -54,12 +54,16 @@ export default function(req, res, next) { const newUser = new User({ _id:user.uidNumber, username: user.uid, - fullname: user.sn, + fullname: user.sn }); const saveResult = await newUser.save(); - console.log(saveResult) userSearch = saveResult; + } else { + await User.update({username: user.uid}, { + lastLogin: new Date() + }) } + client.unbind(); res.send({ errcode: 0, token, @@ -69,7 +73,7 @@ export default function(req, res, next) { next(err); } } else { - console.log(err) + client.unbind(); res.send({ errcode: 1, errmsg: '密码不正确。' @@ -78,12 +82,12 @@ export default function(req, res, next) { }); } else { // 用户不存在 + client.unbind(); res.send({ errcode: 2, errmsg: '用户不存在。' }); } - client.unbind(); }); }); }); diff --git a/src/middleware/permission.js b/src/middleware/permission.js new file mode 100644 index 0000000..f00d26c --- /dev/null +++ b/src/middleware/permission.js @@ -0,0 +1,67 @@ +import jwt from 'jsonwebtoken'; +import config from '../../config/config'; +import { LdapUser } from '../models/admin/User'; +import combPer from '../utils/comb-permissions' + +export default function(req, res, next) { + const BearerToken = req.headers.authorization; + if (!BearerToken) { + // 无权限 + res.send({ + errcode: 1, + errmsg: '用户无权限。' + }); + } else { + const token = getToken(BearerToken); + if (!token) { + // 异常 + res.send({ + errcode: 1, + errmsg: 'token 异常。' + }); + } else { + jwt.verify(token, config.jwtSecret, async (err, decode) => { + if (err) { + // 验证不通过 + res.send({ + errcode: 1, + errmsg: err.message + }); + } else { + // 验证通过 + // 获取用户信息 + try { + const username = decode.username; + const searchResult = await LdapUser.findOne({ uid: username }).populate({ + path: 'userInfo', + populate: { + path: 'permissions' + } + }).exec(); + console.log(searchResult); + if (!searchResult) { + res.send({ + errcode: 1, + errmsg: '用户信息发生异常。' + }); + } else { + let permissions = [...searchResult.userInfo.permissions]; + permissions = combPer(permissions); + const userInfo = JSON.parse(JSON.stringify(searchResult)); + req.user = userInfo.userInfo; + next(); + } + } catch (err) { + next(err); + } + } + }); + } + } +} + +function getToken(str) { + const reg = /^Bearer (.+)/; + const result = reg.exec(str); + return result ? result[1] : ''; +} diff --git a/src/models/admin/User.js b/src/models/admin/User.js index 468b2d2..ae85abd 100644 --- a/src/models/admin/User.js +++ b/src/models/admin/User.js @@ -21,7 +21,7 @@ const UserSchema = new mongoose.Schema( // 角色 roles: [{ type: String }], // 权限组 - permissions: [{ type: mongoose.Schema.Types.ObjectId, ref: 'Role' }], + permissions: [{ type: String, ref: 'Role' }], // 状态 status: { type: String, default: '0' }, // 签名 @@ -29,7 +29,9 @@ const UserSchema = new mongoose.Schema( // 备注 comment: { type: String }, // 更改人 - lastModifiedBy: { type: String } + lastModifiedBy: { type: String }, + // 最后登录时间 + lastLogin: { type: Date } }, { collection: 'users', @@ -42,7 +44,13 @@ const UserSchema = new mongoose.Schema( const RoleSchema = new mongoose.Schema( { // 角色名 - rolename: { type: String }, + name: { type: String }, + // 角色英文名 + rolename: { type: String, unique: true }, + // 描述 + describe: { type: String }, + // 备注 + comment: { type: String }, // 权限 permissions: [{ type: String }] }, @@ -57,9 +65,9 @@ const RoleSchema = new mongoose.Schema( const LdapUserSchema = new mongoose.Schema( { cn: { type: String }, - uid: { type: String }, + uid: { type: String, unique: true }, uidNumber: { type: String }, - userinfo: { type: String, ref: 'User' } + userInfo: { type: String, ref: 'User' } }, { collection: 'ldap-users', diff --git a/src/router/index.js b/src/router/index.js index c8308c0..fe79d2a 100644 --- a/src/router/index.js +++ b/src/router/index.js @@ -3,13 +3,13 @@ import {Router} from 'express'; import commonRouter from './../controllers/common' import sysRouter from './../controllers/sys' -import usersRouter from './../controllers/users' +import userRouter from './../controllers/user' const router = new Router(); router.use('/common', commonRouter); router.use('/sys', sysRouter); -router.use('/users', usersRouter); +router.use('/user', userRouter); export default router \ No newline at end of file diff --git a/src/utils/comb-permissions.js b/src/utils/comb-permissions.js new file mode 100644 index 0000000..5d3906a --- /dev/null +++ b/src/utils/comb-permissions.js @@ -0,0 +1,10 @@ +export default function(perArr) { + let permissions = perArr; + permissions = permissions.map(permission => { + return permission.permissions; + }); + permissions = permissions.reduce((pre, cur) => { + return pre.concat([...cur]); + }, []); + return [...new Set(permissions)]; +}