增加简单的签名认证和文档

2023-06-14 10:21:55 +08:00 · 2023-06-14 10:21:55 +08:00 · af312dc4d3
commit af312dc4d3
parent fce1614233
2 changed files with 53 additions and 20 deletions
--- a/docs/api.md
+++ b/docs/api.md
@ -0,0 +1,33 @@
+### 1. 202306 活动接口
+
+Method: GET
+Host: https://oauth-svr.cebggame.com
+Path: /activity/202306/:address
+
+Query Params:
+
+| 参数 | 说明 |
+| ---- | ---- |
+| sign | 签名 |
+
+> 签名生成: `address=0x2312313aasdqd`, 使用 hmac_sha256 hash, key: iG4Rpsa)6U31$H#^T85$^^3
+
+Return：JSON String
+
+```js
+{
+    "errcode": 0,
+    "data": {
+        "discord": { //discord 相关信息
+            "id": "1034482894690861116", // discord的用户id, 可根据该字段判断是否关联discord
+            "username": "zzoz", // discord用户名
+            "discriminator": "4635",
+            "verified": 0 // 是否满足discord的角色信息
+        },
+        "twitter": {
+            "id": "564269223",  // twitter的用户id, 可根据该字段判断是否关联twitter
+            "username": "zhl01" // twitter 用户名
+        }
+    }
+}
+```
--- a/src/controllers/main.controller.ts
+++ b/src/controllers/main.controller.ts
@ -4,20 +4,29 @@ import { role, router } from 'decorators/router'
 import logger from 'logger/logger'
 import { AuthRecord } from 'modules/AuthRecord'
 import { DiscordSvr } from 'services/discord.svr'
+import { hmacsha256 } from 'utils/security.util'

 class MainController extends BaseController {
  /**
   * Refresh token
   */
  @role(ROLE_ANON)
-  @router('get /user/status/:address')
+  @router('get /activity/202306/:address')
  async getToken(req, res) {
-    let { address } = req.params
+    let { address, sign } = req.params
+    if (!address || !sign) {
+      throw new ZError(10, 'invalid params')
+    }
+    let signCheck = hmacsha256(`address=${address}`, process.env.HASH_SALT)
+    if (sign !== signCheck) {
+      throw new ZError(11, 'invalid sign')
+    }
    let records = await AuthRecord.find({ address })
    let result: any = {
      discord: {},
      twitter: {},
    }
+    let distcordRecord
    for (const record of records) {
      switch (record.platform) {
        case 4:
@ -33,26 +42,17 @@ class MainController extends BaseController {
            discriminator: record.discriminator,
            verified: record.condition,
          }
+          distcordRecord = record
+          break
+      }
+    }
+    if (result.discord.id && !result.discord.verified) {
+      let verified = await new DiscordSvr().checkUserRole(result.discord.id)
+      if (verified) {
+        distcordRecord.condition = 1
+        result.discord.verified = 1
      }
    }
    return result
  }
-
-  @role(ROLE_ANON)
-  @router('get /user/check_verify/:address')
-  async checkUserRole(req, res) {
-    let { address } = req.params
-    if (!address) {
-      throw new ZError(10, 'address is required')
-    }
-    let discordRecord = await AuthRecord.findByAddress(address, 7)
-    if (!discordRecord) {
-      throw new ZError(11, 'discord not found')
-    }
-    if (discordRecord.condition) {
-      return { verified: true }
-    }
-    let role = await new DiscordSvr().checkUserRole(discordRecord.openId)
-    return { verified: role }
-  }
 }