feat: 添加JWKS管理功能,支持基于用户token创建新token
This commit is contained in:
@@ -17,4 +17,6 @@ import './secret-key/list.ts';
|
||||
|
||||
import './wx-login.ts'
|
||||
|
||||
import './cnb-login.ts';
|
||||
import './cnb-login.ts';
|
||||
|
||||
import './jwks.ts';
|
||||
33
src/routes/user/jwks.ts
Normal file
33
src/routes/user/jwks.ts
Normal file
@@ -0,0 +1,33 @@
|
||||
import { app } from '@/app.ts'
|
||||
import { UserModel } from '@/auth/index.ts';
|
||||
import z from 'zod';
|
||||
|
||||
app.route({
|
||||
path: 'user',
|
||||
key: 'token-create',
|
||||
description: '根据用户token创建一个新的token,主要用于临时访问',
|
||||
middleware: ['auth'],
|
||||
metadata: {
|
||||
args: {
|
||||
loginType: z.enum(['jwks']).optional(),
|
||||
}
|
||||
}
|
||||
}).define(async (ctx) => {
|
||||
const user = await UserModel.getUserByToken(ctx.query.token);
|
||||
const loginType = ctx.query?.loginType ?? 'jwks';
|
||||
if (!user) {
|
||||
ctx.throw(404, 'user not found');
|
||||
}
|
||||
if (loginType !== 'jwks') {
|
||||
ctx.throw(400, 'unsupported login type');
|
||||
}
|
||||
let expire = ctx.query.expire ?? 24 * 3600;
|
||||
// 大于24小时的过期时间需要管理员权限
|
||||
if (expire > 24 * 3600) {
|
||||
expire = 2 * 3600;
|
||||
}
|
||||
const value = await user.createToken(null, loginType, {
|
||||
expire: expire, // 24小时过期
|
||||
})
|
||||
ctx.body = value
|
||||
}).addTo(app)
|
||||
Reference in New Issue
Block a user