添加Proof验证

README.md

@@ -0,0 +1 @@
+测试服务器后端代码存放位置：

src/app.ts

@@ -7,6 +7,7 @@ import fs from 'fs';
 import path from 'path';
 import { getLocalIP } from './util/index.js';
 import { errorHandler } from './middleware/index.js';
+import proofZhong from './middleware/proof.js';
 
 const app = express();
 
@@ -17,6 +18,9 @@ app.use(express.urlencoded());
 // 跨域中间件
 app.use(cors());
 
+// 所有接口都要做一次验证
+app.use(proofZhong);
+
 // 日志中间件
 if (isEnv) app.use(morgan('dev'));
 else {

src/controller/fileController.ts

@@ -55,7 +55,6 @@ const file = {
         compressedPath: result.compressedUrl
           ? path.join(path.dirname(file.path), path.basename(result.compressedUrl))
           : null,
-        isImage: isImage,
         updateTime: dayjs().format('YYYY-MM-DD HH:mm:ss'),
       });
 

src/controller/issueController.ts

@@ -1,8 +1,18 @@
 import dayjs from 'dayjs';
 import { Dict } from '../model/index.js';
 import resSend from '../util/resSend.js';
+import { passWordJia } from '../util/pass.js';
 
 const issue = {
+  getProof: async (req: any, res: any) => {
+    const str1 = Date.now() + '';
+    const str2 = passWordJia(str1);
+    const str3 = passWordJia(1000 * 60 * 60 * 2 + '');
+
+    const arr = [str1, str2, str3];
+
+    return resSend(res, 0, '获取Proof成功', arr.join('||'));
+  },
   getIntro: async (req: any, res: any) => {
     req.apiDescription = '内容发布-获取项目简介';
     const introObj = await Dict.findById('694e4200f4ed1ea12901a424');

src/controller/userController.ts

@@ -111,7 +111,7 @@ const user = {
       // 获取token
       const token = await getTokenFu(dbUserJson);
 
-      return resSend(res, 0, '登录成功', { user: dbUserJson, token });
+      return resSend(res, 0, '获取token成功', { token });
     } else {
       return resSend(res, 400, '用户名错误');
     }

src/middleware/proof.ts

@@ -0,0 +1,39 @@
+import { passWordJie } from '../util/pass.js';
+import resSend from '../util/resSend.js';
+
+const proofZhong = (req: any, res: any, next: any) => {
+  const urlAll: string = req.originalUrl;
+
+  if (urlAll.includes('getProof?proof=4DAGE')) {
+    next();
+  } else {
+    // 获取请求头里面的 proof
+    let proof: string = req.headers.proof || '';
+    if (!proof) return resSend(res, 401, 'proof is null');
+
+    try {
+      const [timeCuo, timeMi, timeShi] = proof.split('||');
+
+      if (timeCuo && timeMi && timeShi) {
+        // 传入的时间戳-转成Number类型
+        const timeCuoRes = Number(timeCuo);
+
+        // 传入的时间戳加密-解密
+        const timeMiRes = passWordJie(timeMi);
+
+        // 传入proof有效的时间（加密字符串） - 解密
+        const timeShiRes = passWordJie(timeShi);
+
+        if (timeMiRes !== timeCuo) return resSend(res, 401, 'proof err');
+
+        if (Date.now() - timeCuoRes > Number(timeShiRes)) return resSend(res, 401, 'proof err');
+
+        next();
+      } else return resSend(res, 401, 'proof err');
+    } catch (error: any) {
+      return resSend(res, 401, 'proof err');
+    }
+  }
+};
+
+export default proofZhong;

src/model/fileModel.ts

@@ -29,10 +29,7 @@ const fileModel = new mongoose.Schema({
   compressedPath: {
     type: String,
   },
-  isImage: {
-    type: Boolean,
-    default: false,
-  },
+
   updateTime: {
     type: Date,
     default: dayjs().format('YYYY-MM-DD HH:mm:ss'),

src/router/file.ts

@@ -2,7 +2,6 @@ import express from 'express';
 // 检测token的中间件
 import { verifyToken } from '../middleware/jwt.js';
 // 记录日志的中间件
-import requestLogger from '../middleware/requestLogger.js';
 import { file } from '../controller/inedx.js';
 import { uploadZhong } from '../middleware/fileUpload.js';
 

src/router/index.ts

@@ -2,6 +2,7 @@ import express from 'express';
 import userRouter from './user.js';
 import issueRouter from './issue.js';
 import fileRouter from './file.js';
+import showRouter from './show.js';
 
 const router = express.Router();
 
@@ -9,4 +10,7 @@ router.use('/user', userRouter);
 router.use('/issue', issueRouter);
 router.use('/file', fileRouter);
 
+// 展示端
+router.use('/show', showRouter);
+
 export default router;

src/router/issue.ts

@@ -8,7 +8,6 @@ import { issue } from '../controller/inedx.js';
 const issueRouter = express.Router();
 
 issueRouter
-
   // 获取项目简介
   .get('/getIntro', verifyToken, issue.getIntro)
   // 编辑项目简介

src/router/show.ts

@@ -0,0 +1,12 @@
+import express from 'express';
+import { issue } from '../controller/inedx.js';
+
+const showRouter = express.Router();
+
+showRouter
+  // 获取所有接口的凭证
+  .get('/getProof', issue.getProof)
+  // 获取项目简介
+  .get('/getIntro', issue.getIntro);
+
+export default showRouter;