(envObj).reduce((prev, [key, value]) => {
+ return `${prev}
+ ${key}: '${value}';`
+}, '').trim()
+
+fs.writeFile(path.join(directoryPath, 'types/env.d.ts'), `
+// generate by ./scripts/generateEnvTypes.ts
+declare global {
+ namespace NodeJS {
+ interface ProcessEnv {
+ ${envType}
+ }
+ }
+}
+export {};
+ `, (err) => {
+ if (err)
+ console.log('生成 env.d.ts 文件失败')
+ else
+ console.log('成功生成 env.d.ts 文件')
+})
+
+// console.log('envObj:', envObj)
+
+function formatValue(value) {
+ let _value
+ try {
+ const res = JSON.parse(value)
+ _value = typeof res === 'object' ? value : res
+ }
+ catch (error) {
+ _value = `'${value}'`
+ }
+ return _value
+}
diff --git a/scripts/resetScheduler.ts b/scripts/resetScheduler.ts
new file mode 100644
index 0000000..2a85291
--- /dev/null
+++ b/scripts/resetScheduler.ts
@@ -0,0 +1,26 @@
+import { exec } from 'node:child_process'
+
+import { CronJob } from 'cron'
+
+/** 此文件仅供演示时使用 */
+
+const runMigrationGenerate = async function () {
+ exec('npm run migration:revert && npm run migration:run', (error, stdout, stderr) => {
+ if (!error)
+ console.log('操作成功', error)
+
+ else
+ console.log('操作失败', error)
+ })
+}
+
+const job = CronJob.from({
+ /** 每天凌晨 4.30 恢复初始数据 */
+ cronTime: '30 4 * * *',
+ timeZone: 'Asia/Shanghai',
+ start: true,
+ onTick() {
+ runMigrationGenerate()
+ console.log('Task executed daily at 4.30 AM:', new Date().toLocaleTimeString())
+ },
+})
diff --git a/src/app.module.ts b/src/app.module.ts
new file mode 100644
index 0000000..34b38f7
--- /dev/null
+++ b/src/app.module.ts
@@ -0,0 +1,67 @@
+import { ClassSerializerInterceptor, Module } from '@nestjs/common'
+
+import { ConfigModule } from '@nestjs/config'
+import { APP_FILTER, APP_GUARD, APP_INTERCEPTOR } from '@nestjs/core'
+
+import config from '~/config'
+import { SharedModule } from '~/shared/shared.module'
+
+import { AllExceptionsFilter } from './common/filters/any-exception.filter'
+
+import { IdempotenceInterceptor } from './common/interceptors/idempotence.interceptor'
+import { TimeoutInterceptor } from './common/interceptors/timeout.interceptor'
+import { TransformInterceptor } from './common/interceptors/transform.interceptor'
+import { AuthModule } from './modules/auth/auth.module'
+import { JwtAuthGuard } from './modules/auth/guards/jwt-auth.guard'
+import { RbacGuard } from './modules/auth/guards/rbac.guard'
+import { HealthModule } from './modules/health/health.module'
+import { NetdiskModule } from './modules/netdisk/netdisk.module'
+import { SseModule } from './modules/sse/sse.module'
+import { SystemModule } from './modules/system/system.module'
+import { TasksModule } from './modules/tasks/tasks.module'
+import { TodoModule } from './modules/todo/todo.module'
+import { ToolsModule } from './modules/tools/tools.module'
+import { DatabaseModule } from './shared/database/database.module'
+
+import { SocketModule } from './socket/socket.module'
+
+@Module({
+ imports: [
+ ConfigModule.forRoot({
+ isGlobal: true,
+ expandVariables: true,
+ // 指定多个 env 文件时,第一个优先级最高
+ envFilePath: ['.env.local', `.env.${process.env.NODE_ENV}`, '.env'],
+ load: [...Object.values(config)],
+ }),
+ SharedModule,
+ DatabaseModule,
+
+ AuthModule,
+ SystemModule,
+ TasksModule.forRoot(),
+ ToolsModule,
+ SocketModule,
+ HealthModule,
+ SseModule,
+ NetdiskModule,
+
+ // biz
+
+ // end biz
+
+ TodoModule,
+ ],
+ providers: [
+ { provide: APP_FILTER, useClass: AllExceptionsFilter },
+
+ { provide: APP_INTERCEPTOR, useClass: ClassSerializerInterceptor },
+ { provide: APP_INTERCEPTOR, useClass: TransformInterceptor },
+ { provide: APP_INTERCEPTOR, useFactory: () => new TimeoutInterceptor(15 * 1000) },
+ { provide: APP_INTERCEPTOR, useClass: IdempotenceInterceptor },
+
+ { provide: APP_GUARD, useClass: JwtAuthGuard },
+ { provide: APP_GUARD, useClass: RbacGuard },
+ ],
+})
+export class AppModule {}
diff --git a/src/assets/templates/verification-code-zh.hbs b/src/assets/templates/verification-code-zh.hbs
new file mode 100644
index 0000000..df3702a
--- /dev/null
+++ b/src/assets/templates/verification-code-zh.hbs
@@ -0,0 +1,4 @@
+你的验证码是:
+{{code}}
+该验证码 10 分钟内有效,请勿将验证码告知给他人!
+本邮件由系统自动发出,请勿回复。
\ No newline at end of file
diff --git a/src/assets/templates/verification-code.hbs b/src/assets/templates/verification-code.hbs
new file mode 100644
index 0000000..6545c27
--- /dev/null
+++ b/src/assets/templates/verification-code.hbs
@@ -0,0 +1,5 @@
+Your verification code is:
+{{verificationCode}}
+This code will expire in 10 minutes.
+This email is sent automatically by the system, please do not
+ reply.
\ No newline at end of file
diff --git a/src/common/adapters/fastify.adapter.ts b/src/common/adapters/fastify.adapter.ts
new file mode 100644
index 0000000..e25d0ca
--- /dev/null
+++ b/src/common/adapters/fastify.adapter.ts
@@ -0,0 +1,46 @@
+import FastifyCookie from '@fastify/cookie'
+import FastifyMultipart from '@fastify/multipart'
+import { FastifyAdapter } from '@nestjs/platform-fastify'
+
+const app: FastifyAdapter = new FastifyAdapter({
+ trustProxy: true,
+ logger: false,
+ // forceCloseConnections: true,
+})
+export { app as fastifyApp }
+
+app.register(FastifyMultipart, {
+ limits: {
+ fields: 10, // Max number of non-file fields
+ fileSize: 1024 * 1024 * 6, // limit size 6M
+ files: 5, // Max number of file fields
+ },
+})
+
+app.register(FastifyCookie, {
+ secret: 'cookie-secret', // 这个 secret 不太重要,不存鉴权相关,无关紧要
+})
+
+app.getInstance().addHook('onRequest', (request, reply, done) => {
+ // set undefined origin
+ const { origin } = request.headers
+ if (!origin)
+ request.headers.origin = request.headers.host
+
+ // forbidden php
+
+ const { url } = request
+
+ if (url.endsWith('.php')) {
+ reply.raw.statusMessage
+ = 'Eh. PHP is not support on this machine. Yep, I also think PHP is bestest programming language. But for me it is beyond my reach.'
+
+ return reply.code(418).send()
+ }
+
+ // skip favicon request
+ if (url.match(/favicon.ico$/) || url.match(/manifest.json$/))
+ return reply.code(204).send()
+
+ done()
+})
diff --git a/src/common/adapters/socket.adapter.ts b/src/common/adapters/socket.adapter.ts
new file mode 100644
index 0000000..d766592
--- /dev/null
+++ b/src/common/adapters/socket.adapter.ts
@@ -0,0 +1,26 @@
+import { INestApplication } from '@nestjs/common'
+import { IoAdapter } from '@nestjs/platform-socket.io'
+import { createAdapter } from '@socket.io/redis-adapter'
+
+import { REDIS_PUBSUB } from '~/shared/redis/redis.constant'
+
+export const RedisIoAdapterKey = 'm-shop-socket'
+
+export class RedisIoAdapter extends IoAdapter {
+ constructor(private readonly app: INestApplication) {
+ super(app)
+ }
+
+ createIOServer(port: number, options?: any) {
+ const server = super.createIOServer(port, options)
+
+ const { pubClient, subClient } = this.app.get(REDIS_PUBSUB)
+
+ const redisAdapter = createAdapter(pubClient, subClient, {
+ key: RedisIoAdapterKey,
+ requestsTimeout: 10000,
+ })
+ server.adapter(redisAdapter)
+ return server
+ }
+}
diff --git a/src/common/decorators/api-result.decorator.ts b/src/common/decorators/api-result.decorator.ts
new file mode 100644
index 0000000..1892762
--- /dev/null
+++ b/src/common/decorators/api-result.decorator.ts
@@ -0,0 +1,83 @@
+import { HttpStatus, Type, applyDecorators } from '@nestjs/common'
+import { ApiExtraModels, ApiResponse, getSchemaPath } from '@nestjs/swagger'
+
+import { ResOp } from '~/common/model/response.model'
+
+const baseTypeNames = ['String', 'Number', 'Boolean']
+
+function genBaseProp(type: Type) {
+ if (baseTypeNames.includes(type.name))
+ return { type: type.name.toLocaleLowerCase() }
+ else
+ return { $ref: getSchemaPath(type) }
+}
+
+/**
+ * @description: 生成返回结果装饰器
+ */
+export function ApiResult>({
+ type,
+ isPage,
+ status,
+}: {
+ type?: TModel | TModel[]
+ isPage?: boolean
+ status?: HttpStatus
+}) {
+ let prop = null
+
+ if (Array.isArray(type)) {
+ if (isPage) {
+ prop = {
+ type: 'object',
+ properties: {
+ items: {
+ type: 'array',
+ items: { $ref: getSchemaPath(type[0]) },
+ },
+ meta: {
+ type: 'object',
+ properties: {
+ itemCount: { type: 'number', default: 0 },
+ totalItems: { type: 'number', default: 0 },
+ itemsPerPage: { type: 'number', default: 0 },
+ totalPages: { type: 'number', default: 0 },
+ currentPage: { type: 'number', default: 0 },
+ },
+ },
+ },
+ }
+ }
+ else {
+ prop = {
+ type: 'array',
+ items: genBaseProp(type[0]),
+ }
+ }
+ }
+ else if (type) {
+ prop = genBaseProp(type)
+ }
+ else {
+ prop = { type: 'null', default: null }
+ }
+
+ const model = Array.isArray(type) ? type[0] : type
+
+ return applyDecorators(
+ ApiExtraModels(model),
+ ApiResponse({
+ status,
+ schema: {
+ allOf: [
+ { $ref: getSchemaPath(ResOp) },
+ {
+ properties: {
+ data: prop,
+ },
+ },
+ ],
+ },
+ }),
+ )
+}
diff --git a/src/common/decorators/bypass.decorator.ts b/src/common/decorators/bypass.decorator.ts
new file mode 100644
index 0000000..8c7562d
--- /dev/null
+++ b/src/common/decorators/bypass.decorator.ts
@@ -0,0 +1,10 @@
+import { SetMetadata } from '@nestjs/common'
+
+export const BYPASS_KEY = '__bypass_key__'
+
+/**
+ * 当不需要转换成基础返回格式时添加该装饰器
+ */
+export function Bypass() {
+ return SetMetadata(BYPASS_KEY, true)
+}
diff --git a/src/common/decorators/cookie.decorator.ts b/src/common/decorators/cookie.decorator.ts
new file mode 100644
index 0000000..102a527
--- /dev/null
+++ b/src/common/decorators/cookie.decorator.ts
@@ -0,0 +1,8 @@
+import type { ExecutionContext } from '@nestjs/common'
+import { createParamDecorator } from '@nestjs/common'
+import type { FastifyRequest } from 'fastify'
+
+export const Cookies = createParamDecorator((data: string, ctx: ExecutionContext) => {
+ const request = ctx.switchToHttp().getRequest()
+ return data ? request.cookies?.[data] : request.cookies
+})
diff --git a/src/common/decorators/cron-once.decorator.ts b/src/common/decorators/cron-once.decorator.ts
new file mode 100644
index 0000000..39eab20
--- /dev/null
+++ b/src/common/decorators/cron-once.decorator.ts
@@ -0,0 +1,19 @@
+import cluster from 'node:cluster'
+
+import { Cron } from '@nestjs/schedule'
+
+import { isMainProcess } from '~/global/env'
+
+export const CronOnce: typeof Cron = (...rest): MethodDecorator => {
+ // If not in cluster mode, and PM2 main worker
+ if (isMainProcess)
+ // eslint-disable-next-line no-useless-call
+ return Cron.call(null, ...rest)
+
+ if (cluster.isWorker && cluster.worker?.id === 1)
+ // eslint-disable-next-line no-useless-call
+ return Cron.call(null, ...rest)
+
+ const returnNothing: MethodDecorator = () => {}
+ return returnNothing
+}
diff --git a/src/common/decorators/field.decorator.ts b/src/common/decorators/field.decorator.ts
new file mode 100644
index 0000000..68fa483
--- /dev/null
+++ b/src/common/decorators/field.decorator.ts
@@ -0,0 +1,137 @@
+import { applyDecorators } from '@nestjs/common'
+import {
+ IsBoolean,
+ IsDate,
+ IsInt,
+ IsNotEmpty,
+ IsNumber,
+ IsOptional,
+ IsPositive,
+ IsString,
+ Max,
+ MaxLength,
+ Min,
+ MinLength,
+} from 'class-validator'
+import { isNumber } from 'lodash'
+
+import {
+ ToArray,
+ ToBoolean,
+ ToDate,
+ ToLowerCase,
+ ToNumber,
+ ToTrim,
+ ToUpperCase,
+} from './transform.decorator'
+
+interface IOptionalOptions {
+ required?: boolean
+}
+
+interface INumberFieldOptions extends IOptionalOptions {
+ each?: boolean
+ int?: boolean
+ min?: number
+ max?: number
+ positive?: boolean
+}
+
+interface IStringFieldOptions extends IOptionalOptions {
+ each?: boolean
+ minLength?: number
+ maxLength?: number
+ lowerCase?: boolean
+ upperCase?: boolean
+}
+
+export function NumberField(
+ options: INumberFieldOptions = {},
+): PropertyDecorator {
+ const { each, min, max, int, positive, required = true } = options
+
+ const decorators = [ToNumber()]
+
+ if (each)
+ decorators.push(ToArray())
+
+ if (int)
+ decorators.push(IsInt({ each }))
+ else
+ decorators.push(IsNumber({}, { each }))
+
+ if (isNumber(min))
+ decorators.push(Min(min, { each }))
+
+ if (isNumber(max))
+ decorators.push(Max(max, { each }))
+
+ if (positive)
+ decorators.push(IsPositive({ each }))
+
+ if (!required)
+ decorators.push(IsOptional())
+
+ return applyDecorators(...decorators)
+}
+
+export function StringField(
+ options: IStringFieldOptions = {},
+): PropertyDecorator {
+ const {
+ each,
+ minLength,
+ maxLength,
+ lowerCase,
+ upperCase,
+ required = true,
+ } = options
+
+ const decorators = [IsString({ each }), ToTrim()]
+
+ if (each)
+ decorators.push(ToArray())
+
+ if (isNumber(minLength))
+ decorators.push(MinLength(minLength, { each }))
+
+ if (isNumber(maxLength))
+ decorators.push(MaxLength(maxLength, { each }))
+
+ if (lowerCase)
+ decorators.push(ToLowerCase())
+
+ if (upperCase)
+ decorators.push(ToUpperCase())
+
+ if (!required)
+ decorators.push(IsOptional())
+ else
+ decorators.push(IsNotEmpty({ each }))
+
+ return applyDecorators(...decorators)
+}
+
+export function BooleanField(
+ options: IOptionalOptions = {},
+): PropertyDecorator {
+ const decorators = [ToBoolean(), IsBoolean()]
+
+ const { required = true } = options
+
+ if (!required)
+ decorators.push(IsOptional())
+
+ return applyDecorators(...decorators)
+}
+
+export function DateField(options: IOptionalOptions = {}): PropertyDecorator {
+ const decorators = [ToDate(), IsDate()]
+
+ const { required = true } = options
+
+ if (!required)
+ decorators.push(IsOptional())
+
+ return applyDecorators(...decorators)
+}
diff --git a/src/common/decorators/http.decorator.ts b/src/common/decorators/http.decorator.ts
new file mode 100644
index 0000000..85ed449
--- /dev/null
+++ b/src/common/decorators/http.decorator.ts
@@ -0,0 +1,22 @@
+import type { ExecutionContext } from '@nestjs/common'
+
+import { createParamDecorator } from '@nestjs/common'
+import type { FastifyRequest } from 'fastify'
+
+import { getIp } from '~/utils/ip.util'
+
+/**
+ * 快速获取IP
+ */
+export const Ip = createParamDecorator((_, context: ExecutionContext) => {
+ const request = context.switchToHttp().getRequest()
+ return getIp(request)
+})
+
+/**
+ * 快速获取request path,并不包括url params
+ */
+export const Uri = createParamDecorator((_, context: ExecutionContext) => {
+ const request = context.switchToHttp().getRequest()
+ return request.routerPath
+})
diff --git a/src/common/decorators/id-param.decorator.ts b/src/common/decorators/id-param.decorator.ts
new file mode 100644
index 0000000..fade33c
--- /dev/null
+++ b/src/common/decorators/id-param.decorator.ts
@@ -0,0 +1,7 @@
+import { HttpStatus, NotAcceptableException, Param, ParseIntPipe } from '@nestjs/common'
+
+export function IdParam() {
+ return Param('id', new ParseIntPipe({ errorHttpStatusCode: HttpStatus.NOT_ACCEPTABLE, exceptionFactory: (_error) => {
+ throw new NotAcceptableException('id 格式不正确')
+ } }))
+}
diff --git a/src/common/decorators/idempotence.decorator.ts b/src/common/decorators/idempotence.decorator.ts
new file mode 100644
index 0000000..d1142b3
--- /dev/null
+++ b/src/common/decorators/idempotence.decorator.ts
@@ -0,0 +1,15 @@
+import { SetMetadata } from '@nestjs/common'
+
+import { IdempotenceOption } from '../interceptors/idempotence.interceptor'
+
+export const HTTP_IDEMPOTENCE_KEY = '__idempotence_key__'
+export const HTTP_IDEMPOTENCE_OPTIONS = '__idempotence_options__'
+
+/**
+ * 幂等
+ */
+export function Idempotence(options?: IdempotenceOption): MethodDecorator {
+ return function (target, key, descriptor: PropertyDescriptor) {
+ SetMetadata(HTTP_IDEMPOTENCE_OPTIONS, options || {})(descriptor.value)
+ }
+}
diff --git a/src/common/decorators/swagger.decorator.ts b/src/common/decorators/swagger.decorator.ts
new file mode 100644
index 0000000..4809e5c
--- /dev/null
+++ b/src/common/decorators/swagger.decorator.ts
@@ -0,0 +1,11 @@
+import { applyDecorators } from '@nestjs/common'
+import { ApiSecurity } from '@nestjs/swagger'
+
+export const API_SECURITY_AUTH = 'auth'
+
+/**
+ * like to @ApiSecurity('auth')
+ */
+export function ApiSecurityAuth(): ClassDecorator & MethodDecorator {
+ return applyDecorators(ApiSecurity(API_SECURITY_AUTH))
+}
diff --git a/src/common/decorators/transform.decorator.ts b/src/common/decorators/transform.decorator.ts
new file mode 100644
index 0000000..e86cf75
--- /dev/null
+++ b/src/common/decorators/transform.decorator.ts
@@ -0,0 +1,146 @@
+import { Transform } from 'class-transformer'
+import { castArray, isArray, isNil, trim } from 'lodash'
+
+/**
+ * convert string to number
+ */
+export function ToNumber(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const value = params.value as string[] | string
+
+ if (isArray(value))
+ return value.map(v => Number(v))
+
+ return Number(value)
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * convert string to int
+ */
+export function ToInt(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const value = params.value as string[] | string
+
+ if (isArray(value))
+ return value.map(v => Number.parseInt(v))
+
+ return Number.parseInt(value)
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * convert string to boolean
+ */
+export function ToBoolean(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ switch (params.value) {
+ case 'true':
+ return true
+ case 'false':
+ return false
+ default:
+ return params.value
+ }
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * convert string to Date
+ */
+export function ToDate(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const { value } = params
+
+ if (!value)
+ return
+
+ return new Date(value)
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * transforms to array, specially for query params
+ */
+export function ToArray(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const { value } = params
+
+ if (isNil(value))
+ return []
+
+ return castArray(value)
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * trim spaces from start and end, replace multiple spaces with one.
+ */
+export function ToTrim(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const value = params.value as string[] | string
+
+ if (isArray(value))
+ return value.map(v => trim(v))
+
+ return trim(value)
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * lowercase value
+ */
+export function ToLowerCase(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const value = params.value as string[] | string
+
+ if (!value)
+ return
+
+ if (isArray(value))
+ return value.map(v => v.toLowerCase())
+
+ return value.toLowerCase()
+ },
+ { toClassOnly: true },
+ )
+}
+
+/**
+ * uppercase value
+ */
+export function ToUpperCase(): PropertyDecorator {
+ return Transform(
+ (params) => {
+ const value = params.value as string[] | string
+
+ if (!value)
+ return
+
+ if (isArray(value))
+ return value.map(v => v.toUpperCase())
+
+ return value.toUpperCase()
+ },
+ { toClassOnly: true },
+ )
+}
diff --git a/src/common/dto/cursor.dto.ts b/src/common/dto/cursor.dto.ts
new file mode 100644
index 0000000..50c816c
--- /dev/null
+++ b/src/common/dto/cursor.dto.ts
@@ -0,0 +1,26 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Expose, Transform } from 'class-transformer'
+import { IsInt, IsOptional, Max, Min } from 'class-validator'
+
+export class CursorDto {
+ @ApiProperty({ minimum: 0, default: 0 })
+ @Min(0)
+ @IsInt()
+ @Expose()
+ @IsOptional({ always: true })
+ @Transform(({ value: val }) => (val ? Number.parseInt(val) : 0), {
+ toClassOnly: true,
+ })
+ cursor?: number
+
+ @ApiProperty({ minimum: 1, maximum: 100, default: 10 })
+ @Min(1)
+ @Max(100)
+ @IsInt()
+ @IsOptional({ always: true })
+ @Expose()
+ @Transform(({ value: val }) => (val ? Number.parseInt(val) : 10), {
+ toClassOnly: true,
+ })
+ limit?: number
+}
diff --git a/src/common/dto/delete.dto.ts b/src/common/dto/delete.dto.ts
new file mode 100644
index 0000000..5157aae
--- /dev/null
+++ b/src/common/dto/delete.dto.ts
@@ -0,0 +1,8 @@
+import { IsDefined, IsNotEmpty, IsNumber } from 'class-validator'
+
+export class BatchDeleteDto {
+ @IsDefined()
+ @IsNotEmpty()
+ @IsNumber({}, { each: true })
+ ids: number[]
+}
diff --git a/src/common/dto/id.dto.ts b/src/common/dto/id.dto.ts
new file mode 100644
index 0000000..65898b1
--- /dev/null
+++ b/src/common/dto/id.dto.ts
@@ -0,0 +1,6 @@
+import { IsNumber } from 'class-validator'
+
+export class IdDto {
+ @IsNumber()
+ id: number
+}
diff --git a/src/common/dto/pager.dto.ts b/src/common/dto/pager.dto.ts
new file mode 100644
index 0000000..95abdaf
--- /dev/null
+++ b/src/common/dto/pager.dto.ts
@@ -0,0 +1,45 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Expose, Transform } from 'class-transformer'
+import { Allow, IsEnum, IsInt, IsOptional, IsString, Max, Min } from 'class-validator'
+
+export enum Order {
+ ASC = 'ASC',
+ DESC = 'DESC',
+}
+
+export class PagerDto {
+ @ApiProperty({ minimum: 1, default: 1 })
+ @Min(1)
+ @IsInt()
+ @Expose()
+ @IsOptional({ always: true })
+ @Transform(({ value: val }) => (val ? Number.parseInt(val) : 1), {
+ toClassOnly: true,
+ })
+ page?: number
+
+ @ApiProperty({ minimum: 1, maximum: 100, default: 10 })
+ @Min(1)
+ @Max(100)
+ @IsInt()
+ @IsOptional({ always: true })
+ @Expose()
+ @Transform(({ value: val }) => (val ? Number.parseInt(val) : 10), {
+ toClassOnly: true,
+ })
+ pageSize?: number
+
+ @ApiProperty()
+ @IsString()
+ @IsOptional()
+ field?: string // | keyof T
+
+ @ApiProperty({ enum: Order })
+ @IsEnum(Order)
+ @IsOptional()
+ @Transform(({ value }) => (value === 'asc' ? Order.ASC : Order.DESC))
+ order?: Order
+
+ @Allow()
+ _t?: number
+}
diff --git a/src/common/entity/common.entity.ts b/src/common/entity/common.entity.ts
new file mode 100644
index 0000000..b6a9e32
--- /dev/null
+++ b/src/common/entity/common.entity.ts
@@ -0,0 +1,55 @@
+import { ApiHideProperty, ApiProperty } from '@nestjs/swagger'
+import { Exclude } from 'class-transformer'
+import {
+ BaseEntity,
+ Column,
+ CreateDateColumn,
+ PrimaryGeneratedColumn,
+ UpdateDateColumn,
+ VirtualColumn,
+} from 'typeorm'
+
+// 如果觉得前端转换时间太麻烦,并且不考虑通用性的话,可以在服务端进行转换,eg: @UpdateDateColumn({ name: 'updated_at', transformer })
+// const transformer: ValueTransformer = {
+// to(value) {
+// return value
+// },
+// from(value) {
+// return dayjs(value).format('YYYY-MM-DD HH:mm:ss')
+// },
+// }
+
+export abstract class CommonEntity extends BaseEntity {
+ @PrimaryGeneratedColumn()
+ id: number
+
+ @CreateDateColumn({ name: 'created_at' })
+ createdAt: Date
+
+ @UpdateDateColumn({ name: 'updated_at' })
+ updatedAt: Date
+}
+
+export abstract class CompleteEntity extends CommonEntity {
+ @ApiHideProperty()
+ @Exclude()
+ @Column({ name: 'create_by', update: false, comment: '创建者' })
+ createBy: number
+
+ @ApiHideProperty()
+ @Exclude()
+ @Column({ name: 'update_by', comment: '更新者' })
+ updateBy: number
+
+ /**
+ * 不会保存到数据库中的虚拟列,数据量大时可能会有性能问题,有性能要求请考虑在 service 层手动实现
+ * @see https://typeorm.io/decorator-reference#virtualcolumn
+ */
+ @ApiProperty({ description: '创建者' })
+ @VirtualColumn({ query: alias => `SELECT username FROM sys_user WHERE id = ${alias}.create_by` })
+ creator: string
+
+ @ApiProperty({ description: '更新者' })
+ @VirtualColumn({ query: alias => `SELECT username FROM sys_user WHERE id = ${alias}.update_by` })
+ updater: string
+}
diff --git a/src/common/exceptions/biz.exception.ts b/src/common/exceptions/biz.exception.ts
new file mode 100644
index 0000000..f33ee3a
--- /dev/null
+++ b/src/common/exceptions/biz.exception.ts
@@ -0,0 +1,40 @@
+import { HttpException, HttpStatus } from '@nestjs/common'
+
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { RESPONSE_SUCCESS_CODE } from '~/constants/response.constant'
+
+export class BusinessException extends HttpException {
+ private errorCode: number
+
+ constructor(error: ErrorEnum | string) {
+ // 如果是非 ErrorEnum
+ if (!error.includes(':')) {
+ super(
+ HttpException.createBody({
+ code: RESPONSE_SUCCESS_CODE,
+ message: error,
+ }),
+ HttpStatus.OK,
+ )
+ this.errorCode = RESPONSE_SUCCESS_CODE
+ return
+ }
+
+ const [code, message] = error.split(':')
+ super(
+ HttpException.createBody({
+ code,
+ message,
+ }),
+ HttpStatus.OK,
+ )
+
+ this.errorCode = Number(code)
+ }
+
+ getErrorCode(): number {
+ return this.errorCode
+ }
+}
+
+export { BusinessException as BizException }
diff --git a/src/common/exceptions/not-found.exception.ts b/src/common/exceptions/not-found.exception.ts
new file mode 100644
index 0000000..c6cb536
--- /dev/null
+++ b/src/common/exceptions/not-found.exception.ts
@@ -0,0 +1,10 @@
+import { NotFoundException } from '@nestjs/common'
+import { sample } from 'lodash'
+
+export const NotFoundMessage = ['404, Not Found']
+
+export class CannotFindException extends NotFoundException {
+ constructor() {
+ super(sample(NotFoundMessage))
+ }
+}
diff --git a/src/common/exceptions/socket.exception.ts b/src/common/exceptions/socket.exception.ts
new file mode 100644
index 0000000..e790844
--- /dev/null
+++ b/src/common/exceptions/socket.exception.ts
@@ -0,0 +1,38 @@
+import { HttpException } from '@nestjs/common'
+import { WsException } from '@nestjs/websockets'
+
+import { ErrorEnum } from '~/constants/error-code.constant'
+
+export class SocketException extends WsException {
+ private errorCode: number
+
+ constructor(message: string)
+ constructor(error: ErrorEnum)
+ constructor(...args: any) {
+ const error = args[0]
+ if (typeof error === 'string') {
+ super(
+ HttpException.createBody({
+ code: 0,
+ message: error,
+ }),
+ )
+ this.errorCode = 0
+ return
+ }
+
+ const [code, message] = error.split(':')
+ super(
+ HttpException.createBody({
+ code,
+ message,
+ }),
+ )
+
+ this.errorCode = Number(code)
+ }
+
+ getErrorCode(): number {
+ return this.errorCode
+ }
+}
diff --git a/src/common/filters/any-exception.filter.ts b/src/common/filters/any-exception.filter.ts
new file mode 100644
index 0000000..8bf04cd
--- /dev/null
+++ b/src/common/filters/any-exception.filter.ts
@@ -0,0 +1,89 @@
+import {
+ ArgumentsHost,
+ Catch,
+ ExceptionFilter,
+ HttpException,
+ HttpStatus,
+ Logger,
+} from '@nestjs/common'
+import { FastifyReply, FastifyRequest } from 'fastify'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+
+import { isDev } from '~/global/env'
+
+interface myError {
+ readonly status: number
+ readonly statusCode?: number
+
+ readonly message?: string
+}
+
+@Catch()
+export class AllExceptionsFilter implements ExceptionFilter {
+ private readonly logger = new Logger(AllExceptionsFilter.name)
+
+ constructor() {
+ this.registerCatchAllExceptionsHook()
+ }
+
+ catch(exception: unknown, host: ArgumentsHost) {
+ const ctx = host.switchToHttp()
+ const request = ctx.getRequest()
+ const response = ctx.getResponse()
+
+ const url = request.raw.url!
+
+ const status
+ = exception instanceof HttpException
+ ? exception.getStatus()
+ : (exception as myError)?.status
+ || (exception as myError)?.statusCode
+ || HttpStatus.INTERNAL_SERVER_ERROR
+
+ let message
+ = (exception as any)?.response?.message
+ || (exception as myError)?.message
+ || `${exception}`
+
+ // 系统内部错误时
+ if (
+ status === HttpStatus.INTERNAL_SERVER_ERROR
+ && !(exception instanceof BusinessException)
+ ) {
+ Logger.error(exception, undefined, 'Catch')
+
+ // 生产环境下隐藏错误信息
+ if (!isDev)
+ message = ErrorEnum.SERVER_ERROR?.split(':')[1]
+ }
+ else {
+ this.logger.warn(
+ `错误信息:(${status}) ${message} Path: ${decodeURI(url)}`,
+ )
+ }
+
+ const apiErrorCode: number
+ = exception instanceof BusinessException ? exception.getErrorCode() : status
+
+ // 返回基础响应结果
+ const resBody: IBaseResponse = {
+ code: apiErrorCode,
+ message,
+ data: null,
+ }
+
+ response.status(status).send(resBody)
+ }
+
+ registerCatchAllExceptionsHook() {
+ process.on('unhandledRejection', (reason) => {
+ console.error('unhandledRejection: ', reason)
+ })
+
+ process.on('uncaughtException', (err) => {
+ console.error('uncaughtException: ', err)
+ })
+ }
+}
diff --git a/src/common/interceptors/idempotence.interceptor.ts b/src/common/interceptors/idempotence.interceptor.ts
new file mode 100644
index 0000000..a1f11d3
--- /dev/null
+++ b/src/common/interceptors/idempotence.interceptor.ts
@@ -0,0 +1,148 @@
+import type {
+ CallHandler,
+ ExecutionContext,
+ NestInterceptor,
+} from '@nestjs/common'
+
+import {
+ ConflictException,
+ Injectable,
+ SetMetadata,
+} from '@nestjs/common'
+import { Reflector } from '@nestjs/core'
+import type { FastifyRequest } from 'fastify'
+import { catchError, tap } from 'rxjs'
+
+import { CacheService } from '~/shared/redis/cache.service'
+import { hashString } from '~/utils'
+import { getIp } from '~/utils/ip.util'
+import { getRedisKey } from '~/utils/redis.util'
+
+import { HTTP_IDEMPOTENCE_KEY, HTTP_IDEMPOTENCE_OPTIONS } from '../decorators/idempotence.decorator'
+
+const IdempotenceHeaderKey = 'x-idempotence'
+
+export interface IdempotenceOption {
+ errorMessage?: string
+ pendingMessage?: string
+
+ /**
+ * 如果重复请求的话,手动处理异常
+ */
+ handler?: (req: FastifyRequest) => any
+
+ /**
+ * 记录重复请求的时间
+ * @default 60
+ */
+ expired?: number
+
+ /**
+ * 如果 header 没有幂等 key,根据 request 生成 key,如何生成这个 key 的方法
+ */
+ generateKey?: (req: FastifyRequest) => string
+
+ /**
+ * 仅读取 header 的 key,不自动生成
+ * @default false
+ */
+ disableGenerateKey?: boolean
+}
+
+@Injectable()
+export class IdempotenceInterceptor implements NestInterceptor {
+ constructor(
+ private readonly reflector: Reflector,
+ private readonly cacheService: CacheService,
+ ) {}
+
+ async intercept(context: ExecutionContext, next: CallHandler) {
+ const request = context.switchToHttp().getRequest()
+
+ // skip Get 请求
+ if (request.method.toUpperCase() === 'GET')
+ return next.handle()
+
+ const handler = context.getHandler()
+ const options: IdempotenceOption | undefined = this.reflector.get(
+ HTTP_IDEMPOTENCE_OPTIONS,
+ handler,
+ )
+
+ if (!options)
+ return next.handle()
+
+ const {
+ errorMessage = '相同请求成功后在 60 秒内只能发送一次',
+ pendingMessage = '相同请求正在处理中...',
+ handler: errorHandler,
+ expired = 60,
+ disableGenerateKey = false,
+ } = options
+ const redis = this.cacheService.getClient()
+
+ const idempotence = request.headers[IdempotenceHeaderKey] as string
+ const key = disableGenerateKey
+ ? undefined
+ : options.generateKey
+ ? options.generateKey(request)
+ : this.generateKey(request)
+
+ const idempotenceKey
+ = !!(idempotence || key) && getRedisKey(`idempotence:${idempotence || key}`)
+
+ SetMetadata(HTTP_IDEMPOTENCE_KEY, idempotenceKey)(handler)
+
+ if (idempotenceKey) {
+ const resultValue: '0' | '1' | null = (await redis.get(
+ idempotenceKey,
+ )) as any
+ if (resultValue !== null) {
+ if (errorHandler)
+ return await errorHandler(request)
+
+ const message = {
+ 1: errorMessage,
+ 0: pendingMessage,
+ }[resultValue]
+ throw new ConflictException(message)
+ }
+ else {
+ await redis.set(idempotenceKey, '0', 'EX', expired)
+ }
+ }
+ return next.handle().pipe(
+ tap(async () => {
+ idempotenceKey && (await redis.set(idempotenceKey, '1', 'KEEPTTL'))
+ }),
+ catchError(async (err) => {
+ if (idempotenceKey)
+ await redis.del(idempotenceKey)
+
+ throw err
+ }),
+ )
+ }
+
+ private generateKey(req: FastifyRequest) {
+ const { body, params, query = {}, headers, url } = req
+
+ const obj = { body, url, params, query } as any
+
+ const uuid = headers['x-uuid']
+ if (uuid) {
+ obj.uuid = uuid
+ }
+ else {
+ const ua = headers['user-agent']
+ const ip = getIp(req)
+
+ if (!ua && !ip)
+ return undefined
+
+ Object.assign(obj, { ua, ip })
+ }
+
+ return hashString(JSON.stringify(obj))
+ }
+}
diff --git a/src/common/interceptors/logging.interceptor.ts b/src/common/interceptors/logging.interceptor.ts
new file mode 100644
index 0000000..de54623
--- /dev/null
+++ b/src/common/interceptors/logging.interceptor.ts
@@ -0,0 +1,35 @@
+import {
+ CallHandler,
+ ExecutionContext,
+ Injectable,
+ Logger,
+ NestInterceptor,
+} from '@nestjs/common'
+import { Observable, tap } from 'rxjs'
+
+@Injectable()
+export class LoggingInterceptor implements NestInterceptor {
+ private logger = new Logger(LoggingInterceptor.name, { timestamp: false })
+
+ intercept(
+ context: ExecutionContext,
+ next: CallHandler,
+ ): Observable {
+ const call$ = next.handle()
+ const request = context.switchToHttp().getRequest()
+ const content = `${request.method} -> ${request.url}`
+ const isSse = request.headers.accept === 'text/event-stream'
+ this.logger.debug(`+++ 请求:${content}`)
+ const now = Date.now()
+
+ return call$.pipe(
+ tap(() => {
+ if (isSse)
+ return
+
+ this.logger.debug(`--- 响应:${content}${` +${Date.now() - now}ms`}`)
+ },
+ ),
+ )
+ }
+}
diff --git a/src/common/interceptors/timeout.interceptor.ts b/src/common/interceptors/timeout.interceptor.ts
new file mode 100644
index 0000000..8508c58
--- /dev/null
+++ b/src/common/interceptors/timeout.interceptor.ts
@@ -0,0 +1,26 @@
+import {
+ CallHandler,
+ ExecutionContext,
+ Injectable,
+ NestInterceptor,
+ RequestTimeoutException,
+} from '@nestjs/common'
+import { Observable, TimeoutError, throwError } from 'rxjs'
+import { catchError, timeout } from 'rxjs/operators'
+
+@Injectable()
+export class TimeoutInterceptor implements NestInterceptor {
+ constructor(private readonly time: number = 10000) {}
+
+ intercept(context: ExecutionContext, next: CallHandler): Observable {
+ return next.handle().pipe(
+ timeout(this.time),
+ catchError((err) => {
+ if (err instanceof TimeoutError)
+ return throwError(new RequestTimeoutException('请求超时'))
+
+ return throwError(err)
+ }),
+ )
+ }
+}
diff --git a/src/common/interceptors/transform.interceptor.ts b/src/common/interceptors/transform.interceptor.ts
new file mode 100644
index 0000000..4b59fbe
--- /dev/null
+++ b/src/common/interceptors/transform.interceptor.ts
@@ -0,0 +1,46 @@
+import {
+ CallHandler,
+ ExecutionContext,
+ HttpStatus,
+ Injectable,
+ NestInterceptor,
+} from '@nestjs/common'
+import { Reflector } from '@nestjs/core'
+import { Observable } from 'rxjs'
+import { map } from 'rxjs/operators'
+
+import { ResOp } from '~/common/model/response.model'
+
+import { BYPASS_KEY } from '../decorators/bypass.decorator'
+
+/**
+ * 统一处理返回接口结果,如果不需要则添加 @Bypass 装饰器
+ */
+@Injectable()
+export class TransformInterceptor implements NestInterceptor {
+ constructor(private readonly reflector: Reflector) {}
+
+ intercept(
+ context: ExecutionContext,
+ next: CallHandler,
+ ): Observable {
+ const bypass = this.reflector.get(
+ BYPASS_KEY,
+ context.getHandler(),
+ )
+
+ if (bypass)
+ return next.handle()
+
+ return next.handle().pipe(
+ map((data) => {
+ // if (typeof data === 'undefined') {
+ // context.switchToHttp().getResponse().status(HttpStatus.NO_CONTENT);
+ // return data;
+ // }
+
+ return new ResOp(HttpStatus.OK, data ?? null)
+ }),
+ )
+ }
+}
diff --git a/src/common/model/response.model.ts b/src/common/model/response.model.ts
new file mode 100644
index 0000000..0336456
--- /dev/null
+++ b/src/common/model/response.model.ts
@@ -0,0 +1,42 @@
+import { ApiProperty } from '@nestjs/swagger'
+
+import {
+ RESPONSE_SUCCESS_CODE,
+ RESPONSE_SUCCESS_MSG,
+} from '~/constants/response.constant'
+
+export class ResOp {
+ @ApiProperty({ type: 'object' })
+ data?: T
+
+ @ApiProperty({ type: 'number', default: RESPONSE_SUCCESS_CODE })
+ code: number
+
+ @ApiProperty({ type: 'string', default: RESPONSE_SUCCESS_MSG })
+ message: string
+
+ constructor(code: number, data: T, message = RESPONSE_SUCCESS_MSG) {
+ this.code = code
+ this.data = data
+ this.message = message
+ }
+
+ static success(data?: T, message?: string) {
+ return new ResOp(RESPONSE_SUCCESS_CODE, data, message)
+ }
+
+ static error(code: number, message) {
+ return new ResOp(code, {}, message)
+ }
+}
+
+export class TreeResult {
+ @ApiProperty()
+ id: number
+
+ @ApiProperty()
+ parentId: number
+
+ @ApiProperty()
+ children?: TreeResult[]
+}
diff --git a/src/common/pipes/parse-int.pipe.ts b/src/common/pipes/parse-int.pipe.ts
new file mode 100644
index 0000000..514d67c
--- /dev/null
+++ b/src/common/pipes/parse-int.pipe.ts
@@ -0,0 +1,18 @@
+import {
+ ArgumentMetadata,
+ BadRequestException,
+ Injectable,
+ PipeTransform,
+} from '@nestjs/common'
+
+@Injectable()
+export class ParseIntPipe implements PipeTransform {
+ transform(value: string, metadata: ArgumentMetadata): number {
+ const val = Number.parseInt(value, 10)
+
+ if (Number.isNaN(val))
+ throw new BadRequestException('id validation failed')
+
+ return val
+ }
+}
diff --git a/src/config/app.config.ts b/src/config/app.config.ts
new file mode 100644
index 0000000..25f2a14
--- /dev/null
+++ b/src/config/app.config.ts
@@ -0,0 +1,20 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { env, envNumber } from '~/global/env'
+
+export const appRegToken = 'app'
+
+export const AppConfig = registerAs(appRegToken, () => ({
+ name: env('APP_NAME'),
+ port: envNumber('APP_PORT', 3000),
+ baseUrl: env('APP_BASE_URL'),
+ globalPrefix: env('GLOBAL_PREFIX', 'api'),
+ locale: env('APP_LOCALE', 'zh-CN'),
+
+ logger: {
+ level: env('LOGGER_LEVEL'),
+ maxFiles: envNumber('LOGGER_MAX_FILES'),
+ },
+}))
+
+export type IAppConfig = ConfigType
diff --git a/src/config/database.config.ts b/src/config/database.config.ts
new file mode 100644
index 0000000..2d1b34f
--- /dev/null
+++ b/src/config/database.config.ts
@@ -0,0 +1,40 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { DataSource, DataSourceOptions } from 'typeorm'
+
+import { env, envBoolean, envNumber } from '~/global/env'
+
+// eslint-disable-next-line import/order
+import dotenv from 'dotenv'
+
+dotenv.config({ path: `.env.${process.env.NODE_ENV}` })
+
+// 当前通过 npm scripts 执行的命令
+const currentScript = process.env.npm_lifecycle_event
+
+const dataSourceOptions: DataSourceOptions = {
+ type: 'mysql',
+ host: env('DB_HOST', '127.0.0.1'),
+ port: envNumber('DB_PORT', 3306),
+ username: env('DB_USERNAME'),
+ password: env('DB_PASSWORD'),
+ database: env('DB_DATABASE'),
+ synchronize: envBoolean('DB_SYNCHRONIZE', false),
+ // 解决通过 pnpm migration:run 初始化数据时,遇到的 SET FOREIGN_KEY_CHECKS = 0; 等语句报错问题, 仅在执行数据迁移操作时设为 true
+ multipleStatements: currentScript === 'typeorm',
+ entities: ['dist/modules/**/*.entity{.ts,.js}'],
+ migrations: ['dist/migrations/*{.ts,.js}'],
+ subscribers: ['dist/modules/**/*.subscriber{.ts,.js}'],
+}
+export const dbRegToken = 'database'
+
+export const DatabaseConfig = registerAs(
+ dbRegToken,
+ (): DataSourceOptions => dataSourceOptions,
+)
+
+export type IDatabaseConfig = ConfigType
+
+const dataSource = new DataSource(dataSourceOptions)
+
+export default dataSource
diff --git a/src/config/index.ts b/src/config/index.ts
new file mode 100644
index 0000000..7cca557
--- /dev/null
+++ b/src/config/index.ts
@@ -0,0 +1,37 @@
+import { AppConfig, IAppConfig, appRegToken } from './app.config'
+import { DatabaseConfig, IDatabaseConfig, dbRegToken } from './database.config'
+import { IMailerConfig, MailerConfig, mailerRegToken } from './mailer.config'
+import { IOssConfig, OssConfig, ossRegToken } from './oss.config'
+import { IRedisConfig, RedisConfig, redisRegToken } from './redis.config'
+import { ISecurityConfig, SecurityConfig, securityRegToken } from './security.config'
+import { ISwaggerConfig, SwaggerConfig, swaggerRegToken } from './swagger.config'
+
+export * from './app.config'
+export * from './redis.config'
+export * from './database.config'
+export * from './swagger.config'
+export * from './security.config'
+export * from './mailer.config'
+export * from './oss.config'
+
+export interface AllConfigType {
+ [appRegToken]: IAppConfig
+ [dbRegToken]: IDatabaseConfig
+ [mailerRegToken]: IMailerConfig
+ [redisRegToken]: IRedisConfig
+ [securityRegToken]: ISecurityConfig
+ [swaggerRegToken]: ISwaggerConfig
+ [ossRegToken]: IOssConfig
+}
+
+export type ConfigKeyPaths = RecordNamePaths
+
+export default {
+ AppConfig,
+ DatabaseConfig,
+ MailerConfig,
+ OssConfig,
+ RedisConfig,
+ SecurityConfig,
+ SwaggerConfig,
+}
diff --git a/src/config/mailer.config.ts b/src/config/mailer.config.ts
new file mode 100644
index 0000000..27763d1
--- /dev/null
+++ b/src/config/mailer.config.ts
@@ -0,0 +1,18 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { env, envNumber } from '~/global/env'
+
+export const mailerRegToken = 'mailer'
+
+export const MailerConfig = registerAs(mailerRegToken, () => ({
+ host: env('SMTP_HOST'),
+ port: envNumber('SMTP_PORT'),
+ ignoreTLS: true,
+ secure: true,
+ auth: {
+ user: env('SMTP_USER'),
+ pass: env('SMTP_PASS'),
+ },
+}))
+
+export type IMailerConfig = ConfigType
diff --git a/src/config/oss.config.ts b/src/config/oss.config.ts
new file mode 100644
index 0000000..ae1f563
--- /dev/null
+++ b/src/config/oss.config.ts
@@ -0,0 +1,32 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+import * as qiniu from 'qiniu'
+
+import { env } from '~/global/env'
+
+function parseZone(zone: string) {
+ switch (zone) {
+ case 'Zone_as0':
+ return qiniu.zone.Zone_as0
+ case 'Zone_na0':
+ return qiniu.zone.Zone_na0
+ case 'Zone_z0':
+ return qiniu.zone.Zone_z0
+ case 'Zone_z1':
+ return qiniu.zone.Zone_z1
+ case 'Zone_z2':
+ return qiniu.zone.Zone_z2
+ }
+}
+
+export const ossRegToken = 'oss'
+
+export const OssConfig = registerAs(ossRegToken, () => ({
+ accessKey: env('OSS_ACCESSKEY'),
+ secretKey: env('OSS_SECRETKEY'),
+ domain: env('OSS_DOMAIN'),
+ bucket: env('OSS_BUCKET'),
+ zone: parseZone(env('OSS_ZONE') || 'Zone_z2'),
+ access: (env('OSS_ACCESS_TYPE') as any) || 'public',
+}))
+
+export type IOssConfig = ConfigType
diff --git a/src/config/redis.config.ts b/src/config/redis.config.ts
new file mode 100644
index 0000000..749c772
--- /dev/null
+++ b/src/config/redis.config.ts
@@ -0,0 +1,14 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { env, envNumber } from '~/global/env'
+
+export const redisRegToken = 'redis'
+
+export const RedisConfig = registerAs(redisRegToken, () => ({
+ host: env('REDIS_HOST', '127.0.0.1'),
+ port: envNumber('REDIS_PORT', 6379),
+ password: env('REDIS_PASSWORD'),
+ db: envNumber('REDIS_DB'),
+}))
+
+export type IRedisConfig = ConfigType
diff --git a/src/config/security.config.ts b/src/config/security.config.ts
new file mode 100644
index 0000000..024cccb
--- /dev/null
+++ b/src/config/security.config.ts
@@ -0,0 +1,14 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { env, envNumber } from '~/global/env'
+
+export const securityRegToken = 'security'
+
+export const SecurityConfig = registerAs(securityRegToken, () => ({
+ jwtSecret: env('JWT_SECRET'),
+ jwtExprire: envNumber('JWT_EXPIRE'),
+ refreshSecret: env('REFRESH_TOKEN_SECRET'),
+ refreshExpire: envNumber('REFRESH_TOKEN_EXPIRE'),
+}))
+
+export type ISecurityConfig = ConfigType
diff --git a/src/config/swagger.config.ts b/src/config/swagger.config.ts
new file mode 100644
index 0000000..0424fcf
--- /dev/null
+++ b/src/config/swagger.config.ts
@@ -0,0 +1,12 @@
+import { ConfigType, registerAs } from '@nestjs/config'
+
+import { env, envBoolean } from '~/global/env'
+
+export const swaggerRegToken = 'swagger'
+
+export const SwaggerConfig = registerAs(swaggerRegToken, () => ({
+ enable: envBoolean('SWAGGER_ENABLE'),
+ path: env('SWAGGER_PATH'),
+}))
+
+export type ISwaggerConfig = ConfigType
diff --git a/src/constants/cache.constant.ts b/src/constants/cache.constant.ts
new file mode 100644
index 0000000..c4852b8
--- /dev/null
+++ b/src/constants/cache.constant.ts
@@ -0,0 +1,8 @@
+export enum RedisKeys {
+ AccessIp = 'access_ip',
+ CAPTCHA_IMG_PREFIX = 'captcha:img:',
+ AUTH_TOKEN_PREFIX = 'auth:token:',
+ AUTH_PERM_PREFIX = 'auth:permission:',
+ AUTH_PASSWORD_V_PREFIX = 'auth:passwordVersion:',
+}
+export const API_CACHE_PREFIX = 'api-cache:'
diff --git a/src/constants/error-code.constant.ts b/src/constants/error-code.constant.ts
new file mode 100644
index 0000000..4046758
--- /dev/null
+++ b/src/constants/error-code.constant.ts
@@ -0,0 +1,49 @@
+export enum ErrorEnum {
+ DEFAULT = '0:未知错误',
+ SERVER_ERROR = '500:服务繁忙,请稍后再试',
+
+ SYSTEM_USER_EXISTS = '1001:系统用户已存在',
+ INVALID_VERIFICATION_CODE = '1002:验证码填写有误',
+ INVALID_USERNAME_PASSWORD = '1003:用户名密码有误',
+ NODE_ROUTE_EXISTS = '1004:节点路由已存在',
+ PERMISSION_REQUIRES_PARENT = '1005:权限必须包含父节点',
+ ILLEGAL_OPERATION_DIRECTORY_PARENT = '1006:非法操作:该节点仅支持目录类型父节点',
+ ILLEGAL_OPERATION_CANNOT_CONVERT_NODE_TYPE = '1007:非法操作:节点类型无法直接转换',
+ ROLE_HAS_ASSOCIATED_USERS = '1008:该角色存在关联用户,请先删除关联用户',
+ DEPARTMENT_HAS_ASSOCIATED_USERS = '1009:该部门存在关联用户,请先删除关联用户',
+ DEPARTMENT_HAS_ASSOCIATED_ROLES = '1010:该部门存在关联角色,请先删除关联角色',
+ PASSWORD_MISMATCH = '1011:旧密码与原密码不一致',
+ LOGOUT_OWN_SESSION = '1012:如想下线自身可右上角退出',
+ NOT_ALLOWED_TO_LOGOUT_USER = '1013:不允许下线该用户',
+ PARENT_MENU_NOT_FOUND = '1014:父级菜单不存在',
+ DEPARTMENT_HAS_CHILD_DEPARTMENTS = '1015:该部门存在子部门,请先删除子部门',
+ SYSTEM_BUILTIN_FUNCTION_NOT_ALLOWED = '1016:系统内置功能不允许操作',
+ USER_NOT_FOUND = '1017:用户不存在',
+ UNABLE_TO_FIND_DEPARTMENT_FOR_USER = '1018:无法查找当前用户所属部门',
+ DEPARTMENT_NOT_FOUND = '1019:部门不存在',
+ DICT_NAME_EXISTS = '1020: 已存在相同名称的字典',
+ PARAMETER_CONFIG_KEY_EXISTS = '1021:参数配置键值对已存在',
+ DEFAULT_ROLE_NOT_FOUND = '1022:所分配的默认角色不存在',
+
+ INVALID_LOGIN = '1101:登录无效,请重新登录',
+ NO_PERMISSION = '1102:无权限访问',
+ ONLY_ADMIN_CAN_LOGIN = '1103:不是管理员,无法登录',
+ REQUEST_INVALIDATED = '1104:当前请求已失效',
+ ACCOUNT_LOGGED_IN_ELSEWHERE = '1105:您的账号已在其他地方登录',
+ GUEST_ACCOUNT_RESTRICTED_OPERATION = '1106:游客账号不允许操作',
+ REQUESTED_RESOURCE_NOT_FOUND = '1107:所请求的资源不存在',
+
+ TOO_MANY_REQUESTS = '1201:请求频率过快,请一分钟后再试',
+ MAXIMUM_FIVE_VERIFICATION_CODES_PER_DAY = '1202:一天最多发送5条验证码',
+ VERIFICATION_CODE_SEND_FAILED = '1203:验证码发送失败',
+
+ INSECURE_MISSION = '1301:不安全的任务,确保执行的加入@Mission注解',
+ EXECUTED_MISSION_NOT_FOUND = '1302:所执行的任务不存在',
+ MISSION_EXECUTION_FAILED = '1303:任务执行失败',
+ MISSION_NOT_FOUND = '1304:任务不存在',
+
+ // OSS相关
+ OSS_FILE_OR_DIR_EXIST = '1401:当前创建的文件或目录已存在',
+ OSS_NO_OPERATION_REQUIRED = '1402:无需操作',
+ OSS_EXCEE_MAXIMUM_QUANTITY = '1403:已超出支持的最大处理数量',
+}
diff --git a/src/constants/event-bus.constant.ts b/src/constants/event-bus.constant.ts
new file mode 100644
index 0000000..7d35e8a
--- /dev/null
+++ b/src/constants/event-bus.constant.ts
@@ -0,0 +1,4 @@
+export enum EventBusEvents {
+ TokenExpired = 'token.expired',
+ SystemException = 'system.exception',
+}
diff --git a/src/constants/oss.constant.ts b/src/constants/oss.constant.ts
new file mode 100644
index 0000000..a56336e
--- /dev/null
+++ b/src/constants/oss.constant.ts
@@ -0,0 +1,8 @@
+export const OSS_CONFIG = 'admin_module:qiniu_config'
+export const OSS_API = 'http://api.qiniu.com'
+
+// 目录分隔符
+export const NETDISK_DELIMITER = '/'
+export const NETDISK_LIMIT = 100
+export const NETDISK_HANDLE_MAX_ITEM = 1000
+export const NETDISK_COPY_SUFFIX = '的副本'
diff --git a/src/constants/response.constant.ts b/src/constants/response.constant.ts
new file mode 100644
index 0000000..229f70f
--- /dev/null
+++ b/src/constants/response.constant.ts
@@ -0,0 +1,15 @@
+export const RESPONSE_SUCCESS_CODE = 200
+
+export const RESPONSE_SUCCESS_MSG = 'success'
+
+/**
+ * @description: contentType
+ */
+export enum ContentTypeEnum {
+ // json
+ JSON = 'application/json;charset=UTF-8',
+ // form-data qs
+ FORM_URLENCODED = 'application/x-www-form-urlencoded;charset=UTF-8',
+ // form-data upload
+ FORM_DATA = 'multipart/form-data;charset=UTF-8',
+}
diff --git a/src/constants/system.constant.ts b/src/constants/system.constant.ts
new file mode 100644
index 0000000..eef03a5
--- /dev/null
+++ b/src/constants/system.constant.ts
@@ -0,0 +1,6 @@
+export const SYS_USER_INITPASSWORD = 'sys_user_initPassword'
+export const SYS_API_TOKEN = 'sys_api_token'
+/** 超级管理员用户 id */
+export const ROOT_USER_ID = 1
+/** 超级管理员角色 id */
+export const ROOT_ROLE_ID = 1
diff --git a/src/global/env.ts b/src/global/env.ts
new file mode 100644
index 0000000..8f7b82b
--- /dev/null
+++ b/src/global/env.ts
@@ -0,0 +1,62 @@
+import cluster from 'node:cluster'
+
+export const isMainCluster
+ = process.env.NODE_APP_INSTANCE && Number.parseInt(process.env.NODE_APP_INSTANCE) === 0
+export const isMainProcess = cluster.isPrimary || isMainCluster
+
+export const isDev = process.env.NODE_ENV === 'development'
+
+export const isTest = !!process.env.TEST
+export const cwd = process.cwd()
+
+/**
+ * 基础类型接口
+ */
+export type BaseType = boolean | number | string | undefined | null
+
+/**
+ * 格式化环境变量
+ * @param key 环境变量的键值
+ * @param defaultValue 默认值
+ * @param callback 格式化函数
+ */
+function fromatValue(key: string, defaultValue: T, callback?: (value: string) => T): T {
+ const value: string | undefined = process.env[key]
+ if (typeof value === 'undefined')
+ return defaultValue
+
+ if (!callback)
+ return value as unknown as T
+
+ return callback(value)
+}
+
+export function env(key: string, defaultValue: string = '') {
+ return fromatValue(key, defaultValue)
+}
+
+export function envString(key: string, defaultValue: string = '') {
+ return fromatValue(key, defaultValue)
+}
+
+export function envNumber(key: string, defaultValue: number = 0) {
+ return fromatValue(key, defaultValue, (value) => {
+ try {
+ return Number(value)
+ }
+ catch {
+ throw new Error(`${key} environment variable is not a number`)
+ }
+ })
+}
+
+export function envBoolean(key: string, defaultValue: boolean = false) {
+ return fromatValue(key, defaultValue, (value) => {
+ try {
+ return Boolean(JSON.parse(value))
+ }
+ catch {
+ throw new Error(`${key} environment variable is not a boolean`)
+ }
+ })
+}
diff --git a/src/helper/catchError.ts b/src/helper/catchError.ts
new file mode 100644
index 0000000..d21789c
--- /dev/null
+++ b/src/helper/catchError.ts
@@ -0,0 +1,5 @@
+export function catchError() {
+ process.on('unhandledRejection', (reason, p) => {
+ console.log('Promise: ', p, 'Reason: ', reason)
+ })
+}
diff --git a/src/helper/crud/base.service.ts b/src/helper/crud/base.service.ts
new file mode 100644
index 0000000..daa67a4
--- /dev/null
+++ b/src/helper/crud/base.service.ts
@@ -0,0 +1,40 @@
+import { NotFoundException } from '@nestjs/common'
+import { ObjectLiteral, Repository } from 'typeorm'
+
+import { PagerDto } from '~/common/dto/pager.dto'
+
+import { paginate } from '../paginate'
+import { Pagination } from '../paginate/pagination'
+
+export class BaseService = Repository> {
+ constructor(private repository: R) {
+ }
+
+ async list({
+ page,
+ pageSize,
+ }: PagerDto): Promise> {
+ return paginate(this.repository, { page, pageSize })
+ }
+
+ async findOne(id: number): Promise {
+ const item = await this.repository.createQueryBuilder().where({ id }).getOne()
+ if (!item)
+ throw new NotFoundException('未找到该记录')
+
+ return item
+ }
+
+ async create(dto: any): Promise {
+ return await this.repository.save(dto)
+ }
+
+ async update(id: number, dto: any): Promise {
+ await this.repository.update(id, dto)
+ }
+
+ async delete(id: number): Promise {
+ const item = await this.findOne(id)
+ await this.repository.remove(item)
+ }
+}
diff --git a/src/helper/crud/crud.factory.ts b/src/helper/crud/crud.factory.ts
new file mode 100644
index 0000000..7ae1fc8
--- /dev/null
+++ b/src/helper/crud/crud.factory.ts
@@ -0,0 +1,81 @@
+import type { Type } from '@nestjs/common'
+
+import {
+ Body,
+ Controller,
+ Delete,
+ Get,
+ Patch,
+ Post,
+ Put,
+ Query,
+} from '@nestjs/common'
+import { ApiBody, IntersectionType, PartialType } from '@nestjs/swagger'
+import pluralize from 'pluralize'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { IdParam } from '~/common/decorators/id-param.decorator'
+import { PagerDto } from '~/common/dto/pager.dto'
+
+import { BaseService } from './base.service'
+
+export function BaseCrudFactory<
+ E extends new (...args: any[]) => any,
+>({ entity, dto, permissions }: { entity: E, dto?: Type, permissions?: Record }): Type {
+ const prefix = entity.name.toLowerCase().replace(/entity$/, '')
+ const pluralizeName = pluralize(prefix) as string
+
+ dto = dto ?? class extends entity {}
+
+ class Dto extends dto {}
+ class UpdateDto extends PartialType(Dto) {}
+ class QueryDto extends IntersectionType(PagerDto, PartialType(Dto)) {}
+
+ permissions = permissions ?? {
+ LIST: `${prefix}:list`,
+ CREATE: `${prefix}:create`,
+ READ: `${prefix}:read`,
+ UPDATE: `${prefix}:update`,
+ DELETE: `${prefix}:delete`,
+ } as const
+
+ @Controller(pluralizeName)
+ class BaseController> {
+ constructor(private service: S) { }
+
+ @Get()
+ @ApiResult({ type: [entity], isPage: true })
+ async list(@Query() pager: QueryDto) {
+ return await this.service.list(pager)
+ }
+
+ @Get(':id')
+ @ApiResult({ type: entity })
+ async get(@IdParam() id: number) {
+ return await this.service.findOne(id)
+ }
+
+ @Post()
+ @ApiBody({ type: dto })
+ async create(@Body() dto: Dto) {
+ return await this.service.create(dto)
+ }
+
+ @Put(':id')
+ async update(@IdParam() id: number, @Body() dto: UpdateDto) {
+ return await this.service.update(id, dto)
+ }
+
+ @Patch(':id')
+ async patch(@IdParam() id: number, @Body() dto: UpdateDto) {
+ await this.service.update(id, dto)
+ }
+
+ @Delete(':id')
+ async delete(@IdParam() id: number) {
+ await this.service.delete(id)
+ }
+ }
+
+ return BaseController
+}
diff --git a/src/helper/genRedisKey.ts b/src/helper/genRedisKey.ts
new file mode 100644
index 0000000..1dab9a3
--- /dev/null
+++ b/src/helper/genRedisKey.ts
@@ -0,0 +1,19 @@
+import { RedisKeys } from '~/constants/cache.constant'
+
+/** 生成验证码 redis key */
+export function genCaptchaImgKey(val: string | number) {
+ return `${RedisKeys.CAPTCHA_IMG_PREFIX}${String(val)}` as const
+}
+
+/** 生成 auth token redis key */
+export function genAuthTokenKey(val: string | number) {
+ return `${RedisKeys.AUTH_TOKEN_PREFIX}${String(val)}` as const
+}
+/** 生成 auth permission redis key */
+export function genAuthPermKey(val: string | number) {
+ return `${RedisKeys.AUTH_PERM_PREFIX}${String(val)}` as const
+}
+/** 生成 auth passwordVersion redis key */
+export function genAuthPVKey(val: string | number) {
+ return `${RedisKeys.AUTH_PASSWORD_V_PREFIX}${String(val)}` as const
+}
diff --git a/src/helper/paginate/create-pagination.ts b/src/helper/paginate/create-pagination.ts
new file mode 100644
index 0000000..5c1182f
--- /dev/null
+++ b/src/helper/paginate/create-pagination.ts
@@ -0,0 +1,27 @@
+import { IPaginationMeta } from './interface'
+import { Pagination } from './pagination'
+
+export function createPaginationObject({
+ items,
+ totalItems,
+ currentPage,
+ limit,
+}: {
+ items: T[]
+ totalItems?: number
+ currentPage: number
+ limit: number
+}): Pagination {
+ const totalPages
+ = totalItems !== undefined ? Math.ceil(totalItems / limit) : undefined
+
+ const meta: IPaginationMeta = {
+ totalItems,
+ itemCount: items.length,
+ itemsPerPage: limit,
+ totalPages,
+ currentPage,
+ }
+
+ return new Pagination(items, meta)
+}
diff --git a/src/helper/paginate/index.ts b/src/helper/paginate/index.ts
new file mode 100644
index 0000000..fa8b487
--- /dev/null
+++ b/src/helper/paginate/index.ts
@@ -0,0 +1,147 @@
+import {
+ FindManyOptions,
+ FindOptionsWhere,
+ ObjectLiteral,
+ Repository,
+ SelectQueryBuilder,
+} from 'typeorm'
+
+import { createPaginationObject } from './create-pagination'
+import { IPaginationOptions, PaginationTypeEnum } from './interface'
+import { Pagination } from './pagination'
+
+const DEFAULT_LIMIT = 10
+const DEFAULT_PAGE = 1
+
+function resolveOptions(
+ options: IPaginationOptions,
+): [number, number, PaginationTypeEnum] {
+ const { page, pageSize, paginationType } = options
+
+ return [
+ page || DEFAULT_PAGE,
+ pageSize || DEFAULT_LIMIT,
+ paginationType || PaginationTypeEnum.TAKE_AND_SKIP,
+ ]
+}
+
+async function paginateRepository(
+ repository: Repository,
+ options: IPaginationOptions,
+ searchOptions?: FindOptionsWhere | FindManyOptions,
+): Promise> {
+ const [page, limit] = resolveOptions(options)
+
+ const promises: [Promise, Promise | undefined] = [
+ repository.find({
+ skip: limit * (page - 1),
+ take: limit,
+ ...searchOptions,
+ }),
+ undefined,
+ ]
+
+ const [items, total] = await Promise.all(promises)
+
+ return createPaginationObject({
+ items,
+ totalItems: total,
+ currentPage: page,
+ limit,
+ })
+}
+
+async function paginateQueryBuilder(
+ queryBuilder: SelectQueryBuilder,
+ options: IPaginationOptions,
+): Promise> {
+ const [page, limit, paginationType] = resolveOptions(options)
+
+ if (paginationType === PaginationTypeEnum.TAKE_AND_SKIP)
+ queryBuilder.take(limit).skip((page - 1) * limit)
+ else
+ queryBuilder.limit(limit).offset((page - 1) * limit)
+
+ const [items, total] = await queryBuilder.getManyAndCount()
+
+ return createPaginationObject({
+ items,
+ totalItems: total,
+ currentPage: page,
+ limit,
+ })
+}
+
+export async function paginateRaw(
+ queryBuilder: SelectQueryBuilder,
+ options: IPaginationOptions,
+): Promise> {
+ const [page, limit, paginationType] = resolveOptions(options)
+
+ const promises: [Promise, Promise | undefined] = [
+ (paginationType === PaginationTypeEnum.LIMIT_AND_OFFSET
+ ? queryBuilder.limit(limit).offset((page - 1) * limit)
+ : queryBuilder.take(limit).skip((page - 1) * limit)
+ ).getRawMany(),
+ queryBuilder.getCount(),
+ ]
+
+ const [items, total] = await Promise.all(promises)
+
+ return createPaginationObject({
+ items,
+ totalItems: total,
+ currentPage: page,
+ limit,
+ })
+}
+
+export async function paginateRawAndEntities(
+ queryBuilder: SelectQueryBuilder,
+ options: IPaginationOptions,
+): Promise<[Pagination, Partial[]]> {
+ const [page, limit, paginationType] = resolveOptions(options)
+
+ const promises: [
+ Promise<{ entities: T[], raw: T[] }>,
+ Promise | undefined,
+ ] = [
+ (paginationType === PaginationTypeEnum.LIMIT_AND_OFFSET
+ ? queryBuilder.limit(limit).offset((page - 1) * limit)
+ : queryBuilder.take(limit).skip((page - 1) * limit)
+ ).getRawAndEntities(),
+ queryBuilder.getCount(),
+ ]
+
+ const [itemObject, total] = await Promise.all(promises)
+
+ return [
+ createPaginationObject({
+ items: itemObject.entities,
+ totalItems: total,
+ currentPage: page,
+ limit,
+ }),
+ itemObject.raw,
+ ]
+}
+
+export async function paginate(
+ repository: Repository,
+ options: IPaginationOptions,
+ searchOptions?: FindOptionsWhere | FindManyOptions,
+): Promise>
+export async function paginate(
+ queryBuilder: SelectQueryBuilder,
+ options: IPaginationOptions,
+): Promise>
+
+export async function paginate(
+ repositoryOrQueryBuilder: Repository | SelectQueryBuilder,
+ options: IPaginationOptions,
+ searchOptions?: FindOptionsWhere | FindManyOptions,
+) {
+ return repositoryOrQueryBuilder instanceof Repository
+ ? paginateRepository(repositoryOrQueryBuilder, options, searchOptions)
+ : paginateQueryBuilder(repositoryOrQueryBuilder, options)
+}
diff --git a/src/helper/paginate/interface.ts b/src/helper/paginate/interface.ts
new file mode 100644
index 0000000..e7c6ee2
--- /dev/null
+++ b/src/helper/paginate/interface.ts
@@ -0,0 +1,27 @@
+import { ObjectLiteral } from 'typeorm'
+
+export enum PaginationTypeEnum {
+ LIMIT_AND_OFFSET = 'limit',
+ TAKE_AND_SKIP = 'take',
+}
+
+export interface IPaginationOptions {
+ page: number
+ pageSize: number
+ paginationType?: PaginationTypeEnum
+}
+
+export interface IPaginationMeta extends ObjectLiteral {
+ itemCount: number
+ totalItems?: number
+ itemsPerPage: number
+ totalPages?: number
+ currentPage: number
+}
+
+export interface IPaginationLinks {
+ first?: string
+ previous?: string
+ next?: string
+ last?: string
+}
diff --git a/src/helper/paginate/pagination.ts b/src/helper/paginate/pagination.ts
new file mode 100644
index 0000000..5bcf90f
--- /dev/null
+++ b/src/helper/paginate/pagination.ts
@@ -0,0 +1,14 @@
+import { ObjectLiteral } from 'typeorm'
+
+import { IPaginationMeta } from './interface'
+
+export class Pagination<
+ PaginationObject,
+ T extends ObjectLiteral = IPaginationMeta,
+> {
+ constructor(
+ public readonly items: PaginationObject[],
+
+ public readonly meta: T,
+ ) {}
+}
diff --git a/src/main.ts b/src/main.ts
new file mode 100644
index 0000000..4fd1732
--- /dev/null
+++ b/src/main.ts
@@ -0,0 +1,101 @@
+import cluster from 'node:cluster'
+import path from 'node:path'
+
+import {
+ HttpStatus,
+ Logger,
+ UnprocessableEntityException,
+ ValidationPipe,
+} from '@nestjs/common'
+import { ConfigService } from '@nestjs/config'
+import { NestFactory } from '@nestjs/core'
+import { NestFastifyApplication } from '@nestjs/platform-fastify'
+
+import { useContainer } from 'class-validator'
+
+import { AppModule } from './app.module'
+
+import { fastifyApp } from './common/adapters/fastify.adapter'
+import { RedisIoAdapter } from './common/adapters/socket.adapter'
+import { LoggingInterceptor } from './common/interceptors/logging.interceptor'
+import type { ConfigKeyPaths } from './config'
+import { isDev, isMainProcess } from './global/env'
+import { setupSwagger } from './setup-swagger'
+import { LoggerService } from './shared/logger/logger.service'
+
+declare const module: any
+
+async function bootstrap() {
+ const app = await NestFactory.create(
+ AppModule,
+ fastifyApp,
+ {
+ bufferLogs: true,
+ snapshot: true,
+ // forceCloseConnections: true,
+ },
+ )
+
+ const configService = app.get(ConfigService)
+
+ const { port, globalPrefix } = configService.get('app', { infer: true })
+
+ // class-validator 的 DTO 类中注入 nest 容器的依赖 (用于自定义验证器)
+ useContainer(app.select(AppModule), { fallbackOnErrors: true })
+
+ app.enableCors({ origin: '*', credentials: true })
+ app.setGlobalPrefix(globalPrefix)
+ app.useStaticAssets({ root: path.join(__dirname, '..', 'public') })
+ // Starts listening for shutdown hooks
+ !isDev && app.enableShutdownHooks()
+
+ if (isDev)
+ app.useGlobalInterceptors(new LoggingInterceptor())
+
+ app.useGlobalPipes(
+ new ValidationPipe({
+ transform: true,
+ whitelist: true,
+ transformOptions: { enableImplicitConversion: true },
+ // forbidNonWhitelisted: true, // 禁止 无装饰器验证的数据通过
+ errorHttpStatusCode: HttpStatus.UNPROCESSABLE_ENTITY,
+ stopAtFirstError: true,
+ exceptionFactory: errors =>
+ new UnprocessableEntityException(
+ errors.map((e) => {
+ const rule = Object.keys(e.constraints!)[0]
+ const msg = e.constraints![rule]
+ return msg
+ })[0],
+ ),
+ }),
+ )
+
+ app.useWebSocketAdapter(new RedisIoAdapter(app))
+
+ setupSwagger(app, configService)
+
+ await app.listen(port, '0.0.0.0', async () => {
+ app.useLogger(app.get(LoggerService))
+ const url = await app.getUrl()
+ const { pid } = process
+ const env = cluster.isPrimary
+ const prefix = env ? 'P' : 'W'
+
+ if (!isMainProcess)
+ return
+
+ const logger = new Logger('NestApplication')
+ logger.log(`[${prefix + pid}] Server running on ${url}`)
+
+ if (isDev)
+ logger.log(`[${prefix + pid}] OpenAPI: ${url}/api-docs`)
+ })
+
+ if (module.hot) {
+ module.hot.accept()
+ module.hot.dispose(() => app.close())
+ }
+}
+
+bootstrap()
diff --git a/src/migrations/1707996695540-initData.ts b/src/migrations/1707996695540-initData.ts
new file mode 100644
index 0000000..c4c3e6e
--- /dev/null
+++ b/src/migrations/1707996695540-initData.ts
@@ -0,0 +1,15 @@
+import fs from 'node:fs'
+import path from 'node:path'
+
+import { MigrationInterface, QueryRunner } from 'typeorm'
+
+const sql = fs.readFileSync(path.join(__dirname, '../../deploy/sql/nest_admin.sql'), 'utf8')
+
+export class InitData1707996695540 implements MigrationInterface {
+ public async up(queryRunner: QueryRunner): Promise {
+ await queryRunner.query(sql)
+ }
+
+ public async down(queryRunner: QueryRunner): Promise {
+ }
+}
diff --git a/src/modules/auth/auth.constant.ts b/src/modules/auth/auth.constant.ts
new file mode 100644
index 0000000..08d48e6
--- /dev/null
+++ b/src/modules/auth/auth.constant.ts
@@ -0,0 +1,26 @@
+export const PUBLIC_KEY = '__public_key__'
+
+export const PERMISSION_KEY = '__permission_key__'
+
+export const RESOURCE_KEY = '__resource_key__'
+
+export const ALLOW_ANON_KEY = '__allow_anon_permission_key__'
+
+export const AuthStrategy = {
+ LOCAL: 'local',
+ LOCAL_EMAIL: 'local_email',
+ LOCAL_PHONE: 'local_phone',
+
+ JWT: 'jwt',
+
+ GITHUB: 'github',
+ GOOGLE: 'google',
+} as const
+
+export const Roles = {
+ ADMIN: 'admin',
+ USER: 'user',
+ // GUEST: 'guest',
+} as const
+
+export type Role = (typeof Roles)[keyof typeof Roles]
diff --git a/src/modules/auth/auth.controller.ts b/src/modules/auth/auth.controller.ts
new file mode 100644
index 0000000..cb1bed7
--- /dev/null
+++ b/src/modules/auth/auth.controller.ts
@@ -0,0 +1,47 @@
+import { Body, Controller, Headers, Post, UseGuards } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { Ip } from '~/common/decorators/http.decorator'
+
+import { UserService } from '../user/user.service'
+
+import { AuthService } from './auth.service'
+import { Public } from './decorators/public.decorator'
+import { LoginDto, RegisterDto } from './dto/auth.dto'
+import { LocalGuard } from './guards/local.guard'
+import { LoginToken } from './models/auth.model'
+import { CaptchaService } from './services/captcha.service'
+
+@ApiTags('Auth - 认证模块')
+@UseGuards(LocalGuard)
+@Public()
+@Controller('auth')
+export class AuthController {
+ constructor(
+ private authService: AuthService,
+ private userService: UserService,
+ private captchaService: CaptchaService,
+ ) {}
+
+ @Post('login')
+ @ApiOperation({ summary: '登录' })
+ @ApiResult({ type: LoginToken })
+ async login(
+ @Body() dto: LoginDto, @Ip() ip: string, @Headers('user-agent') ua: string): Promise {
+ await this.captchaService.checkImgCaptcha(dto.captchaId, dto.verifyCode)
+ const token = await this.authService.login(
+ dto.username,
+ dto.password,
+ ip,
+ ua,
+ )
+ return { token }
+ }
+
+ @Post('register')
+ @ApiOperation({ summary: '注册' })
+ async register(@Body() dto: RegisterDto): Promise {
+ await this.userService.register(dto)
+ }
+}
diff --git a/src/modules/auth/auth.module.ts b/src/modules/auth/auth.module.ts
new file mode 100644
index 0000000..edaf919
--- /dev/null
+++ b/src/modules/auth/auth.module.ts
@@ -0,0 +1,64 @@
+import { Module } from '@nestjs/common'
+
+import { ConfigModule, ConfigService } from '@nestjs/config'
+import { JwtModule } from '@nestjs/jwt'
+import { PassportModule } from '@nestjs/passport'
+import { TypeOrmModule } from '@nestjs/typeorm'
+
+import { ConfigKeyPaths, ISecurityConfig } from '~/config'
+import { isDev } from '~/global/env'
+
+import { LogModule } from '../system/log/log.module'
+import { MenuModule } from '../system/menu/menu.module'
+import { RoleModule } from '../system/role/role.module'
+import { UserModule } from '../user/user.module'
+
+import { AuthController } from './auth.controller'
+import { AuthService } from './auth.service'
+import { AccountController } from './controllers/account.controller'
+import { CaptchaController } from './controllers/captcha.controller'
+import { EmailController } from './controllers/email.controller'
+import { AccessTokenEntity } from './entities/access-token.entity'
+import { RefreshTokenEntity } from './entities/refresh-token.entity'
+import { CaptchaService } from './services/captcha.service'
+import { TokenService } from './services/token.service'
+import { JwtStrategy } from './strategies/jwt.strategy'
+import { LocalStrategy } from './strategies/local.strategy'
+
+const controllers = [
+ AuthController,
+ AccountController,
+ CaptchaController,
+ EmailController,
+]
+const providers = [AuthService, TokenService, CaptchaService]
+const strategies = [LocalStrategy, JwtStrategy]
+
+@Module({
+ imports: [
+ TypeOrmModule.forFeature([AccessTokenEntity, RefreshTokenEntity]),
+ PassportModule,
+ JwtModule.registerAsync({
+ imports: [ConfigModule],
+ useFactory: (configService: ConfigService) => {
+ const { jwtSecret, jwtExprire }
+ = configService.get('security')
+
+ return {
+ secret: jwtSecret,
+ expires: jwtExprire,
+ ignoreExpiration: isDev,
+ }
+ },
+ inject: [ConfigService],
+ }),
+ UserModule,
+ RoleModule,
+ MenuModule,
+ LogModule,
+ ],
+ controllers: [...controllers],
+ providers: [...providers, ...strategies],
+ exports: [TypeOrmModule, JwtModule, ...providers],
+})
+export class AuthModule {}
diff --git a/src/modules/auth/auth.service.ts b/src/modules/auth/auth.service.ts
new file mode 100644
index 0000000..b734e27
--- /dev/null
+++ b/src/modules/auth/auth.service.ts
@@ -0,0 +1,156 @@
+import { InjectRedis } from '@liaoliaots/nestjs-redis'
+import { Injectable } from '@nestjs/common'
+
+import Redis from 'ioredis'
+import { isEmpty } from 'lodash'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { genAuthPVKey, genAuthPermKey, genAuthTokenKey } from '~/helper/genRedisKey'
+
+import { UserService } from '~/modules/user/user.service'
+
+import { md5 } from '~/utils'
+
+import { LoginLogService } from '../system/log/services/login-log.service'
+import { MenuService } from '../system/menu/menu.service'
+import { RoleService } from '../system/role/role.service'
+
+import { TokenService } from './services/token.service'
+
+@Injectable()
+export class AuthService {
+ constructor(
+ @InjectRedis() private readonly redis: Redis,
+ private menuService: MenuService,
+ private roleService: RoleService,
+ private userService: UserService,
+ private loginLogService: LoginLogService,
+ private tokenService: TokenService,
+ ) {}
+
+ async validateUser(credential: string, password: string): Promise {
+ const user = await this.userService.findUserByUserName(credential)
+
+ if (isEmpty(user))
+ throw new BusinessException(ErrorEnum.USER_NOT_FOUND)
+
+ const comparePassword = md5(`${password}${user.psalt}`)
+ if (user.password !== comparePassword)
+ throw new BusinessException(ErrorEnum.INVALID_USERNAME_PASSWORD)
+
+ if (user) {
+ const { password, ...result } = user
+ return result
+ }
+
+ return null
+ }
+
+ /**
+ * 获取登录JWT
+ * 返回null则账号密码有误,不存在该用户
+ */
+ async login(
+ username: string,
+ password: string,
+ ip: string,
+ ua: string,
+ ): Promise {
+ const user = await this.userService.findUserByUserName(username)
+ if (isEmpty(user))
+ throw new BusinessException(ErrorEnum.INVALID_USERNAME_PASSWORD)
+
+ const comparePassword = md5(`${password}${user.psalt}`)
+ if (user.password !== comparePassword)
+ throw new BusinessException(ErrorEnum.INVALID_USERNAME_PASSWORD)
+
+ const roleIds = await this.roleService.getRoleIdsByUser(user.id)
+
+ const roles = await this.roleService.getRoleValues(roleIds)
+
+ // 包含access_token和refresh_token
+ const token = await this.tokenService.generateAccessToken(user.id, roles)
+
+ await this.redis.set(genAuthTokenKey(user.id), token.accessToken)
+
+ // 设置密码版本号 当密码修改时,版本号+1
+ await this.redis.set(genAuthPVKey(user.id), 1)
+
+ // 设置菜单权限
+ const permissions = await this.menuService.getPermissions(user.id)
+ await this.setPermissionsCache(user.id, permissions)
+
+ await this.loginLogService.create(user.id, ip, ua)
+
+ return token.accessToken
+ }
+
+ /**
+ * 效验账号密码
+ */
+ async checkPassword(username: string, password: string) {
+ const user = await this.userService.findUserByUserName(username)
+
+ const comparePassword = md5(`${password}${user.psalt}`)
+ if (user.password !== comparePassword)
+ throw new BusinessException(ErrorEnum.INVALID_USERNAME_PASSWORD)
+ }
+
+ async loginLog(uid: number, ip: string, ua: string) {
+ await this.loginLogService.create(uid, ip, ua)
+ }
+
+ async logout(uid: number) {
+ // 删除token
+ await this.userService.forbidden(uid)
+ }
+
+ /**
+ * 重置密码
+ */
+ async resetPassword(username: string, password: string) {
+ const user = await this.userService.findUserByUserName(username)
+
+ await this.userService.forceUpdatePassword(user.id, password)
+ }
+
+ /**
+ * 清除登录状态信息
+ */
+ async clearLoginStatus(uid: number): Promise {
+ await this.userService.forbidden(uid)
+ }
+
+ /**
+ * 获取菜单列表
+ */
+ async getMenus(uid: number): Promise {
+ return this.menuService.getMenus(uid)
+ }
+
+ /**
+ * 获取权限列表
+ */
+ async getPermissions(uid: number): Promise {
+ return this.menuService.getPermissions(uid)
+ }
+
+ async getPermissionsCache(uid: number): Promise {
+ const permissionString = await this.redis.get(genAuthPermKey(uid))
+ return permissionString ? JSON.parse(permissionString) : []
+ }
+
+ async setPermissionsCache(uid: number, permissions: string[]): Promise {
+ await this.redis.set(genAuthPermKey(uid), JSON.stringify(permissions))
+ }
+
+ async getPasswordVersionByUid(uid: number): Promise {
+ return this.redis.get(genAuthPVKey(uid))
+ }
+
+ async getTokenByUid(uid: number): Promise {
+ return this.redis.get(genAuthTokenKey(uid))
+ }
+}
diff --git a/src/modules/auth/controllers/account.controller.ts b/src/modules/auth/controllers/account.controller.ts
new file mode 100644
index 0000000..d6072a1
--- /dev/null
+++ b/src/modules/auth/controllers/account.controller.ts
@@ -0,0 +1,75 @@
+import { Body, Controller, Get, Post, Put, UseGuards } from '@nestjs/common'
+import { ApiExtraModels, ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+import { AllowAnon } from '~/modules/auth/decorators/allow-anon.decorator'
+import { AuthUser } from '~/modules/auth/decorators/auth-user.decorator'
+
+import { PasswordUpdateDto } from '~/modules/user/dto/password.dto'
+
+import { AccountInfo } from '../../user/user.model'
+import { UserService } from '../../user/user.service'
+import { AuthService } from '../auth.service'
+import { AccountMenus, AccountUpdateDto } from '../dto/account.dto'
+import { JwtAuthGuard } from '../guards/jwt-auth.guard'
+
+@ApiTags('Account - 账户模块')
+@ApiSecurityAuth()
+@ApiExtraModels(AccountInfo)
+@UseGuards(JwtAuthGuard)
+@Controller('account')
+export class AccountController {
+ constructor(
+ private userService: UserService,
+ private authService: AuthService,
+ ) {}
+
+ @Get('profile')
+ @ApiOperation({ summary: '获取账户资料' })
+ @ApiResult({ type: AccountInfo })
+ @AllowAnon()
+ async profile(@AuthUser() user: IAuthUser): Promise {
+ return this.userService.getAccountInfo(user.uid)
+ }
+
+ @Get('logout')
+ @ApiOperation({ summary: '账户登出' })
+ @AllowAnon()
+ async logout(@AuthUser() user: IAuthUser): Promise {
+ await this.authService.clearLoginStatus(user.uid)
+ }
+
+ @Get('menus')
+ @ApiOperation({ summary: '获取菜单列表' })
+ @ApiResult({ type: [AccountMenus] })
+ @AllowAnon()
+ async menu(@AuthUser() user: IAuthUser): Promise {
+ return this.authService.getMenus(user.uid)
+ }
+
+ @Get('permissions')
+ @ApiOperation({ summary: '获取权限列表' })
+ @ApiResult({ type: [String] })
+ @AllowAnon()
+ async permissions(@AuthUser() user: IAuthUser): Promise {
+ return this.authService.getPermissions(user.uid)
+ }
+
+ @Put('update')
+ @ApiOperation({ summary: '更改账户资料' })
+ @AllowAnon()
+ async update(
+ @AuthUser() user: IAuthUser, @Body() dto: AccountUpdateDto): Promise {
+ await this.userService.updateAccountInfo(user.uid, dto)
+ }
+
+ @Post('password')
+ @ApiOperation({ summary: '更改账户密码' })
+ @AllowAnon()
+ async password(
+ @AuthUser() user: IAuthUser, @Body() dto: PasswordUpdateDto): Promise {
+ await this.userService.updatePassword(user.uid, dto)
+ }
+}
diff --git a/src/modules/auth/controllers/captcha.controller.ts b/src/modules/auth/controllers/captcha.controller.ts
new file mode 100644
index 0000000..154236c
--- /dev/null
+++ b/src/modules/auth/controllers/captcha.controller.ts
@@ -0,0 +1,50 @@
+import { InjectRedis } from '@liaoliaots/nestjs-redis'
+import { Controller, Get, Query } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import Redis from 'ioredis'
+import { isEmpty } from 'lodash'
+import * as svgCaptcha from 'svg-captcha'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { genCaptchaImgKey } from '~/helper/genRedisKey'
+import { generateUUID } from '~/utils'
+
+import { Public } from '../decorators/public.decorator'
+
+import { ImageCaptchaDto } from '../dto/captcha.dto'
+import { ImageCaptcha } from '../models/auth.model'
+
+@ApiTags('Captcha - 验证码模块')
+// @UseGuards(ThrottlerGuard)
+@Controller('auth/captcha')
+export class CaptchaController {
+ constructor(@InjectRedis() private redis: Redis) {}
+
+ @Get('img')
+ @ApiOperation({ summary: '获取登录图片验证码' })
+ @ApiResult({ type: ImageCaptcha })
+ @Public()
+ // @Throttle({ default: { limit: 2, ttl: 600000 } })
+ async captchaByImg(@Query() dto: ImageCaptchaDto): Promise {
+ const { width, height } = dto
+
+ const svg = svgCaptcha.create({
+ size: 4,
+ color: true,
+ noise: 4,
+ width: isEmpty(width) ? 100 : width,
+ height: isEmpty(height) ? 50 : height,
+ charPreset: '1234567890',
+ })
+ const result = {
+ img: `data:image/svg+xml;base64,${Buffer.from(svg.data).toString(
+ 'base64',
+ )}`,
+ id: generateUUID(),
+ }
+ // 5分钟过期时间
+ await this.redis.set(genCaptchaImgKey(result.id), svg.text, 'EX', 60 * 5)
+ return result
+ }
+}
diff --git a/src/modules/auth/controllers/email.controller.ts b/src/modules/auth/controllers/email.controller.ts
new file mode 100644
index 0000000..99ce81a
--- /dev/null
+++ b/src/modules/auth/controllers/email.controller.ts
@@ -0,0 +1,41 @@
+import { Body, Controller, Post, UseGuards } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { Throttle, ThrottlerGuard } from '@nestjs/throttler'
+
+import { Ip } from '~/common/decorators/http.decorator'
+
+import { MailerService } from '~/shared/mailer/mailer.service'
+
+import { Public } from '../decorators/public.decorator'
+
+import { SendEmailCodeDto } from '../dto/captcha.dto'
+
+@ApiTags('Auth - 认证模块')
+@UseGuards(ThrottlerGuard)
+@Controller('auth/email')
+export class EmailController {
+ constructor(private mailerService: MailerService) {}
+
+ @Post('send')
+ @ApiOperation({ summary: '发送邮箱验证码' })
+ @Public()
+ @Throttle({ default: { limit: 2, ttl: 600000 } })
+ async sendEmailCode(
+ @Body() dto: SendEmailCodeDto,
+ @Ip() ip: string,
+ ): Promise {
+ // await this.authService.checkImgCaptcha(dto.captchaId, dto.verifyCode);
+ const { email } = dto
+
+ await this.mailerService.checkLimit(email, ip)
+ const { code } = await this.mailerService.sendVerificationCode(email)
+
+ await this.mailerService.log(email, code, ip)
+ }
+
+ // @Post()
+ // async authWithEmail(@AuthUser() user: IAuthUser) {
+ // // TODO:
+ // }
+}
diff --git a/src/modules/auth/decorators/allow-anon.decorator.ts b/src/modules/auth/decorators/allow-anon.decorator.ts
new file mode 100644
index 0000000..21954f6
--- /dev/null
+++ b/src/modules/auth/decorators/allow-anon.decorator.ts
@@ -0,0 +1,8 @@
+import { SetMetadata } from '@nestjs/common'
+
+import { ALLOW_ANON_KEY } from '../auth.constant'
+
+/**
+ * 当接口不需要检测用户是否具有操作权限时添加该装饰器
+ */
+export const AllowAnon = () => SetMetadata(ALLOW_ANON_KEY, true)
diff --git a/src/modules/auth/decorators/auth-user.decorator.ts b/src/modules/auth/decorators/auth-user.decorator.ts
new file mode 100644
index 0000000..ef0733d
--- /dev/null
+++ b/src/modules/auth/decorators/auth-user.decorator.ts
@@ -0,0 +1,17 @@
+import { ExecutionContext, createParamDecorator } from '@nestjs/common'
+import { FastifyRequest } from 'fastify'
+
+type Payload = keyof IAuthUser
+
+/**
+ * @description 获取当前登录用户信息, 并挂载到request上
+ */
+export const AuthUser = createParamDecorator(
+ (data: Payload, ctx: ExecutionContext) => {
+ const request = ctx.switchToHttp().getRequest()
+ // auth guard will mount this
+ const user = request.user as IAuthUser
+
+ return data ? user?.[data] : user
+ },
+)
diff --git a/src/modules/auth/decorators/permission.decorator.ts b/src/modules/auth/decorators/permission.decorator.ts
new file mode 100644
index 0000000..943679f
--- /dev/null
+++ b/src/modules/auth/decorators/permission.decorator.ts
@@ -0,0 +1,58 @@
+import { SetMetadata, applyDecorators } from '@nestjs/common'
+
+import { isPlainObject } from 'lodash'
+
+import { PERMISSION_KEY } from '../auth.constant'
+
+ type TupleToObject> = {
+ [K in Uppercase]: `${T}:${Lowercase}`
+ }
+ type AddPrefixToObjectValue> = {
+ [K in keyof P]: K extends string ? `${T}:${P[K]}` : never
+ }
+
+/** 资源操作需要特定的权限 */
+export function Perm(permission: string | string[]) {
+ return applyDecorators(SetMetadata(PERMISSION_KEY, permission))
+}
+
+/** (此举非必需)保存通过 definePermission 定义的所有权限,可用于前端开发人员开发阶段的 ts 类型提示,避免前端权限定义与后端定义不匹配 */
+let permissions: string[] = []
+/**
+ * 定义权限,同时收集所有被定义的权限
+ *
+ * - 通过对象形式定义, eg:
+ * ```ts
+ * definePermission('app:health', {
+ * NETWORK: 'network'
+ * };
+ * ```
+ *
+ * - 通过字符串数组形式定义, eg:
+ * ```ts
+ * definePermission('app:health', ['network']);
+ * ```
+ */
+export function definePermission>(modulePrefix: T, actionMap: U): AddPrefixToObjectValue
+export function definePermission>(modulePrefix: T, actions: U): TupleToObject
+export function definePermission(modulePrefix: string, actions) {
+ if (isPlainObject(actions)) {
+ Object.entries(actions).forEach(([key, action]) => {
+ actions[key] = `${modulePrefix}:${action}`
+ })
+ permissions = [...new Set([...permissions, ...Object.values(actions)])]
+ return actions
+ }
+ else if (Array.isArray(actions)) {
+ const permissionFormats = actions.map(action => `${modulePrefix}:${action}`)
+ permissions = [...new Set([...permissions, ...permissionFormats])]
+
+ return actions.reduce((prev, action) => {
+ prev[action.toUpperCase()] = `${modulePrefix}:${action}`
+ return prev
+ }, {})
+ }
+}
+
+/** 获取所有通过 definePermission 定义的权限 */
+export const getDefinePermissions = () => permissions
diff --git a/src/modules/auth/decorators/public.decorator.ts b/src/modules/auth/decorators/public.decorator.ts
new file mode 100644
index 0000000..c3409ca
--- /dev/null
+++ b/src/modules/auth/decorators/public.decorator.ts
@@ -0,0 +1,8 @@
+import { SetMetadata } from '@nestjs/common'
+
+import { PUBLIC_KEY } from '../auth.constant'
+
+/**
+ * 当接口不需要检测用户登录时添加该装饰器
+ */
+export const Public = () => SetMetadata(PUBLIC_KEY, true)
diff --git a/src/modules/auth/decorators/resource.decorator.ts b/src/modules/auth/decorators/resource.decorator.ts
new file mode 100644
index 0000000..73143b0
--- /dev/null
+++ b/src/modules/auth/decorators/resource.decorator.ts
@@ -0,0 +1,12 @@
+import { SetMetadata, applyDecorators } from '@nestjs/common'
+
+import { ObjectLiteral, ObjectType, Repository } from 'typeorm'
+
+import { RESOURCE_KEY } from '../auth.constant'
+
+export type Condition = (Repository: Repository, items: number[], user: IAuthUser) => Promise
+
+export interface ResourceObject { entity: ObjectType, condition: Condition }
+export function Resource(entity: ObjectType, condition?: Condition) {
+ return applyDecorators(SetMetadata(RESOURCE_KEY, { entity, condition }))
+}
diff --git a/src/modules/auth/dto/account.dto.ts b/src/modules/auth/dto/account.dto.ts
new file mode 100644
index 0000000..8b3a5ee
--- /dev/null
+++ b/src/modules/auth/dto/account.dto.ts
@@ -0,0 +1,64 @@
+import { ApiProperty, OmitType, PartialType, PickType } from '@nestjs/swagger'
+import {
+ IsEmail,
+ IsOptional,
+ IsString,
+ Matches,
+ MaxLength,
+ MinLength,
+} from 'class-validator'
+
+import { MenuEntity } from '~/modules/system/menu/menu.entity'
+
+export class AccountUpdateDto {
+ @ApiProperty({ description: '用户呢称' })
+ @IsString()
+ @IsOptional()
+ nickname: string
+
+ @ApiProperty({ description: '用户邮箱' })
+ @IsEmail()
+ email: string
+
+ @ApiProperty({ description: '用户QQ' })
+ @IsOptional()
+ @IsString()
+ @Matches(/^[0-9]+$/)
+ @MinLength(5)
+ @MaxLength(11)
+ qq: string
+
+ @ApiProperty({ description: '用户手机号' })
+ @IsOptional()
+ @IsString()
+ phone: string
+
+ @ApiProperty({ description: '用户头像' })
+ @IsOptional()
+ @IsString()
+ avatar: string
+
+ @ApiProperty({ description: '用户备注' })
+ @IsOptional()
+ @IsString()
+ remark: string
+}
+
+export class ResetPasswordDto {
+ @ApiProperty({ description: '临时token', example: 'uuid' })
+ @IsString()
+ accessToken: string
+
+ @ApiProperty({ description: '密码', example: 'a123456' })
+ @IsString()
+ @Matches(/^\S*(?=\S{6,})(?=\S*\d)(?=\S*[A-Za-z])\S*$/)
+ @MinLength(6)
+ password: string
+}
+
+export class MenuMeta extends PartialType(OmitType(MenuEntity, ['parentId', 'createdAt', 'updatedAt', 'id', 'roles', 'path', 'name'] as const)) {
+ title: string
+}
+export class AccountMenus extends PickType(MenuEntity, ['id', 'path', 'name', 'component'] as const) {
+ meta: MenuMeta
+}
diff --git a/src/modules/auth/dto/auth.dto.ts b/src/modules/auth/dto/auth.dto.ts
new file mode 100644
index 0000000..abaf379
--- /dev/null
+++ b/src/modules/auth/dto/auth.dto.ts
@@ -0,0 +1,43 @@
+import { ApiProperty } from '@nestjs/swagger'
+
+import { IsString, Matches, MaxLength, MinLength } from 'class-validator'
+
+export class LoginDto {
+ @ApiProperty({ description: '手机号/邮箱' })
+ @IsString()
+ @MinLength(4)
+ username: string
+
+ @ApiProperty({ description: '密码', example: 'a123456' })
+ @IsString()
+ @Matches(/^\S*(?=\S{6,})(?=\S*\d)(?=\S*[A-Za-z])\S*$/)
+ @MinLength(6)
+ password: string
+
+ @ApiProperty({ description: '验证码标识' })
+ @IsString()
+ captchaId: string
+
+ @ApiProperty({ description: '用户输入的验证码' })
+ @IsString()
+ @MinLength(4)
+ @MaxLength(4)
+ verifyCode: string
+}
+
+export class RegisterDto {
+ @ApiProperty({ description: '账号' })
+ @IsString()
+ username: string
+
+ @ApiProperty({ description: '密码' })
+ @IsString()
+ @Matches(/^\S*(?=\S{6,})(?=\S*\d)(?=\S*[A-Za-z])\S*$/)
+ @MinLength(6)
+ @MaxLength(16)
+ password: string
+
+ @ApiProperty({ description: '语言', examples: ['EN', 'ZH'] })
+ @IsString()
+ lang: string
+}
diff --git a/src/modules/auth/dto/captcha.dto.ts b/src/modules/auth/dto/captcha.dto.ts
new file mode 100644
index 0000000..c24d3d8
--- /dev/null
+++ b/src/modules/auth/dto/captcha.dto.ts
@@ -0,0 +1,53 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Type } from 'class-transformer'
+import {
+ IsEmail,
+ IsInt,
+ IsMobilePhone,
+ IsOptional,
+ IsString,
+} from 'class-validator'
+
+export class ImageCaptchaDto {
+ @ApiProperty({
+ required: false,
+ default: 100,
+ description: '验证码宽度',
+ })
+ @Type(() => Number)
+ @IsInt()
+ @IsOptional()
+ readonly width: number = 100
+
+ @ApiProperty({
+ required: false,
+ default: 50,
+ description: '验证码宽度',
+ })
+ @Type(() => Number)
+ @IsInt()
+ @IsOptional()
+ readonly height: number = 50
+}
+
+export class SendEmailCodeDto {
+ @ApiProperty({ description: '邮箱' })
+ @IsEmail({}, { message: '邮箱格式不正确' })
+ email: string
+}
+
+export class SendSmsCodeDto {
+ @ApiProperty({ description: '手机号' })
+ @IsMobilePhone('zh-CN', {}, { message: '手机号格式不正确' })
+ phone: string
+}
+
+export class CheckCodeDto {
+ @ApiProperty({ description: '手机号/邮箱' })
+ @IsString()
+ account: string
+
+ @ApiProperty({ description: '验证码' })
+ @IsString()
+ code: string
+}
diff --git a/src/modules/auth/entities/access-token.entity.ts b/src/modules/auth/entities/access-token.entity.ts
new file mode 100644
index 0000000..d56afc8
--- /dev/null
+++ b/src/modules/auth/entities/access-token.entity.ts
@@ -0,0 +1,40 @@
+import {
+ BaseEntity,
+ Column,
+ CreateDateColumn,
+ Entity,
+ JoinColumn,
+ ManyToOne,
+ OneToOne,
+ PrimaryGeneratedColumn,
+} from 'typeorm'
+
+import { UserEntity } from '~/modules/user/user.entity'
+
+import { RefreshTokenEntity } from './refresh-token.entity'
+
+@Entity('user_access_tokens')
+export class AccessTokenEntity extends BaseEntity {
+ @PrimaryGeneratedColumn('uuid')
+ id!: string
+
+ @Column({ length: 500 })
+ value!: string
+
+ @Column({ comment: '令牌过期时间' })
+ expired_at!: Date
+
+ @CreateDateColumn({ comment: '令牌创建时间' })
+ created_at!: Date
+
+ @OneToOne(() => RefreshTokenEntity, refreshToken => refreshToken.accessToken, {
+ cascade: true,
+ })
+ refreshToken!: RefreshTokenEntity
+
+ @ManyToOne(() => UserEntity, user => user.accessTokens, {
+ onDelete: 'CASCADE',
+ })
+ @JoinColumn({ name: 'user_id' })
+ user!: UserEntity
+}
diff --git a/src/modules/auth/entities/refresh-token.entity.ts b/src/modules/auth/entities/refresh-token.entity.ts
new file mode 100644
index 0000000..cec190b
--- /dev/null
+++ b/src/modules/auth/entities/refresh-token.entity.ts
@@ -0,0 +1,32 @@
+import {
+ BaseEntity,
+ Column,
+ CreateDateColumn,
+ Entity,
+ JoinColumn,
+ OneToOne,
+ PrimaryGeneratedColumn,
+} from 'typeorm'
+
+import { AccessTokenEntity } from './access-token.entity'
+
+@Entity('user_refresh_tokens')
+export class RefreshTokenEntity extends BaseEntity {
+ @PrimaryGeneratedColumn('uuid')
+ id!: string
+
+ @Column({ length: 500 })
+ value!: string
+
+ @Column({ comment: '令牌过期时间' })
+ expired_at!: Date
+
+ @CreateDateColumn({ comment: '令牌创建时间' })
+ created_at!: Date
+
+ @OneToOne(() => AccessTokenEntity, accessToken => accessToken.refreshToken, {
+ onDelete: 'CASCADE',
+ })
+ @JoinColumn()
+ accessToken!: AccessTokenEntity
+}
diff --git a/src/modules/auth/guards/jwt-auth.guard.ts b/src/modules/auth/guards/jwt-auth.guard.ts
new file mode 100644
index 0000000..0cbe88c
--- /dev/null
+++ b/src/modules/auth/guards/jwt-auth.guard.ts
@@ -0,0 +1,105 @@
+import {
+ ExecutionContext,
+ Injectable,
+ UnauthorizedException,
+} from '@nestjs/common'
+import { Reflector } from '@nestjs/core'
+import { AuthGuard } from '@nestjs/passport'
+import { FastifyRequest } from 'fastify'
+import { isEmpty, isNil } from 'lodash'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { AuthService } from '~/modules/auth/auth.service'
+
+import { checkIsDemoMode } from '~/utils'
+
+import { AuthStrategy, PUBLIC_KEY } from '../auth.constant'
+import { TokenService } from '../services/token.service'
+
+// https://docs.nestjs.com/recipes/passport#implement-protected-route-and-jwt-strategy-guards
+@Injectable()
+export class JwtAuthGuard extends AuthGuard(AuthStrategy.JWT) {
+ constructor(
+ private reflector: Reflector,
+ private authService: AuthService,
+ private tokenService: TokenService,
+ ) {
+ super()
+ }
+
+ async canActivate(context: ExecutionContext): Promise {
+ const isPublic = this.reflector.getAllAndOverride(PUBLIC_KEY, [
+ context.getHandler(),
+ context.getClass(),
+ ])
+ const request = context.switchToHttp().getRequest()
+ // const response = context.switchToHttp().getResponse()
+
+ // TODO 此处代码的作用是判断如果在演示环境下,则拒绝用户的增删改操作,去掉此代码不影响正常的业务逻辑
+ if (request.method !== 'GET' && !request.url.includes('/auth/login'))
+ checkIsDemoMode()
+
+ const isSse = request.headers.accept === 'text/event-stream'
+
+ if (isSse && !request.headers.authorization?.startsWith('Bearer')) {
+ const { token } = request.query as Record
+ if (token)
+ request.headers.authorization = `Bearer ${token}`
+ }
+
+ const Authorization = request.headers.authorization
+
+ let result: any = false
+ try {
+ result = await super.canActivate(context)
+ }
+ catch (e) {
+ // 需要后置判断 这样携带了 token 的用户就能够解析到 request.user
+ if (isPublic)
+ return true
+
+ if (isEmpty(Authorization))
+ throw new UnauthorizedException('未登录')
+
+ // 判断 token 是否存在, 如果不存在则认证失败
+ const accessToken = isNil(Authorization)
+ ? undefined
+ : await this.tokenService.checkAccessToken(Authorization!)
+
+ if (!accessToken)
+ throw new UnauthorizedException('令牌无效')
+ }
+
+ // SSE 请求
+ if (isSse) {
+ const { uid } = request.params as Record
+
+ if (Number(uid) !== request.user.uid)
+ throw new UnauthorizedException('路径参数 uid 与当前 token 登录的用户 uid 不一致')
+ }
+
+ const pv = await this.authService.getPasswordVersionByUid(request.user.uid)
+ if (pv !== `${request.user.pv}`) {
+ // 密码版本不一致,登录期间已更改过密码
+ throw new BusinessException(ErrorEnum.INVALID_LOGIN)
+ }
+
+ // 不允许多端登录
+ // const cacheToken = await this.authService.getTokenByUid(request.user.uid);
+ // if (Authorization !== cacheToken) {
+ // // 与redis保存不一致 即二次登录
+ // throw new ApiException(ErrorEnum.CODE_1106);
+ // }
+
+ return result
+ }
+
+ handleRequest(err, user, info) {
+ // You can throw an exception based on either "info" or "err" arguments
+ if (err || !user)
+ throw err || new UnauthorizedException()
+
+ return user
+ }
+}
diff --git a/src/modules/auth/guards/local.guard.ts b/src/modules/auth/guards/local.guard.ts
new file mode 100644
index 0000000..c2de171
--- /dev/null
+++ b/src/modules/auth/guards/local.guard.ts
@@ -0,0 +1,11 @@
+import { ExecutionContext, Injectable } from '@nestjs/common'
+import { AuthGuard } from '@nestjs/passport'
+
+import { AuthStrategy } from '../auth.constant'
+
+@Injectable()
+export class LocalGuard extends AuthGuard(AuthStrategy.LOCAL) {
+ async canActivate(context: ExecutionContext) {
+ return true
+ }
+}
diff --git a/src/modules/auth/guards/rbac.guard.ts b/src/modules/auth/guards/rbac.guard.ts
new file mode 100644
index 0000000..8545adb
--- /dev/null
+++ b/src/modules/auth/guards/rbac.guard.ts
@@ -0,0 +1,76 @@
+import {
+ CanActivate,
+ ExecutionContext,
+ Injectable,
+ UnauthorizedException,
+} from '@nestjs/common'
+import { Reflector } from '@nestjs/core'
+import { FastifyRequest } from 'fastify'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { AuthService } from '~/modules/auth/auth.service'
+
+import { ALLOW_ANON_KEY, PERMISSION_KEY, PUBLIC_KEY, Roles } from '../auth.constant'
+
+@Injectable()
+export class RbacGuard implements CanActivate {
+ constructor(
+ private reflector: Reflector,
+ private authService: AuthService,
+ ) {}
+
+ async canActivate(context: ExecutionContext): Promise {
+ const isPublic = this.reflector.getAllAndOverride(PUBLIC_KEY, [
+ context.getHandler(),
+ context.getClass(),
+ ])
+
+ if (isPublic)
+ return true
+
+ const request = context.switchToHttp().getRequest()
+
+ const { user } = request
+ if (!user)
+ throw new UnauthorizedException('登录无效')
+
+ // allowAnon 是需要登录后可访问(无需权限), Public 则是无需登录也可访问.
+ const allowAnon = this.reflector.get(
+ ALLOW_ANON_KEY,
+ context.getHandler(),
+ )
+ if (allowAnon)
+ return true
+
+ const payloadPermission = this.reflector.getAllAndOverride<
+ string | string[]
+ >(PERMISSION_KEY, [context.getHandler(), context.getClass()])
+
+ // 控制器没有设置接口权限,则默认通过
+ if (!payloadPermission)
+ return true
+
+ // 管理员放开所有权限
+ if (user.roles.includes(Roles.ADMIN))
+ return true
+
+ const allPermissions = await this.authService.getPermissionsCache(user.uid) ?? await this.authService.getPermissions(user.uid)
+ // console.log(allPermissions)
+ let canNext = false
+
+ // handle permission strings
+ if (Array.isArray(payloadPermission)) {
+ // 只要有一个权限满足即可
+ canNext = payloadPermission.every(i => allPermissions.includes(i))
+ }
+
+ if (typeof payloadPermission === 'string')
+ canNext = allPermissions.includes(payloadPermission)
+
+ if (!canNext)
+ throw new BusinessException(ErrorEnum.NO_PERMISSION)
+
+ return true
+ }
+}
diff --git a/src/modules/auth/guards/resource.guard.ts b/src/modules/auth/guards/resource.guard.ts
new file mode 100644
index 0000000..b78da0c
--- /dev/null
+++ b/src/modules/auth/guards/resource.guard.ts
@@ -0,0 +1,87 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'
+import { Reflector } from '@nestjs/core'
+import { FastifyRequest } from 'fastify'
+
+import { isArray, isEmpty, isNil } from 'lodash'
+
+import { DataSource, In, Repository } from 'typeorm'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+
+import { ErrorEnum } from '~/constants/error-code.constant'
+
+import { PUBLIC_KEY, RESOURCE_KEY, Roles } from '../auth.constant'
+import { ResourceObject } from '../decorators/resource.decorator'
+
+@Injectable()
+export class ResourceGuard implements CanActivate {
+ constructor(
+ private reflector: Reflector,
+ private dataSource: DataSource,
+ ) {}
+
+ async canActivate(context: ExecutionContext): Promise {
+ const isPublic = this.reflector.getAllAndOverride(PUBLIC_KEY, [
+ context.getHandler(),
+ context.getClass(),
+ ])
+
+ const request = context.switchToHttp().getRequest()
+ const isSse = request.headers.accept === 'text/event-stream'
+ // 忽略 sse 请求
+ if (isPublic || isSse)
+ return true
+
+ const { user } = request
+
+ if (!user)
+ return false
+
+ // 如果是检查资源所属,且不是超级管理员,还需要进一步判断是否是自己的数据
+ const { entity, condition } = this.reflector.get(
+ RESOURCE_KEY,
+ context.getHandler(),
+ ) ?? { entity: null, condition: null }
+
+ if (entity && !user.roles.includes(Roles.ADMIN)) {
+ const repo: Repository = this.dataSource.getRepository(entity)
+
+ /**
+ * 获取请求中的 items (ids) 验证数据拥有者
+ * @param request
+ */
+ const getRequestItems = (request?: FastifyRequest): number[] => {
+ const { params = {}, body = {}, query = {} } = (request ?? {}) as any
+ const id = params.id ?? body.id ?? query.id
+
+ if (id)
+ return [id]
+
+ const { items } = body
+ return !isNil(items) && isArray(items) ? items : []
+ }
+
+ const items = getRequestItems(request)
+ if (isEmpty(items))
+ throw new BusinessException(ErrorEnum.REQUESTED_RESOURCE_NOT_FOUND)
+
+ if (condition)
+ return condition(repo, items, user)
+
+ const recordQuery = {
+ where: {
+ id: In(items),
+ user: { id: user.uid },
+ },
+ relations: ['user'],
+ }
+
+ const records = await repo.find(recordQuery)
+
+ if (isEmpty(records))
+ throw new BusinessException(ErrorEnum.REQUESTED_RESOURCE_NOT_FOUND)
+ }
+
+ return true
+ }
+}
diff --git a/src/modules/auth/models/auth.model.ts b/src/modules/auth/models/auth.model.ts
new file mode 100644
index 0000000..faeada1
--- /dev/null
+++ b/src/modules/auth/models/auth.model.ts
@@ -0,0 +1,14 @@
+import { ApiProperty } from '@nestjs/swagger'
+
+export class ImageCaptcha {
+ @ApiProperty({ description: 'base64格式的svg图片' })
+ img: string
+
+ @ApiProperty({ description: '验证码对应的唯一ID' })
+ id: string
+}
+
+export class LoginToken {
+ @ApiProperty({ description: 'JWT身份Token' })
+ token: string
+}
diff --git a/src/modules/auth/services/captcha.service.ts b/src/modules/auth/services/captcha.service.ts
new file mode 100644
index 0000000..612a6b7
--- /dev/null
+++ b/src/modules/auth/services/captcha.service.ts
@@ -0,0 +1,40 @@
+import { InjectRedis } from '@liaoliaots/nestjs-redis'
+import { Injectable } from '@nestjs/common'
+
+import Redis from 'ioredis'
+import { isEmpty } from 'lodash'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { genCaptchaImgKey } from '~/helper/genRedisKey'
+import { CaptchaLogService } from '~/modules/system/log/services/captcha-log.service'
+
+@Injectable()
+export class CaptchaService {
+ constructor(
+ @InjectRedis() private redis: Redis,
+
+ private captchaLogService: CaptchaLogService,
+ ) {}
+
+ /**
+ * 校验图片验证码
+ */
+ async checkImgCaptcha(id: string, code: string): Promise {
+ const result = await this.redis.get(genCaptchaImgKey(id))
+ if (isEmpty(result) || code.toLowerCase() !== result.toLowerCase())
+ throw new BusinessException(ErrorEnum.INVALID_VERIFICATION_CODE)
+
+ // 校验成功后移除验证码
+ await this.redis.del(genCaptchaImgKey(id))
+ }
+
+ async log(
+ account: string,
+ code: string,
+ provider: 'sms' | 'email',
+ uid?: number,
+ ): Promise {
+ await this.captchaLogService.create(account, code, provider, uid)
+ }
+}
diff --git a/src/modules/auth/services/token.service.ts b/src/modules/auth/services/token.service.ts
new file mode 100644
index 0000000..e680ecc
--- /dev/null
+++ b/src/modules/auth/services/token.service.ts
@@ -0,0 +1,160 @@
+import { Inject, Injectable } from '@nestjs/common'
+import { JwtService } from '@nestjs/jwt'
+import dayjs from 'dayjs'
+
+import { ISecurityConfig, SecurityConfig } from '~/config'
+import { RoleService } from '~/modules/system/role/role.service'
+import { UserEntity } from '~/modules/user/user.entity'
+import { generateUUID } from '~/utils'
+
+import { AccessTokenEntity } from '../entities/access-token.entity'
+import { RefreshTokenEntity } from '../entities/refresh-token.entity'
+
+/**
+ * 令牌服务
+ */
+@Injectable()
+export class TokenService {
+ constructor(
+ private jwtService: JwtService,
+ private roleService: RoleService,
+ @Inject(SecurityConfig.KEY) private securityConfig: ISecurityConfig,
+ ) {}
+
+ /**
+ * 根据accessToken刷新AccessToken与RefreshToken
+ * @param accessTokenSign
+ * @param response
+ */
+ async refreshToken(accessToken: AccessTokenEntity) {
+ const { user, refreshToken } = accessToken
+
+ if (refreshToken) {
+ const now = dayjs()
+ // 判断refreshToken是否过期
+ if (now.isAfter(refreshToken.expired_at))
+ return null
+
+ const roleIds = await this.roleService.getRoleIdsByUser(user.id)
+ const roleValues = await this.roleService.getRoleValues(roleIds)
+
+ // 如果没过期则生成新的access_token和refresh_token
+ const token = await this.generateAccessToken(user.id, roleValues)
+
+ await accessToken.remove()
+ return token
+ }
+ return null
+ }
+
+ generateJwtSign(payload: any) {
+ const jwtSign = this.jwtService.sign(payload)
+
+ return jwtSign
+ }
+
+ async generateAccessToken(uid: number, roles: string[] = []) {
+ const payload: IAuthUser = {
+ uid,
+ pv: 1,
+ roles,
+ }
+
+ const jwtSign = this.jwtService.sign(payload)
+
+ // 生成accessToken
+ const accessToken = new AccessTokenEntity()
+ accessToken.value = jwtSign
+ accessToken.user = { id: uid } as UserEntity
+ accessToken.expired_at = dayjs()
+ .add(this.securityConfig.jwtExprire, 'second')
+ .toDate()
+
+ await accessToken.save()
+
+ // 生成refreshToken
+ const refreshToken = await this.generateRefreshToken(accessToken, dayjs())
+
+ return {
+ accessToken: jwtSign,
+ refreshToken,
+ }
+ }
+
+ /**
+ * 生成新的RefreshToken并存入数据库
+ * @param accessToken
+ * @param now
+ */
+ async generateRefreshToken(
+ accessToken: AccessTokenEntity,
+ now: dayjs.Dayjs,
+ ): Promise {
+ const refreshTokenPayload = {
+ uuid: generateUUID(),
+ }
+
+ const refreshTokenSign = this.jwtService.sign(refreshTokenPayload, {
+ secret: this.securityConfig.refreshSecret,
+ })
+
+ const refreshToken = new RefreshTokenEntity()
+ refreshToken.value = refreshTokenSign
+ refreshToken.expired_at = now
+ .add(this.securityConfig.refreshExpire, 'second')
+ .toDate()
+ refreshToken.accessToken = accessToken
+
+ await refreshToken.save()
+
+ return refreshTokenSign
+ }
+
+ /**
+ * 检查accessToken是否存在
+ * @param value
+ */
+ async checkAccessToken(value: string) {
+ return AccessTokenEntity.findOne({
+ where: { value },
+ relations: ['user', 'refreshToken'],
+ cache: true,
+ })
+ }
+
+ /**
+ * 移除AccessToken且自动移除关联的RefreshToken
+ * @param value
+ */
+ async removeAccessToken(value: string) {
+ const accessToken = await AccessTokenEntity.findOne({
+ where: { value },
+ })
+ if (accessToken)
+ await accessToken.remove()
+ }
+
+ /**
+ * 移除RefreshToken
+ * @param value
+ */
+ async removeRefreshToken(value: string) {
+ const refreshToken = await RefreshTokenEntity.findOne({
+ where: { value },
+ relations: ['accessToken'],
+ })
+ if (refreshToken) {
+ if (refreshToken.accessToken)
+ await refreshToken.accessToken.remove()
+ await refreshToken.remove()
+ }
+ }
+
+ /**
+ * 验证Token是否正确,如果正确则返回所属用户对象
+ * @param token
+ */
+ async verifyAccessToken(token: string): Promise {
+ return this.jwtService.verify(token)
+ }
+}
diff --git a/src/modules/auth/strategies/jwt.strategy.ts b/src/modules/auth/strategies/jwt.strategy.ts
new file mode 100644
index 0000000..1fc00fd
--- /dev/null
+++ b/src/modules/auth/strategies/jwt.strategy.ts
@@ -0,0 +1,24 @@
+import { Inject, Injectable } from '@nestjs/common'
+import { PassportStrategy } from '@nestjs/passport'
+import { ExtractJwt, Strategy } from 'passport-jwt'
+
+import { ISecurityConfig, SecurityConfig } from '~/config'
+
+import { AuthStrategy } from '../auth.constant'
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy, AuthStrategy.JWT) {
+ constructor(
+ @Inject(SecurityConfig.KEY) private securityConfig: ISecurityConfig,
+ ) {
+ super({
+ jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+ ignoreExpiration: false,
+ secretOrKey: securityConfig.jwtSecret,
+ })
+ }
+
+ async validate(payload: IAuthUser) {
+ return payload
+ }
+}
diff --git a/src/modules/auth/strategies/local.strategy.ts b/src/modules/auth/strategies/local.strategy.ts
new file mode 100644
index 0000000..69c59a9
--- /dev/null
+++ b/src/modules/auth/strategies/local.strategy.ts
@@ -0,0 +1,24 @@
+import { Injectable } from '@nestjs/common'
+import { PassportStrategy } from '@nestjs/passport'
+import { Strategy } from 'passport-local'
+
+import { AuthStrategy } from '../auth.constant'
+import { AuthService } from '../auth.service'
+
+@Injectable()
+export class LocalStrategy extends PassportStrategy(
+ Strategy,
+ AuthStrategy.LOCAL,
+) {
+ constructor(private authService: AuthService) {
+ super({
+ usernameField: 'credential',
+ passwordField: 'password',
+ })
+ }
+
+ async validate(username: string, password: string): Promise {
+ const user = await this.authService.validateUser(username, password)
+ return user
+ }
+}
diff --git a/src/modules/health/health.controller.ts b/src/modules/health/health.controller.ts
new file mode 100644
index 0000000..ad81caa
--- /dev/null
+++ b/src/modules/health/health.controller.ts
@@ -0,0 +1,71 @@
+import { Controller, Get } from '@nestjs/common'
+import { ApiTags } from '@nestjs/swagger'
+import {
+ DiskHealthIndicator,
+ HealthCheck,
+ HttpHealthIndicator,
+ MemoryHealthIndicator,
+ TypeOrmHealthIndicator,
+} from '@nestjs/terminus'
+
+import { Perm, definePermission } from '../auth/decorators/permission.decorator'
+
+export const PermissionHealth = definePermission('app:health', {
+ NETWORK: 'network',
+ DB: 'database',
+ MH: 'memory-heap',
+ MR: 'memory-rss',
+ DISK: 'disk',
+} as const)
+
+@ApiTags('Health - 健康检查')
+@Controller('health')
+export class HealthController {
+ constructor(
+ private http: HttpHealthIndicator,
+ private db: TypeOrmHealthIndicator,
+ private memory: MemoryHealthIndicator,
+ private disk: DiskHealthIndicator,
+ ) {}
+
+ @Get('network')
+ @HealthCheck()
+ @Perm(PermissionHealth.NETWORK)
+ async checkNetwork() {
+ return this.http.pingCheck('buqiyuan', 'https://buqiyuan.gitee.io/')
+ }
+
+ @Get('database')
+ @HealthCheck()
+ @Perm(PermissionHealth.DB)
+ async checkDatabase() {
+ return this.db.pingCheck('database')
+ }
+
+ @Get('memory-heap')
+ @HealthCheck()
+ @Perm(PermissionHealth.MH)
+ async checkMemoryHeap() {
+ // the process should not use more than 200MB memory
+ return this.memory.checkHeap('memory-heap', 200 * 1024 * 1024)
+ }
+
+ @Get('memory-rss')
+ @HealthCheck()
+ @Perm(PermissionHealth.MR)
+ async checkMemoryRSS() {
+ // the process should not have more than 200MB RSS memory allocated
+ return this.memory.checkRSS('memory-rss', 200 * 1024 * 1024)
+ }
+
+ @Get('disk')
+ @HealthCheck()
+ @Perm(PermissionHealth.DISK)
+ async checkDisk() {
+ return this.disk.checkStorage('disk', {
+ // The used disk storage should not exceed 75% of the full disk size
+ thresholdPercent: 0.75,
+ path: '/',
+ })
+ }
+}
diff --git a/src/modules/health/health.module.ts b/src/modules/health/health.module.ts
new file mode 100644
index 0000000..141fadc
--- /dev/null
+++ b/src/modules/health/health.module.ts
@@ -0,0 +1,11 @@
+import { HttpModule } from '@nestjs/axios'
+import { Module } from '@nestjs/common'
+import { TerminusModule } from '@nestjs/terminus'
+
+import { HealthController } from './health.controller'
+
+@Module({
+ imports: [TerminusModule, HttpModule],
+ controllers: [HealthController],
+})
+export class HealthModule {}
diff --git a/src/modules/netdisk/manager/manage.class.ts b/src/modules/netdisk/manager/manage.class.ts
new file mode 100644
index 0000000..ef774c1
--- /dev/null
+++ b/src/modules/netdisk/manager/manage.class.ts
@@ -0,0 +1,68 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export type FileType = 'file' | 'dir';
+
+export class SFileInfo {
+ @ApiProperty({ description: '文件id' })
+ id: string;
+
+ @ApiProperty({ description: '文件类型', enum: ['file', 'dir'] })
+ type: FileType;
+
+ @ApiProperty({ description: '文件名称' })
+ name: string;
+
+ @ApiProperty({ description: '存入时间', type: Date })
+ putTime?: Date;
+
+ @ApiProperty({ description: '文件大小, byte单位' })
+ fsize?: string;
+
+ @ApiProperty({ description: '文件的mime-type' })
+ mimeType?: string;
+
+ @ApiProperty({ description: '所属目录' })
+ belongTo?: string;
+}
+
+export class SFileList {
+ @ApiProperty({ description: '文件列表', type: [SFileInfo] })
+ list: SFileInfo[];
+
+ @ApiProperty({ description: '分页标志,空则代表加载完毕' })
+ marker?: string;
+}
+
+export class UploadToken {
+ @ApiProperty({ description: '上传token' })
+ token: string;
+}
+
+export class SFileInfoDetail {
+ @ApiProperty({ description: '文件大小,int64类型,单位为字节(Byte)' })
+ fsize: number;
+
+ @ApiProperty({ description: '文件HASH值' })
+ hash: string;
+
+ @ApiProperty({ description: '文件MIME类型,string类型' })
+ mimeType: string;
+
+ @ApiProperty({
+ description:
+ '文件存储类型,2 表示归档存储,1 表示低频存储,0表示普通存储。',
+ })
+ type: number;
+
+ @ApiProperty({ description: '文件上传时间', type: Date })
+ putTime: Date;
+
+ @ApiProperty({ description: '文件md5值' })
+ md5: string;
+
+ @ApiProperty({ description: '上传人' })
+ uploader: string;
+
+ @ApiProperty({ description: '文件备注' })
+ mark?: string;
+}
diff --git a/src/modules/netdisk/manager/manage.controller.ts b/src/modules/netdisk/manager/manage.controller.ts
new file mode 100644
index 0000000..652d6aa
--- /dev/null
+++ b/src/modules/netdisk/manager/manage.controller.ts
@@ -0,0 +1,153 @@
+import { Body, Controller, Get, Post, Query } from '@nestjs/common'
+import {
+ ApiOkResponse,
+ ApiOperation,
+ ApiTags,
+} from '@nestjs/swagger'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { AuthUser } from '~/modules/auth/decorators/auth-user.decorator'
+
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+
+import { checkIsDemoMode } from '~/utils'
+
+import { SFileInfoDetail, SFileList, UploadToken } from './manage.class'
+import {
+ DeleteDto,
+ FileInfoDto,
+ FileOpDto,
+ GetFileListDto,
+ MKDirDto,
+ MarkFileDto,
+ RenameDto,
+} from './manage.dto'
+import { NetDiskManageService } from './manage.service'
+
+export const permissions = definePermission('netdisk:manage', {
+ LIST: 'list',
+ CREATE: 'create',
+ INFO: 'info',
+ UPDATE: 'update',
+ DELETE: 'delete',
+ MKDIR: 'mkdir',
+ TOKEN: 'token',
+ MARK: 'mark',
+ DOWNLOAD: 'download',
+ RENAME: 'rename',
+ CUT: 'cut',
+ COPY: 'copy',
+} as const)
+
+@ApiTags('NetDiskManage - 网盘管理模块')
+@Controller('manage')
+export class NetDiskManageController {
+ constructor(private manageService: NetDiskManageService) {}
+
+ @Get('list')
+ @ApiOperation({ summary: '获取文件列表' })
+ @ApiOkResponse({ type: SFileList })
+ @Perm(permissions.LIST)
+ async list(@Query() dto: GetFileListDto): Promise {
+ return await this.manageService.getFileList(dto.path, dto.marker, dto.key)
+ }
+
+ @Post('mkdir')
+ @ApiOperation({ summary: '创建文件夹,支持多级' })
+ @Perm(permissions.MKDIR)
+ async mkdir(@Body() dto: MKDirDto): Promise {
+ const result = await this.manageService.checkFileExist(
+ `${dto.path}${dto.dirName}/`,
+ )
+ if (result)
+ throw new BusinessException(ErrorEnum.OSS_FILE_OR_DIR_EXIST)
+
+ await this.manageService.createDir(`${dto.path}${dto.dirName}`)
+ }
+
+ @Get('token')
+ @ApiOperation({ summary: '获取上传Token,无Token前端无法上传' })
+ @ApiOkResponse({ type: UploadToken })
+ @Perm(permissions.TOKEN)
+ async token(@AuthUser() user: IAuthUser): Promise {
+ checkIsDemoMode()
+
+ return {
+ token: this.manageService.createUploadToken(`${user.uid}`),
+ }
+ }
+
+ @Get('info')
+ @ApiOperation({ summary: '获取文件详细信息' })
+ @ApiOkResponse({ type: SFileInfoDetail })
+ @Perm(permissions.INFO)
+ async info(@Query() dto: FileInfoDto): Promise {
+ return await this.manageService.getFileInfo(dto.name, dto.path)
+ }
+
+ @Post('mark')
+ @ApiOperation({ summary: '添加文件备注' })
+ @Perm(permissions.MARK)
+ async mark(@Body() dto: MarkFileDto): Promise {
+ await this.manageService.changeFileHeaders(dto.name, dto.path, {
+ mark: dto.mark,
+ })
+ }
+
+ @Get('download')
+ @ApiOperation({ summary: '获取下载链接,不支持下载文件夹' })
+ @ApiOkResponse({ type: String })
+ @Perm(permissions.DOWNLOAD)
+ async download(@Query() dto: FileInfoDto): Promise {
+ return this.manageService.getDownloadLink(`${dto.path}${dto.name}`)
+ }
+
+ @Post('rename')
+ @ApiOperation({ summary: '重命名文件或文件夹' })
+ @Perm(permissions.RENAME)
+ async rename(@Body() dto: RenameDto): Promise {
+ const result = await this.manageService.checkFileExist(
+ `${dto.path}${dto.toName}${dto.type === 'dir' ? '/' : ''}`,
+ )
+ if (result)
+ throw new BusinessException(ErrorEnum.OSS_FILE_OR_DIR_EXIST)
+
+ if (dto.type === 'file')
+ await this.manageService.renameFile(dto.path, dto.name, dto.toName)
+ else
+ await this.manageService.renameDir(dto.path, dto.name, dto.toName)
+ }
+
+ @Post('delete')
+ @ApiOperation({ summary: '删除文件或文件夹' })
+ @Perm(permissions.DELETE)
+ async delete(@Body() dto: DeleteDto): Promise {
+ await this.manageService.deleteMultiFileOrDir(dto.files, dto.path)
+ }
+
+ @Post('cut')
+ @ApiOperation({ summary: '剪切文件或文件夹,支持批量' })
+ @Perm(permissions.CUT)
+ async cut(@Body() dto: FileOpDto): Promise {
+ if (dto.originPath === dto.toPath)
+ throw new BusinessException(ErrorEnum.OSS_NO_OPERATION_REQUIRED)
+
+ await this.manageService.moveMultiFileOrDir(
+ dto.files,
+ dto.originPath,
+ dto.toPath,
+ )
+ }
+
+ @Post('copy')
+ @ApiOperation({ summary: '复制文件或文件夹,支持批量' })
+ @Perm(permissions.COPY)
+ async copy(@Body() dto: FileOpDto): Promise {
+ await this.manageService.copyMultiFileOrDir(
+ dto.files,
+ dto.originPath,
+ dto.toPath,
+ )
+ }
+}
diff --git a/src/modules/netdisk/manager/manage.dto.ts b/src/modules/netdisk/manager/manage.dto.ts
new file mode 100644
index 0000000..984ef9b
--- /dev/null
+++ b/src/modules/netdisk/manager/manage.dto.ts
@@ -0,0 +1,162 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'
+import { Type } from 'class-transformer'
+import {
+ ArrayMaxSize,
+ IsNotEmpty,
+ IsOptional,
+ IsString,
+ Matches,
+ Validate,
+ ValidateIf,
+ ValidateNested,
+ ValidationArguments,
+ ValidatorConstraint,
+ ValidatorConstraintInterface,
+} from 'class-validator'
+import { isEmpty } from 'lodash'
+
+import { NETDISK_HANDLE_MAX_ITEM } from '~/constants/oss.constant'
+
+@ValidatorConstraint({ name: 'IsLegalNameExpression', async: false })
+export class IsLegalNameExpression implements ValidatorConstraintInterface {
+ validate(value: string, args: ValidationArguments) {
+ try {
+ if (isEmpty(value))
+ throw new Error('dir name is empty')
+
+ if (value.includes('/'))
+ throw new Error('dir name not allow /')
+
+ return true
+ }
+ catch (e) {
+ return false
+ }
+ }
+
+ defaultMessage(_args: ValidationArguments) {
+ // here you can provide default error message if validation failed
+ return 'file or dir name invalid'
+ }
+}
+
+export class FileOpItem {
+ @ApiProperty({ description: '文件类型', enum: ['file', 'dir'] })
+ @IsString()
+ @Matches(/(^file$)|(^dir$)/)
+ type: string
+
+ @ApiProperty({ description: '文件名称' })
+ @IsString()
+ @IsNotEmpty()
+ @Validate(IsLegalNameExpression)
+ name: string
+}
+
+export class GetFileListDto {
+ @ApiProperty({ description: '分页标识' })
+ @IsOptional()
+ @IsString()
+ marker: string
+
+ @ApiProperty({ description: '当前路径' })
+ @IsString()
+ path: string
+
+ @ApiPropertyOptional({ description: '搜索关键字' })
+ @Validate(IsLegalNameExpression)
+ @ValidateIf(o => !isEmpty(o.key))
+ @IsString()
+ key: string
+}
+
+export class MKDirDto {
+ @ApiProperty({ description: '文件夹名称' })
+ @IsNotEmpty()
+ @IsString()
+ @Validate(IsLegalNameExpression)
+ dirName: string
+
+ @ApiProperty({ description: '所属路径' })
+ @IsString()
+ path: string
+}
+
+export class RenameDto {
+ @ApiProperty({ description: '文件类型' })
+ @IsString()
+ @Matches(/(^file$)|(^dir$)/)
+ type: string
+
+ @ApiProperty({ description: '更改的名称' })
+ @IsString()
+ @IsNotEmpty()
+ @Validate(IsLegalNameExpression)
+ toName: string
+
+ @ApiProperty({ description: '原来的名称' })
+ @IsString()
+ @IsNotEmpty()
+ @Validate(IsLegalNameExpression)
+ name: string
+
+ @ApiProperty({ description: '路径' })
+ @IsString()
+ path: string
+}
+
+export class FileInfoDto {
+ @ApiProperty({ description: '文件名' })
+ @IsString()
+ @IsNotEmpty()
+ @Validate(IsLegalNameExpression)
+ name: string
+
+ @ApiProperty({ description: '文件所在路径' })
+ @IsString()
+ path: string
+}
+
+export class DeleteDto {
+ @ApiProperty({ description: '需要操作的文件或文件夹', type: [FileOpItem] })
+ @Type(() => FileOpItem)
+ @ArrayMaxSize(NETDISK_HANDLE_MAX_ITEM)
+ @ValidateNested({ each: true })
+ files: FileOpItem[]
+
+ @ApiProperty({ description: '所在目录' })
+ @IsString()
+ path: string
+}
+
+export class MarkFileDto {
+ @ApiProperty({ description: '文件名' })
+ @IsString()
+ @IsNotEmpty()
+ @Validate(IsLegalNameExpression)
+ name: string
+
+ @ApiProperty({ description: '文件所在路径' })
+ @IsString()
+ path: string
+
+ @ApiProperty({ description: '备注信息' })
+ @IsString()
+ mark: string
+}
+
+export class FileOpDto {
+ @ApiProperty({ description: '需要操作的文件或文件夹', type: [FileOpItem] })
+ @Type(() => FileOpItem)
+ @ArrayMaxSize(NETDISK_HANDLE_MAX_ITEM)
+ @ValidateNested({ each: true })
+ files: FileOpItem[]
+
+ @ApiProperty({ description: '操作前的目录' })
+ @IsString()
+ originPath: string
+
+ @ApiProperty({ description: '操作后的目录' })
+ @IsString()
+ toPath: string
+}
diff --git a/src/modules/netdisk/manager/manage.service.ts b/src/modules/netdisk/manager/manage.service.ts
new file mode 100644
index 0000000..3574a65
--- /dev/null
+++ b/src/modules/netdisk/manager/manage.service.ts
@@ -0,0 +1,930 @@
+import { basename, extname } from 'node:path'
+
+import { Injectable } from '@nestjs/common'
+import { ConfigService } from '@nestjs/config'
+import { isEmpty } from 'lodash'
+import * as qiniu from 'qiniu'
+import { auth, conf, rs } from 'qiniu'
+
+import { ConfigKeyPaths } from '~/config'
+import { NETDISK_COPY_SUFFIX, NETDISK_DELIMITER, NETDISK_HANDLE_MAX_ITEM, NETDISK_LIMIT } from '~/constants/oss.constant'
+
+import { AccountInfo } from '~/modules/user/user.model'
+import { UserService } from '~/modules/user/user.service'
+
+import { generateRandomValue } from '~/utils'
+
+import { SFileInfo, SFileInfoDetail, SFileList } from './manage.class'
+import { FileOpItem } from './manage.dto'
+
+@Injectable()
+export class NetDiskManageService {
+ private config: conf.ConfigOptions
+ private mac: auth.digest.Mac
+ private bucketManager: rs.BucketManager
+
+ private get qiniuConfig() {
+ return this.configService.get('oss', { infer: true })
+ }
+
+ constructor(
+ private configService: ConfigService,
+ private userService: UserService,
+ ) {
+ this.mac = new qiniu.auth.digest.Mac(
+ this.qiniuConfig.accessKey,
+ this.qiniuConfig.secretKey,
+ )
+ this.config = new qiniu.conf.Config({
+ zone: this.qiniuConfig.zone,
+ })
+ // bucket manager
+ this.bucketManager = new qiniu.rs.BucketManager(this.mac, this.config)
+ }
+
+ /**
+ * 获取文件列表
+ * @param prefix 当前文件夹路径,搜索模式下会被忽略
+ * @param marker 下一页标识
+ * @returns iFileListResult
+ */
+ async getFileList(prefix = '', marker = '', skey = ''): Promise {
+ // 是否需要搜索
+ const searching = !isEmpty(skey)
+ return new Promise((resolve, reject) => {
+ this.bucketManager.listPrefix(
+ this.qiniuConfig.bucket,
+ {
+ prefix: searching ? '' : prefix,
+ limit: NETDISK_LIMIT,
+ delimiter: searching ? '' : NETDISK_DELIMITER,
+ marker,
+ },
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ // 如果这个nextMarker不为空,那么还有未列举完毕的文件列表,下次调用listPrefix的时候,
+ // 指定options里面的marker为这个值
+ const fileList: SFileInfo[] = []
+ // 处理目录,但只有非搜索模式下可用
+ if (!searching && !isEmpty(respBody.commonPrefixes)) {
+ // dir
+ for (const dirPath of respBody.commonPrefixes) {
+ const name = (dirPath as string)
+ .substr(0, dirPath.length - 1)
+ .replace(prefix, '')
+ if (isEmpty(skey) || name.includes(skey)) {
+ fileList.push({
+ name: (dirPath as string)
+ .substr(0, dirPath.length - 1)
+ .replace(prefix, ''),
+ type: 'dir',
+ id: generateRandomValue(10),
+ })
+ }
+ }
+ }
+ // handle items
+ if (!isEmpty(respBody.items)) {
+ // file
+ for (const item of respBody.items) {
+ // 搜索模式下处理
+ if (searching) {
+ const pathList: string[] = item.key.split(NETDISK_DELIMITER)
+ // dir is empty stirng, file is key string
+ const name = pathList.pop()
+ if (
+ item.key.endsWith(NETDISK_DELIMITER)
+ && pathList[pathList.length - 1].includes(skey)
+ ) {
+ // 结果是目录
+ const ditName = pathList.pop()
+ fileList.push({
+ id: generateRandomValue(10),
+ name: ditName,
+ type: 'dir',
+ belongTo: pathList.join(NETDISK_DELIMITER),
+ })
+ }
+ else if (name.includes(skey)) {
+ // 文件
+ fileList.push({
+ id: generateRandomValue(10),
+ name,
+ type: 'file',
+ fsize: item.fsize,
+ mimeType: item.mimeType,
+ putTime: new Date(Number.parseInt(item.putTime) / 10000),
+ belongTo: pathList.join(NETDISK_DELIMITER),
+ })
+ }
+ }
+ else {
+ // 正常获取列表
+ const fileKey = item.key.replace(prefix, '') as string
+ if (!isEmpty(fileKey)) {
+ fileList.push({
+ id: generateRandomValue(10),
+ name: fileKey,
+ type: 'file',
+ fsize: item.fsize,
+ mimeType: item.mimeType,
+ putTime: new Date(Number.parseInt(item.putTime) / 10000),
+ })
+ }
+ }
+ }
+ }
+ resolve({
+ list: fileList,
+ marker: respBody.marker || null,
+ })
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 获取文件信息
+ */
+ async getFileInfo(name: string, path: string): Promise {
+ return new Promise((resolve, reject) => {
+ this.bucketManager.stat(
+ this.qiniuConfig.bucket,
+ `${path}${name}`,
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ const detailInfo: SFileInfoDetail = {
+ fsize: respBody.fsize,
+ hash: respBody.hash,
+ md5: respBody.md5,
+ mimeType: respBody.mimeType.split('/x-qn-meta')[0],
+ putTime: new Date(Number.parseInt(respBody.putTime) / 10000),
+ type: respBody.type,
+ uploader: '',
+ mark: respBody?.['x-qn-meta']?.['!mark'] ?? '',
+ }
+ if (!respBody.endUser) {
+ resolve(detailInfo)
+ }
+ else {
+ this.userService
+ .getAccountInfo(Number.parseInt(respBody.endUser))
+ .then((user: AccountInfo) => {
+ if (isEmpty(user)) {
+ resolve(detailInfo)
+ }
+ else {
+ detailInfo.uploader = user.username
+ resolve(detailInfo)
+ }
+ })
+ }
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 修改文件MimeType
+ */
+ async changeFileHeaders(
+ name: string,
+ path: string,
+ headers: { [k: string]: string },
+ ): Promise {
+ return new Promise((resolve, reject) => {
+ this.bucketManager.changeHeaders(
+ this.qiniuConfig.bucket,
+ `${path}${name}`,
+ headers,
+ (err, _, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 创建文件夹
+ * @returns true创建成功
+ */
+ async createDir(dirName: string): Promise {
+ const safeDirName = dirName.endsWith('/') ? dirName : `${dirName}/`
+ return new Promise((resolve, reject) => {
+ // 上传一个空文件以用于显示文件夹效果
+ const formUploader = new qiniu.form_up.FormUploader(this.config)
+ const putExtra = new qiniu.form_up.PutExtra()
+ formUploader.put(
+ this.createUploadToken(''),
+ safeDirName,
+ ' ',
+ putExtra,
+ (respErr, respBody, respInfo) => {
+ if (respErr) {
+ reject(respErr)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 检查文件是否存在,同可检查目录
+ */
+ async checkFileExist(filePath: string): Promise {
+ return new Promise((resolve, reject) => {
+ // fix path end must a /
+
+ // 检测文件夹是否存在
+ this.bucketManager.stat(
+ this.qiniuConfig.bucket,
+ filePath,
+ (respErr, respBody, respInfo) => {
+ if (respErr) {
+ reject(respErr)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ // 文件夹存在
+ resolve(true)
+ }
+ else if (respInfo.statusCode === 612) {
+ // 文件夹不存在
+ resolve(false)
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 创建Upload Token, 默认过期时间一小时
+ * @returns upload token
+ */
+ createUploadToken(endUser: string): string {
+ const policy = new qiniu.rs.PutPolicy({
+ scope: this.qiniuConfig.bucket,
+ insertOnly: 1,
+ fsizeLimit: 1024 ** 2 * 10,
+ endUser,
+ })
+ const uploadToken = policy.uploadToken(this.mac)
+ return uploadToken
+ }
+
+ /**
+ * 重命名文件
+ * @param dir 文件路径
+ * @param name 文件名称
+ */
+ async renameFile(dir: string, name: string, toName: string): Promise {
+ const fileName = `${dir}${name}`
+ const toFileName = `${dir}${toName}`
+ const op = {
+ force: true,
+ }
+ return new Promise((resolve, reject) => {
+ this.bucketManager.move(
+ this.qiniuConfig.bucket,
+ fileName,
+ this.qiniuConfig.bucket,
+ toFileName,
+ op,
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ }
+ else {
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 移动文件
+ */
+ async moveFile(dir: string, toDir: string, name: string): Promise {
+ const fileName = `${dir}${name}`
+ const toFileName = `${toDir}${name}`
+ const op = {
+ force: true,
+ }
+ return new Promise((resolve, reject) => {
+ this.bucketManager.move(
+ this.qiniuConfig.bucket,
+ fileName,
+ this.qiniuConfig.bucket,
+ toFileName,
+ op,
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ }
+ else {
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 复制文件
+ */
+ async copyFile(dir: string, toDir: string, name: string): Promise {
+ const fileName = `${dir}${name}`
+ // 拼接文件名
+ const ext = extname(name)
+ const bn = basename(name, ext)
+ const toFileName = `${toDir}${bn}${NETDISK_COPY_SUFFIX}${ext}`
+ const op = {
+ force: true,
+ }
+ return new Promise((resolve, reject) => {
+ this.bucketManager.copy(
+ this.qiniuConfig.bucket,
+ fileName,
+ this.qiniuConfig.bucket,
+ toFileName,
+ op,
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ }
+ else {
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 重命名文件夹
+ */
+ async renameDir(path: string, name: string, toName: string): Promise {
+ const dirName = `${path}${name}`
+ const toDirName = `${path}${toName}`
+ let hasFile = true
+ let marker = ''
+ const op = {
+ force: true,
+ }
+ const bucketName = this.qiniuConfig.bucket
+ while (hasFile) {
+ await new Promise((resolve, reject) => {
+ // 列举当前目录下的所有文件
+ this.bucketManager.listPrefix(
+ this.qiniuConfig.bucket,
+ {
+ prefix: dirName,
+ limit: NETDISK_HANDLE_MAX_ITEM,
+ marker,
+ },
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ const moveOperations = respBody.items.map((item) => {
+ const { key } = item
+ const destKey = key.replace(dirName, toDirName)
+ return qiniu.rs.moveOp(
+ bucketName,
+ key,
+ bucketName,
+ destKey,
+ op,
+ )
+ })
+ this.bucketManager.batch(
+ moveOperations,
+ (err2, respBody2, respInfo2) => {
+ if (err2) {
+ reject(err2)
+ return
+ }
+ if (respInfo2.statusCode === 200) {
+ if (isEmpty(respBody.marker))
+ hasFile = false
+ else
+ marker = respBody.marker
+
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo2.statusCode}, Info: ${respInfo2.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+ }
+
+ /**
+ * 获取七牛下载的文件url链接
+ * @param key 文件路径
+ * @returns 连接
+ */
+ getDownloadLink(key: string): string {
+ if (this.qiniuConfig.access === 'public') {
+ return this.bucketManager.publicDownloadUrl(this.qiniuConfig.domain, key)
+ }
+ else if (this.qiniuConfig.access === 'private') {
+ return this.bucketManager.privateDownloadUrl(
+ this.qiniuConfig.domain,
+ key,
+ Date.now() / 1000 + 36000,
+ )
+ }
+ throw new Error('qiniu config access type not support')
+ }
+
+ /**
+ * 删除文件
+ * @param dir 删除的文件夹目录
+ * @param name 文件名
+ */
+ async deleteFile(dir: string, name: string): Promise {
+ return new Promise((resolve, reject) => {
+ this.bucketManager.delete(
+ this.qiniuConfig.bucket,
+ `${dir}${name}`,
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+
+ /**
+ * 删除文件夹
+ * @param dir 文件夹所在的上级目录
+ * @param name 文件目录名称
+ */
+ async deleteMultiFileOrDir(
+ fileList: FileOpItem[],
+ dir: string,
+ ): Promise {
+ const files = fileList.filter(item => item.type === 'file')
+ if (files.length > 0) {
+ // 批处理文件
+ const copyOperations = files.map((item) => {
+ const fileName = `${dir}${item.name}`
+ return qiniu.rs.deleteOp(this.qiniuConfig.bucket, fileName)
+ })
+ await new Promise((resolve, reject) => {
+ this.bucketManager.batch(copyOperations, (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else if (respInfo.statusCode === 298) {
+ reject(new Error('操作异常,但部分文件夹删除成功'))
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ })
+ })
+ }
+ // 处理文件夹
+ const dirs = fileList.filter(item => item.type === 'dir')
+ if (dirs.length > 0) {
+ // 处理文件夹的复制
+ for (let i = 0; i < dirs.length; i++) {
+ const dirName = `${dir}${dirs[i].name}/`
+ let hasFile = true
+ let marker = ''
+ while (hasFile) {
+ await new Promise((resolve, reject) => {
+ // 列举当前目录下的所有文件
+ this.bucketManager.listPrefix(
+ this.qiniuConfig.bucket,
+ {
+ prefix: dirName,
+ limit: NETDISK_HANDLE_MAX_ITEM,
+ marker,
+ },
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ const moveOperations = respBody.items.map((item) => {
+ const { key } = item
+ return qiniu.rs.deleteOp(this.qiniuConfig.bucket, key)
+ })
+ this.bucketManager.batch(
+ moveOperations,
+ (err2, respBody2, respInfo2) => {
+ if (err2) {
+ reject(err2)
+ return
+ }
+ if (respInfo2.statusCode === 200) {
+ if (isEmpty(respBody.marker))
+ hasFile = false
+ else
+ marker = respBody.marker
+
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo2.statusCode}, Info: ${respInfo2.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+ }
+ }
+ }
+
+ /**
+ * 复制文件,含文件夹
+ */
+ async copyMultiFileOrDir(
+ fileList: FileOpItem[],
+ dir: string,
+ toDir: string,
+ ): Promise {
+ const files = fileList.filter(item => item.type === 'file')
+ const op = {
+ force: true,
+ }
+ if (files.length > 0) {
+ // 批处理文件
+ const copyOperations = files.map((item) => {
+ const fileName = `${dir}${item.name}`
+ // 拼接文件名
+ const ext = extname(item.name)
+ const bn = basename(item.name, ext)
+ const toFileName = `${toDir}${bn}${NETDISK_COPY_SUFFIX}${ext}`
+ return qiniu.rs.copyOp(
+ this.qiniuConfig.bucket,
+ fileName,
+ this.qiniuConfig.bucket,
+ toFileName,
+ op,
+ )
+ })
+ await new Promise((resolve, reject) => {
+ this.bucketManager.batch(copyOperations, (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else if (respInfo.statusCode === 298) {
+ reject(new Error('操作异常,但部分文件夹删除成功'))
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ })
+ })
+ }
+ // 处理文件夹
+ const dirs = fileList.filter(item => item.type === 'dir')
+ if (dirs.length > 0) {
+ // 处理文件夹的复制
+ for (let i = 0; i < dirs.length; i++) {
+ const dirName = `${dir}${dirs[i].name}/`
+ const copyDirName = `${toDir}${dirs[i].name}${NETDISK_COPY_SUFFIX}/`
+ let hasFile = true
+ let marker = ''
+ while (hasFile) {
+ await new Promise((resolve, reject) => {
+ // 列举当前目录下的所有文件
+ this.bucketManager.listPrefix(
+ this.qiniuConfig.bucket,
+ {
+ prefix: dirName,
+ limit: NETDISK_HANDLE_MAX_ITEM,
+ marker,
+ },
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ const moveOperations = respBody.items.map((item) => {
+ const { key } = item
+ const destKey = key.replace(dirName, copyDirName)
+ return qiniu.rs.copyOp(
+ this.qiniuConfig.bucket,
+ key,
+ this.qiniuConfig.bucket,
+ destKey,
+ op,
+ )
+ })
+ this.bucketManager.batch(
+ moveOperations,
+ (err2, respBody2, respInfo2) => {
+ if (err2) {
+ reject(err2)
+ return
+ }
+ if (respInfo2.statusCode === 200) {
+ if (isEmpty(respBody.marker))
+ hasFile = false
+ else
+ marker = respBody.marker
+
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo2.statusCode}, Info: ${respInfo2.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+ }
+ }
+ }
+
+ /**
+ * 移动文件,含文件夹
+ */
+ async moveMultiFileOrDir(
+ fileList: FileOpItem[],
+ dir: string,
+ toDir: string,
+ ): Promise {
+ const files = fileList.filter(item => item.type === 'file')
+ const op = {
+ force: true,
+ }
+ if (files.length > 0) {
+ // 批处理文件
+ const copyOperations = files.map((item) => {
+ const fileName = `${dir}${item.name}`
+ const toFileName = `${toDir}${item.name}`
+ return qiniu.rs.moveOp(
+ this.qiniuConfig.bucket,
+ fileName,
+ this.qiniuConfig.bucket,
+ toFileName,
+ op,
+ )
+ })
+ await new Promise((resolve, reject) => {
+ this.bucketManager.batch(copyOperations, (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ resolve()
+ }
+ else if (respInfo.statusCode === 298) {
+ reject(new Error('操作异常,但部分文件夹删除成功'))
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ })
+ })
+ }
+ // 处理文件夹
+ const dirs = fileList.filter(item => item.type === 'dir')
+ if (dirs.length > 0) {
+ // 处理文件夹的复制
+ for (let i = 0; i < dirs.length; i++) {
+ const dirName = `${dir}${dirs[i].name}/`
+ const toDirName = `${toDir}${dirs[i].name}/`
+ // 移动的目录不是是自己
+ if (toDirName.startsWith(dirName))
+ continue
+
+ let hasFile = true
+ let marker = ''
+ while (hasFile) {
+ await new Promise((resolve, reject) => {
+ // 列举当前目录下的所有文件
+ this.bucketManager.listPrefix(
+ this.qiniuConfig.bucket,
+ {
+ prefix: dirName,
+ limit: NETDISK_HANDLE_MAX_ITEM,
+ marker,
+ },
+ (err, respBody, respInfo) => {
+ if (err) {
+ reject(err)
+ return
+ }
+ if (respInfo.statusCode === 200) {
+ const moveOperations = respBody.items.map((item) => {
+ const { key } = item
+ const destKey = key.replace(dirName, toDirName)
+ return qiniu.rs.moveOp(
+ this.qiniuConfig.bucket,
+ key,
+ this.qiniuConfig.bucket,
+ destKey,
+ op,
+ )
+ })
+ this.bucketManager.batch(
+ moveOperations,
+ (err2, respBody2, respInfo2) => {
+ if (err2) {
+ reject(err2)
+ return
+ }
+ if (respInfo2.statusCode === 200) {
+ if (isEmpty(respBody.marker))
+ hasFile = false
+ else
+ marker = respBody.marker
+
+ resolve()
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo2.statusCode}, Info: ${respInfo2.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ }
+ else {
+ reject(
+ new Error(
+ `Qiniu Error Code: ${respInfo.statusCode}, Info: ${respInfo.statusMessage}`,
+ ),
+ )
+ }
+ },
+ )
+ })
+ }
+ }
+ }
+ }
+}
diff --git a/src/modules/netdisk/netdisk.module.ts b/src/modules/netdisk/netdisk.module.ts
new file mode 100644
index 0000000..aa5a3f7
--- /dev/null
+++ b/src/modules/netdisk/netdisk.module.ts
@@ -0,0 +1,22 @@
+import { Module } from '@nestjs/common'
+
+import { RouterModule } from '@nestjs/core'
+
+import { UserModule } from '../user/user.module'
+
+import { NetDiskManageController } from './manager/manage.controller'
+import { NetDiskManageService } from './manager/manage.service'
+import { NetDiskOverviewController } from './overview/overview.controller'
+import { NetDiskOverviewService } from './overview/overview.service'
+
+@Module({
+ imports: [UserModule, RouterModule.register([
+ {
+ path: 'netdisk',
+ module: NetdiskModule,
+ },
+ ])],
+ controllers: [NetDiskManageController, NetDiskOverviewController],
+ providers: [NetDiskManageService, NetDiskOverviewService],
+})
+export class NetdiskModule {}
diff --git a/src/modules/netdisk/overview/overview.controller.ts b/src/modules/netdisk/overview/overview.controller.ts
new file mode 100644
index 0000000..a7b7df9
--- /dev/null
+++ b/src/modules/netdisk/overview/overview.controller.ts
@@ -0,0 +1,49 @@
+import { CacheInterceptor, CacheKey, CacheTTL } from '@nestjs/cache-manager'
+import {
+ Controller,
+ Get,
+ UseInterceptors,
+} from '@nestjs/common'
+import {
+ ApiOkResponse,
+ ApiOperation,
+ ApiTags,
+} from '@nestjs/swagger'
+
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+
+import { OverviewSpaceInfo } from './overview.dto'
+import { NetDiskOverviewService } from './overview.service'
+
+export const permissions = definePermission('netdisk:overview', {
+ DESC: 'desc',
+} as const)
+
+@ApiTags('NetDiskOverview - 网盘概览模块')
+@Controller('overview')
+export class NetDiskOverviewController {
+ constructor(private overviewService: NetDiskOverviewService) {}
+
+ @Get('desc')
+ @CacheKey('netdisk_overview_desc')
+ @CacheTTL(3600)
+ @UseInterceptors(CacheInterceptor)
+ @ApiOperation({ summary: '获取网盘空间数据统计' })
+ @ApiOkResponse({ type: OverviewSpaceInfo })
+ @Perm(permissions.DESC)
+ async space(): Promise {
+ const date = this.overviewService.getZeroHourAnd1Day(new Date())
+ const hit = await this.overviewService.getHit(date)
+ const flow = await this.overviewService.getFlow(date)
+ const space = await this.overviewService.getSpace(date)
+ const count = await this.overviewService.getCount(date)
+ return {
+ fileSize: count.datas[count.datas.length - 1],
+ flowSize: flow.datas[flow.datas.length - 1],
+ hitSize: hit.datas[hit.datas.length - 1],
+ spaceSize: space.datas[space.datas.length - 1],
+ flowTrend: flow,
+ sizeTrend: space,
+ }
+ }
+}
diff --git a/src/modules/netdisk/overview/overview.dto.ts b/src/modules/netdisk/overview/overview.dto.ts
new file mode 100644
index 0000000..9d77aff
--- /dev/null
+++ b/src/modules/netdisk/overview/overview.dto.ts
@@ -0,0 +1,53 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class SpaceInfo {
+ @ApiProperty({ description: '当月的X号', type: [Number] })
+ times: number[];
+
+ @ApiProperty({ description: '对应天数的容量, byte单位', type: [Number] })
+ datas: number[];
+}
+
+export class CountInfo {
+ @ApiProperty({ description: '当月的X号', type: [Number] })
+ times: number[];
+
+ @ApiProperty({ description: '对应天数的文件数量', type: [Number] })
+ datas: number[];
+}
+
+export class FlowInfo {
+ @ApiProperty({ description: '当月的X号', type: [Number] })
+ times: number[];
+
+ @ApiProperty({ description: '对应天数的耗费流量', type: [Number] })
+ datas: number[];
+}
+
+export class HitInfo {
+ @ApiProperty({ description: '当月的X号', type: [Number] })
+ times: number[];
+
+ @ApiProperty({ description: '对应天数的Get请求次数', type: [Number] })
+ datas: number[];
+}
+
+export class OverviewSpaceInfo {
+ @ApiProperty({ description: '当前使用容量' })
+ spaceSize: number;
+
+ @ApiProperty({ description: '当前文件数量' })
+ fileSize: number;
+
+ @ApiProperty({ description: '当天使用流量' })
+ flowSize: number;
+
+ @ApiProperty({ description: '当天请求次数' })
+ hitSize: number;
+
+ @ApiProperty({ description: '流量趋势,从当月1号开始计算', type: FlowInfo })
+ flowTrend: FlowInfo;
+
+ @ApiProperty({ description: '容量趋势,从当月1号开始计算', type: SpaceInfo })
+ sizeTrend: SpaceInfo;
+}
diff --git a/src/modules/netdisk/overview/overview.service.ts b/src/modules/netdisk/overview/overview.service.ts
new file mode 100644
index 0000000..40ff410
--- /dev/null
+++ b/src/modules/netdisk/overview/overview.service.ts
@@ -0,0 +1,156 @@
+import { HttpService } from '@nestjs/axios'
+import { Injectable } from '@nestjs/common'
+import { ConfigService } from '@nestjs/config'
+import dayjs from 'dayjs'
+import * as qiniu from 'qiniu'
+
+import { ConfigKeyPaths } from '~/config'
+import { OSS_API } from '~/constants/oss.constant'
+
+import { CountInfo, FlowInfo, HitInfo, SpaceInfo } from './overview.dto'
+
+@Injectable()
+export class NetDiskOverviewService {
+ private mac: qiniu.auth.digest.Mac
+ private readonly FORMAT = 'YYYYMMDDHHmmss'
+ private get qiniuConfig() {
+ return this.configService.get('oss', { infer: true })
+ }
+
+ constructor(
+ private configService: ConfigService,
+ private readonly httpService: HttpService,
+ ) {
+ this.mac = new qiniu.auth.digest.Mac(
+ this.qiniuConfig.accessKey,
+ this.qiniuConfig.secretKey,
+ )
+ }
+
+ /** 获取格式化后的起始和结束时间 */
+ getStartAndEndDate(start: Date, end = new Date()) {
+ return [dayjs(start).format(this.FORMAT), dayjs(end).format(this.FORMAT)]
+ }
+
+ /**
+ * 获取数据统计接口路径
+ * @see: https://developer.qiniu.com/kodo/3906/statistic-interface
+ */
+ getStatisticUrl(type: string, queryParams = {}) {
+ const defaultParams = {
+ $bucket: this.qiniuConfig.bucket,
+ g: 'day',
+ }
+ const searchParams = new URLSearchParams({ ...defaultParams, ...queryParams })
+ return decodeURIComponent(`${OSS_API}/v6/${type}?${searchParams}`)
+ }
+
+ /** 获取统计数据 */
+ getStatisticData(url: string) {
+ const accessToken = qiniu.util.generateAccessTokenV2(
+ this.mac,
+ url,
+ 'GET',
+ 'application/x-www-form-urlencoded',
+ )
+ return this.httpService.axiosRef.get(url, {
+ headers: {
+ 'Content-Type': 'application/x-www-form-urlencoded',
+ 'Authorization': `${accessToken}`,
+ },
+ })
+ }
+
+ /**
+ * 获取当天零时
+ */
+ getZeroHourToDay(current: Date): Date {
+ const year = dayjs(current).year()
+ const month = dayjs(current).month()
+ const date = dayjs(current).date()
+ return new Date(year, month, date, 0)
+ }
+
+ /**
+ * 获取当月1号零时
+ */
+ getZeroHourAnd1Day(current: Date): Date {
+ const year = dayjs(current).year()
+ const month = dayjs(current).month()
+ return new Date(year, month, 1, 0)
+ }
+
+ /**
+ * 该接口可以获取标准存储的当前存储量。可查询当天计量,统计延迟大概 5 分钟。
+ * https://developer.qiniu.com/kodo/3908/statistic-space
+ */
+ async getSpace(beginDate: Date, endDate = new Date()): Promise {
+ const [begin, end] = this.getStartAndEndDate(beginDate, endDate)
+ const url = this.getStatisticUrl('space', { begin, end })
+ const { data } = await this.getStatisticData(url)
+ return {
+ datas: data.datas,
+ times: data.times.map((e) => {
+ return dayjs.unix(e).date()
+ }),
+ }
+ }
+
+ /**
+ * 该接口可以获取标准存储的文件数量。可查询当天计量,统计延迟大概 5 分钟。
+ * https://developer.qiniu.com/kodo/3914/count
+ */
+ async getCount(beginDate: Date, endDate = new Date()): Promise {
+ const [begin, end] = this.getStartAndEndDate(beginDate, endDate)
+ const url = this.getStatisticUrl('count', { begin, end })
+ const { data } = await this.getStatisticData(url)
+ return {
+ times: data.times.map((e) => {
+ return dayjs.unix(e).date()
+ }),
+ datas: data.datas,
+ }
+ }
+
+ /**
+ * 外网流出流量统计
+ * 该接口可以获取外网流出流量、CDN回源流量统计和 GET 请求次数。可查询当天计量,统计延迟大概 5 分钟。
+ * https://developer.qiniu.com/kodo/3820/blob-io
+ */
+ async getFlow(beginDate: Date, endDate = new Date()): Promise {
+ const [begin, end] = this.getStartAndEndDate(beginDate, endDate)
+ const url = this.getStatisticUrl('blob_io', { begin, end, $ftype: 0, $src: 'origin', select: 'flow' })
+ const { data } = await this.getStatisticData(url)
+ const times = []
+ const datas = []
+ data.forEach((e) => {
+ times.push(dayjs(e.time).date())
+ datas.push(e.values.flow)
+ })
+ return {
+ times,
+ datas,
+ }
+ }
+
+ /**
+ * GET 请求次数统计
+ * 该接口可以获取外网流出流量、CDN回源流量统计和 GET 请求次数。可查询当天计量,统计延迟大概 5 分钟。
+ * https://developer.qiniu.com/kodo/3820/blob-io
+ */
+ async getHit(beginDate: Date, endDate = new Date()): Promise {
+ const [begin, end] = this.getStartAndEndDate(beginDate, endDate)
+ const url = this.getStatisticUrl('blob_io', { begin, end, $ftype: 0, $src: 'inner', select: 'hit' })
+ const { data } = await this.getStatisticData(url)
+ const times = []
+ const datas = []
+ data.forEach((e) => {
+ times.push(dayjs(e.time).date())
+ datas.push(e.values.hit)
+ })
+ return {
+ times,
+ datas,
+ }
+ }
+}
diff --git a/src/modules/sse/sse.controller.ts b/src/modules/sse/sse.controller.ts
new file mode 100644
index 0000000..1e475b7
--- /dev/null
+++ b/src/modules/sse/sse.controller.ts
@@ -0,0 +1,54 @@
+import { BeforeApplicationShutdown, Controller, Param, ParseIntPipe, Req, Res, Sse } from '@nestjs/common'
+import { ApiTags } from '@nestjs/swagger'
+import { FastifyReply, FastifyRequest } from 'fastify'
+import { Observable, interval } from 'rxjs'
+
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+
+import { MessageEvent, SseService } from './sse.service'
+
+@ApiTags('System - sse模块')
+@ApiSecurityAuth()
+@Controller('sse')
+export class SseController implements BeforeApplicationShutdown {
+ private replyMap: Map = new Map()
+
+ constructor(private readonly sseService: SseService) {}
+
+ private closeAllConnect() {
+ this.sseService.sendToAll({
+ type: 'close',
+ data: 'bye~',
+ })
+ this.replyMap.forEach((reply) => {
+ reply.raw.end().destroy()
+ })
+ }
+
+ // 通过控制台关闭程序时触发
+ beforeApplicationShutdown() {
+ // console.log('beforeApplicationShutdown')
+ this.closeAllConnect()
+ }
+
+ @Sse(':uid')
+ sse(@Param('uid', ParseIntPipe) uid: number, @Req() req: FastifyRequest, @Res() res: FastifyReply): Observable {
+ this.replyMap.set(uid, res)
+
+ const subscription = interval(10000).subscribe(() => {
+ this.sseService.sendToClient(uid, { type: 'ping' })
+ })
+
+ // 当客户端断开连接时
+ req.raw.on('close', () => {
+ subscription.unsubscribe()
+ this.sseService.removeClient(uid)
+ this.replyMap.delete(uid)
+ // console.log(`user-${uid}已关闭`)
+ })
+
+ return new Observable((subscriber) => {
+ this.sseService.addClient(uid, subscriber)
+ })
+ }
+}
diff --git a/src/modules/sse/sse.module.ts b/src/modules/sse/sse.module.ts
new file mode 100644
index 0000000..e6af2b1
--- /dev/null
+++ b/src/modules/sse/sse.module.ts
@@ -0,0 +1,12 @@
+import { Module } from '@nestjs/common'
+
+import { SseController } from './sse.controller'
+import { SseService } from './sse.service'
+
+@Module({
+ imports: [],
+ controllers: [SseController],
+ providers: [SseService],
+ exports: [SseService],
+})
+export class SseModule {}
diff --git a/src/modules/sse/sse.service.ts b/src/modules/sse/sse.service.ts
new file mode 100644
index 0000000..076e415
--- /dev/null
+++ b/src/modules/sse/sse.service.ts
@@ -0,0 +1,85 @@
+import { Injectable } from '@nestjs/common'
+import { Subscriber } from 'rxjs'
+import { In } from 'typeorm'
+
+import { ROOT_ROLE_ID } from '~/constants/system.constant'
+
+import { RoleEntity } from '~/modules/system/role/role.entity'
+import { UserEntity } from '~/modules/user/user.entity'
+
+export interface MessageEvent {
+ data?: string | object
+ id?: string
+ type?: 'ping' | 'close' | 'updatePermsAndMenus'
+ retry?: number
+}
+
+const clientMap: Map> = new Map()
+
+@Injectable()
+export class SseService {
+ addClient(uid: number, subscriber: Subscriber) {
+ clientMap.set(uid, subscriber)
+ }
+
+ removeClient(uid: number): void {
+ const client = clientMap.get(uid)
+ client?.complete()
+ clientMap.delete(uid)
+ }
+
+ sendToClient(uid: number, data: MessageEvent): void {
+ const client = clientMap.get(uid)
+ client?.next?.(data)
+ }
+
+ sendToAll(data: MessageEvent): void {
+ clientMap.forEach((client) => {
+ client.next(data)
+ })
+ }
+
+ /**
+ * 通知前端重新获取权限菜单
+ * @param uid
+ * @constructor
+ */
+ async noticeClientToUpdateMenusByUserIds(uid: number | number[]) {
+ const userIds = [].concat(uid) as number[]
+ userIds.forEach((uid) => {
+ this.sendToClient(uid, { type: 'updatePermsAndMenus' })
+ })
+ }
+
+ /**
+ * 通过menuIds通知用户更新权限菜单
+ */
+ async noticeClientToUpdateMenusByMenuIds(menuIds: number[]): Promise {
+ const roleMenus = await RoleEntity.find({
+ where: {
+ menus: {
+ id: In(menuIds),
+ },
+ },
+ })
+ const roleIds = roleMenus.map(n => n.id).concat(ROOT_ROLE_ID)
+ await this.noticeClientToUpdateMenusByRoleIds(roleIds)
+ }
+
+ /**
+ * 通过roleIds通知用户更新权限菜单
+ */
+ async noticeClientToUpdateMenusByRoleIds(roleIds: number[]): Promise {
+ const users = await UserEntity.find({
+ where: {
+ roles: {
+ id: In(roleIds),
+ },
+ },
+ })
+ if (users) {
+ const userIds = users.map(n => n.id)
+ await this.noticeClientToUpdateMenusByUserIds(userIds)
+ }
+ }
+}
diff --git a/src/modules/system/dept/dept.controller.ts b/src/modules/system/dept/dept.controller.ts
new file mode 100644
index 0000000..81b6ef9
--- /dev/null
+++ b/src/modules/system/dept/dept.controller.ts
@@ -0,0 +1,83 @@
+import { Body, Controller, Delete, Get, Post, Put, Query } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { IdParam } from '~/common/decorators/id-param.decorator'
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { AuthUser } from '~/modules/auth/decorators/auth-user.decorator'
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+import { DeptEntity } from '~/modules/system/dept/dept.entity'
+
+import { DeptDto, DeptQueryDto } from './dept.dto'
+import { DeptService } from './dept.service'
+
+export const permissions = definePermission('system:dept', {
+ LIST: 'list',
+ CREATE: 'create',
+ READ: 'read',
+ UPDATE: 'update',
+ DELETE: 'delete',
+} as const)
+
+@ApiSecurityAuth()
+@ApiTags('System - 部门模块')
+@Controller('depts')
+export class DeptController {
+ constructor(private deptService: DeptService) {}
+
+ @Get()
+ @ApiOperation({ summary: '获取部门列表' })
+ @ApiResult({ type: [DeptEntity] })
+ @Perm(permissions.LIST)
+ async list(
+ @Query() dto: DeptQueryDto, @AuthUser('uid') uid: number): Promise {
+ return this.deptService.getDeptTree(uid, dto)
+ }
+
+ @Post()
+ @ApiOperation({ summary: '创建部门' })
+ @Perm(permissions.CREATE)
+ async create(@Body() dto: DeptDto): Promise {
+ await this.deptService.create(dto)
+ }
+
+ @Get(':id')
+ @ApiOperation({ summary: '查询部门信息' })
+ @Perm(permissions.READ)
+ async info(@IdParam() id: number) {
+ return this.deptService.info(id)
+ }
+
+ @Put(':id')
+ @ApiOperation({ summary: '更新部门' })
+ @Perm(permissions.UPDATE)
+ async update(
+ @IdParam() id: number, @Body() updateDeptDto: DeptDto): Promise {
+ await this.deptService.update(id, updateDeptDto)
+ }
+
+ @Delete(':id')
+ @ApiOperation({ summary: '删除部门' })
+ @Perm(permissions.DELETE)
+ async delete(@IdParam() id: number): Promise {
+ // 查询是否有关联用户或者部门,如果含有则无法删除
+ const count = await this.deptService.countUserByDeptId(id)
+ if (count > 0)
+ throw new BusinessException(ErrorEnum.DEPARTMENT_HAS_ASSOCIATED_USERS)
+
+ const count2 = await this.deptService.countChildDept(id)
+ console.log('count2', count2)
+ if (count2 > 0)
+ throw new BusinessException(ErrorEnum.DEPARTMENT_HAS_CHILD_DEPARTMENTS)
+
+ await this.deptService.delete(id)
+ }
+
+ // @Post('move')
+ // @ApiOperation({ summary: '部门移动排序' })
+ // async move(@Body() dto: MoveDeptDto): Promise {
+ // await this.deptService.move(dto.depts);
+ // }
+}
diff --git a/src/modules/system/dept/dept.dto.ts b/src/modules/system/dept/dept.dto.ts
new file mode 100644
index 0000000..5d79782
--- /dev/null
+++ b/src/modules/system/dept/dept.dto.ts
@@ -0,0 +1,70 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Type } from 'class-transformer'
+import {
+ ArrayNotEmpty,
+ IsArray,
+ IsInt,
+ IsOptional,
+ IsString,
+ Min,
+ MinLength,
+ ValidateNested,
+} from 'class-validator'
+
+export class DeptDto {
+ @ApiProperty({ description: '部门名称' })
+ @IsString()
+ @MinLength(1)
+ name: string
+
+ @ApiProperty({ description: '父级部门id' })
+ @Type(() => Number)
+ @IsInt()
+ @IsOptional()
+ parentId: number
+
+ @ApiProperty({ description: '排序编号', required: false })
+ @IsInt()
+ @Min(0)
+ @IsOptional()
+ orderNo: number
+}
+
+export class TransferDeptDto {
+ @ApiProperty({ description: '需要转移的管理员列表编号', type: [Number] })
+ @IsArray()
+ @ArrayNotEmpty()
+ userIds: number[]
+
+ @ApiProperty({ description: '需要转移过去的系统部门ID' })
+ @IsInt()
+ @Min(0)
+ deptId: number
+}
+
+export class MoveDept {
+ @ApiProperty({ description: '当前部门ID' })
+ @IsInt()
+ @Min(0)
+ id: number
+
+ @ApiProperty({ description: '移动到指定父级部门的ID' })
+ @IsInt()
+ @Min(0)
+ @IsOptional()
+ parentId: number
+}
+
+export class MoveDeptDto {
+ @ApiProperty({ description: '部门列表', type: [MoveDept] })
+ @ValidateNested({ each: true })
+ @Type(() => MoveDept)
+ depts: MoveDept[]
+}
+
+export class DeptQueryDto {
+ @ApiProperty({ description: '部门名称' })
+ @IsString()
+ @IsOptional()
+ name?: string
+}
diff --git a/src/modules/system/dept/dept.entity.ts b/src/modules/system/dept/dept.entity.ts
new file mode 100644
index 0000000..3a69396
--- /dev/null
+++ b/src/modules/system/dept/dept.entity.ts
@@ -0,0 +1,36 @@
+import { ApiHideProperty, ApiProperty } from '@nestjs/swagger'
+import {
+ Column,
+ Entity,
+ OneToMany,
+ Relation,
+ Tree,
+ TreeChildren,
+ TreeParent,
+} from 'typeorm'
+
+import { CommonEntity } from '~/common/entity/common.entity'
+
+import { UserEntity } from '../../user/user.entity'
+
+@Entity({ name: 'sys_dept' })
+@Tree('materialized-path')
+export class DeptEntity extends CommonEntity {
+ @Column()
+ @ApiProperty({ description: '部门名称' })
+ name: string
+
+ @Column({ nullable: true, default: 0 })
+ @ApiProperty({ description: '排序' })
+ orderNo: number
+
+ @TreeChildren({ cascade: true })
+ children: DeptEntity[]
+
+ @TreeParent({ onDelete: 'SET NULL' })
+ parent?: DeptEntity
+
+ @ApiHideProperty()
+ @OneToMany(() => UserEntity, user => user.dept)
+ users: Relation
+}
diff --git a/src/modules/system/dept/dept.module.ts b/src/modules/system/dept/dept.module.ts
new file mode 100644
index 0000000..d936ed9
--- /dev/null
+++ b/src/modules/system/dept/dept.module.ts
@@ -0,0 +1,19 @@
+import { Module } from '@nestjs/common'
+import { TypeOrmModule } from '@nestjs/typeorm'
+
+import { UserModule } from '../../user/user.module'
+import { RoleModule } from '../role/role.module'
+
+import { DeptController } from './dept.controller'
+import { DeptEntity } from './dept.entity'
+import { DeptService } from './dept.service'
+
+const services = [DeptService]
+
+@Module({
+ imports: [TypeOrmModule.forFeature([DeptEntity]), UserModule, RoleModule],
+ controllers: [DeptController],
+ providers: [...services],
+ exports: [TypeOrmModule, ...services],
+})
+export class DeptModule {}
diff --git a/src/modules/system/dept/dept.service.ts b/src/modules/system/dept/dept.service.ts
new file mode 100644
index 0000000..1eae39b
--- /dev/null
+++ b/src/modules/system/dept/dept.service.ts
@@ -0,0 +1,134 @@
+import { Injectable } from '@nestjs/common'
+import { InjectEntityManager, InjectRepository } from '@nestjs/typeorm'
+import { isEmpty } from 'lodash'
+import { EntityManager, Repository, TreeRepository } from 'typeorm'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { DeptEntity } from '~/modules/system/dept/dept.entity'
+import { UserEntity } from '~/modules/user/user.entity'
+
+import { deleteEmptyChildren } from '~/utils/list2tree.util'
+
+import { DeptDto, DeptQueryDto, MoveDept } from './dept.dto'
+
+@Injectable()
+export class DeptService {
+ constructor(
+ @InjectRepository(UserEntity)
+ private userRepository: Repository,
+ @InjectRepository(DeptEntity)
+ private deptRepository: TreeRepository,
+ @InjectEntityManager() private entityManager: EntityManager,
+ ) {}
+
+ async list(): Promise {
+ return this.deptRepository.find({ order: { orderNo: 'DESC' } })
+ }
+
+ async info(id: number): Promise {
+ const dept = await this.deptRepository
+ .createQueryBuilder('dept')
+ .leftJoinAndSelect('dept.parent', 'parent')
+ .where({ id })
+ .getOne()
+
+ if (isEmpty(dept))
+ throw new BusinessException(ErrorEnum.DEPARTMENT_NOT_FOUND)
+
+ return dept
+ }
+
+ async create({ parentId, ...data }: DeptDto): Promise {
+ const parent = await this.deptRepository
+ .createQueryBuilder('dept')
+ .where({ id: parentId })
+ .getOne()
+
+ await this.deptRepository.save({
+ ...data,
+ parent,
+ })
+ }
+
+ async update(id: number, { parentId, ...data }: DeptDto): Promise {
+ const item = await this.deptRepository
+ .createQueryBuilder('dept')
+ .where({ id })
+ .getOne()
+
+ const parent = await this.deptRepository
+ .createQueryBuilder('dept')
+ .where({ id: parentId })
+ .getOne()
+
+ await this.deptRepository.save({
+ ...item,
+ ...data,
+ parent,
+ })
+ }
+
+ async delete(id: number): Promise {
+ await this.deptRepository.delete(id)
+ }
+
+ /**
+ * 移动排序
+ */
+ async move(depts: MoveDept[]): Promise {
+ await this.entityManager.transaction(async (manager) => {
+ await manager.save(depts)
+ })
+ }
+
+ /**
+ * 根据部门查询关联的用户数量
+ */
+ async countUserByDeptId(id: number): Promise {
+ return this.userRepository.countBy({ dept: { id } })
+ }
+
+ /**
+ * 查找当前部门下的子部门数量
+ */
+ async countChildDept(id: number): Promise {
+ const item = await this.deptRepository.findOneBy({ id })
+ return (await this.deptRepository.countDescendants(item)) - 1
+ }
+
+ /**
+ * 获取部门列表树结构
+ */
+ async getDeptTree(
+ uid: number,
+ { name }: DeptQueryDto,
+ ): Promise {
+ const tree: DeptEntity[] = []
+
+ if (name) {
+ const deptList = await this.deptRepository
+ .createQueryBuilder('dept')
+ .where('dept.name like :name', { name: `%${name}%` })
+ .getMany()
+
+ for (const dept of deptList) {
+ const deptTree = await this.deptRepository.findDescendantsTree(dept)
+ tree.push(deptTree)
+ }
+
+ deleteEmptyChildren(tree)
+
+ return tree
+ }
+
+ const deptTree = await this.deptRepository.findTrees({
+ depth: 2,
+ relations: ['parent'],
+ })
+
+ deleteEmptyChildren(deptTree)
+
+ return deptTree
+ }
+}
diff --git a/src/modules/system/dict-item/dict-item.controller.ts b/src/modules/system/dict-item/dict-item.controller.ts
new file mode 100644
index 0000000..6906aa6
--- /dev/null
+++ b/src/modules/system/dict-item/dict-item.controller.ts
@@ -0,0 +1,68 @@
+import { Body, Controller, Delete, Get, Post, Query } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { IdParam } from '~/common/decorators/id-param.decorator'
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+import { Pagination } from '~/helper/paginate/pagination'
+import { AuthUser } from '~/modules/auth/decorators/auth-user.decorator'
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+import { DictItemEntity } from '~/modules/system/dict-item/dict-item.entity'
+
+import { DictItemDto, DictItemQueryDto } from './dict-item.dto'
+import { DictItemService } from './dict-item.service'
+
+export const permissions = definePermission('system:dict-item', {
+ LIST: 'list',
+ CREATE: 'create',
+ READ: 'read',
+ UPDATE: 'update',
+ DELETE: 'delete',
+} as const)
+
+@ApiTags('System - 字典项模块')
+@ApiSecurityAuth()
+@Controller('dict-item')
+export class DictItemController {
+ constructor(private dictItemService: DictItemService) {}
+
+ @Get()
+ @ApiOperation({ summary: '获取字典项列表' })
+ @ApiResult({ type: [DictItemEntity], isPage: true })
+ @Perm(permissions.LIST)
+ async list(@Query() dto: DictItemQueryDto): Promise> {
+ return this.dictItemService.page(dto)
+ }
+
+ @Post()
+ @ApiOperation({ summary: '新增字典项' })
+ @Perm(permissions.CREATE)
+ async create(@Body() dto: DictItemDto, @AuthUser() user: IAuthUser): Promise {
+ await this.dictItemService.isExistKey(dto)
+ dto.createBy = dto.updateBy = user.uid
+ await this.dictItemService.create(dto)
+ }
+
+ @Get(':id')
+ @ApiOperation({ summary: '查询字典项信息' })
+ @ApiResult({ type: DictItemEntity })
+ @Perm(permissions.READ)
+ async info(@IdParam() id: number): Promise {
+ return this.dictItemService.findOne(id)
+ }
+
+ @Post(':id')
+ @ApiOperation({ summary: '更新字典项' })
+ @Perm(permissions.UPDATE)
+ async update(@IdParam() id: number, @Body() dto: DictItemDto, @AuthUser() user: IAuthUser): Promise {
+ dto.updateBy = user.uid
+ await this.dictItemService.update(id, dto)
+ }
+
+ @Delete(':id')
+ @ApiOperation({ summary: '删除指定的字典项' })
+ @Perm(permissions.DELETE)
+ async delete(@IdParam() id: number): Promise {
+ await this.dictItemService.delete(id)
+ }
+}
diff --git a/src/modules/system/dict-item/dict-item.dto.ts b/src/modules/system/dict-item/dict-item.dto.ts
new file mode 100644
index 0000000..fa5cf65
--- /dev/null
+++ b/src/modules/system/dict-item/dict-item.dto.ts
@@ -0,0 +1,48 @@
+import { ApiProperty, PartialType } from '@nestjs/swagger'
+import { IsInt, IsOptional, IsString, MinLength } from 'class-validator'
+
+import { PagerDto } from '~/common/dto/pager.dto'
+
+import { DictItemEntity } from './dict-item.entity'
+
+export class DictItemDto extends PartialType(DictItemEntity) {
+ @ApiProperty({ description: '字典类型 ID' })
+ @IsInt()
+ typeId: number
+
+ @ApiProperty({ description: '字典项键名' })
+ @IsString()
+ @MinLength(1)
+ label: string
+
+ @ApiProperty({ description: '字典项值' })
+ @IsString()
+ @MinLength(1)
+ value: string
+
+ @ApiProperty({ description: '状态' })
+ @IsOptional()
+ @IsInt()
+ status?: number
+
+ @ApiProperty({ description: '备注' })
+ @IsOptional()
+ @IsString()
+ remark?: string
+}
+
+export class DictItemQueryDto extends PagerDto {
+ @ApiProperty({ description: '字典类型 ID', required: true })
+ @IsInt()
+ typeId: number
+
+ @ApiProperty({ description: '字典项键名' })
+ @IsString()
+ @IsOptional()
+ label?: string
+
+ @ApiProperty({ description: '字典项值' })
+ @IsString()
+ @IsOptional()
+ value?: string
+}
diff --git a/src/modules/system/dict-item/dict-item.entity.ts b/src/modules/system/dict-item/dict-item.entity.ts
new file mode 100644
index 0000000..d4885a8
--- /dev/null
+++ b/src/modules/system/dict-item/dict-item.entity.ts
@@ -0,0 +1,32 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Column, Entity, JoinColumn, ManyToOne } from 'typeorm'
+
+import { CompleteEntity } from '~/common/entity/common.entity'
+
+import { DictTypeEntity } from '../dict-type/dict-type.entity'
+
+@Entity({ name: 'sys_dict_item' })
+export class DictItemEntity extends CompleteEntity {
+ @ManyToOne(() => DictTypeEntity, { onDelete: 'CASCADE' })
+ @JoinColumn({ name: 'type_id' })
+ type: DictTypeEntity
+
+ @Column({ type: 'varchar', length: 50 })
+ @ApiProperty({ description: '字典项键名' })
+ label: string
+
+ @Column({ type: 'varchar', length: 50 })
+ @ApiProperty({ description: '字典项值' })
+ value: string
+
+ @Column({ nullable: true, comment: '字典项排序' })
+ orderNo: number
+
+ @Column({ type: 'tinyint', default: 1 })
+ @ApiProperty({ description: ' 状态' })
+ status: number
+
+ @Column({ type: 'varchar', nullable: true })
+ @ApiProperty({ description: '备注' })
+ remark: string
+}
diff --git a/src/modules/system/dict-item/dict-item.module.ts b/src/modules/system/dict-item/dict-item.module.ts
new file mode 100644
index 0000000..e5ee832
--- /dev/null
+++ b/src/modules/system/dict-item/dict-item.module.ts
@@ -0,0 +1,16 @@
+import { Module } from '@nestjs/common'
+import { TypeOrmModule } from '@nestjs/typeorm'
+
+import { DictItemController } from './dict-item.controller'
+import { DictItemEntity } from './dict-item.entity'
+import { DictItemService } from './dict-item.service'
+
+const services = [DictItemService]
+
+@Module({
+ imports: [TypeOrmModule.forFeature([DictItemEntity])],
+ controllers: [DictItemController],
+ providers: [...services],
+ exports: [TypeOrmModule, ...services],
+})
+export class DictItemModule {}
diff --git a/src/modules/system/dict-item/dict-item.service.ts b/src/modules/system/dict-item/dict-item.service.ts
new file mode 100644
index 0000000..ae5f0a0
--- /dev/null
+++ b/src/modules/system/dict-item/dict-item.service.ts
@@ -0,0 +1,97 @@
+import { Injectable } from '@nestjs/common'
+import { InjectRepository } from '@nestjs/typeorm'
+
+import { Like, Repository } from 'typeorm'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { paginate } from '~/helper/paginate'
+import { Pagination } from '~/helper/paginate/pagination'
+import { DictItemEntity } from '~/modules/system/dict-item/dict-item.entity'
+
+import { DictItemDto, DictItemQueryDto } from './dict-item.dto'
+
+@Injectable()
+export class DictItemService {
+ constructor(
+ @InjectRepository(DictItemEntity)
+ private dictItemRepository: Repository,
+ ) {}
+
+ /**
+ * 罗列所有配置
+ */
+ async page({
+ page,
+ pageSize,
+ label,
+ value,
+ typeId,
+ }: DictItemQueryDto): Promise> {
+ const queryBuilder = this.dictItemRepository.createQueryBuilder('dict_item')
+ .orderBy({ orderNo: 'ASC' })
+ .where({
+ ...(label && { label: Like(`%${label}%`) }),
+ ...(value && { value: Like(`%${value}%`) }),
+ type: {
+ id: typeId,
+ },
+ })
+
+ return paginate(queryBuilder, { page, pageSize })
+ }
+
+ /**
+ * 获取参数总数
+ */
+ async countConfigList(): Promise {
+ return this.dictItemRepository.count()
+ }
+
+ /**
+ * 新增
+ */
+ async create(dto: DictItemDto): Promise {
+ const { typeId, ...rest } = dto
+ await this.dictItemRepository.insert({
+ ...rest,
+ type: {
+ id: typeId,
+ },
+ })
+ }
+
+ /**
+ * 更新
+ */
+ async update(id: number, dto: Partial): Promise {
+ const { typeId, ...rest } = dto
+ await this.dictItemRepository.update(id, {
+ ...rest,
+ type: {
+ id: typeId,
+ },
+ })
+ }
+
+ /**
+ * 删除
+ */
+ async delete(id: number): Promise {
+ await this.dictItemRepository.delete(id)
+ }
+
+ /**
+ * 查询单个
+ */
+ async findOne(id: number): Promise {
+ return this.dictItemRepository.findOneBy({ id })
+ }
+
+ async isExistKey(dto: DictItemDto): Promise {
+ const { value, typeId } = dto
+ const result = await this.dictItemRepository.findOneBy({ value, type: { id: typeId } })
+ if (result)
+ throw new BusinessException(ErrorEnum.DICT_NAME_EXISTS)
+ }
+}
diff --git a/src/modules/system/dict-type/dict-type.controller.ts b/src/modules/system/dict-type/dict-type.controller.ts
new file mode 100644
index 0000000..652a94b
--- /dev/null
+++ b/src/modules/system/dict-type/dict-type.controller.ts
@@ -0,0 +1,76 @@
+import { Body, Controller, Delete, Get, Post, Query } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { IdParam } from '~/common/decorators/id-param.decorator'
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+import { Pagination } from '~/helper/paginate/pagination'
+import { AuthUser } from '~/modules/auth/decorators/auth-user.decorator'
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+import { DictTypeEntity } from '~/modules/system/dict-type/dict-type.entity'
+
+import { DictTypeDto, DictTypeQueryDto } from './dict-type.dto'
+import { DictTypeService } from './dict-type.service'
+
+export const permissions = definePermission('system:dict-type', {
+ LIST: 'list',
+ CREATE: 'create',
+ READ: 'read',
+ UPDATE: 'update',
+ DELETE: 'delete',
+} as const)
+
+@ApiTags('System - 字典类型模块')
+@ApiSecurityAuth()
+@Controller('dict-type')
+export class DictTypeController {
+ constructor(private dictTypeService: DictTypeService) {}
+
+ @Get()
+ @ApiOperation({ summary: '获取字典类型列表' })
+ @ApiResult({ type: [DictTypeEntity], isPage: true })
+ @Perm(permissions.LIST)
+ async list(@Query() dto: DictTypeQueryDto): Promise> {
+ return this.dictTypeService.page(dto)
+ }
+
+ @Get('select-options')
+ @ApiOperation({ summary: '一次性获取所有的字典类型(不分页)' })
+ @ApiResult({ type: [DictTypeEntity] })
+ @Perm(permissions.LIST)
+ async getAll(): Promise {
+ return this.dictTypeService.getAll()
+ }
+
+ @Post()
+ @ApiOperation({ summary: '新增字典类型' })
+ @Perm(permissions.CREATE)
+ async create(@Body() dto: DictTypeDto, @AuthUser() user: IAuthUser): Promise {
+ await this.dictTypeService.isExistKey(dto.name)
+ dto.createBy = dto.updateBy = user.uid
+ await this.dictTypeService.create(dto)
+ }
+
+ @Get(':id')
+ @ApiOperation({ summary: '查询字典类型信息' })
+ @ApiResult({ type: DictTypeEntity })
+ @Perm(permissions.READ)
+ async info(@IdParam() id: number): Promise {
+ return this.dictTypeService.findOne(id)
+ }
+
+ @Post(':id')
+ @ApiOperation({ summary: '更新字典类型' })
+ @Perm(permissions.UPDATE)
+ async update(@IdParam() id: number, @Body() dto: DictTypeDto, @AuthUser() user: IAuthUser): Promise {
+ dto.updateBy = user.uid
+ await this.dictTypeService.update(id, dto)
+ }
+
+ @Delete(':id')
+ @ApiOperation({ summary: '删除指定的字典类型' })
+ @Perm(permissions.DELETE)
+ async delete(@IdParam() id: number): Promise {
+ await this.dictTypeService.delete(id)
+ }
+}
diff --git a/src/modules/system/dict-type/dict-type.dto.ts b/src/modules/system/dict-type/dict-type.dto.ts
new file mode 100644
index 0000000..c3809b4
--- /dev/null
+++ b/src/modules/system/dict-type/dict-type.dto.ts
@@ -0,0 +1,40 @@
+import { ApiProperty, PartialType } from '@nestjs/swagger'
+import { IsInt, IsOptional, IsString, MinLength } from 'class-validator'
+
+import { PagerDto } from '~/common/dto/pager.dto'
+
+import { DictTypeEntity } from './dict-type.entity'
+
+export class DictTypeDto extends PartialType(DictTypeEntity) {
+ @ApiProperty({ description: '字典类型名称' })
+ @IsString()
+ @MinLength(1)
+ name: string
+
+ @ApiProperty({ description: '字典类型code' })
+ @IsString()
+ @MinLength(3)
+ code: string
+
+ @ApiProperty({ description: '状态' })
+ @IsOptional()
+ @IsInt()
+ status?: number
+
+ @ApiProperty({ description: '备注' })
+ @IsOptional()
+ @IsString()
+ remark?: string
+}
+
+export class DictTypeQueryDto extends PagerDto {
+ @ApiProperty({ description: '字典类型名称' })
+ @IsString()
+ @IsOptional()
+ name: string
+
+ @ApiProperty({ description: '字典类型code' })
+ @IsString()
+ @IsOptional()
+ code: string
+}
diff --git a/src/modules/system/dict-type/dict-type.entity.ts b/src/modules/system/dict-type/dict-type.entity.ts
new file mode 100644
index 0000000..8d2608f
--- /dev/null
+++ b/src/modules/system/dict-type/dict-type.entity.ts
@@ -0,0 +1,23 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Column, Entity } from 'typeorm'
+
+import { CompleteEntity } from '~/common/entity/common.entity'
+
+@Entity({ name: 'sys_dict_type' })
+export class DictTypeEntity extends CompleteEntity {
+ @Column({ type: 'varchar', length: 50 })
+ @ApiProperty({ description: '字典名称' })
+ name: string
+
+ @Column({ type: 'varchar', length: 50, unique: true })
+ @ApiProperty({ description: '字典类型' })
+ code: string
+
+ @Column({ type: 'tinyint', default: 1 })
+ @ApiProperty({ description: ' 状态' })
+ status: number
+
+ @Column({ type: 'varchar', nullable: true })
+ @ApiProperty({ description: '备注' })
+ remark: string
+}
diff --git a/src/modules/system/dict-type/dict-type.module.ts b/src/modules/system/dict-type/dict-type.module.ts
new file mode 100644
index 0000000..5f8f238
--- /dev/null
+++ b/src/modules/system/dict-type/dict-type.module.ts
@@ -0,0 +1,16 @@
+import { Module } from '@nestjs/common'
+import { TypeOrmModule } from '@nestjs/typeorm'
+
+import { DictTypeController } from './dict-type.controller'
+import { DictTypeEntity } from './dict-type.entity'
+import { DictTypeService } from './dict-type.service'
+
+const services = [DictTypeService]
+
+@Module({
+ imports: [TypeOrmModule.forFeature([DictTypeEntity])],
+ controllers: [DictTypeController],
+ providers: [...services],
+ exports: [TypeOrmModule, ...services],
+})
+export class DictTypeModule {}
diff --git a/src/modules/system/dict-type/dict-type.service.ts b/src/modules/system/dict-type/dict-type.service.ts
new file mode 100644
index 0000000..04e6c47
--- /dev/null
+++ b/src/modules/system/dict-type/dict-type.service.ts
@@ -0,0 +1,84 @@
+import { Injectable } from '@nestjs/common'
+import { InjectRepository } from '@nestjs/typeorm'
+
+import { Like, Repository } from 'typeorm'
+
+import { BusinessException } from '~/common/exceptions/biz.exception'
+import { ErrorEnum } from '~/constants/error-code.constant'
+import { paginate } from '~/helper/paginate'
+import { Pagination } from '~/helper/paginate/pagination'
+import { DictTypeEntity } from '~/modules/system/dict-type/dict-type.entity'
+
+import { DictTypeDto, DictTypeQueryDto } from './dict-type.dto'
+
+@Injectable()
+export class DictTypeService {
+ constructor(
+ @InjectRepository(DictTypeEntity)
+ private dictTypeRepository: Repository,
+ ) {}
+
+ /**
+ * 罗列所有配置
+ */
+ async page({
+ page,
+ pageSize,
+ name,
+ code,
+ }: DictTypeQueryDto): Promise> {
+ const queryBuilder = this.dictTypeRepository.createQueryBuilder('dict_type')
+ .where({
+ ...(name && { name: Like(`%${name}%`) }),
+ ...(code && { code: Like(`%${code}%`) }),
+ })
+
+ return paginate(queryBuilder, { page, pageSize })
+ }
+
+ /** 一次性获取所有的字典类型 */
+ async getAll() {
+ return this.dictTypeRepository.find()
+ }
+
+ /**
+ * 获取参数总数
+ */
+ async countConfigList(): Promise {
+ return this.dictTypeRepository.count()
+ }
+
+ /**
+ * 新增
+ */
+ async create(dto: DictTypeDto): Promise {
+ await this.dictTypeRepository.insert(dto)
+ }
+
+ /**
+ * 更新
+ */
+ async update(id: number, dto: Partial): Promise {
+ await this.dictTypeRepository.update(id, dto)
+ }
+
+ /**
+ * 删除
+ */
+ async delete(id: number): Promise {
+ await this.dictTypeRepository.delete(id)
+ }
+
+ /**
+ * 查询单个
+ */
+ async findOne(id: number): Promise {
+ return this.dictTypeRepository.findOneBy({ id })
+ }
+
+ async isExistKey(name: string): Promise {
+ const result = await this.dictTypeRepository.findOneBy({ name })
+ if (result)
+ throw new BusinessException(ErrorEnum.DICT_NAME_EXISTS)
+ }
+}
diff --git a/src/modules/system/log/dto/log.dto.ts b/src/modules/system/log/dto/log.dto.ts
new file mode 100644
index 0000000..5cf0ff3
--- /dev/null
+++ b/src/modules/system/log/dto/log.dto.ts
@@ -0,0 +1,57 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { IsOptional, IsString } from 'class-validator'
+
+import { PagerDto } from '~/common/dto/pager.dto'
+
+export class LoginLogQueryDto extends PagerDto {
+ @ApiProperty({ description: '用户名' })
+ @IsString()
+ @IsOptional()
+ username: string
+
+ @ApiProperty({ description: '登录IP' })
+ @IsOptional()
+ @IsString()
+ ip?: string
+
+ @ApiProperty({ description: '登录地点' })
+ @IsOptional()
+ @IsString()
+ address?: string
+
+ @ApiProperty({ description: '登录时间' })
+ @IsOptional()
+ time?: string[]
+}
+
+export class TaskLogQueryDto extends PagerDto {
+ @ApiProperty({ description: '用户名' })
+ @IsOptional()
+ @IsString()
+ username: string
+
+ @ApiProperty({ description: '登录IP' })
+ @IsString()
+ @IsOptional()
+ ip?: string
+
+ @ApiProperty({ description: '登录时间' })
+ @IsOptional()
+ time?: string[]
+}
+
+export class CaptchaLogQueryDto extends PagerDto {
+ @ApiProperty({ description: '用户名' })
+ @IsOptional()
+ @IsString()
+ username: string
+
+ @ApiProperty({ description: '验证码' })
+ @IsString()
+ @IsOptional()
+ code?: string
+
+ @ApiProperty({ description: '发送时间' })
+ @IsOptional()
+ time?: string[]
+}
diff --git a/src/modules/system/log/entities/captcha-log.entity.ts b/src/modules/system/log/entities/captcha-log.entity.ts
new file mode 100644
index 0000000..048bec8
--- /dev/null
+++ b/src/modules/system/log/entities/captcha-log.entity.ts
@@ -0,0 +1,23 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Column, Entity } from 'typeorm'
+
+import { CommonEntity } from '~/common/entity/common.entity'
+
+@Entity({ name: 'sys_captcha_log' })
+export class CaptchaLogEntity extends CommonEntity {
+ @Column({ name: 'user_id', nullable: true })
+ @ApiProperty({ description: '用户ID' })
+ userId: number
+
+ @Column({ nullable: true })
+ @ApiProperty({ description: '账号' })
+ account: string
+
+ @Column({ nullable: true })
+ @ApiProperty({ description: '验证码' })
+ code: string
+
+ @Column({ nullable: true })
+ @ApiProperty({ description: '验证码提供方' })
+ provider: 'sms' | 'email'
+}
diff --git a/src/modules/system/log/entities/index.ts b/src/modules/system/log/entities/index.ts
new file mode 100644
index 0000000..e69de29
diff --git a/src/modules/system/log/entities/login-log.entity.ts b/src/modules/system/log/entities/login-log.entity.ts
new file mode 100644
index 0000000..7a56568
--- /dev/null
+++ b/src/modules/system/log/entities/login-log.entity.ts
@@ -0,0 +1,29 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Column, Entity, JoinColumn, ManyToOne, Relation } from 'typeorm'
+
+import { CommonEntity } from '~/common/entity/common.entity'
+
+import { UserEntity } from '../../../user/user.entity'
+
+@Entity({ name: 'sys_login_log' })
+export class LoginLogEntity extends CommonEntity {
+ @Column({ nullable: true })
+ @ApiProperty({ description: 'IP' })
+ ip: string
+
+ @Column({ nullable: true })
+ @ApiProperty({ description: '地址' })
+ address: string
+
+ @Column({ nullable: true })
+ @ApiProperty({ description: '登录方式' })
+ provider: string
+
+ @Column({ length: 500, nullable: true })
+ @ApiProperty({ description: '浏览器ua' })
+ ua: string
+
+ @ManyToOne(() => UserEntity, { onDelete: 'CASCADE' })
+ @JoinColumn({ name: 'user_id' })
+ user: Relation
+}
diff --git a/src/modules/system/log/entities/task-log.entity.ts b/src/modules/system/log/entities/task-log.entity.ts
new file mode 100644
index 0000000..1721d68
--- /dev/null
+++ b/src/modules/system/log/entities/task-log.entity.ts
@@ -0,0 +1,25 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { Column, Entity, JoinColumn, ManyToOne, Relation } from 'typeorm'
+
+import { CommonEntity } from '~/common/entity/common.entity'
+
+import { TaskEntity } from '../../task/task.entity'
+
+@Entity({ name: 'sys_task_log' })
+export class TaskLogEntity extends CommonEntity {
+ @Column({ type: 'tinyint', default: 0 })
+ @ApiProperty({ description: '任务状态:0失败,1成功' })
+ status: number
+
+ @Column({ type: 'text', nullable: true })
+ @ApiProperty({ description: '任务日志信息' })
+ detail: string
+
+ @Column({ type: 'int', nullable: true, name: 'consume_time', default: 0 })
+ @ApiProperty({ description: '任务耗时' })
+ consumeTime: number
+
+ @ManyToOne(() => TaskEntity)
+ @JoinColumn({ name: 'task_id' })
+ task: Relation
+}
diff --git a/src/modules/system/log/log.controller.ts b/src/modules/system/log/log.controller.ts
new file mode 100644
index 0000000..489f3cb
--- /dev/null
+++ b/src/modules/system/log/log.controller.ts
@@ -0,0 +1,64 @@
+import { Controller, Get, Query } from '@nestjs/common'
+import { ApiOperation, ApiTags } from '@nestjs/swagger'
+
+import { ApiResult } from '~/common/decorators/api-result.decorator'
+import { ApiSecurityAuth } from '~/common/decorators/swagger.decorator'
+import { Pagination } from '~/helper/paginate/pagination'
+import { Perm, definePermission } from '~/modules/auth/decorators/permission.decorator'
+
+import {
+ CaptchaLogQueryDto,
+ LoginLogQueryDto,
+ TaskLogQueryDto,
+} from './dto/log.dto'
+import { CaptchaLogEntity } from './entities/captcha-log.entity'
+import { TaskLogEntity } from './entities/task-log.entity'
+import { LoginLogInfo } from './models/log.model'
+import { CaptchaLogService } from './services/captcha-log.service'
+import { LoginLogService } from './services/login-log.service'
+import { TaskLogService } from './services/task-log.service'
+
+export const permissions = definePermission('system:log', {
+ TaskList: 'task:list',
+ LogList: 'login:list',
+ CaptchaList: 'captcha:list',
+} as const)
+
+@ApiSecurityAuth()
+@ApiTags('System - 日志模块')
+@Controller('log')
+export class LogController {
+ constructor(
+ private loginLogService: LoginLogService,
+ private taskService: TaskLogService,
+ private captchaLogService: CaptchaLogService,
+ ) {}
+
+ @Get('login/list')
+ @ApiOperation({ summary: '查询登录日志列表' })
+ @ApiResult({ type: [LoginLogInfo], isPage: true })
+ @Perm(permissions.TaskList)
+ async loginLogPage(
+ @Query() dto: LoginLogQueryDto,
+ ): Promise> {
+ return this.loginLogService.list(dto)
+ }
+
+ @Get('task/list')
+ @ApiOperation({ summary: '查询任务日志列表' })
+ @ApiResult({ type: [TaskLogEntity], isPage: true })
+ @Perm(permissions.LogList)
+ async taskList(@Query() dto: TaskLogQueryDto) {
+ return this.taskService.list(dto)
+ }
+
+ @Get('captcha/list')
+ @ApiOperation({ summary: '查询验证码日志列表' })
+ @ApiResult({ type: [CaptchaLogEntity], isPage: true })
+ @Perm(permissions.CaptchaList)
+ async captchaList(
+ @Query() dto: CaptchaLogQueryDto,
+ ): Promise> {
+ return this.captchaLogService.paginate(dto)
+ }
+}
diff --git a/src/modules/system/log/log.module.ts b/src/modules/system/log/log.module.ts
new file mode 100644
index 0000000..27f9f04
--- /dev/null
+++ b/src/modules/system/log/log.module.ts
@@ -0,0 +1,25 @@
+import { Module } from '@nestjs/common'
+import { TypeOrmModule } from '@nestjs/typeorm'
+
+import { UserModule } from '../../user/user.module'
+
+import { CaptchaLogEntity } from './entities/captcha-log.entity'
+import { LoginLogEntity } from './entities/login-log.entity'
+import { TaskLogEntity } from './entities/task-log.entity'
+import { LogController } from './log.controller'
+import { CaptchaLogService } from './services/captcha-log.service'
+import { LoginLogService } from './services/login-log.service'
+import { TaskLogService } from './services/task-log.service'
+
+const providers = [LoginLogService, TaskLogService, CaptchaLogService]
+
+@Module({
+ imports: [
+ TypeOrmModule.forFeature([LoginLogEntity, CaptchaLogEntity, TaskLogEntity]),
+ UserModule,
+ ],
+ controllers: [LogController],
+ providers: [...providers],
+ exports: [TypeOrmModule, ...providers],
+})
+export class LogModule {}
diff --git a/src/modules/system/log/models/log.model.ts b/src/modules/system/log/models/log.model.ts
new file mode 100644
index 0000000..f128be0
--- /dev/null
+++ b/src/modules/system/log/models/log.model.ts
@@ -0,0 +1,47 @@
+import { ApiProperty } from '@nestjs/swagger'
+
+export class LoginLogInfo {
+ @ApiProperty({ description: '日志编号' })
+ id: number
+
+ @ApiProperty({ description: '登录ip', example: '1.1.1.1' })
+ ip: string
+
+ @ApiProperty({ description: '登录地址' })
+ address: string
+
+ @ApiProperty({ description: '系统', example: 'Windows 10' })
+ os: string
+
+ @ApiProperty({ description: '浏览器', example: 'Chrome' })
+ browser: string
+
+ @ApiProperty({ description: '登录用户名', example: 'admin' })
+ username: string
+
+ @ApiProperty({ description: '登录时间', example: '2023-12-22 16:46:20.333843' })
+ time: string
+}
+
+export class TaskLogInfo {
+ @ApiProperty({ description: '日志编号' })
+ id: number
+
+ @ApiProperty({ description: '任务编号' })
+ taskId: number
+
+ @ApiProperty({ description: '任务名称' })
+ name: string
+
+ @ApiProperty({ description: '创建时间' })
+ createdAt: string
+
+ @ApiProperty({ description: '耗时' })
+ consumeTime: number
+
+ @ApiProperty({ description: '执行信息' })
+ detail: string
+
+ @ApiProperty({ description: '任务执行状态' })
+ status: number
+}
diff --git a/src/modules/system/log/services/captcha-log.service.ts b/src/modules/system/log/services/captcha-log.service.ts
new file mode 100644
index 0000000..5bc01e1
--- /dev/null
+++ b/src/modules/system/log/services/captcha-log.service.ts
@@ -0,0 +1,50 @@
+import { Injectable } from '@nestjs/common'
+import { InjectRepository } from '@nestjs/typeorm'
+
+import { LessThan, Repository } from 'typeorm'
+
+import { paginate } from '~/helper/paginate'
+
+import { CaptchaLogQueryDto } from '../dto/log.dto'
+import { CaptchaLogEntity } from '../entities/captcha-log.entity'
+
+@Injectable()
+export class CaptchaLogService {
+ constructor(
+ @InjectRepository(CaptchaLogEntity)
+ private captchaLogRepository: Repository,
+ ) {}
+
+ async create(
+ account: string,
+ code: string,
+ provider: 'sms' | 'email',
+ uid?: number,
+ ): Promise {
+ await this.captchaLogRepository.save({
+ account,
+ code,
+ provider,
+ userId: uid,
+ })
+ }
+
+ async paginate({ page, pageSize }: CaptchaLogQueryDto) {
+ const queryBuilder = await this.captchaLogRepository
+ .createQueryBuilder('captcha_log')
+ .orderBy('captcha_log.id', 'DESC')
+
+ return paginate(queryBuilder, {
+ page,
+ pageSize,
+ })
+ }
+
+ async clearLog(): Promise {
+ await this.captchaLogRepository.clear()
+ }
+
+ async clearLogBeforeTime(time: Date): Promise {
+ await this.captchaLogRepository.delete({ createdAt: LessThan(time) })
+ }
+}
diff --git a/src/modules/system/log/services/login-log.service.ts b/src/modules/system/log/services/login-log.service.ts
new file mode 100644
index 0000000..b3420de
--- /dev/null
+++ b/src/modules/system/log/services/login-log.service.ts
@@ -0,0 +1,100 @@
+import { Injectable } from '@nestjs/common'
+import { InjectRepository } from '@nestjs/typeorm'
+
+import { Between, LessThan, Like, Repository } from 'typeorm'
+
+import UAParser from 'ua-parser-js'
+
+import { paginateRaw } from '~/helper/paginate'
+
+import { getIpAddress } from '~/utils/ip.util'
+
+import { LoginLogQueryDto } from '../dto/log.dto'
+import { LoginLogEntity } from '../entities/login-log.entity'
+import { LoginLogInfo } from '../models/log.model'
+
+async function parseLoginLog(e: any, parser: UAParser): Promise {
+ const uaResult = parser.setUA(e.login_log_ua).getResult()
+
+ return {
+ id: e.login_log_id,
+ ip: e.login_log_ip,
+ address: e.login_log_address,
+ os: `${`${uaResult.os.name ?? ''} `}${uaResult.os.version}`,
+ browser: `${`${uaResult.browser.name ?? ''} `}${uaResult.browser.version}`,
+ username: e.user_username,
+ time: e.login_log_created_at,
+ }
+}
+
+@Injectable()
+export class LoginLogService {
+ constructor(
+ @InjectRepository(LoginLogEntity)
+ private loginLogRepository: Repository,
+
+ ) {}
+
+ async create(uid: number, ip: string, ua: string): Promise {
+ try {
+ const address = await getIpAddress(ip)
+
+ await this.loginLogRepository.save({
+ ip,
+ ua,
+ address,
+ user: { id: uid },
+ })
+ }
+ catch (e) {
+ console.error(e)
+ }
+ }
+
+ async list({
+ page,
+ pageSize,
+ username,
+ ip,
+ address,
+ time,
+ }: LoginLogQueryDto) {
+ const queryBuilder = await this.loginLogRepository
+ .createQueryBuilder('login_log')
+ .innerJoinAndSelect('login_log.user', 'user')
+ .where({
+ ...(ip && { ip: Like(`%${ip}%`) }),
+ ...(address && { address: Like(`%${address}%`) }),
+ ...(time && { createdAt: Between(time[0], time[1]) }),
+ ...(username && {
+ user: {
+ username: Like(`%${username}%`),
+ },
+ }),
+ })
+ .orderBy('login_log.created_at', 'DESC')
+
+ const { items, ...rest } = await paginateRaw(queryBuilder, {
+ page,
+ pageSize,
+ })
+
+ const parser = new UAParser()
+ const loginLogInfos = await Promise.all(
+ items.map(item => parseLoginLog(item, parser)),
+ )
+
+ return {
+ items: loginLogInfos,
+ ...rest,
+ }
+ }
+
+ async clearLog(): Promise {
+ await this.loginLogRepository.clear()
+ }
+
+ async clearLogBeforeTime(time: Date): Promise {
+ await this.loginLogRepository.delete({ createdAt: LessThan(time) })
+ }
+}
diff --git a/src/modules/system/log/services/task-log.service.ts b/src/modules/system/log/services/task-log.service.ts
new file mode 100644
index 0000000..b57410f
--- /dev/null
+++ b/src/modules/system/log/services/task-log.service.ts
@@ -0,0 +1,52 @@
+import { Injectable } from '@nestjs/common'
+import { InjectRepository } from '@nestjs/typeorm'
+
+import { LessThan, Repository } from 'typeorm'
+
+import { paginate } from '~/helper/paginate'
+
+import { TaskLogQueryDto } from '../dto/log.dto'
+import { TaskLogEntity } from '../entities/task-log.entity'
+
+@Injectable()
+export class TaskLogService {
+ constructor(
+ @InjectRepository(TaskLogEntity)
+ private taskLogRepository: Repository