diff --git a/packages/ui/certd-server/.env b/packages/ui/certd-server/.env new file mode 100644 index 00000000..c9a4fefa --- /dev/null +++ b/packages/ui/certd-server/.env @@ -0,0 +1 @@ +CERTD_AUTH_JWT_KEYS=certd666 diff --git a/packages/ui/certd-server/package.json b/packages/ui/certd-server/package.json index 90b7b818..dc67bf60 100644 --- a/packages/ui/certd-server/package.json +++ b/packages/ui/certd-server/package.json @@ -45,6 +45,7 @@ "@midwayjs/validate": "^3.9.0", "cache-manager": "^3.6.3", "dayjs": "^1.11.7", + "dotenv": "^16.0.3", "glob": "^7.2.3", "jsonwebtoken": "^8.5.1", "kubernetes-client": "^9.0.0", diff --git a/packages/ui/certd-server/src/config/config.default.ts b/packages/ui/certd-server/src/config/config.default.ts index d93134a0..31501478 100644 --- a/packages/ui/certd-server/src/config/config.default.ts +++ b/packages/ui/certd-server/src/config/config.default.ts @@ -7,10 +7,18 @@ import { PipelineEntity } from '../modules/pipeline/entity/pipeline'; export default { // use for cookie sign key, should change to your own and keep security - keys: 'certd666', + keys: process.env.CERTD_AUTH_JWT_KEYS, koa: { port: 7001, }, + staticFile: { + dirs: { + default: { + prefix: '/', + dir: 'public', + }, + }, + }, cron: {}, /** * 演示环境 @@ -54,11 +62,11 @@ export default { biz: { jwt: { - secret: 'greper-is-666', + secret: process.env.CERTD_AUTH_JWT_KEYS, expire: 7 * 24 * 60, //单位秒 }, auth: { - ignoreUrls: ['/', '/api/login', '/api/register'], + ignoreUrls: ['/', '/public', '/api/login', '/api/register'], }, }, } as MidwayConfig; diff --git a/packages/ui/certd-server/src/config/config.preview.ts b/packages/ui/certd-server/src/config/config.preview.ts index aa4bc6aa..a47437f7 100644 --- a/packages/ui/certd-server/src/config/config.preview.ts +++ b/packages/ui/certd-server/src/config/config.preview.ts @@ -6,5 +6,5 @@ export default { */ preview: { enabled: true, - } + }, } as MidwayConfig; diff --git a/packages/ui/certd-server/src/config/config.production.ts b/packages/ui/certd-server/src/config/config.production.ts index aa4bc6aa..a47437f7 100644 --- a/packages/ui/certd-server/src/config/config.production.ts +++ b/packages/ui/certd-server/src/config/config.production.ts @@ -6,5 +6,5 @@ export default { */ preview: { enabled: true, - } + }, } as MidwayConfig; diff --git a/packages/ui/certd-server/src/configuration.ts b/packages/ui/certd-server/src/configuration.ts index c9f76662..580b34c7 100644 --- a/packages/ui/certd-server/src/configuration.ts +++ b/packages/ui/certd-server/src/configuration.ts @@ -15,9 +15,12 @@ import { PreviewMiddleware } from './middleware/preview'; import { AuthorityMiddleware } from './middleware/authority'; import * as staticFile from '@midwayjs/static-file'; import * as cron from './plugins/cron'; +import * as dotenv from 'dotenv'; +// load .env file in process.cwd +dotenv.config(); @Configuration({ - imports: [koa, orm, cache, flyway, validateComp, cron,staticFile], + imports: [koa, orm, cache, flyway, validateComp, cron, staticFile], importConfigs: [ { default: defaultConfig, diff --git a/packages/ui/certd-server/src/middleware/authority.ts b/packages/ui/certd-server/src/middleware/authority.ts index ff23c6a5..df7432bd 100644 --- a/packages/ui/certd-server/src/middleware/authority.ts +++ b/packages/ui/certd-server/src/middleware/authority.ts @@ -1,9 +1,5 @@ import { Config, Provide } from '@midwayjs/decorator'; -import { - IWebMiddleware, - IMidwayKoaContext, - NextFunction -} from '@midwayjs/koa'; +import { IWebMiddleware, IMidwayKoaContext, NextFunction } from '@midwayjs/koa'; import * as _ from 'lodash'; import * as jwt from 'jsonwebtoken'; import { Constants } from '../basic/constants'; @@ -21,7 +17,8 @@ export class AuthorityMiddleware implements IWebMiddleware { resolve() { return async (ctx: IMidwayKoaContext, next: NextFunction) => { const { url } = ctx; - const token = ctx.get('Authorization'); + let token = ctx.get('Authorization') || ''; + token = token.replace('Bearer ', '').trim(); // 路由地址为 admin前缀的 需要权限校验 // console.log('ctx', ctx); const queryIndex = url.indexOf('?');