chore:

2024-10-10 02:15:05 +08:00 · 2024-10-10 02:15:05 +08:00 · f0b2a61246
parent b5d8935159
commit f0b2a61246
26 changed files with 262 additions and 120 deletions
--- a/packages/core/acme-client/src/index.js
+++ b/packages/core/acme-client/src/index.js
@ -45,3 +45,5 @@ exports.axios = require('./axios');
 */
 exports.setLogger = require('./logger').setLogger;
 exports.walkTxtRecord = require('./verify').walkTxtRecord;
--- a/packages/core/acme-client/src/verify.js
+++ b/packages/core/acme-client/src/verify.js
@ -66,18 +66,35 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
        log(`Checking name for TXT records: ${recordName}`);
        const txtRecords = await resolver.resolveTxt(recordName);
-        if (txtRecords.length) {
+        if (txtRecords && txtRecords.length) {
            log(`Found ${txtRecords.length} TXT records at ${recordName}`);
            log(`TXT records: ${JSON.stringify(txtRecords)}`);
            return [].concat(...txtRecords);
        }
        return [];
    }
    catch (e) {
-        log(`No TXT records found for name: ${recordName}`);
+        log(`Resolve TXT records error, ${recordName} :${e.message}`);
        throw e;
    }
 }
-    /* Found nothing */
+async function walkTxtRecord(recordName) {
-    throw new Error(`No TXT records found for name: ${recordName}`);
+    try {
        /* Default DNS resolver first */
        log('Attempting to resolve TXT with default DNS resolver first');
        const res = await walkDnsChallengeRecord(recordName);
        if (res && res.length > 0) {
            return res;
        }
        throw new Error('No TXT records found');
    }
    catch (e) {
        /* Authoritative DNS resolver */
        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
    }
 }
 /**
@ -93,24 +110,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
 */
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
    let recordValues = [];
    const recordName = `${prefix}${authz.identifier.value}`;
    log(`Resolving DNS TXT from record: ${recordName}`);
-
+    const recordValues = await walkTxtRecord(recordName);
    try {
        /* Default DNS resolver first */
        log('Attempting to resolve TXT with default DNS resolver first');
        recordValues = await walkDnsChallengeRecord(recordName);
    }
    catch (e) {
        /* Authoritative DNS resolver */
        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
        recordValues = await walkDnsChallengeRecord(recordName, authoritativeResolver);
    }
    log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
    if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
        throw new Error(`Authorization not found in DNS TXT record: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
    }
@ -154,4 +157,5 @@ module.exports = {
    'http-01': verifyHttpChallenge,
    'dns-01': verifyDnsChallenge,
    'tls-alpn-01': verifyTlsAlpnChallenge,
    walkTxtRecord,
 };
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@ -197,3 +197,5 @@ export const axios: AxiosInstance;
 */
 export function setLogger(fn: (msg: string) => void): void;
 export function walkTxtRecord(record: any): Promise<string[]>;
--- a/packages/libs/lib-server/src/basic/base-service.ts
+++ b/packages/libs/lib-server/src/basic/base-service.ts
@ -1,7 +1,7 @@
 import { ValidateException } from './exception/index.js';
 import * as _ from 'lodash-es';
 import { PermissionException } from './exception/index.js';
-import { Repository } from 'typeorm';
+import { In, Repository } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
@ -49,16 +49,22 @@ export abstract class BaseService<T> {
  /**
   * 删除
   * @param ids 删除的ID集合 如：[1,2,3] 或者 1,2,3
   * @param where
   */
-  async delete(ids) {
+  async delete(ids: any, where?: any) {
-    if (ids instanceof Array) {
+    if (!ids) {
-      await this.getRepository().delete(ids);
+      throw new ValidateException('ids不能为空');
    } else if (typeof ids === 'string') {
      await this.getRepository().delete(ids.split(','));
    } else {
      //ids是一个condition
      await this.getRepository().delete(ids);
    }
    if (typeof ids === 'string') {
      ids = ids.split(',');
    }
    if (ids.length === 0) {
      return;
    }
    await this.getRepository().delete({
      id: In(ids),
      ...where,
    });
    await this.modifyAfter(ids);
  }
@ -90,7 +96,7 @@ export abstract class BaseService<T> {
   * @param param 数据
   */
  async update(param) {
-    if (!param.id) throw new ValidateException('no id');
+    if (!param.id) throw new ValidateException('id 不能为空');
    param.updateTime = new Date();
    await this.addOrUpdate(param);
    await this.modifyAfter(param);
--- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
@ -26,9 +26,9 @@ import * as api from "./api.js";
 const statusDict = dict({
  data: [
    { label: "待设置CNAME", value: "cname", color: "warning" },
-    { label: "验证中", value: "validating", color: "primary" },
+    { label: "验证中", value: "validating", color: "blue" },
-    { label: "验证成功", value: "valid", color: "success" },
+    { label: "验证成功", value: "valid", color: "green" },
-    { label: "验证失败", value: "failed", color: "error" }
+    { label: "验证失败", value: "failed", color: "red" }
  ]
 });
--- a/packages/ui/certd-client/src/views/certd/cname/record/api.ts
+++ b/packages/ui/certd-client/src/views/certd/cname/record/api.ts
@ -57,3 +57,13 @@ export async function DeleteBatch(ids: any[]) {
    data: { ids }
  });
 }
 export async function DoVerify(id: number) {
  return await request({
    url: apiPrefix + "/verify",
    method: "post",
    data: {
      id
    }
  });
 }
--- a/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx
@ -1,10 +1,12 @@
 import * as api from "./api";
 import { useI18n } from "vue-i18n";
-import { computed, Ref, ref } from "vue";
+import { Ref, ref } from "vue";
 import { useRouter } from "vue-router";
-import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
+import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/modules/user";
 import { useSettingStore } from "/@/store/modules/settings";
 import { message } from "ant-design-vue";
 import { DoVerify } from "./api";
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
  const router = useRouter();
@ -58,6 +60,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
        editRequest,
        delRequest
      },
      tabs: {
        name: "status",
        show: true
      },
      rowHandle: {
        minWidth: 200,
        fixed: "right"
@ -139,9 +145,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          dict: dict({
            data: [
              { label: "待设置CNAME", value: "cname", color: "warning" },
-              { label: "验证中", value: "validating", color: "primary" },
+              { label: "验证中", value: "validating", color: "blue" },
-              { label: "验证成功", value: "valid", color: "success" },
+              { label: "验证成功", value: "valid", color: "green" },
-              { label: "验证失败", value: "failed", color: "error" }
+              { label: "验证失败", value: "failed", color: "red" }
            ]
          }),
          addForm: {
@ -160,14 +166,29 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          },
          column: {
            conditionalRenderDisabled: true,
-            width: 100,
+            width: 130,
            align: "center",
            cellRender({ row, value }) {
              if (row.status === "valid") {
                return "-";
              }
              async function doVerify() {
                row._validating_ = true;
                try {
                  const res = await api.DoVerify(row.id);
                  if (res === true) {
                    message.success("验证成功");
                    row.status = "valid";
                  }
                } catch (e) {
                  console.error(e);
                  message.error(e.message);
                } finally {
                  row._validating_ = false;
                }
              }
              return (
-                <a-button size={"small"} type={"primary"}>
+                <a-button onClick={doVerify} loading={row._validating_} size={"small"} type={"primary"}>
                  点击验证
                </a-button>
              );
--- a/packages/ui/certd-client/src/views/certd/cname/record/index.vue
+++ b/packages/ui/certd-client/src/views/certd/cname/record/index.vue
@ -18,7 +18,7 @@ import { onMounted } from "vue";
 import { useFs } from "@fast-crud/fast-crud";
 import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
-import { DeleteBatch } from "/@/views/certd/history/api";
+import { DeleteBatch } from "./api";
 defineOptions({
  name: "CnameRecord"
--- a/packages/ui/certd-client/src/views/certd/history/index.vue
+++ b/packages/ui/certd-client/src/views/certd/history/index.vue
@ -18,7 +18,7 @@ import { onMounted } from "vue";
 import { useFs } from "@fast-crud/fast-crud";
 import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
-import { DeleteBatch } from "/@/views/certd/history/api";
+import { DeleteBatch } from "./api";
 defineOptions({
  name: "PipelineHistory"
--- a/packages/ui/certd-server/src/configuration.ts
+++ b/packages/ui/certd-server/src/configuration.ts
@ -17,6 +17,7 @@ import DefaultConfig from './config/config.default.js';
 import * as libServer from '@certd/lib-server';
 import * as commercial from '@certd/commercial-core';
 import * as upload from '@midwayjs/upload';
 import { setLogger } from '@certd/acme-client';
 process.on('uncaughtException', error => {
  console.error('未捕获的异常：', error);
  // 在这里可以添加日志记录、发送错误通知等操作
@ -75,6 +76,11 @@ export class MainConfiguration {
      ResetPasswdMiddleware,
    ]);
    //acme setlogger
    setLogger((text: string) => {
      logger.info(text);
    });
    logger.info('当前环境：', this.app.getEnv()); // prod
  }
 }
--- a/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts
+++ b/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts
@ -20,7 +20,7 @@ export class CnameProviderController extends BaseController {
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Body(ALL) body: any) {
-    body.userId = this.ctx.user.id;
+    body.userId = this.getUserId();
    const res = await this.providerService.find({});
    return this.ok(res);
  }
--- a/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
+++ b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
@ -18,50 +18,67 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
  @Post('/page', { summary: Constants.per.authOnly })
  async page(@Body(ALL) body: any) {
    body.query = body.query ?? {};
-    body.query.userId = this.ctx.user.id;
+    body.query.userId = this.getUserId();
-    return await super.page(body);
+    const domain = body.query.domain;
    delete body.query.domain;
    const bq = qb => {
      if (domain) {
        qb.where('domain like :domain', { domain: `%${domain}%` });
      }
    };
    const pageRet = await this.getService().page(body?.query, body?.page, body?.sort, bq);
    return this.ok(pageRet);
  }
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Body(ALL) body: any) {
-    body.userId = this.ctx.user.id;
+    body.userId = this.getUserId();
    return super.list(body);
  }
  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean: any) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean: any) {
-    await this.service.checkUserId(bean.id, this.ctx.user.id);
+    await this.service.checkUserId(bean.id, this.getUserId());
    return super.update(bean);
  }
  @Post('/info', { summary: Constants.per.authOnly })
  async info(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.info(id);
  }
  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.delete(id);
  }
  @Post('/deleteByIds', { summary: Constants.per.authOnly })
  async deleteByIds(@Body(ALL) body: any) {
    await this.service.delete(body.ids, {
      userId: this.getUserId(),
    });
    return this.ok();
  }
  @Post('/getByDomain', { summary: Constants.per.authOnly })
  async getByDomain(@Body(ALL) body: { domain: string; createOnNotFound: boolean }) {
-    const userId = this.ctx.user.id;
+    const userId = this.getUserId();
    const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound);
    return this.ok(res);
  }
  @Post('/verify', { summary: Constants.per.authOnly })
  async verify(@Body(ALL) body: { id: string }) {
-    const userId = this.ctx.user.id;
+    const userId = this.getUserId();
    await this.service.checkUserId(body.id, userId);
    const res = await this.service.verify(body.id);
    return this.ok(res);
--- a/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
+++ b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
@ -8,9 +8,18 @@ import { CnameProviderService } from '../../sys/cname/service/cname-provider-ser
 import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js';
 import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert';
 import { cache, http, logger, utils } from '@certd/pipeline';
 import dns from 'dns';
 import { AccessService } from '../../pipeline/service/access-service.js';
 import { isDev } from '../../../utils/env.js';
 import { walkTxtRecord } from '@certd/acme-client';
 type CnameCheckCacheValue = {
  validating: boolean;
  pass: boolean;
  recordReq?: any;
  recordRes?: any;
  startTime: number;
  intervalId?: NodeJS.Timeout;
 };
 /**
 * 授权
 */
@ -147,56 +156,94 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
    if (!bean) {
      throw new ValidateException(`CnameRecord:${id} 不存在`);
    }
-    const cacheKey = `cname.record.verify.${bean.id}`;
+    if (bean.status === 'valid') {
-
+      return true;
    type CacheValue = {
      ready: boolean;
      pass: boolean;
    };
    let value: CacheValue = cache.get(cacheKey);
    if (!value) {
      value = {
        ready: false,
        pass: false,
      };
    }
-    const originDomain = parseDomain(bean.domain);
+    const cacheKey = `cname.record.verify.${bean.id}`;
-    const fullDomain = `${bean.hostRecord}.${originDomain}`;
+
    let value: CnameCheckCacheValue = cache.get(cacheKey);
    if (!value) {
      value = {
        validating: false,
        pass: false,
        startTime: new Date().getTime(),
      };
    }
    let ttl = 60 * 60 * 15 * 1000;
    if (isDev()) {
      ttl = 30 * 1000;
    }
    const recordValue = bean.recordValue.substring(0, bean.recordValue.indexOf('.'));
    const buildDnsProvider = async () => {
      const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
      const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
      const context = { access, logger, http, utils };
      const dnsProvider: IDnsProvider = await createDnsProvider({
        dnsProviderType: cnameProvider.dnsProviderType,
        context,
      });
      return dnsProvider;
    };
    const checkRecordValue = async () => {
      if (value.pass) {
        return true;
      }
      if (value.startTime + ttl < new Date().getTime()) {
        logger.warn(`cname验证超时,停止检查,${bean.domain} ${recordValue}`);
        clearInterval(value.intervalId);
        await this.updateStatus(bean.id, 'cname');
        return false;
      }
      const originDomain = parseDomain(bean.domain);
      const fullDomain = `${bean.hostRecord}.${originDomain}`;
      logger.info(`检查CNAME配置 ${fullDomain} ${recordValue}`);
-      const txtRecords = await dns.promises.resolveTxt(fullDomain);
+
      // const txtRecords = await dns.promises.resolveTxt(fullDomain);
      // if (txtRecords.length) {
      //   records = [].concat(...txtRecords);
      // }
      let records: string[] = [];
-      if (txtRecords.length) {
+      try {
-        records = [].concat(...txtRecords);
+        records = await walkTxtRecord(fullDomain);
      } catch (e) {
        logger.error(`获取TXT记录失败，${e.message}`);
      }
      logger.info(`检查到TXT记录 ${JSON.stringify(records)}`);
      const success = records.includes(recordValue);
      if (success) {
        clearInterval(value.intervalId);
        logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${recordValue}`);
        await this.updateStatus(bean.id, 'valid');
        value.pass = true;
        cache.delete(cacheKey);
        try {
          const dnsProvider = await buildDnsProvider();
          await dnsProvider.removeRecord({
            recordReq: value.recordReq,
            recordRes: value.recordRes,
          });
          logger.info('删除CNAME的校验DNS记录成功');
        } catch (e) {
          logger.error(`删除CNAME的校验DNS记录失败， ${e.message}，req:${JSON.stringify(value.recordReq)}，recordRes:${JSON.stringify(value.recordRes)}`, e);
        }
      }
      return success;
    };
-    if (value.ready) {
+    if (value.validating) {
      // lookup recordValue in dns
      return await checkRecordValue();
    }
    const ttl = 60 * 60 * 30;
    cache.set(cacheKey, value, {
      ttl: ttl,
    });
    const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
    const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
    const context = { access, logger, http, utils };
    const dnsProvider: IDnsProvider = await createDnsProvider({
      dnsProviderType: cnameProvider.dnsProviderType,
      context,
    });
    const domain = parseDomain(bean.recordValue);
    const fullRecord = bean.recordValue;
    const hostRecord = fullRecord.replace(`.${domain}`, '');
@ -207,8 +254,20 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
      type: 'TXT',
      value: recordValue,
    };
-    await dnsProvider.createRecord(req);
+    const dnsProvider = await buildDnsProvider();
-    value.ready = true;
+    const recordRes = await dnsProvider.createRecord(req);
    value.validating = true;
    value.recordReq = req;
    value.recordRes = recordRes;
    await this.updateStatus(bean.id, 'validating');
    value.intervalId = setInterval(async () => {
      try {
        await checkRecordValue();
      } catch (e) {
        logger.error('检查cname出错：', e);
      }
    }, 10000);
  }
  async updateStatus(id: number, status: CnameRecordStatusType) {
--- a/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts
+++ b/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts
@ -19,49 +19,49 @@ export class UserSettingsController extends CrudController<UserSettingsService>
  @Post('/page', { summary: Constants.per.authOnly })
  async page(@Body(ALL) body) {
    body.query = body.query ?? {};
-    body.query.userId = this.ctx.user.id;
+    body.query.userId = this.getUserId();
    return super.page(body);
  }
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Body(ALL) body) {
-    body.userId = this.ctx.user.id;
+    body.userId = this.getUserId();
    return super.list(body);
  }
  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
-    await this.service.checkUserId(bean.id, this.ctx.user.id);
+    await this.service.checkUserId(bean.id, this.getUserId());
    return super.update(bean);
  }
  @Post('/info', { summary: Constants.per.authOnly })
  async info(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.info(id);
  }
  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.delete(id);
  }
  @Post('/save', { summary: Constants.per.authOnly })
  async save(@Body(ALL) bean: UserSettingsEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    await this.service.save(bean);
    return this.ok({});
  }
  @Post('/get', { summary: Constants.per.authOnly })
  async get(@Query('key') key: string) {
-    const entity = await this.service.getByKey(key, this.ctx.user.id);
+    const entity = await this.service.getByKey(key, this.getUserId());
    return this.ok(entity);
  }
 }
--- a/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts
@ -19,36 +19,36 @@ export class AccessController extends CrudController<AccessService> {
  @Post('/page', { summary: Constants.per.authOnly })
  async page(@Body(ALL) body) {
    body.query = body.query ?? {};
-    body.query.userId = this.ctx.user.id;
+    body.query.userId = this.getUserId();
    return await super.page(body);
  }
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Body(ALL) body) {
-    body.userId = this.ctx.user.id;
+    body.userId = this.getUserId();
    return super.list(body);
  }
  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
-    await this.service.checkUserId(bean.id, this.ctx.user.id);
+    await this.service.checkUserId(bean.id, this.getUserId());
    return super.update(bean);
  }
  @Post('/info', { summary: Constants.per.authOnly })
  async info(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.info(id);
  }
  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.delete(id);
  }
--- a/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts
@ -14,7 +14,7 @@ export class DnsProviderController extends BaseController {
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Query(ALL) query: any) {
-    query.userId = this.ctx.user.id;
+    query.userId = this.getUserId();
    const list = this.service.getList();
    return this.ok(list);
  }
--- a/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts
@ -41,8 +41,8 @@ export class HistoryController extends CrudController<HistoryService> {
    const publicSettings = await this.sysSettingsService.getPublicSettings();
    const pipelineQuery: any = {};
    if (!(publicSettings.managerOtherUserPipeline && isAdmin)) {
-      body.query.userId = this.ctx.user.id;
+      body.query.userId = this.getUserId();
-      pipelineQuery.userId = this.ctx.user.id;
+      pipelineQuery.userId = this.getUserId();
    }
    let pipelineIds: any = null;
@ -70,7 +70,7 @@ export class HistoryController extends CrudController<HistoryService> {
  async list(@Body(ALL) body) {
    const isAdmin = await this.authService.isAdmin(this.ctx);
    if (!isAdmin) {
-      body.userId = this.ctx.user.id;
+      body.userId = this.getUserId();
    }
    if (body.pipelineId == null) {
      return this.ok([]);
@ -84,7 +84,7 @@ export class HistoryController extends CrudController<HistoryService> {
  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean: PipelineEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
@ -96,7 +96,7 @@ export class HistoryController extends CrudController<HistoryService> {
  @Post('/save', { summary: Constants.per.authOnly })
  async save(@Body(ALL) bean: HistoryEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    if (bean.id > 0) {
      await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
    }
@ -106,7 +106,7 @@ export class HistoryController extends CrudController<HistoryService> {
  @Post('/saveLog', { summary: Constants.per.authOnly })
  async saveLog(@Body(ALL) bean: HistoryLogEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    if (bean.id > 0) {
      await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
    }
@ -125,7 +125,7 @@ export class HistoryController extends CrudController<HistoryService> {
  async deleteByIds(@Body(ALL) body: any) {
    await this.authService.checkEntityUserId(this.ctx, this.getService(), body.ids);
    const isAdmin = await this.authService.isAdmin(this.ctx);
-    const userId = isAdmin ? null : this.ctx.user.id;
+    const userId = isAdmin ? null : this.getUserId();
    await this.getService().deleteByIds(body.ids, userId);
    return this.ok();
  }
@ -162,7 +162,7 @@ export class HistoryController extends CrudController<HistoryService> {
    if (history == null) {
      throw new CommonException('historyId is null');
    }
-    if (history.userId !== this.ctx.user.id) {
+    if (history.userId !== this.getUserId()) {
      throw new PermissionException();
    }
    return await this.service.getFiles(history);
--- a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
@ -29,7 +29,7 @@ export class PipelineController extends CrudController<PipelineService> {
    const isAdmin = await this.authService.isAdmin(this.ctx);
    const publicSettings = await this.sysSettingsService.getPublicSettings();
    if (!(publicSettings.managerOtherUserPipeline && isAdmin)) {
-      body.query.userId = this.ctx.user.id;
+      body.query.userId = this.getUserId();
    }
    const title = body.query.title;
@ -50,7 +50,7 @@ export class PipelineController extends CrudController<PipelineService> {
  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean: PipelineEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
@ -62,7 +62,7 @@ export class PipelineController extends CrudController<PipelineService> {
  @Post('/save', { summary: Constants.per.authOnly })
  async save(@Body(ALL) bean: PipelineEntity) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    if (bean.id > 0) {
      await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
    }
--- a/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts
@ -14,14 +14,14 @@ export class PluginController extends BaseController {
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Query(ALL) query: any) {
-    query.userId = this.ctx.user.id;
+    query.userId = this.getUserId();
    const list = this.service.getList();
    return this.ok(list);
  }
  @Post('/groups', { summary: Constants.per.authOnly })
  async groups(@Query(ALL) query: any) {
-    query.userId = this.ctx.user.id;
+    query.userId = this.getUserId();
    const group = this.service.getGroups();
    return this.ok(group);
  }
--- a/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
@ -68,6 +68,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
  }
  private async clear(pipelineId: number, keepCount = 20) {
    if (pipelineId == null) {
      return;
    }
    const count = await this.repository.count({
      where: {
        pipelineId,
@ -139,6 +142,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
  }
  async deleteByIds(ids: number[], userId: number) {
    if (!ids || ids.length === 0) {
      return;
    }
    const condition: any = {
      id: In(ids),
    };
@ -150,6 +156,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
  }
  async deleteByPipelineId(id: number) {
    if (id == null) {
      return;
    }
    await this.repository.delete({
      pipelineId: id,
    });
--- a/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts
@ -86,7 +86,7 @@ export class UserController extends CrudController<UserService> {
   */
  @Post('/mine', { summary: Constants.per.authOnly })
  public async mine() {
-    const id = this.ctx.user.id;
+    const id = this.getUserId();
    const info = await this.service.info(id, ['password']);
    return this.ok(info);
  }
@ -96,7 +96,7 @@ export class UserController extends CrudController<UserService> {
   */
  @Post('/permissions', { summary: Constants.per.authOnly })
  public async permissions() {
-    const id = this.ctx.user.id;
+    const id = this.getUserId();
    const permissions = await this.service.getUserPermissions(id);
    return this.ok(permissions);
  }
@ -106,7 +106,7 @@ export class UserController extends CrudController<UserService> {
   */
  @Post('/permissionTree', { summary: Constants.per.authOnly })
  public async permissionTree() {
-    const id = this.ctx.user.id;
+    const id = this.getUserId();
    const permissions = await this.service.getUserPermissions(id);
    const tree = this.permissionService.buildTree(permissions);
    return this.ok(tree);
--- a/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts
+++ b/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts
@ -23,36 +23,36 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
  @Post('/page', { summary: 'sys:settings:view' })
  async page(@Body(ALL) body) {
    body.query = body.query ?? {};
-    body.query.userId = this.ctx.user.id;
+    body.query.userId = this.getUserId();
    return super.page(body);
  }
  @Post('/list', { summary: 'sys:settings:view' })
  async list(@Body(ALL) body) {
-    body.userId = this.ctx.user.id;
+    body.userId = this.getUserId();
    return super.list(body);
  }
  @Post('/add', { summary: 'sys:settings:edit' })
  async add(@Body(ALL) bean) {
-    bean.userId = this.ctx.user.id;
+    bean.userId = this.getUserId();
    return super.add(bean);
  }
  @Post('/update', { summary: 'sys:settings:edit' })
  async update(@Body(ALL) bean) {
-    await this.service.checkUserId(bean.id, this.ctx.user.id);
+    await this.service.checkUserId(bean.id, this.getUserId());
    return super.update(bean);
  }
  @Post('/info', { summary: 'sys:settings:view' })
  async info(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.info(id);
  }
  @Post('/delete', { summary: 'sys:settings:edit' })
  async delete(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.ctx.user.id);
+    await this.service.checkUserId(id, this.getUserId());
    return super.delete(id);
  }
--- a/packages/ui/certd-server/src/plugins/plugin-demo/access.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-demo/access.ts
@ -1,4 +1,5 @@
 import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
 import { isDev } from "../../utils/env.js";
 /**
 * 这个注解将注册一个授权配置
@ -41,7 +42,7 @@ export class DemoAccess extends BaseAccess {
  demoKeySecret = '';
 }
-if (process.env.NODE_ENV === 'development') {
+if (isDev()) {
  //你的实现 要去掉这个if，不然生产环境将不会显示
  new DemoAccess();
 }
--- a/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts
@ -1,6 +1,7 @@
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
 import { Autowire, HttpClient, ILogger } from '@certd/pipeline';
 import { DemoAccess } from './access.js';
 import { isDev } from "../../utils/env.js";
 type DemoRecord = {
  // 这里定义Record记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到id就行，用于删除txt解析记录，清理申请痕迹
@ -79,7 +80,7 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
 }
 //TODO 实例化这个provider，将其自动注册到系统中
-if (process.env.NODE_ENV === 'development') {
+if (isDev()) {
  //你的实现 要去掉这个if，不然生产环境将不会显示
  new DemoDnsProvider();
 }
--- a/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
@ -1,5 +1,6 @@
 import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
 import { CertInfo, CertReader } from '@certd/plugin-cert';
 import { isDev } from '../../../utils/env.js';
@IsTaskPlugin({
  name: 'demoTest',
@ -98,7 +99,7 @@ export class DemoTestPlugin extends AbstractTaskPlugin {
  }
 }
 //TODO 这里实例化插件，进行注册
-if (process.env.NODE_ENV === 'development') {
+if (isDev()) {
  //你的实现 要去掉这个if，不然生产环境将不会显示
  new DemoTestPlugin();
 }
--- a/packages/ui/certd-server/src/utils/env.ts
+++ b/packages/ui/certd-server/src/utils/env.ts
@ -0,0 +1,3 @@
 export function isDev() {
  return process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'local';
 }