From 09cf8281a20ce3c52b0a3558f07f15cabc14d3ac Mon Sep 17 00:00:00 2001 From: baozhoutao Date: Fri, 2 Aug 2024 11:09:30 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20[Task]:=20=E8=AE=A4=E8=AF=81cookies?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E4=BA=8C=E7=BA=A7=E5=9F=9F=E5=90=8D=20#6949?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/auth/package.json | 1 + packages/auth/src/utils/index.ts | 31 ++++++++++------- packages/utils/package.json | 4 ++- packages/utils/src/cookies.ts | 34 +++++++++++++++++++ packages/utils/src/index.ts | 4 ++- .../main/default/routers/dingtalk.router.js | 20 ++--------- .../main/default/routers/qywx.router.js | 20 ++--------- services/service-ancillary/package.json | 1 + .../public/tailwind/tailwind-steedos.css | 8 +++++ yarn.lock | 2 +- 10 files changed, 76 insertions(+), 49 deletions(-) create mode 100644 packages/utils/src/cookies.ts diff --git a/packages/auth/package.json b/packages/auth/package.json index 3f1a8a303e..b77e3053c4 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -15,6 +15,7 @@ "dependencies": { "@steedos/cachers": "2.7.4-beta.8", "@steedos/objectql": "2.7.4-beta.8", + "@steedos/utils": "2.7.4-beta.8", "bcryptjs": "^2.4.3", "cookies": "^0.8.0", "express": "^4.16.4", diff --git a/packages/auth/src/utils/index.ts b/packages/auth/src/utils/index.ts index 9efc1d8350..6c42904227 100644 --- a/packages/auth/src/utils/index.ts +++ b/packages/auth/src/utils/index.ts @@ -1,7 +1,14 @@ +/* + * @Author: baozhoutao@steedos.com + * @Date: 2024-06-16 17:46:33 + * @LastEditors: baozhoutao@steedos.com + * @LastEditTime: 2024-08-02 10:55:54 + * @Description: + */ import crypto = require('crypto'); import { default as Random } from './random'; import { getSteedosSchema } from '@steedos/objectql'; -const Cookies = require('cookies'); +import { setCookie, clearCookie } from '@steedos/utils'; export const hashLoginToken = function (loginToken) { const hash = crypto.createHash('sha256'); @@ -43,19 +50,17 @@ export const insertHashedLoginToken = async function (userId, hashedToken) { return await userObject.update(userId, data); } - - export const setAuthCookies = function (req, res, userId, authToken, spaceId?) { - let cookies = new Cookies(req, res); let options = { maxAge: 90 * 60 * 60 * 24 * 1000, httpOnly: true, overwrite: true } - cookies.set("X-User-Id", userId, options); - cookies.set("X-Auth-Token", authToken, options); + setCookie(req, res, "X-User-Id", userId, options as any); + setCookie(req, res, "X-Auth-Token", authToken, options as any) + if (spaceId) { - cookies.set("X-Space-Id", spaceId, options); + setCookie(req, res, "X-Space-Id", spaceId, options as any); // cookies.set("X-Space-Token", spaceId + ',' + authToken, options); } @@ -64,16 +69,18 @@ export const setAuthCookies = function (req, res, userId, authToken, spaceId?) { export const clearAuthCookies = function (req, res) { - let cookies = new Cookies(req, res); let options = { maxAge: 0, httpOnly: true, overwrite: true } - cookies.set("X-User-Id", null, options); - cookies.set("X-Auth-Token", null, options); - cookies.set("X-Access-Token", null, options); - cookies.set("X-Space-Token", null, options); + + clearCookie(req, res, "X-User-Id", options as any) + clearCookie(req, res, "X-Auth-Token", options as any) + + clearCookie(req, res, "X-Access-Token", options as any) + clearCookie(req, res, "X-Space-Token", options as any) + return; } diff --git a/packages/utils/package.json b/packages/utils/package.json index 969413f6a3..06e6ac9c30 100644 --- a/packages/utils/package.json +++ b/packages/utils/package.json @@ -12,7 +12,9 @@ "@steedos/odata-v4-mongodb": "2.5.11-beta.10", "clone": "^2.1.2", "mingo": "^6.0.5", - "underscore": "1.5.2" + "underscore": "1.5.2", + "cookies": "^0.8.0", + "psl": "1.9.0" }, "author": "", "license": "ISC", diff --git a/packages/utils/src/cookies.ts b/packages/utils/src/cookies.ts new file mode 100644 index 0000000000..07797392d3 --- /dev/null +++ b/packages/utils/src/cookies.ts @@ -0,0 +1,34 @@ +const Cookies = require('cookies'); +const psl = require('psl'); + +const useSubdomainCookies = process.env.STEEDOS_AUTH_USE_SUBDOMAIN_COOKIES === 'true'; + +// 从请求的 Host 头中提取二级域名部分 +function getSubdomain(host) { + const parsed = psl.parse(host); + if (parsed && parsed.domain) { + return parsed.domain; + } + return host; +} + +export function setCookie(req, res, name, value, options = {domain: null, maxAge: 0, httpOnly: true, overwrite: true}) { + const cookies = new Cookies(req, res); + const host = req.headers.host; + if(host && useSubdomainCookies && psl.isValid(host)){ + const domain = getSubdomain(host); + options.domain = `.${domain}`; // 动态设置二级域名 + } + cookies.set(name, value, options); +} + +export function clearCookie(req, res, name, options = {domain: null, maxAge: 0, httpOnly: true, overwrite: true}) { + const cookies = new Cookies(req, res); + const host = req.headers.host; + if(host && useSubdomainCookies && psl.isValid(host)){ + const domain = getSubdomain(host); + options.domain = `.${domain}`; // 动态设置二级域名 + } + options.maxAge = 0; // 通过将 maxAge 设置为 0 来清除 cookie + cookies.set(name, null, options); +} \ No newline at end of file diff --git a/packages/utils/src/index.ts b/packages/utils/src/index.ts index 8acae98c26..1f6881d5f7 100644 --- a/packages/utils/src/index.ts +++ b/packages/utils/src/index.ts @@ -2,7 +2,7 @@ * @Author: baozhoutao@steedos.com * @Date: 2023-08-06 14:44:51 * @LastEditors: baozhoutao@steedos.com - * @LastEditTime: 2024-04-14 13:58:40 + * @LastEditTime: 2024-08-02 10:22:51 * @Description: */ @@ -10,6 +10,8 @@ export * from './queryMetadata'; export * from './defaultsDeep'; export * from './settings' +export * from './cookies'; + export async function sleep(ms) { return new Promise(resolve => setTimeout(resolve, ms)); } diff --git a/services/service-ancillary/main/default/routers/dingtalk.router.js b/services/service-ancillary/main/default/routers/dingtalk.router.js index 0ca95208c4..07ec8356e3 100644 --- a/services/service-ancillary/main/default/routers/dingtalk.router.js +++ b/services/service-ancillary/main/default/routers/dingtalk.router.js @@ -6,6 +6,7 @@ const fs = require('fs'); const steedosConfig = objectql.getSteedosConfig(); const steedosSchema = objectql.getSteedosSchema(); const auth = require("@steedos/auth"); +const { clearCookie } = require('@steedos/utils'); //钉钉文档:http://ddtalk.github.io/dingTalkDoc/?spm=a3140.7785475.0.0.p5bAUd#2-回调接口(分为五个回调类型) @@ -15,23 +16,8 @@ const auth = require("@steedos/auth"); clearAuthCookies = function(req, res) { - let cookies, uri; - cookies = new Cookies(req, res); - cookies.set("X-User-Id"); - cookies.set("X-Auth-Token"); - if (req.headers.origin) { - uri = new URI(req.headers.origin); - } else if (req.headers.referer) { - uri = new URI(req.headers.referer); - } - cookies.set("X-User-Id", "", { - domain: uri != null ? uri.domain() : void 0, - overwrite: true - }); - return cookies.set("X-Auth-Token", "", { - domain: uri != null ? uri.domain() : void 0, - overwrite: true - }); + clearCookie(req, res, 'X-User-Id'); + clearCookie(req, res, 'X-Auth-Token'); }; // Accounts.destroyToken diff --git a/services/service-ancillary/main/default/routers/qywx.router.js b/services/service-ancillary/main/default/routers/qywx.router.js index a09a9ca167..df0e04346d 100644 --- a/services/service-ancillary/main/default/routers/qywx.router.js +++ b/services/service-ancillary/main/default/routers/qywx.router.js @@ -7,6 +7,7 @@ const objectql = require('@steedos/objectql'); const xmlparser = require('express-xml-bodyparser'); const xml2js = require('xml2js'); const fetch = require('node-fetch'); +const { clearCookie } = require('@steedos/utils'); const qywxSync = { write: async function (content) { @@ -540,23 +541,8 @@ let getAbsoluteUrl = function (url) { }; let clearAuthCookies = function (req, res) { - var cookies, uri; - cookies = new Cookies(req, res); - cookies.set("X-User-Id"); - cookies.set("X-Auth-Token"); - if (req.headers.origin) { - uri = new URI(req.headers.origin); - } else if (req.headers.referer) { - uri = new URI(req.headers.referer); - } - cookies.set("X-User-Id", "", { - domain: uri != null ? uri.domain() : void 0, - overwrite: true - }); - return cookies.set("X-Auth-Token", "", { - domain: uri != null ? uri.domain() : void 0, - overwrite: true - }); + clearCookie(req, res, 'X-User-Id'); + clearCookie(req, res, 'X-Auth-Token'); }; destroyToken = async function (userId, loginToken) { diff --git a/services/service-ancillary/package.json b/services/service-ancillary/package.json index 1eb76e3d38..ed6210e0f4 100644 --- a/services/service-ancillary/package.json +++ b/services/service-ancillary/package.json @@ -13,6 +13,7 @@ }, "license": "ISC", "dependencies": { + "@steedos/utils": "2.7.4-beta.8", "express": "^4.17.1", "express-xml-bodyparser": "0.3.0", "xml2js": "0.4.23" diff --git a/services/service-plugin-amis/public/tailwind/tailwind-steedos.css b/services/service-plugin-amis/public/tailwind/tailwind-steedos.css index e9c0d0d18f..226a6217f4 100644 --- a/services/service-plugin-amis/public/tailwind/tailwind-steedos.css +++ b/services/service-plugin-amis/public/tailwind/tailwind-steedos.css @@ -64,6 +64,10 @@ position: absolute } +.relative { + position: relative +} + .sticky { position: sticky } @@ -75,6 +79,10 @@ left: 0px } +.isolate { + isolation: isolate +} + .z-20 { z-index: 20 } diff --git a/yarn.lock b/yarn.lock index 57ef571f28..eb78f49b73 100644 --- a/yarn.lock +++ b/yarn.lock @@ -15308,7 +15308,7 @@ pseudomap@^1.0.2: resolved "https://registry.yarnpkg.com/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" integrity sha512-b/YwNhb8lk1Zz2+bXXpS/LK9OisiZZ1SNsSLxN1x2OXVEhW2Ckr/7mWE5vrC1ZTiJlD9g19jWszTmJsB+oEpFQ== -psl@^1.1.28: +psl@1.9.0, psl@^1.1.28: version "1.9.0" resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7" integrity sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==