作者:xiaojin | 来源:互联网 | 2023-09-25 16:13
资源共享功能实现(二) 用户登录基本功能 登录 对用户身份合法性检验 限流功能 登出 封号或者解封用户 用户积分机制
用户登录基本功能 登录 exports . main = async ( event, context) = > { const clientIp = context. ip; const { captcha } = event; if ( ! captcha) { console. error ( `captcha is null , ip = ${ clientIp} `) ; return null ; } const user = await db. collection ( 'user' ) . where ( { captcha, captchaExpireTime: _. gt ( new Date ( ) ) , isDelete: false , } ) . limit ( 1 ) . get ( ) . then ( ( { data } ) = > data[ 0 ] ) ;
对用户身份合法性检验 if ( ! user) { console. log ( `user not exists, captcha = ${ captcha} `) ; return null ; } if ( ! isValidUser ( user) ) { console. error ( `user is invalid, ip = ${ clientIp} , user = ${ JSON. stringify ( user) } `) ; throw new MyError ( FORBIDDEN_ERROR_CODE, '禁止访问' ) ; }
若用户合法,则创建登录凭证
const ticket = app. auth ( ) . createTicket ( user. unionId, { refresh: 30 * 24 * 60 * 60 * 1000 , } ) ; context. session. userInfo = user; return { ticket, user, } ;
限流功能 如果由于人数太多不响应,那就锁定登录功能
const getLock = await app. callFunction ( { name: 'redisService', data: { op: 'setnx' , key: `login_${ clientIp} `, value: 1 , expireSeconds: 3 , } , } ) . then ( ( tmpRes) = > tmpRes. result) ; if ( ! getLock) { console. error ( `cannot getLock, ip = ${ clientIp} `) ; return FORBIDDEN_CODE; }
登出 exports . main = async ( event, context) = > { context. session. userInfo = undefined; return true ; } ;
封号或者解封用户 此功能仅管理员可以操作,对于一些用户发表不当言论或者违规操作,管理员可以审核后将其加入黑名单中,用户的账号将会被封禁;当封禁到期,管理员可以移除用户账号,用户即可正常登录。
exports . main = async ( event, context) = > { const { userId } = event; if ( ! userId) { return false ; } const currentUser = await getLoginUser ( context) ; if ( ! isAdminUser ( currentUser) ) { throw new MyError ( FORBIDDEN_ERROR_CODE, '禁止访问' ) ; } const user = await db. collection ( 'user' ) . where ( { _id: userId, isDelete: false , } ) . limit ( 1 ) . get ( ) . then ( ( { data } ) = > data[ 0 ] ) ; if ( ! user) { return false ; } const updateData = { authority: user. authority? . includes ( 'ban' ) ? 'user' : 'ban' , _updateTime: new Date ( ) , } ; const result = await db. collection ( 'user' ) . doc ( user. _id) . update ( updateData) ; console. log ( `updateUser data = ${ JSON. stringify ( updateData) } `) ; return { code: 200 , data: result, } ; } ;
用户积分机制 更新用户积分,用户通过优质评论可以获得一定积分,用户下载他人得资源,管理员负责发放积分。
exports . main &#61; async ( event, context) &#61; > { const { userId, score, reason &#61; - 1 , detail } &#61; event; if ( ! userId || ! score || reason < 0 ) { return false ; } const data &#61; { userId, score, reason, detail, _createTime: new Date ( ) , _updateTime: new Date ( ) , isDelete: false , } ; const transaction &#61; await db. startTransaction ( ) ; let res; try { res &#61; await transaction. collection ( &#39;userScore&#39;) . add ( data) . then ( ( res) &#61; > { console. log ( &#96;addUserScore succeed, id &#61; ${ res. id} &#96;) ; return true ; } ) . catch ( ( e) &#61; > { console. error ( &#39;addUserScore error&#39;, e) ; throw e; } ) ; res &#61; await transaction. collection ( &#39;user&#39; ) . where ( { _id: userId, isDelete: false , } ) . update ( { score: _. inc ( score) , _updateTime: new Date ( ) , } ) . then ( ( res) &#61; > { console. log ( &#39;updateUserScore succeed&#39;, res) ; return true ; } ) . catch ( ( e) &#61; > { console. error ( &#39;updateUserScore error&#39;, e) ; throw e; } ) ; await transaction. commit ( ) ; return res; } catch ( e) { await transaction. rollback ( ) ; console. error ( &#39;未知错误&#xff01;&#39; , e) ; return false ; } } ;