首次完整推送，

V：1.20240808.006

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/close-account.js

@@ -0,0 +1,16 @@
+const {
+  setUserStatus
+} = require('../../lib/utils/update-user-info')
+const {
+  USER_STATUS
+} = require('../../common/constants')
+
+/**
+ * 注销账户
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#close-account
+ * @returns
+ */
+module.exports = async function () {
+  const { uid } = this.authInfo
+  return setUserStatus(uid, USER_STATUS.CLOSED)
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/get-account-info.js

@@ -0,0 +1,69 @@
+const {
+  userCollection
+} = require('../../common/constants')
+const {
+  ERROR
+} = require('../../common/error')
+
+function isUsernameSet (userRecord) {
+  return !!userRecord.username
+}
+function isNicknameSet (userRecord) {
+  return !!userRecord.nickname
+}
+function isPasswordSet (userRecord) {
+  return !!userRecord.password
+}
+function isMobileBound (userRecord) {
+  return !!(userRecord.mobile && userRecord.mobile_confirmed)
+}
+function isEmailBound (userRecord) {
+  return !!(userRecord.email && userRecord.email_confirmed)
+}
+function isWeixinBound (userRecord) {
+  return !!(
+    userRecord.wx_unionid ||
+    Object.keys(userRecord.wx_openid || {}).length
+  )
+}
+function isQQBound (userRecord) {
+  return !!(
+    userRecord.qq_unionid ||
+    Object.keys(userRecord.qq_openid || {}).length
+  )
+}
+function isAlipayBound (userRecord) {
+  return !!userRecord.ali_openid
+}
+function isAppleBound (userRecord) {
+  return !!userRecord.apple_openid
+}
+
+/**
+ * 获取账户账户简略信息
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#get-account-info
+ */
+module.exports = async function () {
+  const {
+    uid
+  } = this.authInfo
+  const getUserRes = await userCollection.doc(uid).get()
+  const userRecord = getUserRes && getUserRes.data && getUserRes.data[0]
+  if (!userRecord) {
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  }
+  return {
+    errCode: 0,
+    isUsernameSet: isUsernameSet(userRecord),
+    isNicknameSet: isNicknameSet(userRecord),
+    isPasswordSet: isPasswordSet(userRecord),
+    isMobileBound: isMobileBound(userRecord),
+    isEmailBound: isEmailBound(userRecord),
+    isWeixinBound: isWeixinBound(userRecord),
+    isQQBound: isQQBound(userRecord),
+    isAlipayBound: isAlipayBound(userRecord),
+    isAppleBound: isAppleBound(userRecord)
+  }
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/get-realname-info.js

@@ -0,0 +1,45 @@
+const { userCollection } = require('../../common/constants')
+const { ERROR } = require('../../common/error')
+const { decryptData } = require('../../common/sensitive-aes-cipher')
+const { dataDesensitization } = require('../../common/utils')
+
+/**
+ * 获取实名信息
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#get-realname-info
+ * @param {Object} params
+ * @param {Boolean} params.decryptData 是否解密数据
+ * @returns
+ */
+module.exports = async function (params = {}) {
+  const schema = {
+    decryptData: {
+      required: false,
+      type: 'boolean'
+    }
+  }
+
+  this.middleware.validate(params, schema)
+
+  const { decryptData: isDecryptData = true } = params
+
+  const {
+    uid
+  } = this.authInfo
+  const getUserRes = await userCollection.doc(uid).get()
+  const userRecord = getUserRes && getUserRes.data && getUserRes.data[0]
+  if (!userRecord) {
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  }
+
+  const { realname_auth: realNameAuth = {} } = userRecord
+
+  return {
+    errCode: 0,
+    type: realNameAuth.type,
+    authStatus: realNameAuth.auth_status,
+    realName: isDecryptData ? dataDesensitization(decryptData.call(this, realNameAuth.real_name), { onlyLast: true }) : realNameAuth.real_name,
+    identity: isDecryptData ? dataDesensitization(decryptData.call(this, realNameAuth.identity)) : realNameAuth.identity
+  }
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/index.js

@@ -0,0 +1,9 @@
+module.exports = {
+  setPwd: require('./set-pwd'),
+  updatePwd: require('./update-pwd'),
+  resetPwdBySms: require('./reset-pwd-by-sms'),
+  resetPwdByEmail: require('./reset-pwd-by-email'),
+  closeAccount: require('./close-account'),
+  getAccountInfo: require('./get-account-info'),
+  getRealNameInfo: require('./get-realname-info')
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/reset-pwd-by-email.js

@@ -0,0 +1,128 @@
+const {
+  ERROR
+} = require('../../common/error')
+const {
+  getNeedCaptcha,
+  verifyCaptcha
+} = require('../../lib/utils/captcha')
+const {
+  verifyEmailCode
+} = require('../../lib/utils/verify-code')
+const {
+  userCollection,
+  EMAIL_SCENE,
+  CAPTCHA_SCENE,
+  LOG_TYPE
+} = require('../../common/constants')
+const {
+  findUser
+} = require('../../lib/utils/account')
+const PasswordUtils = require('../../lib/utils/password')
+
+/**
+ * 通过邮箱验证码重置密码
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#reset-pwd-by-email
+ * @param {object} params
+ * @param {string} params.email   邮箱
+ * @param {string} params.code   邮箱验证码
+ * @param {string} params.password 密码
+ * @param {string} params.captcha  图形验证码
+ * @returns {object}
+ */
+module.exports = async function (params = {}) {
+  const schema = {
+    email: 'email',
+    code: 'string',
+    password: 'password',
+    captcha: {
+      required: false,
+      type: 'string'
+    }
+  }
+  this.middleware.validate(params, schema)
+  const {
+    email,
+    code,
+    password,
+    captcha
+  } = params
+
+  const needCaptcha = await getNeedCaptcha.call(this, {
+    email,
+    type: LOG_TYPE.RESET_PWD_BY_EMAIL
+  })
+  if (needCaptcha) {
+    await verifyCaptcha.call(this, {
+      captcha,
+      scene: CAPTCHA_SCENE.RESET_PWD_BY_EMAIL
+    })
+  }
+  try {
+    // 验证手机号验证码，验证不通过时写入失败日志
+    await verifyEmailCode({
+      email,
+      code,
+      scene: EMAIL_SCENE.RESET_PWD_BY_EMAIL
+    })
+  } catch (error) {
+    await this.middleware.uniIdLog({
+      data: {
+        email
+      },
+      type: LOG_TYPE.RESET_PWD_BY_EMAIL,
+      success: false
+    })
+    throw error
+  }
+  // 根据手机号查找匹配的用户
+  const {
+    total,
+    userMatched
+  } = await findUser.call(this, {
+    userQuery: {
+      email
+    },
+    authorizedApp: [this.getUniversalClientInfo().appId]
+  })
+  if (userMatched.length === 0) {
+    if (total > 0) {
+      throw {
+        errCode: ERROR.ACCOUNT_NOT_EXISTS_IN_CURRENT_APP
+      }
+    }
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  } else if (userMatched.length > 1) {
+    throw {
+      errCode: ERROR.ACCOUNT_CONFLICT
+    }
+  }
+  const { _id: uid } = userMatched[0]
+  const {
+    passwordHash,
+    version
+  } = new PasswordUtils({
+    clientInfo: this.getUniversalClientInfo(),
+    passwordSecret: this.config.passwordSecret
+  }).generatePasswordHash({
+    password
+  })
+  // 更新用户密码
+  await userCollection.doc(uid).update({
+    password: passwordHash,
+    password_secret_version: version,
+    valid_token_date: Date.now()
+  })
+
+  // 写入成功日志
+  await this.middleware.uniIdLog({
+    data: {
+      email
+    },
+    type: LOG_TYPE.RESET_PWD_BY_SMS
+  })
+  return {
+    errCode: 0
+  }
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/reset-pwd-by-sms.js

@@ -0,0 +1,128 @@
+const {
+  ERROR
+} = require('../../common/error')
+const {
+  getNeedCaptcha,
+  verifyCaptcha
+} = require('../../lib/utils/captcha')
+const {
+  verifyMobileCode
+} = require('../../lib/utils/verify-code')
+const {
+  userCollection,
+  SMS_SCENE,
+  CAPTCHA_SCENE,
+  LOG_TYPE
+} = require('../../common/constants')
+const {
+  findUser
+} = require('../../lib/utils/account')
+const PasswordUtils = require('../../lib/utils/password')
+
+/**
+ * 通过短信验证码重置密码
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#reset-pwd-by-sms
+ * @param {object} params
+ * @param {string} params.mobile   手机号
+ * @param {string} params.mobile   短信验证码
+ * @param {string} params.password 密码
+ * @param {string} params.captcha  图形验证码
+ * @returns {object}
+ */
+module.exports = async function (params = {}) {
+  const schema = {
+    mobile: 'mobile',
+    code: 'string',
+    password: 'password',
+    captcha: {
+      required: false,
+      type: 'string'
+    }
+  }
+  this.middleware.validate(params, schema)
+  const {
+    mobile,
+    code,
+    password,
+    captcha
+  } = params
+
+  const needCaptcha = await getNeedCaptcha.call(this, {
+    mobile,
+    type: LOG_TYPE.RESET_PWD_BY_SMS
+  })
+  if (needCaptcha) {
+    await verifyCaptcha.call(this, {
+      captcha,
+      scene: CAPTCHA_SCENE.RESET_PWD_BY_SMS
+    })
+  }
+  try {
+    // 验证手机号验证码，验证不通过时写入失败日志
+    await verifyMobileCode({
+      mobile,
+      code,
+      scene: SMS_SCENE.RESET_PWD_BY_SMS
+    })
+  } catch (error) {
+    await this.middleware.uniIdLog({
+      data: {
+        mobile
+      },
+      type: LOG_TYPE.RESET_PWD_BY_SMS,
+      success: false
+    })
+    throw error
+  }
+  // 根据手机号查找匹配的用户
+  const {
+    total,
+    userMatched
+  } = await findUser.call(this, {
+    userQuery: {
+      mobile
+    },
+    authorizedApp: [this.getUniversalClientInfo().appId]
+  })
+  if (userMatched.length === 0) {
+    if (total > 0) {
+      throw {
+        errCode: ERROR.ACCOUNT_NOT_EXISTS_IN_CURRENT_APP
+      }
+    }
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  } else if (userMatched.length > 1) {
+    throw {
+      errCode: ERROR.ACCOUNT_CONFLICT
+    }
+  }
+  const { _id: uid } = userMatched[0]
+  const {
+    passwordHash,
+    version
+  } = new PasswordUtils({
+    clientInfo: this.getUniversalClientInfo(),
+    passwordSecret: this.config.passwordSecret
+  }).generatePasswordHash({
+    password
+  })
+  // 更新用户密码
+  await userCollection.doc(uid).update({
+    password: passwordHash,
+    password_secret_version: version,
+    valid_token_date: Date.now()
+  })
+
+  // 写入成功日志
+  await this.middleware.uniIdLog({
+    data: {
+      mobile
+    },
+    type: LOG_TYPE.RESET_PWD_BY_SMS
+  })
+  return {
+    errCode: 0
+  }
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/set-pwd.js

@@ -0,0 +1,83 @@
+const { userCollection, SMS_SCENE, LOG_TYPE, CAPTCHA_SCENE } = require('../../common/constants')
+const { ERROR } = require('../../common/error')
+const { verifyMobileCode } = require('../../lib/utils/verify-code')
+const PasswordUtils = require('../../lib/utils/password')
+const { getNeedCaptcha, verifyCaptcha } = require('../../lib/utils/captcha')
+
+module.exports = async function (params = {}) {
+  const schema = {
+    password: 'password',
+    code: 'string',
+    captcha: {
+      required: false,
+      type: 'string'
+    }
+  }
+  this.middleware.validate(params, schema)
+
+  const { password, code, captcha } = params
+  const uid = this.authInfo.uid
+  const getUserRes = await userCollection.doc(uid).get()
+  const userRecord = getUserRes.data[0]
+  if (!userRecord) {
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  }
+
+  const needCaptcha = await getNeedCaptcha.call(this, {
+    mobile: userRecord.mobile
+  })
+
+  if (needCaptcha) {
+    await verifyCaptcha.call(this, {
+      captcha,
+      scene: CAPTCHA_SCENE.SET_PWD_BY_SMS
+    })
+  }
+
+  try {
+    // 验证手机号验证码，验证不通过时写入失败日志
+    await verifyMobileCode({
+      mobile: userRecord.mobile,
+      code,
+      scene: SMS_SCENE.SET_PWD_BY_SMS
+    })
+  } catch (error) {
+    await this.middleware.uniIdLog({
+      data: {
+        mobile: userRecord.mobile
+      },
+      type: LOG_TYPE.SET_PWD_BY_SMS,
+      success: false
+    })
+    throw error
+  }
+
+  const {
+    passwordHash,
+    version
+  } = new PasswordUtils({
+    clientInfo: this.getUniversalClientInfo(),
+    passwordSecret: this.config.passwordSecret
+  }).generatePasswordHash({
+    password
+  })
+
+  // 更新用户密码
+  await userCollection.doc(uid).update({
+    password: passwordHash,
+    password_secret_version: version
+  })
+
+  await this.middleware.uniIdLog({
+    data: {
+      mobile: userRecord.mobile
+    },
+    type: LOG_TYPE.SET_PWD_BY_SMS
+  })
+
+  return {
+    errCode: 0
+  }
+}

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/module/account/update-pwd.js

@@ -0,0 +1,69 @@
+const {
+  userCollection
+} = require('../../common/constants')
+const {
+  ERROR
+} = require('../../common/error')
+const PasswordUtils = require('../../lib/utils/password')
+/**
+ * 更新密码
+ * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#update-pwd
+ * @param {object} params
+ * @param {string} params.oldPassword 旧密码
+ * @param {string} params.newPassword 新密码
+ * @returns {object}
+ */
+module.exports = async function (params = {}) {
+  const schema = {
+    oldPassword: 'string', // 防止密码规则调整导致旧密码无法更新
+    newPassword: 'password'
+  }
+  this.middleware.validate(params, schema)
+  const uid = this.authInfo.uid
+  const getUserRes = await userCollection.doc(uid).get()
+  const userRecord = getUserRes.data[0]
+  if (!userRecord) {
+    throw {
+      errCode: ERROR.ACCOUNT_NOT_EXISTS
+    }
+  }
+  const {
+    oldPassword,
+    newPassword
+  } = params
+  const passwordUtils = new PasswordUtils({
+    userRecord,
+    clientInfo: this.getUniversalClientInfo(),
+    passwordSecret: this.config.passwordSecret
+  })
+
+  const {
+    success: checkPasswordSuccess
+  } = passwordUtils.checkUserPassword({
+    password: oldPassword,
+    autoRefresh: false
+  })
+
+  if (!checkPasswordSuccess) {
+    throw {
+      errCode: ERROR.PASSWORD_ERROR
+    }
+  }
+
+  const {
+    passwordHash,
+    version
+  } = passwordUtils.generatePasswordHash({
+    password: newPassword
+  })
+
+  await userCollection.doc(uid).update({
+    password: passwordHash,
+    password_secret_version: version,
+    valid_token_date: Date.now() // refreshToken时会校验，如果创建token时间在此时间点之前，则拒绝下发新token，返回token失效错误码
+  })
+  // 执行更新密码操作后客户端应将用户退出重新登录
+  return {
+    errCode: 0
+  }
+}