V4.6.6-1 (#656)

projects/app/src/pages/api/support/user/account/loginByPassword.ts

@@ -0,0 +1,60 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@fastgpt/service/common/response';
+import { MongoUser } from '@fastgpt/service/support/user/schema';
+import { createJWT, setCookie } from '@fastgpt/service/support/permission/controller';
+import { connectToDatabase } from '@/service/mongo';
+import { getUserDetail } from '@fastgpt/service/support/user/controller';
+import type { PostLoginProps } from '@fastgpt/global/support/user/api.d';
+import { UserStatusEnum } from '@fastgpt/global/support/user/constant';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    await connectToDatabase();
+    const { username, password, tmbId = '' } = req.body as PostLoginProps;
+
+    if (!username || !password) {
+      throw new Error('缺少参数');
+    }
+
+    // 检测用户是否存在
+    const authCert = await MongoUser.findOne(
+      {
+        username
+      },
+      'status'
+    );
+    if (!authCert) {
+      throw new Error('用户未注册');
+    }
+
+    if (authCert.status === UserStatusEnum.forbidden) {
+      throw new Error('账号已停用，无法登录');
+    }
+
+    const user = await MongoUser.findOne({
+      username,
+      password
+    });
+
+    if (!user) {
+      throw new Error('密码错误');
+    }
+
+    const userDetail = await getUserDetail({ tmbId, userId: user._id });
+
+    const token = createJWT(userDetail);
+    setCookie(res, token);
+
+    jsonRes(res, {
+      data: {
+        user: userDetail,
+        token
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

projects/app/src/pages/api/support/user/account/loginout.ts

@@ -0,0 +1,15 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@fastgpt/service/common/response';
+import { clearCookie } from '@fastgpt/service/support/permission/controller';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    clearCookie(res);
+    jsonRes(res);
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

projects/app/src/pages/api/support/user/account/tokenLogin.ts

@@ -0,0 +1,21 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@fastgpt/service/common/response';
+import { authCert } from '@fastgpt/service/support/permission/auth/common';
+import { connectToDatabase } from '@/service/mongo';
+import { getUserDetail } from '@fastgpt/service/support/user/controller';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    await connectToDatabase();
+    const { tmbId } = await authCert({ req, authToken: true });
+
+    jsonRes(res, {
+      data: await getUserDetail({ tmbId })
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

projects/app/src/pages/api/support/user/account/update.ts

@@ -0,0 +1,54 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@fastgpt/service/common/response';
+import { MongoUser } from '@fastgpt/service/support/user/schema';
+import { authCert } from '@fastgpt/service/support/permission/auth/common';
+import { UserUpdateParams } from '@/types/user';
+import { getAIApi, openaiBaseUrl } from '@fastgpt/service/core/ai/config';
+import { connectToDatabase } from '@/service/mongo';
+
+/* update user info */
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    await connectToDatabase();
+    const { avatar, timezone, openaiAccount } = req.body as UserUpdateParams;
+
+    const { userId } = await authCert({ req, authToken: true });
+
+    // auth key
+    if (openaiAccount?.key) {
+      console.log('auth user openai key', openaiAccount?.key);
+      const baseUrl = openaiAccount?.baseUrl || openaiBaseUrl;
+      openaiAccount.baseUrl = baseUrl;
+
+      const ai = getAIApi(openaiAccount);
+
+      const response = await ai.chat.completions.create({
+        model: 'gpt-3.5-turbo',
+        max_tokens: 1,
+        messages: [{ role: 'user', content: 'hi' }]
+      });
+      if (response?.choices?.[0]?.message?.content === undefined) {
+        throw new Error('Key response is empty');
+      }
+    }
+
+    // 更新对应的记录
+    await MongoUser.updateOne(
+      {
+        _id: userId
+      },
+      {
+        ...(avatar && { avatar }),
+        ...(timezone && { timezone }),
+        openaiAccount: openaiAccount?.key ? openaiAccount : null
+      }
+    );
+
+    jsonRes(res);
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

projects/app/src/pages/api/support/user/account/updatePasswordByOld.ts

@@ -0,0 +1,44 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@fastgpt/service/common/response';
+import { authCert } from '@fastgpt/service/support/permission/auth/common';
+import { MongoUser } from '@fastgpt/service/support/user/schema';
+import { connectToDatabase } from '@/service/mongo';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    await connectToDatabase();
+    const { oldPsw, newPsw } = req.body as { oldPsw: string; newPsw: string };
+
+    if (!oldPsw || !newPsw) {
+      throw new Error('Params is missing');
+    }
+
+    const { userId } = await authCert({ req, authToken: true });
+
+    // auth old password
+    const user = await MongoUser.findOne({
+      _id: userId,
+      password: oldPsw
+    });
+
+    if (!user) {
+      throw new Error('user.Old password is error');
+    }
+
+    // 更新对应的记录
+    await MongoUser.findByIdAndUpdate(userId, {
+      password: newPsw
+    });
+
+    jsonRes(res, {
+      data: {
+        user
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}