feat: session id (#4817)

* feat: session id * feat: Add default index
2025-07-22 20:37:48 +00:00 · 2025-05-14 17:24:02 +08:00
parent cba8f773fe
commit a4db03a3b7
10 changed files with 248 additions and 75 deletions
--- a/packages/service/support/permission/controller.ts
+++ b/packages/service/support/permission/controller.ts
@@ -20,6 +20,7 @@ import { type MemberGroupSchemaType } from '@fastgpt/global/support/permission/m
 import { type TeamMemberSchema } from '@fastgpt/global/support/user/team/type';
 import { type OrgSchemaType } from '@fastgpt/global/support/user/team/org/type';
 import { getOrgIdSetWithParentByTmbId } from './org/controllers';
+import { authUserSession } from '../user/session';

 /** get resource permission for a team member
 * If there is no permission for the team member, it will return undefined
@@ -213,51 +214,6 @@ export const delResourcePermission = ({
 };

 /* 下面代码等迁移 */
-/* create token */
-export function createJWT(user: {
-  _id?: string;
-  team?: { teamId?: string; tmbId: string };
-  isRoot?: boolean;
-}) {
-  const key = process.env.TOKEN_KEY as string;
-  const token = jwt.sign(
-    {
-      userId: String(user._id),
-      teamId: String(user.team?.teamId),
-      tmbId: String(user.team?.tmbId),
-      isRoot: user.isRoot,
-      exp: Math.floor(Date.now() / 1000) + 60 * 60 * 24 * 7
-    },
-    key
-  );
-  return token;
-}
-
-// auth token
-export function authJWT(token: string) {
-  return new Promise<{
-    userId: string;
-    teamId: string;
-    tmbId: string;
-    isRoot: boolean;
-  }>((resolve, reject) => {
-    const key = process.env.TOKEN_KEY as string;
-
-    jwt.verify(token, key, (err, decoded: any) => {
-      if (err || !decoded?.userId) {
-        reject(ERROR_ENUM.unAuthorization);
-        return;
-      }
-
-      resolve({
-        userId: decoded.userId,
-        teamId: decoded.teamId || '',
-        tmbId: decoded.tmbId,
-        isRoot: decoded.isRoot
-      });
-    });
-  });
-}

 export async function parseHeaderCert({
  req,
@@ -275,7 +231,7 @@ export async function parseHeaderCert({
      return Promise.reject(ERROR_ENUM.unAuthorization);
    }

-    return await authJWT(cookieToken);
+    return authUserSession(cookieToken);
  }
  // from authorization get apikey
  async function parseAuthorization(authorization?: string) {
@@ -345,6 +301,7 @@ export async function parseHeaderCert({
      if (authToken && (token || cookie)) {
        // user token(from fastgpt web)
        const res = await authCookieToken(cookie, token);
+
        return {
          uid: res.userId,
          teamId: res.teamId,