optimize login check flow

Author: chhpt

deps/tencentcloud-sdk-nodejs/tencentcloud/scf/v20180416/models.js

@@ -2762,6 +2762,7 @@ class UpdateFunctionConfigurationRequest extends  AbstractModel {
          */
         this.ClsTopicId = null;
 
+        this.L5Enable = null;
     }
 
     /**
@@ -2794,7 +2795,7 @@ class UpdateFunctionConfigurationRequest extends  AbstractModel {
         this.InstallDependency = 'InstallDependency' in params ? params.InstallDependency : null;
         this.ClsLogsetId = 'ClsLogsetId' in params ? params.ClsLogsetId : null;
         this.ClsTopicId = 'ClsTopicId' in params ? params.ClsTopicId : null;
-
+        this.L5Enable = 'L5Enable' in params ? params.L5Enable : null;
     }
 }
 
@@ -3507,6 +3508,8 @@ class CreateFunctionRequest extends  AbstractModel {
 
 
         this.CodeSecret = null;
+
+        this.L5Enable = null;
     }
 
     /**
@@ -3548,6 +3551,7 @@ class CreateFunctionRequest extends  AbstractModel {
         this.ClsLogsetId = 'ClsLogsetId' in params ? params.ClsLogsetId : null;
         this.ClsTopicId = 'ClsTopicId' in params ? params.ClsTopicId : null;
         this.CodeSecret = 'CodeSecret' in  params ? params.CodeSecret : null;
+        this.L5Enable = 'L5Enable' in params ? params.L5Enable : null;
     }
 }
 

lib/auth/login.js

@@ -39,22 +39,30 @@ const LoginRes = {
 async function loginWithToken() {
     const tcbrc = utils_1.getCredentialConfig();
     if (tcbrc.secretId && tcbrc.secretKey) {
-        return LoginRes.SUCCESS;
+        try {
+            const { secretId, secretKey } = tcbrc;
+            await checkAuth({
+                tmpSecretId: secretId,
+                tmpSecretKey: secretKey
+            });
+            return LoginRes.SUCCESS;
+        }
+        catch (e) {
+            configstore_1.configStore.delete('secretId');
+            configstore_1.configStore.delete('secretKey');
+        }
     }
-    const tmpExpired = Number(tcbrc.tmpExpired) || 0;
-    let refreshExpired = Number(tcbrc.expired) || 0;
-    const now = Date.now();
-    if (now < tmpExpired) {
-        return LoginRes.SUCCESS;
+    if (tcbrc.refreshToken) {
+        try {
+            await checkAuth(tcbrc);
+            return LoginRes.SUCCESS;
+        }
+        catch (e) {
+        }
     }
     let credential;
     try {
-        if (now < refreshExpired) {
-            credential = await auth_1.refreshTmpToken(tcbrc);
-        }
-        else {
-            credential = await auth_1.getAuthTokenFromWeb();
-        }
+        credential = await auth_1.getAuthTokenFromWeb();
     }
     catch (e) {
         return LoginRes.UNKNOWN_ERROR(e.message);
@@ -75,7 +83,16 @@ exports.loginWithToken = loginWithToken;
 async function loginWithKey(secretId, secretKey) {
     const tcbrc = await utils_1.getCredentialConfig();
     if (tcbrc.secretId && tcbrc.secretKey) {
-        return LoginRes.SUCCESS;
+        try {
+            const { secretId, secretKey } = tcbrc;
+            await checkAuth({
+                tmpSecretId: secretId,
+                tmpSecretKey: secretKey
+            });
+            return LoginRes.SUCCESS;
+        }
+        catch (e) {
+        }
     }
     if (!secretId || !secretKey) {
         return LoginRes.INVALID_PARAM('SecretID 或 SecretKey 不能为空');

lib/auth/logout.js

@@ -3,9 +3,20 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const configstore_1 = require("../utils/configstore");
 const constant_1 = require("../constant");
 const logger_1 = require("../logger");
+const auth_1 = require("./auth");
+const utils_1 = require("../utils");
 async function logout() {
-    configstore_1.configStore.delete(constant_1.ConfigItems.credentail);
-    configstore_1.configStore.delete(constant_1.ConfigItems.ssh);
-    logger_1.successLog('注销登录成功！');
+    const credentail = utils_1.getCredentialConfig();
+    try {
+        await auth_1.refreshTmpToken(Object.assign({}, credentail, { isLogout: true }));
+        configstore_1.configStore.delete(constant_1.ConfigItems.credentail);
+        configstore_1.configStore.delete(constant_1.ConfigItems.ssh);
+        logger_1.successLog('注销登录成功！');
+    }
+    catch (e) {
+        configstore_1.configStore.delete(constant_1.ConfigItems.credentail);
+        configstore_1.configStore.delete(constant_1.ConfigItems.ssh);
+        logger_1.successLog('注销登录成功！');
+    }
 }
 exports.logout = logout;

lib/commands/login.js

@@ -17,11 +17,12 @@ async function checkLogin() {
         return true;
     }
     if (credential.refreshToken) {
-        if (Date.now() < Number(credential.tmpExpired)) {
+        try {
+            await env_1.listEnvs();
             return true;
         }
-        else if (Date.now() < Number(credential.expired)) {
-            return true;
+        catch (error) {
+            return false;
         }
     }
     return false;

lib/function/create.js

@@ -46,7 +46,8 @@ async function createFunction(options) {
             ZipFile: base64
         },
         CodeSecret: codeSecret,
-        MemorySize: 256
+        MemorySize: 256,
+        L5Enable: func.config && func.config.l5 ? 'TRUE' : null
     };
     const { config } = func;
     envVariables.length && (params.Environment = { Variables: envVariables });

lib/function/index.js

@@ -152,9 +152,11 @@ async function updateFunctionConfig(options) {
         Key: key,
         Value: config.envVariables[key]
     }));
+    const l5Enable = typeof config.l5 === 'undefined' ? null : (config.l5 ? 'TRUE' : 'FALSE');
     const params = {
         FunctionName: functionName,
-        Namespace: envId
+        Namespace: envId,
+        L5Enable: l5Enable
     };
     envVariables.length && (params.Environment = { Variables: envVariables });
     config.timeout && (params.Timeout = config.timeout);

src/auth/auth.ts

@@ -132,7 +132,7 @@ export async function getAuthTokenFromWeb(): Promise<Credential> {
 
 // 临时密钥过期后，进行续期
 export async function refreshTmpToken(
-    metaData: Credential
+    metaData: Credential & { isLogout?: boolean }
 ): Promise<Credential> {
     const mac = getMacAddress()
     const hash = md5(mac)

src/auth/login.ts

@@ -1,4 +1,4 @@
-import { getAuthTokenFromWeb, refreshTmpToken } from './auth'
+import { getAuthTokenFromWeb } from './auth'
 import { getCredentialConfig, CloudService } from '../utils'
 import { ConfigItems } from '../constant'
 import { configStore } from '../utils/configstore'
@@ -46,27 +46,34 @@ export async function loginWithToken() {
     const tcbrc: Credential = getCredentialConfig()
     // 已有永久密钥
     if (tcbrc.secretId && tcbrc.secretKey) {
-        return LoginRes.SUCCESS
+        try {
+            const { secretId, secretKey } = tcbrc
+            await checkAuth({
+                tmpSecretId: secretId,
+                tmpSecretKey: secretKey
+            })
+            return LoginRes.SUCCESS
+        } catch (e) {
+            // 删除无效的 secret
+            configStore.delete('secretId')
+            configStore.delete('secretKey')
+        }
     }
-    // 如果存在临时密钥，校验临时密钥是否有效，是否需要续期
-    const tmpExpired = Number(tcbrc.tmpExpired) || 0
-    let refreshExpired = Number(tcbrc.expired) || 0
-    const now = Date.now()
 
-    if (now < tmpExpired) {
-        return LoginRes.SUCCESS
+    // 校验临时密钥
+    if (tcbrc.refreshToken) {
+        try {
+            await checkAuth(tcbrc)
+            return LoginRes.SUCCESS
+        } catch (e) {
+            // 忽略错误，继续进行
+        }
     }
 
     let credential
 
     try {
-        if (now < refreshExpired) {
-            // 临时 token 过期，自动续期
-            credential = await refreshTmpToken(tcbrc)
-        } else {
-            // 通过腾讯云-云开发控制台获取授权
-            credential = await getAuthTokenFromWeb()
-        }
+        credential = await getAuthTokenFromWeb()
     } catch (e) {
         return LoginRes.UNKNOWN_ERROR(e.message)
     }
@@ -90,7 +97,16 @@ export async function loginWithKey(secretId?: string, secretKey?: string) {
     const tcbrc: Credential = await getCredentialConfig()
     // 已有永久密钥
     if (tcbrc.secretId && tcbrc.secretKey) {
-        return LoginRes.SUCCESS
+        try {
+            const { secretId, secretKey } = tcbrc
+            await checkAuth({
+                tmpSecretId: secretId,
+                tmpSecretKey: secretKey
+            })
+            return LoginRes.SUCCESS
+        } catch (e) {
+            // 忽略错误
+        }
     }
 
     if (!secretId || !secretKey) {

src/auth/logout.ts

@@ -1,10 +1,26 @@
 import { configStore } from '../utils/configstore'
 import { ConfigItems } from '../constant'
 import { successLog } from '../logger'
+import { refreshTmpToken } from './auth'
+import { getCredentialConfig } from '../utils'
+// import { CloudBaseError } from '../error'
 
 // 注销登录信息
 export async function logout() {
-    configStore.delete(ConfigItems.credentail)
-    configStore.delete(ConfigItems.ssh)
-    successLog('注销登录成功！')
+    const credentail = getCredentialConfig()
+
+    try {
+        await refreshTmpToken({
+            ...credentail,
+            isLogout: true
+        })
+        configStore.delete(ConfigItems.credentail)
+        configStore.delete(ConfigItems.ssh)
+        successLog('注销登录成功！')
+    } catch (e) {
+        configStore.delete(ConfigItems.credentail)
+        configStore.delete(ConfigItems.ssh)
+        // throw new CloudBaseError('云端设备登录记录删除失败，请手动删除！')
+        successLog('注销登录成功！')
+    }
 }

src/commands/login.ts

@@ -15,14 +15,13 @@ async function checkLogin() {
         return true
     }
 
-    // 存在临时密钥信息
+    // 尝试获取环境列表，判断是否登录
     if (credential.refreshToken) {
-        // 临时密钥在有效期内，可以直接使用
-        if (Date.now() < Number(credential.tmpExpired)) {
-            return true
-        } else if (Date.now() < Number(credential.expired)) {
-            // 临时密钥超过两小时有效期，但在 1 个月 refresh 有效期内，刷新临时密钥
+        try {
+            await listEnvs()
             return true
+        } catch (error) {
+            return false
         }
     }