This commit is contained in:
Jay
2021-09-01 21:15:26 +08:00
parent 2e05f90851
commit 94837efdee
6 changed files with 51 additions and 45 deletions
+9 -2
View File
@@ -3,9 +3,10 @@ const util = require('util')
const url = require('url')
const sso = require('src/utils/sso/index.js')
const { get: getCacheInstance } = require('src/utils/cache.js')
const { codeMessage, APIError } = require('src/utils/response/index.js')
const { resp, codeMessage, APIError } = require('src/utils/response/index.js')
const config = require('src/config/index.js')
const { jwt } = require('src/utils/pkgs.js')
const acl = require('src/utils/acl.js')
const { copyObject } = require('src/utils/index.js')
const controller = {}
module.exports = controller
@@ -34,6 +35,12 @@ controller.verifyCode = () => async (ctx) => {
try {
const token = await sso.getToken(code, sessionState)
if (!acl.checkAllow(token.groups)) {
const copy = copyObject(resp.Forbidden)
copy.object = codeMessage.CodeAccountNoPermission
throw new APIError('account no permission', copy)
}
// set accessToken/refreshToken cache
cache.set(token.access_token, token.refresh_token, false)