Boonlive_RD_Web/Web_BAI_Manage_ApiServer
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6490fc427fb4c602be8ce77e522821606963e20b
Web_BAI_Manage_ApiServer/script/pocketbase.newpb.js
XuJiacheng 6490fc427f feat: 增强 PocketBase hooks 认证功能 
- 更新微信登录、平台注册/登录、资料更新、token 刷新、认证落库等功能,统一使用 openid 作为全平台身份锚点。
- 新增平台用户注册和登录接口,支持手机号和密码认证。
- 实现系统级 token 刷新接口,支持通过微信 code 重新签发 token。
- 新增用户总数查询接口,返回 tbl_auth_users 表中的用户总数。
- 更新 OpenAPI 文档,反映新的接口和数据结构。
- 修改数据库结构,调整字段名称和索引。
- 新增页面示例,展示基本的 HTML 页面结构。
2026-03-25 20:03:46 +08:00

259 lines
11 KiB
JavaScript
Raw Blame History

import fs from 'fs';
import path from 'path';
import { fileURLToPath } from 'url';
import PocketBase from 'pocketbase';
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
function readEnvFile(filePath) {
if (!fs.existsSync(filePath)) return {};
const content = fs.readFileSync(filePath, 'utf8');
const result = {};
for (const rawLine of content.split(/\r?\n/)) {
const line = rawLine.trim();
if (!line || line.startsWith('#')) continue;
const index = line.indexOf('=');
if (index === -1) continue;
const key = line.slice(0, index).trim();
const value = line.slice(index + 1).trim();
result[key] = value;
}
return result;
}
const backendEnv = readEnvFile(path.resolve(__dirname, '..', 'back-end', '.env'));
const PB_URL = (process.env.PB_URL || backendEnv.POCKETBASE_API_URL || 'http://127.0.0.1:8090').replace(/\/+$/, '');
const ADMIN_EMAIL = process.env.PB_ADMIN_EMAIL || backendEnv.PB_ADMIN_EMAIL || '';
const ADMIN_PASSWORD = process.env.PB_ADMIN_PASSWORD || backendEnv.PB_ADMIN_PASSWORD || '';
const AUTH_TOKEN = process.env.POCKETBASE_AUTH_TOKEN || backendEnv.POCKETBASE_AUTH_TOKEN || '';
const pb = new PocketBase(PB_URL);
const collections = [
{
name: 'tbl_auth_users',
type: 'auth',
fields: [
{ name: 'users_convers_id', type: 'text' },
{ name: 'openid', type: 'text', required: true },
{ name: 'org_id', type: 'number' },
{ name: 'users_rank_level', type: 'number' },
{ name: 'users_status', type: 'number' },
{ name: 'users_auth_type', type: 'number' },
{ name: 'users_id', type: 'text' },
{ name: 'users_name', type: 'text' },
{ name: 'users_idtype', type: 'text' },
{ name: 'users_id_number', type: 'text' },
{ name: 'users_phone', type: 'text' },
{ name: 'users_level', type: 'text' },
{ name: 'users_type', type: 'text' },
{ name: 'users_status', type: 'text' },
{ name: 'company_id', type: 'text' },
{ name: 'users_parent_id', type: 'text' },
{ name: 'users_promo_code', type: 'text' },
{ name: 'users_id_pic_a', type: 'file', options: { maxSelect: 1, mimeTypes: ['image/jpeg', 'image/png', 'image/webp'] } },
{ name: 'users_id_pic_b', type: 'file', options: { maxSelect: 1, mimeTypes: ['image/jpeg', 'image/png', 'image/webp'] } },
{ name: 'users_title_picture', type: 'file', options: { maxSelect: 1, mimeTypes: ['image/jpeg', 'image/png', 'image/webp'] } },
{ name: 'users_picture', type: 'text' },
{ name: 'usergroups_id', type: 'text' }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_users_users_convers_id ON tbl_auth_users (users_convers_id)',
'CREATE UNIQUE INDEX idx_tbl_auth_users_openid ON tbl_auth_users (openid)',
'CREATE INDEX idx_tbl_auth_users_org_id ON tbl_auth_users (org_id)',
'CREATE INDEX idx_tbl_auth_users_users_rank_level ON tbl_auth_users (users_rank_level)',
'CREATE INDEX idx_tbl_auth_users_users_status ON tbl_auth_users (users_status)',
'CREATE INDEX idx_tbl_auth_users_users_auth_type ON tbl_auth_users (users_auth_type)',
// Allow unbound users with empty phone while still speeding up phone lookups.
'CREATE INDEX idx_tbl_auth_users_users_phone ON tbl_auth_users (users_phone)',
'CREATE INDEX idx_tbl_auth_users_company_id ON tbl_auth_users (company_id)',
'CREATE INDEX idx_tbl_auth_users_usergroups_id ON tbl_auth_users (usergroups_id)',
'CREATE INDEX idx_tbl_auth_users_users_parent_id ON tbl_auth_users (users_parent_id)'
]
},
{
name: 'tbl_auth_resources',
type: 'base',
fields: [
{ name: 'res_id', type: 'text', required: true },
{ name: 'table_name', type: 'text', required: true },
{ name: 'column_name', type: 'text' },
{ name: 'res_type', type: 'text', required: true }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_resources_res_id ON tbl_auth_resources (res_id)',
'CREATE INDEX idx_tbl_auth_resources_table_name ON tbl_auth_resources (table_name)',
'CREATE INDEX idx_tbl_auth_resources_res_type ON tbl_auth_resources (res_type)',
'CREATE UNIQUE INDEX idx_tbl_auth_resources_unique_res ON tbl_auth_resources (table_name, column_name, res_type)'
]
},
{
name: 'tbl_auth_roles',
type: 'base',
fields: [
{ name: 'role_id', type: 'text', required: true },
{ name: 'role_name', type: 'text', required: true },
{ name: 'role_code', type: 'text' },
{ name: 'role_status', type: 'number' },
{ name: 'role_remark', type: 'text' }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_roles_role_id ON tbl_auth_roles (role_id)',
'CREATE UNIQUE INDEX idx_tbl_auth_roles_role_name ON tbl_auth_roles (role_name)',
'CREATE UNIQUE INDEX idx_tbl_auth_roles_role_code ON tbl_auth_roles (role_code)'
]
},
{
name: 'tbl_auth_role_perms',
type: 'base',
fields: [
{ name: 'role_perm_id', type: 'text', required: true },
{ name: 'role_id', type: 'text', required: true },
{ name: 'res_id', type: 'text', required: true },
{ name: 'access_level', type: 'number', required: true },
{ name: 'priority', type: 'number' }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_role_perms_role_perm_id ON tbl_auth_role_perms (role_perm_id)',
'CREATE INDEX idx_tbl_auth_role_perms_role_id ON tbl_auth_role_perms (role_id)',
'CREATE INDEX idx_tbl_auth_role_perms_res_id ON tbl_auth_role_perms (res_id)',
'CREATE UNIQUE INDEX idx_tbl_auth_role_perms_unique_map ON tbl_auth_role_perms (role_id, res_id)'
]
},
{
name: 'tbl_auth_user_overrides',
type: 'base',
fields: [
{ name: 'override_id', type: 'text', required: true },
{ name: 'users_convers_id', type: 'text', required: true },
{ name: 'res_id', type: 'text', required: true },
{ name: 'access_level', type: 'number', required: true },
{ name: 'priority', type: 'number' }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_user_overrides_override_id ON tbl_auth_user_overrides (override_id)',
'CREATE INDEX idx_tbl_auth_user_overrides_users_convers_id ON tbl_auth_user_overrides (users_convers_id)',
'CREATE INDEX idx_tbl_auth_user_overrides_res_id ON tbl_auth_user_overrides (res_id)',
'CREATE UNIQUE INDEX idx_tbl_auth_user_overrides_unique_map ON tbl_auth_user_overrides (users_convers_id, res_id)'
]
},
{
name: 'tbl_auth_row_scopes',
type: 'base',
fields: [
{ name: 'scope_id', type: 'text', required: true },
{ name: 'target_type', type: 'text', required: true },
{ name: 'target_id', type: 'text', required: true },
{ name: 'table_name', type: 'text', required: true },
{ name: 'filter_sql', type: 'editor', required: true }
],
indexes: [
'CREATE UNIQUE INDEX idx_tbl_auth_row_scopes_scope_id ON tbl_auth_row_scopes (scope_id)',
'CREATE INDEX idx_tbl_auth_row_scopes_target_type ON tbl_auth_row_scopes (target_type)',
'CREATE INDEX idx_tbl_auth_row_scopes_target_id ON tbl_auth_row_scopes (target_id)',
'CREATE INDEX idx_tbl_auth_row_scopes_table_name ON tbl_auth_row_scopes (table_name)'
]
}
];
async function init() {
try {
console.log('🔄 正在连接 PocketBase API...');
if (AUTH_TOKEN) {
pb.authStore.save(AUTH_TOKEN, null);
console.log('✅ 已使用 POCKETBASE_AUTH_TOKEN 载入认证状态。');
} else if (ADMIN_EMAIL && ADMIN_PASSWORD) {
await pb.collection('_superusers').authWithPassword(ADMIN_EMAIL, ADMIN_PASSWORD);
console.log('✅ 已使用超级管理员账号登录。');
} else {
throw new Error('缺少 PocketBase API 认证信息,请提供 POCKETBASE_AUTH_TOKEN 或 PB_ADMIN_EMAIL/PB_ADMIN_PASSWORD');
}
console.log('🚀 开始初始化 newpb 权限模型表结构...\n');
for (const collectionData of collections) {
await createOrUpdateCollection(collectionData);
}
await verifyCollections(collections);
console.log('\n🎉 newpb 权限模型表结构初始化并校验完成!');
} catch (error) {
console.error('❌ 初始化失败:', error.response?.data || error.message);
process.exitCode = 1;
}
}
async function createOrUpdateCollection(collectionData) {
console.log(`🔄 正在处理表: ${collectionData.name} ...`);
const payload = {
name: collectionData.name,
type: collectionData.type,
fields: collectionData.fields,
indexes: collectionData.indexes,
};
try {
await pb.collections.create(payload);
console.log(`${collectionData.name} 创建完成。`);
} catch (error) {
const nameErrorCode = error.response?.data?.name?.code;
if (
error.status === 400
&& (nameErrorCode === 'validation_not_unique' || nameErrorCode === 'validation_collection_name_exists')
) {
const existing = await pb.collections.getOne(collectionData.name);
await pb.collections.update(existing.id, payload);
console.log(`♻️ ${collectionData.name} 已存在,已按最新结构更新。`);
return;
}
console.error(`❌ 处理集合 ${collectionData.name} 失败:`, {
status: error.status,
message: error.message,
response: error.response?.data,
});
throw error;
}
}
async function verifyCollections(targetCollections) {
console.log('\n🔍 开始校验 newpb 表结构与索引...');
for (const target of targetCollections) {
const remote = await pb.collections.getOne(target.name);
const remoteFieldNames = new Set((remote.fields || []).map((field) => field.name));
const missingFields = target.fields
.map((field) => field.name)
.filter((fieldName) => !remoteFieldNames.has(fieldName));
const remoteIndexes = new Set(remote.indexes || []);
const missingIndexes = target.indexes.filter((indexSql) => !remoteIndexes.has(indexSql));
if (remote.type !== target.type) {
throw new Error(`${target.name} 类型不匹配,期望 ${target.type},实际 ${remote.type}`);
}
if (missingFields.length === 0 && missingIndexes.length === 0) {
console.log(`${target.name} 校验通过。`);
continue;
}
console.log(`${target.name} 校验失败:`);
if (missingFields.length > 0) {
console.log(` - 缺失字段: ${missingFields.join(', ')}`);
}
if (missingIndexes.length > 0) {
console.log(` - 缺失索引: ${missingIndexes.join(' | ')}`);
}
throw new Error(`${target.name} 结构与预期不一致`);
}
}
init();
Reference in New Issue View Git Blame Copy Permalink