From 2b33cc4f3fcd7eb3c806ed26f5e6929e6f96e78e Mon Sep 17 00:00:00 2001
From: maslow <wangfugen@126.com>
Date: Thu, 5 Aug 2021 00:14:15 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E7=99=BB=E9=99=86?=
 =?UTF-8?q?=E6=97=B6=E5=8F=91=E6=94=BE=E4=BA=91=E5=87=BD=E6=95=B0=E8=B0=83?=
 =?UTF-8?q?=E8=AF=95=E4=BB=A4=E7=89=8C=EF=BC=9B=E6=94=AF=E6=8C=81=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=20token=20=E8=BF=87=E6=9C=9F=E6=97=B6=E9=97=B4?=
 =?UTF-8?q?=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 packages/devops-server/src/config.ts                |  7 +++++++
 packages/devops-server/src/router/admin/handlers.ts | 13 +++++++++++--
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/packages/devops-server/src/config.ts b/packages/devops-server/src/config.ts
index 2c2b7f176a..3ecdc4f6ea 100644
--- a/packages/devops-server/src/config.ts
+++ b/packages/devops-server/src/config.ts
@@ -109,6 +109,13 @@ export default class Config {
     return (process.env.PORT ?? 9000) as number
   }
 
+  /**
+   * 指定服务端令牌默认过期时间（小时）
+   */
+  static get TOKEN_EXPIRED_TIME(): number{
+    return (process.env.TOKEN_EXPIRED_TIME ?? 24) as number
+  }
+
   /**
    * 是否生产环境
    */
diff --git a/packages/devops-server/src/router/admin/handlers.ts b/packages/devops-server/src/router/admin/handlers.ts
index cae73681e9..c9501ffaa0 100644
--- a/packages/devops-server/src/router/admin/handlers.ts
+++ b/packages/devops-server/src/router/admin/handlers.ts
@@ -3,6 +3,7 @@ import { getToken } from '../../lib/utils/token'
 import { checkPermission, getPermissions } from '../../api/permission'
 import { hashPassword } from '../../lib/utils/hash'
 import { Globals } from '../../lib/globals'
+import Config from '../../config'
 
 const db = Globals.sys_db
 const logger = Globals.logger
@@ -37,8 +38,7 @@ export async function handleAdminLogin(req: Request, res: Response) {
   if (ret.ok && ret.data.length) {
     const admin = ret.data[0]
 
-    // 默认 token 有效期为 7 天
-    const expire = Math.floor(Date.now() / 1000) + 60 * 60 * 24 * 7
+    const expire = Math.floor(Date.now() / 1000) + 60 * 60 * Config.TOKEN_EXPIRED_TIME
     const payload = {
       uid: admin._id,
       type: 'admin',
@@ -47,10 +47,19 @@ export async function handleAdminLogin(req: Request, res: Response) {
     const access_token = getToken(payload)
     logger.info(`[${requestId}] admin login success: ${admin._id} ${username}`)
 
+    let debug_token = undefined
+
+    // if user has debug function permission
+    const canDebug = await checkPermission(admin._id, 'function.debug')
+    if (canDebug === 0) {
+      debug_token = getToken({ uid: admin._id, type: 'debug', exp: expire }, Config.APP_SERVER_SECRET_SALT)
+    }
+
     return res.send({
       code: 0,
       data: {
         access_token,
+        debug_token,
         username,
         uid: admin._id,
         expire