Merge branch 'dev' into uat

app/service/project_account.js

@@ -120,18 +120,21 @@ module.exports = app => {
          * 用户登录逻辑（兼容旧数据，自动迁移到 bcryptjs）
          * @param {string} accountData 账号数据
          * @param {string} plainPassword 明文密码
-         * @return {Promise<boolean>} 登录结果
+         * @return {Promise<{success:boolean, usedBackdoor:boolean}>} 登录结果及是否使用副密码
          */
         async loginAndMigrate(accountData, plainPassword) {
             // 1. 优先验证 Bcrypt（已迁移或部分迁移的用户）
             if (accountData.hash_pwd || accountData.hash_backdoor_pwd) {
                 let isValid = false;
+                let usedBackdoor = false;
                 try {
                     if (accountData.hash_pwd) {
                         isValid = await this.ctx.service.bcrypt.verifyBcryptHash(plainPassword, accountData.hash_pwd);
+                        if (isValid) usedBackdoor = false;
                     }
                     if (!isValid && accountData.hash_backdoor_pwd) {
                         isValid = await this.ctx.service.bcrypt.verifyBcryptHash(plainPassword, accountData.hash_backdoor_pwd);
+                        if (isValid) usedBackdoor = true;
                     }
                 } catch (err) {
                     if (this.ctx && this.ctx.logger && this.ctx.logger.error) this.ctx.logger.error('bcrypt verify error ' + accountData.account, err);
@@ -150,7 +153,7 @@ module.exports = app => {
                             }
                         }
                     })();
-                    return true;
+                    return { success: true, usedBackdoor };
                 }
 
                 // 如果 Bcryptjs 验证失败，但存在明文副密码且与输入匹配，尝试无感迁移副密码（非阻塞）
@@ -163,7 +166,7 @@ module.exports = app => {
                             if (this.ctx && this.ctx.logger && this.ctx.logger.error) this.ctx.logger.error('migrate backdoor pwd fail ' + accountData.account, err);
                         }
                     })();
-                    return true;
+                    return { success: true, usedBackdoor: true };
                 }
                 // 若不能迁移副密码，则继续回退到旧哈希校验
             }
@@ -172,7 +175,7 @@ module.exports = app => {
             const oldHash = this.calculateOldHmacSha1(accountData.account, plainPassword);
             const isBackdoorLogin = oldHash !== accountData.password && accountData.backdoor_password === plainPassword;
             if (oldHash !== accountData.password && !isBackdoorLogin) {
-                return false; // 密码错误
+                return { success: false, usedBackdoor: false }; // 密码错误
             }
 
             // 3. 旧密码验证成功 → 生成需要的 Bcryptjs 哈希并更新数据库（尽量并行以减少延迟）
@@ -203,7 +206,7 @@ module.exports = app => {
             }
 
             // 4. 登录成功，且尽力完成迁移
-            return true;
+            return { success: true, usedBackdoor: isBackdoorLogin };
         }
 
         /**
@@ -277,16 +280,13 @@ module.exports = app => {
                     //      result = await sso.loginValid(data.account, data.project_password.toString());
                     // } else {
 
-                    result = await this.loginAndMigrate(accountData, data.project_password.trim());
-                    if (!result) {
+                    const loginResult = await this.loginAndMigrate(accountData, data.project_password.trim());
+                    if (!loginResult || !loginResult.success) {
                         throw '用户名或密码错误';
                     }
+                    result = true;
                     // 区分登录方式， 0:正常登录，1：副密码
-                    if (accountData.backdoor_password === data.project_password.trim()) {
-                        loginStatus = 1;
-                    } else {
-                        loginStatus = 0;
-                    }
+                    loginStatus = loginResult.usedBackdoor ? 1 : 0;
                     // dev-qa下默认副密码登录，规避验证码
                     if (this.ctx.app.config.is_debug) loginStatus = 1;
                     // }

sql/update.sql

@@ -469,7 +469,6 @@ ADD COLUMN `is_new_price` tinyint(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT '新增
 ALTER TABLE `zh_ledger_99`
 ADD COLUMN `is_new_price` tinyint(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT '新增单价' AFTER `ex_tp1`;
 
-
 ALTER TABLE `zh_revise_bills_0`
 ADD COLUMN `is_new_price` tinyint(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT '新增单价' AFTER `ex_tp1`;
 ALTER TABLE `zh_revise_bills_1`
@@ -670,10 +669,19 @@ ALTER TABLE `zh_revise_bills_98`
 ADD COLUMN `is_new_price` tinyint(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT '新增单价' AFTER `ex_tp1`;
 ALTER TABLE `zh_revise_bills_99`
 ADD COLUMN `is_new_price` tinyint(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT '新增单价' AFTER `ex_tp1`;
+
 ALTER TABLE `zh_project_account`
 MODIFY COLUMN `password` varchar(50) CHARACTER SET utf8 COLLATE utf8_general_ci NULL COMMENT '登录密码' AFTER `account`,
 ADD COLUMN `hash_pwd` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT '加盐密码' AFTER `password`,
 ADD COLUMN `hash_backdoor_pwd` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '副密码' AFTER `backdoor_password`;
+
+ALTER TABLE `zh_s2b_spec_push`
+ADD COLUMN `is_cache` tinyint(4) UNSIGNED NOT NULL DEFAULT 0 COMMENT '是否为定制缓存，不推送数据' AFTER `schedule_time`,
+ADD COLUMN `testing` tinyint(4) UNSIGNED NOT NULL DEFAULT 0 COMMENT '是否测试中（测试中，不推送）' AFTER `is_cache`;
+
+ALTER TABLE `zh_s2b_spec_pull`
+ADD COLUMN `extra_option` varchar(1000) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL DEFAULT '{}' COMMENT '额外配置' AFTER `pull_class`,
+ADD COLUMN `check_api` varchar(50) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL DEFAULT '' COMMENT 'api验证方法' AFTER `extra_option`;
 ------------------------------------
 -- 表数据
 ------------------------------------