Merge pull request #106 from import-ai/feat/wechat

feat(wechat): support wechat login

Author: hewenguang

.env.example

@@ -24,3 +24,9 @@ OBB_MEILI_KEY=meili_master_key
 OBB_OPENAI_URL=https://api.openai.com/v1
 OBB_OPENAI_KEY=***
 OBB_OPENAI_EMBEDDING_MODEL=text-embedding-v1
+
+OBB_WECHAT_APP_ID=
+OBB_WECHAT_APP_SECRET=
+OBB_OPEN_WECHAT_APP_ID=
+OBB_OPEN_WECHAT_APP_SECRET=
+OBB_WECHAT_REDIRECT_URI=

README.md

@@ -1,28 +1,50 @@
 # OmniBox Backend
 
+## Project Introduction
+
+OmniBox Backend is a backend service developed based on the NestJS framework, providing user authentication, file management, conversation management, and other functionalities.
+
+## Main Features
+
+### File Management
+
+- Supports file upload, download, and management
+- Integrated MinIO object storage
+
+### Conversation Management
+
+- Supports multi-user conversations
+- Message history records
+
+### Permission Management
+
+- Namespace-based permission control
+- User group management
+- Resource permission allocation
+
 ## Dev
 
 ### Docker
 
-+ Watch & Debug mode
+- Watch & Debug mode
 
   ```shell
   docker compose -f base.yaml -f dev.yaml up -d
   ```
 
-+ Build mode
+- Build mode
 
   ```shell
   docker compose -f base.yaml -f build.yaml up -d --build
   ```
 
-+ Run with persistence postgres and minio data
+- Run with persistence postgres and minio data
 
   ```shell
   docker compose ... -f persistence.yaml ...
   ```
 
-+ Run with pgadmin
+- Run with pgadmin
 
   ```shell
   docker compose ... -f pgadmin.yaml ...
@@ -31,7 +53,7 @@
 Then login with:
 
 | Name     | Value            |
-|----------|------------------|
+| -------- | ---------------- |
 | Username | `omnibox@qq.com` |
 | Password | `Passw0rd`       |
 
@@ -50,3 +72,12 @@ $ pnpm run start:dev
 # Production mode
 $ pnpm run start:prod
 ```
+
+## Tech Stack
+
+- **Framework**: NestJS
+- **Database**: PostgreSQL + TypeORM
+- **Object Storage**: MinIO
+- **Authentication**: JWT + Passport
+- **Email Service**: Nodemailer
+- **Search**: Meilisearch

package-lock.json

@@ -22,9 +22,11 @@ import { SearchModule } from 'src/search/search.module';
 import { InvitationsModule } from 'src/invitations/invitations.module';
 import { LoggerMiddleware } from './logger.middleware';
 import { UserOptions1751904560034 } from 'src/migrations/1751904560034-user-options';
+import { UserBindings1752652489640 } from 'src/migrations/1752652489640-user-bindings.ts';
 import { Tags1751905414493 } from 'src/migrations/1751905414493-tags';
 import { Init1751900000000 } from 'src/migrations/1751900000000-init';
 import { SnakeNamingStrategy } from 'typeorm-naming-strategies';
+import { NullUserEmail1752814358259 } from 'src/migrations/1752814358259-null-user-email';
 
 @Module({
   controllers: [AppController],
@@ -80,8 +82,10 @@ import { SnakeNamingStrategy } from 'typeorm-naming-strategies';
         maxQueryExecutionTime: config.get('OBB_DB_EXEC_TIME', 0),
         migrations: [
           Init1751900000000,
-          UserOptions1751904560034,
           Tags1751905414493,
+          UserOptions1751904560034,
+          UserBindings1752652489640,
+          NullUserEmail1752814358259,
         ],
         migrationsRun: true,
         namingStrategy: new SnakeNamingStrategy(),

src/app/app.module.ts

@@ -20,8 +20,8 @@ export class AuthController {
   @Public()
   @Post('login')
   @HttpCode(200)
-  async login(@Request() req) {
-    return await this.authService.login(req.user.email);
+  login(@Request() req) {
+    return this.authService.login(req.user);
   }
 
   @Public()

src/auth/auth.controller.ts

@@ -14,12 +14,15 @@ import { InternalAuthController } from 'src/auth/internal.auth.controller';
 import { NamespacesModule } from 'src/namespaces/namespaces.module';
 import { GroupsModule } from 'src/groups/groups.module';
 import { PermissionsModule } from 'src/permissions/permissions.module';
+import { WechatService } from 'src/auth/wechat.service';
+import { WechatController } from 'src/auth/wechat.controller';
 
 @Module({
-  exports: [AuthService],
-  controllers: [AuthController, InternalAuthController],
+  exports: [AuthService, WechatService],
+  controllers: [AuthController, InternalAuthController, WechatController],
   providers: [
     AuthService,
+    WechatService,
     JwtStrategy,
     LocalStrategy,
     {

src/auth/auth.module.ts

@@ -1,5 +1,6 @@
-import { DataSource, EntityManager } from 'typeorm';
 import { JwtService } from '@nestjs/jwt';
+import { User } from 'src/user/entities/user.entity';
+import { DataSource, EntityManager } from 'typeorm';
 import { MailService } from 'src/mail/mail.service';
 import { UserService } from 'src/user/user.service';
 import { NamespacesService } from 'src/namespaces/namespaces.service';
@@ -46,19 +47,12 @@ export class AuthService {
     };
   }
 
-  async login(email: string) {
-    const account = await this.userService.findByEmail(email);
-    if (!account) {
-      throw new BadRequestException('User not found');
-    }
-    const payload: LoginPayloadDto = {
-      email: account.email,
-      sub: account.id,
-    };
+  login(user: User) {
     return {
-      id: account.id,
-      username: account.username,
-      access_token: this.jwtService.sign(payload),
+      id: user.id,
+      access_token: this.jwtService.sign({
+        sub: user.id,
+      }),
     };
   }
 
@@ -114,10 +108,8 @@ export class AuthService {
       }
       return {
         id: user.id,
-        username: user.username,
         access_token: this.jwtService.sign({
           sub: user.id,
-          email: user.email,
         }),
       };
     });
@@ -133,12 +125,12 @@ export class AuthService {
     if (!user) {
       throw new NotFoundException('User not found.');
     }
-    const payload: LoginPayloadDto = { email: user.email, sub: user.id };
+    const payload: LoginPayloadDto = { email: user.email!, sub: user.id };
     const token = this.jwtService.sign(payload, {
       expiresIn: '1h',
     });
     const mailSendUri = `${url}?token=${token}`;
-    await this.mailService.sendPasswordEmail(user.email, mailSendUri);
+    await this.mailService.sendPasswordEmail(user.email!, mailSendUri);
     // return { url: mailSendUri };
   }
 

src/auth/auth.service.ts

@@ -0,0 +1,11 @@
+import { IsString } from 'class-validator';
+
+export class WechatCheckResponseDto {
+  @IsString()
+  status: 'pending' | 'success' | 'expired';
+
+  user?: {
+    id: string;
+    access_token: string;
+  };
+}

src/auth/dto/wechat-login.dto.ts

@@ -0,0 +1,29 @@
+import { WechatService } from './wechat.service';
+import { Public } from 'src/auth/decorators/public.decorator';
+import { Get, Query, Controller } from '@nestjs/common';
+
+@Controller('api/v1/wechat')
+export class WechatController {
+  constructor(private readonly wechatService: WechatService) {}
+
+  @Public()
+  @Get('qrcode')
+  getQrCode() {
+    return this.wechatService.getQrCodeParams();
+  }
+
+  @Public()
+  @Get('callback')
+  async handleCallback(
+    @Query('code') code: string,
+    @Query('state') state: string,
+  ) {
+    return await this.wechatService.handleCallback(code, state);
+  }
+
+  @Public()
+  @Get('auth-url')
+  getAuthUrl() {
+    return this.wechatService.getWechatAuthUrl();
+  }
+}