easynode/server/app/controller/ssh.js

const { RSADecryptAsync, AESEncryptAsync, AESDecryptAsync } = require('../utils/encrypt')
const { HostListDB, CredentialsDB } = require('../utils/db-class')
const hostListDB = new HostListDB().getInstance()
const credentialsDB = new CredentialsDB().getInstance()

async function getSSHList({ res }) {
  // console.log('get-host-list')
  let data = await credentialsDB.findAsync({})
  data = data?.map(item => {
    const { name, authType, _id: id, date } = item
    return { id, name, authType, privateKey: '', password: '', date }
  }) || []
  data.sort((a, b) => b.date - a.date)
  res.success({ data })
}

const addSSH = async ({ res, request }) => {
  let { body: { name, authType, password, privateKey, tempKey } } = request
  let record = { name, authType, password, privateKey }
  if (!name || !record[authType]) return res.fail({ data: false, msg: '参数错误' })
  let count = await credentialsDB.countAsync({ name })
  if (count > 0) return res.fail({ data: false, msg: '已存在同名凭证' })

  const clearTempKey = await RSADecryptAsync(tempKey)
  console.log('clearTempKey:', clearTempKey)
  const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
  // console.log(`${ authType }原密文: `, clearSSHKey)
  record[authType] = await AESEncryptAsync(clearSSHKey)
  // console.log(`${ authType }__commonKey加密存储: `, record[authType])
  await credentialsDB.insertAsync({ ...record, date: Date.now() })
  consola.info('添加凭证：', name)
  res.success({ data: '保存成功' })
}

const updateSSH = async ({ res, request }) => {
  let { body: { id, name, authType, password, privateKey, date, tempKey } } = request
  let record = { name, authType, password, privateKey, date }
  if (!id || !name) return res.fail({ data: false, msg: '请输入凭据名称' })
  let oldRecord = await credentialsDB.findOneAsync({ _id: id })
  if (!oldRecord) return res.fail({ data: false, msg: '凭证不存在' })
  // 判断原记录是否存在当前更新记录的认证方式
  if (!oldRecord[authType] && !record[authType]) return res.fail({ data: false, msg: `请输入${ authType === 'password' ? '密码' : '密钥' }` })
  if (!record[authType] && oldRecord[authType]) {
    record[authType] = oldRecord[authType]
  } else {
    const clearTempKey = await RSADecryptAsync(tempKey)
    console.log('clearTempKey:', clearTempKey)
    const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
    // console.log(`${ authType }原密文: `, clearSSHKey)
    record[authType] = await AESEncryptAsync(clearSSHKey)
    // console.log(`${ authType }__commonKey加密存储: `, record[authType])
  }
  await credentialsDB.updateAsync({ _id: id }, record)
  consola.info('修改凭证：', name)
  res.success({ data: '保存成功' })
}

const removeSSH = async ({ res, request }) => {
  let { params: { id } } = request
  let count = await credentialsDB.countAsync({ _id: id })
  if (count === 0) return res.fail({ msg: '凭证不存在' })
  // 将删除的凭证id从host中删除
  let hostList = await hostListDB.findAsync({})
  if (Array.isArray(hostList) && hostList.length > 0) {
    for (let host of hostList) {
      let { credential } = host
      credential = await AESDecryptAsync(credential)
      if (credential === id) {
        host.credential = ''
        await hostListDB.updateAsync({ _id: host._id }, host)
      }
    }
  }
  await hostListDB.compactDatafileAsync()
  consola.info('移除凭证：', id)
  await credentialsDB.removeAsync({ _id: id })
  res.success({ data: '移除成功' })
}

const getCommand = async ({ res, request }) => {
  let { hostId } = request.query
  if (!hostId) return res.fail({ data: false, msg: '参数错误' })
  let hostInfo = await hostListDB.findAsync({})
  let record = hostInfo?.find(item => item._id === hostId)
  consola.info('查询登录后执行的指令：', hostId)
  if (!record) return res.fail({ data: false, msg: 'host not found' }) // host不存在
  const { command } = record
  if (!command) return res.success({ data: false }) // command不存在
  res.success({ data: command }) // 存在
}

module.exports = {
  getSSHList,
  addSSH,
  updateSSH,
  removeSSH,
  getCommand
}