SDK用户注册机制
'use strict';/** Register and Enroll a user //注册用户*/var Fabric_Client = require('fabric-client');var Fabric_CA_Client = require('fabric-ca-client');var path = require('path');var util = require('util');var os = require('os');var fabric_client = new Fabric_Client();var fabric_ca_client = null;var admin_user = null;var member_user = null;var store_path = path.join(__dirname, 'hfc-key-store');console.log(' Store path:'+store_path);// create the key value store as defined in the fabric-client/config/default.json 'key-value-store' settingFabric_Client.newDefaultKeyValueStore({ path: store_path}).then((state_store) => {// assign the store to the fabric clientfabric_client.setStateStore(state_store);var crypto_suite = Fabric_Client.newCryptoSuite();// use the same location for the state store (where the users' certificate are kept)// and the crypto store (where the users' keys are kept)var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path});crypto_suite.setCryptoKeyStore(crypto_store);fabric_client.setCryptoSuite(crypto_suite);var tlsOptions = {trustedRoots: [],verify: false};// be sure to change the http to https when the CA is running TLS enabled通过设置IP和加密模块和路径,绑定好的CA服务,来生成一个CA服务实例fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', null , '', crypto_suite);//检查管理员是否已经注册// first check to see if the admin is already enrolledreturn fabric_client.getUserContext('admin', true);}).then((user_from_store) => { //如果路径存在同时已经注册,则获取管理员账户if (user_from_store && user_from_store.isEnrolled()) {console.log('Successfully loaded admin from persistence');admin_user = user_from_store;} else {throw new Error('Failed to get admin.... run enrollAdmin.js'); //否则重新注册管理员}// at this point we should have the admin user 下一步我们需要管理员账户// first need to register the user with the CA server 通过CA服务,使用用户名、附属组织、管理员账户注册用户return fabric_ca_client.register({enrollmentID: 'user1', affiliation: 'org1.department1'}, admin_user);}).then((secret) => { //注册成功则返回密匙,同时打印出密匙// next we need to enroll the user with CA serverconsole.log('Successfully registered user1 - secret:'+ secret);返回登记的密匙和IDreturn fabric_ca_client.enroll({enrollmentID: 'user1', enrollmentSecret: secret});}).then((enrollment) => { //获得注册信息,生成用户console.log('Successfully enrolled member user "user1" ');return fabric_client.createUser( //客户端调用创建用户方法,通过用户名、组织一证书、注册信息生成私钥文件和签名的证书。{username: 'user1', mspid: 'Org1MSP',cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate }});}).then((user) => {member_user = user; //用户设置为普通用户return fabric_client.setUserContext(member_user); //设置当前用户为客户端的实例}).then(()=>{console.log('User1 was successfully registered and enrolled and is ready to intreact with the fabric network');}).catch((err) => { //如果出错打印错误console.error('Failed to register: ' + err);if(err.toString().indexOf('Authorization') > -1) {console.error('Authorization failures may be caused by having admin credentials from a previous CA instance.\n' +'Try again after deleting the contents of the store directory '+store_path);}});
流程:
设置文件路径,设置加密模块,将二者联系在一起,生成加密模块实例,然后与存在CA服务的IP、TLS设置结合在一起,生成CA服务实例,检查是否注册管理员,注册则将其绑定为管理员,通过CA服务,将用户名、附属组织、管理员来注册,成功则生成密匙。通过密匙和ID来登记用户,通过登记信息来生成用户实例,再将该用户设置为普通用户,同时设置当前用户为客户端的实例,如果出错打印错误。