75 lines
1.7 KiB
JavaScript
75 lines
1.7 KiB
JavaScript
import express from 'express';
|
|
import { verifyPassword, getAllPasswords } from '../database.js';
|
|
import { generateUserToken, verifyToken } from '../utils/jwt.js';
|
|
import { loginLimiter } from '../middleware/rateLimit.js';
|
|
|
|
const router = express.Router();
|
|
|
|
/**
|
|
* 用户密码验证
|
|
* POST /api/auth/verify
|
|
* Body: { password: string } 或 { name: string, password: string }
|
|
*/
|
|
router.post('/verify', loginLimiter, (req, res) => {
|
|
const { name, password } = req.body;
|
|
|
|
if (!password) {
|
|
return res.status(400).json({ error: '请提供访问密码' });
|
|
}
|
|
|
|
const result = verifyPassword(name, password);
|
|
|
|
if (!result || !result.valid) {
|
|
return res.status(401).json({ error: '访问密码错误' });
|
|
}
|
|
|
|
const token = generateUserToken(result.name);
|
|
|
|
res.json({
|
|
success: true,
|
|
token,
|
|
message: '验证成功'
|
|
});
|
|
});
|
|
|
|
/**
|
|
* 验证 token 有效性
|
|
* GET /api/auth/verify-token
|
|
* Header: Authorization: Bearer <token>
|
|
*/
|
|
router.get('/verify-token', (req, res) => {
|
|
const authHeader = req.headers.authorization;
|
|
|
|
if (!authHeader || !authHeader.startsWith('Bearer ')) {
|
|
return res.status(401).json({ valid: false, error: '未提供令牌' });
|
|
}
|
|
|
|
const token = authHeader.substring(7);
|
|
const payload = verifyToken(token);
|
|
|
|
if (!payload) {
|
|
return res.status(401).json({ valid: false, error: '令牌无效或已过期' });
|
|
}
|
|
|
|
res.json({
|
|
valid: true,
|
|
user: {
|
|
name: payload.name,
|
|
type: payload.type
|
|
}
|
|
});
|
|
});
|
|
|
|
/**
|
|
* 获取所有可用的密码名称列表(用于下拉选择)
|
|
* GET /api/auth/names
|
|
*/
|
|
router.get('/names', (req, res) => {
|
|
const passwords = getAllPasswords();
|
|
res.json({
|
|
names: passwords.map(p => p.name)
|
|
});
|
|
});
|
|
|
|
export default router;
|