整体优化认证

2025-10-02 16:16:39 +08:00 · 2024-04-02 00:00:51 +08:00 · 2024-04-02 00:00:51 +08:00 · 20871f7e50
commit 20871f7e50
parent f686fe09ce
13 changed files with 46 additions and 98 deletions
--- a/app/api/get_voice_token/route.ts
+++ b/app/api/get_voice_token/route.ts
@ -1,5 +1,5 @@
 import { NextRequest, NextResponse } from "next/server";
-import { VerifiedUser } from "@/lib/auth";
+// import { VerifiedUser } from "@/lib/auth";
 import { getServerSideConfig } from "@/app/config/server";
 const serverConfig = getServerSideConfig();
 // Gets an access token.
@ -21,8 +21,8 @@ async function handle(
 ) {
  // 认证

-  const isUser = await VerifiedUser();
-  if (!isUser) return NextResponse.json({ error: "未认证" }, { status: 401 });
+  // const isUser = await VerifiedUser();
+  // if (!isUser) return NextResponse.json({ error: "未认证" }, { status: 401 });

  const get_access_token = await getAccessToken();

--- a/app/api/logs/[...path]/route.ts
+++ b/app/api/logs/[...path]/route.ts
@ -9,7 +9,7 @@ async function handle(
 ) {
  try {
    const request_data = await req.json();
-    console.log("log", request_data);
+    // console.log("log", request_data);
    // if (request_data?.userName) {
    //   await insertUser({
    //     name: request_data?.userName,
--- a/app/app/(admin)/admin/ana/page.tsx
+++ b/app/app/(admin)/admin/ana/page.tsx
@ -1,18 +1,9 @@
 import UsageByModel from "./usage-by-model-chart";
 import UserByMap from "./user-by-map";
-// import { getSession } from "@/lib/auth";
-// import { isName, ADMIN_LIST } from "@/lib/auth_list";
-// import { redirect } from "next/navigation";
+
 import { Flex } from "antd";

 export default async function AdminPage() {
-  // const session = await getSession();
-  // const name = session?.user?.email || session?.user?.name;
-  // if (!(name && ADMIN_LIST.includes(name))) {
-  //   // Replace '/dashboard' with the desired redirect path
-  //   redirect("/");
-  // }
-
  return (
    <>
      <Flex gap="middle" vertical>
--- a/app/app/(admin)/admin/ana/usage-by-model-chart.tsx
+++ b/app/app/(admin)/admin/ana/usage-by-model-chart.tsx
@ -9,9 +9,8 @@ import React, {
 } from "react";

 import * as echarts from "echarts";
-// import { DatePicker } from "@tremor/react";
 import { DatePicker } from "antd";
-import { Col, Row } from "antd";
+import { Row } from "antd";

 import locale from "antd/es/date-picker/locale/zh_CN";
 import "dayjs/locale/zh-cn";
@ -21,10 +20,6 @@ import { EChartsOption } from "echarts";
 import { essos } from "@/lib/charts_theme";
 import { subDays, addDays } from "date-fns";

-// import customParseFormat from 'dayjs/plugin/customParseFormat';
-// dayjs.extend(customParseFormat);
-// const dateFormat = 'YYYY-MM-DD';
-
 interface ComponentProps {
  currentDate: Date;
  setCurrentDate: Dispatch<SetStateAction<Date>>;
--- a/app/app/(admin)/admin/ana/user-by-map.tsx
+++ b/app/app/(admin)/admin/ana/user-by-map.tsx
@ -11,10 +11,7 @@ import React, {
 import Script from "next/script";

 import * as echarts from "echarts";
-// var echarts = require('echarts');
 import "echarts/extension/bmap/bmap";
-// require("echarts");
-// require("echarts/extension/bmap/bmap");

 interface DataItem {
  name: string;
--- a/app/app/(admin)/admin/layout.tsx
+++ b/app/app/(admin)/admin/layout.tsx
@ -4,13 +4,7 @@ import { useSession } from "next-auth/react";
 import { redirect } from "next/navigation";
 import { ADMIN_LIST } from "@/lib/auth_list";
 import React, { ReactNode, useEffect, useState } from "react";
-import {
-  MenuFoldOutlined,
-  MenuUnfoldOutlined,
-  UploadOutlined,
-  UserOutlined,
-  VideoCameraOutlined,
-} from "@ant-design/icons";
+import { MenuFoldOutlined, MenuUnfoldOutlined } from "@ant-design/icons";
 import { Layout, Menu, Button, theme, ConfigProvider, ThemeConfig } from "antd";
 import SideBar from "../components/sidebar";

--- a/app/app/(admin)/admin/users/page.tsx
+++ b/app/app/(admin)/admin/users/page.tsx
@ -1,20 +1,7 @@
 import { Flex } from "antd";
-import prisma from "@/lib/prisma";
-import { User } from "@prisma/client";
 import UsersTablePart from "../../components/users-table";

-// async function getData() {
-//   return await prisma.user.findMany({
-//     orderBy: {
-//       createdAt: "desc",
-//     },
-//   });
-// }
 export default async function UsersPage() {
-  // const users: User[] = await getData();
-
-  // console.log("data", data);
-
  return (
    <>
      <Flex gap="middle" vertical>
--- a/app/app/(admin)/components/sidebar.tsx
+++ b/app/app/(admin)/components/sidebar.tsx
@ -1,17 +1,17 @@
 "use client";

 import React, { useEffect, useState } from "react";
-import Link from "next/link";
+// import Link from "next/link";
 import { useRouter, usePathname } from "next/navigation";

 import {
  AppstoreOutlined,
-  MailOutlined,
-  SettingOutlined,
-  DashboardTwoTone,
+  // MailOutlined,
+  // SettingOutlined,
+  // DashboardTwoTone,
 } from "@ant-design/icons";
 import type { MenuProps, MenuTheme } from "antd";
-import { Menu, Switch } from "antd";
+import { Menu } from "antd";

 type MenuItem = Required<MenuProps>["items"][number];

--- a/app/app/(admin)/components/users-table.tsx
+++ b/app/app/(admin)/components/users-table.tsx
@ -1,12 +1,6 @@
 "use client";

-import React, {
-  Dispatch,
-  SetStateAction,
-  useEffect,
-  useRef,
-  useState,
-} from "react";
+import React, { Dispatch, SetStateAction, useEffect, useState } from "react";
 import { User } from "@prisma/client";
 import { Space, Table, Tag, Input, Button, notification } from "antd";
 import type { GetRef, TableColumnsType } from "antd";
--- a/app/app/(auth)/login/login-button.tsx
+++ b/app/app/(auth)/login/login-button.tsx
@ -3,20 +3,13 @@
 import LoadingDots from "@/app/components/icons/loading-dots";
 import { signIn } from "next-auth/react";
 import { useSearchParams } from "next/navigation";
-import { useState, useEffect } from "react";
-// import { toast } from "sonner";
+import { useState } from "react";

 export default function LoginButton() {
  const [loading, setLoading] = useState(false);

  // Get error message added by next/auth in URL.
  const searchParams = useSearchParams();
-  // const error = searchParams?.get("error");
-  //
-  // useEffect(() => {
-  //   const errorMessage = Array.isArray(error) ? error.pop() : error;
-  //   errorMessage && toast.error(errorMessage);
-  // }, [error]);

  return (
    <button
--- a/app/page.tsx
+++ b/app/page.tsx
@ -4,18 +4,18 @@ import { Home } from "./components/home";

 import { getServerSideConfig } from "./config/server";

-import { getSession } from "@/lib/auth";
-import { isName } from "@/lib/auth_list";
-import { redirect } from "next/navigation";
+// import { getSession } from "@/lib/auth";
+// import { isName } from "@/lib/auth_list";
+// import { redirect } from "next/navigation";

 const serverConfig = getServerSideConfig();

 export default async function App() {
-  const session = await getSession();
-  const name = session?.user?.email || session?.user?.name;
-  if (!(name && isName(name))) {
-    redirect("/login");
-  }
+  // const session = await getSession();
+  // const name = session?.user?.email || session?.user?.name;
+  // if (!(name && isName(name))) {
+  //   redirect("/login");
+  // }

  return (
    <>
--- a/lib/auth_client.ts
+++ b/lib/auth_client.ts
@ -0,0 +1,13 @@
+import {ADMIN_LIST, isName} from "@/lib/auth_list";
+import { JWT } from "next-auth/jwt";
+
+export async function VerifiedUser(session: JWT |null) {
+    const userId = session?.sub
+    const name = session?.email || session?.name
+    return !!(name && isName(name) && userId);
+}
+
+export async function VerifiedAdminUser(session: JWT |null) {
+    const name = session?.email || session?.name
+    return !!(name && ADMIN_LIST.includes(name));
+}
--- a/middleware.ts
+++ b/middleware.ts
@ -1,8 +1,8 @@
 import { NextResponse } from "next/server";
 import type { NextRequest } from "next/server";
 import { getToken } from "next-auth/jwt";
-import { isName, ADMIN_LIST } from "@/lib/auth_list";
-import { VerifiedUser, getSessionName } from "@/lib/auth";
+// import { isName, ADMIN_LIST } from "@/lib/auth_list";
+import { VerifiedUser, VerifiedAdminUser } from "@/lib/auth_client";

 export default async function middleware(req: NextRequest) {
    const url = req.nextUrl;
@ -16,38 +16,22 @@ export default async function middleware(req: NextRequest) {
    }

    const session = await getToken({ req });
-    // const {session} = await getSessionName();
+    const isUser = await VerifiedUser(session);
+    const isAdminUser = await VerifiedAdminUser(session);

    // 管理员页面的api接口还是要认证的
    if (path.startsWith('/api/admin/')) {
-        let is_admin_user = false;
        // 需要确认是管理员
-        if (session && session?.user) {
-            if (ADMIN_LIST.includes(session?.name ?? "")) {
-                is_admin_user = true
-            }
-        }
-        if (!is_admin_user) return NextResponse.json({error: '无管理员授权'}, { status: 401 });
+        if (!isAdminUser) return NextResponse.json({error: '无管理员授权'}, { status: 401 });
    }
-    const userName = session?.name || session?.email
-    if (!isName(userName ?? "") && path !== "/login" ) {
-      // 用处不大，避免漏网之鱼
+    // 不是用户且页面不是登录页
+    if (!isUser && path !== "/login" ) {
      return NextResponse.redirect(new URL("/login", req.url));
    }
-    // 认证有点多此一举，页面中的认证应该已经够了
-    // if (!session && path !== "/login") {
-    //     // 给关键请求特殊待遇
-    //     if (path.startsWith('/api/openai/')) {
-    //          return NextResponse.json(false, {
-    //             status: 401,
-    //          });
-    //     }
-    //     return NextResponse.redirect(new URL("/login", req.url));
-    // } else if (session) {
-    //   // console.log('referer=====', DENY_LIST.includes(session?.name ?? ""))
-    //   if (isName(session?.name ?? "") && path.startsWith("/login"))
-    //     return NextResponse.redirect(new URL("/", req.url));
-    // }
+    // 如果登录了且页面是登录页面
+    if (isUser && path == "/login") {
+        return NextResponse.redirect(new URL("/", req.url))
+    }

    if (path == '/login') {
        return NextResponse.rewrite(