diff --git a/app/app/(admin)/admin/page.tsx b/app/app/(admin)/admin/page.tsx index de848bd2c..c8411dab9 100644 --- a/app/app/(admin)/admin/page.tsx +++ b/app/app/(admin)/admin/page.tsx @@ -8,7 +8,8 @@ import { // DatePicker, } from "@tremor/react"; import UsageByModel from "./usage-by-model-chart"; -import { getSession, ADMIN_LIST, isName } from "@/lib/auth"; +import { getSession } from "@/lib/auth"; +import { isName, ADMIN_LIST } from "@/lib/auth_list"; import { redirect } from "next/navigation"; export default async function AdminPage() { diff --git a/app/app/(auth)/layout.tsx b/app/app/(auth)/layout.tsx index cc4df20a9..a37b6f11d 100644 --- a/app/app/(auth)/layout.tsx +++ b/app/app/(auth)/layout.tsx @@ -3,7 +3,8 @@ import { Metadata } from "next"; import { ReactNode } from "react"; // import { useEffect } from "react"; // import {useSession} from "next-auth/react"; -import { getSession, isName } from "@/lib/auth"; +import { getSession } from "@/lib/auth"; +import { isName } from "@/lib/auth_list"; import { redirect } from "next/navigation"; export const metadata: Metadata = { diff --git a/app/app/(auth)/login/user-login-button.tsx b/app/app/(auth)/login/user-login-button.tsx index 1c4d80e0a..8dfa51718 100644 --- a/app/app/(auth)/login/user-login-button.tsx +++ b/app/app/(auth)/login/user-login-button.tsx @@ -2,7 +2,7 @@ import { signIn } from "next-auth/react"; import React, { useState, useEffect, useRef } from "react"; -import { isName } from "@/lib/auth"; +import { isName } from "@/lib/auth_list"; export default function UserLoginButton() { const [loading, setLoading] = useState(false); diff --git a/app/page.tsx b/app/page.tsx index ac5999ee7..134a8f75e 100644 --- a/app/page.tsx +++ b/app/page.tsx @@ -4,7 +4,8 @@ import { Home } from "./components/home"; import { getServerSideConfig } from "./config/server"; -import { getSession, isName } from "@/lib/auth"; +import { getSession } from "@/lib/auth"; +import { isName } from "@/lib/auth_list"; import { redirect } from "next/navigation"; const serverConfig = getServerSideConfig(); diff --git a/lib/auth.ts b/lib/auth.ts index ff74b6704..48ebb2e37 100644 --- a/lib/auth.ts +++ b/lib/auth.ts @@ -3,16 +3,10 @@ import GitHubProvider from "next-auth/providers/github"; import CredentialsProvider from "next-auth/providers/credentials"; import { PrismaAdapter } from "@next-auth/prisma-adapter"; import prisma from "@/lib/prisma"; - +import { isEmail, isName } from "@/lib/auth_list"; const SECURE_COOKIES:boolean = !!process.env.SECURE_COOKIES; -export const DENY_LIST: string[] = [ - "suibian", "某某", "张三", "李四", "啊实打实", "官方回复电话" -] -export const ADMIN_LIST: string[] = [ - "司金辉", "sijinhui", "sijinhui@qq.com" -] export const authOptions: NextAuthOptions = { // debug: !VERCEL_DEPLOYMENT, @@ -185,83 +179,6 @@ export function getSession() { // } -function isEmail(input: string): boolean { - const emailRegex = /^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/; - return emailRegex.test(input); -} -function isHanZi(input: string): boolean { - // 汉字的正则表达式 - const regChinese = /^[\p{Unified_Ideograph}]+$/u; - return regChinese.test(input) -} -/** - * 判断输入的一个字符串是不是拼音 - * @param input 需要测试的字符串 - * @returns {boolean} - */ -function isPinYin(input: string): boolean { - - var list = ['a', 'ai', 'an', 'ang', 'ao', 'ba', 'bai', 'ban', 'bang', 'bao', 'bei', 'ben', - 'beng', 'bi', 'bian', 'biao', 'bie', 'bin', 'bing', 'bo', 'bu', 'ca', 'cai', 'can', 'cang', - 'cao', 'ce', 'cen', 'ceng', 'cha', 'chai', 'chan', 'chang', 'chao', 'che', 'chen', 'cheng', 'chi', - 'chong', 'chou', 'chu', 'chua', 'chuai', 'chuan', 'chuang', 'chui', 'chun', 'chuo', 'ci', 'cong', - 'cou', 'cu', 'cuan', 'cui', 'cun', 'cuo', 'da', 'dai', 'dan', 'dang', 'dao', 'de', 'dei', 'den', - 'deng', 'di', 'dia', 'dian', 'diao', 'die', 'ding', 'diu', 'dong', 'dou', 'du', 'duan', 'dui', 'dun', - 'duo', 'e', 'en', 'eng', 'er', 'fa', 'fan', 'fang', 'fei', 'fen', 'feng', 'fiao', 'fo', 'fou', 'fu', - 'ga', 'gai', 'gan', 'gang', 'gao', 'ge', 'gei', 'gen', 'geng', 'gong', 'gou', 'gu', 'gua', 'guai', 'guan', - 'guang', 'gui', 'gun', 'guo', 'ha', 'hai', 'han', 'hang', 'hao', 'he', 'hei', 'hen', 'heng', 'hong', 'hou', - 'hu', 'hua', 'huai', 'huan', 'huang', 'hui', 'hun', 'huo', 'ji', 'jia', 'jian', 'jiang', 'jiao', 'jie', - 'jin', 'jing', 'jiong', 'jiu', 'ju', 'juan', 'jue', 'ka', 'kai', 'kan', 'kang', 'kao', 'ke', 'ken', - 'keng', 'kong', 'kou', 'ku', 'kua', 'kuai', 'kuan', 'kuang', 'kui', 'kun', 'kuo', 'la', 'lai', 'lan', - 'lang', 'lao', 'le', 'lei', 'leng', 'li', 'lia', 'lian', 'liang', 'liao', 'lie', 'lin', 'ling', 'liu', - 'lo', 'long', 'lou', 'lu', 'luan', 'lun', 'luo', 'lv', 'lve', 'ma', 'mai', 'man', 'mang', 'mao', 'me', - 'mei', 'men', 'meng', 'mi', 'mian', 'miao', 'mie', 'min', 'ming', 'miu', 'mo', 'mou', 'mu', 'na', 'nai', - 'nan', 'nang', 'nao', 'ne', 'nei', 'nen', 'neng', 'ni', 'nian', 'niang', 'niao', 'nie', 'nin', 'ning', - 'niu', 'nong', 'nou', 'nu', 'nuan', 'nun', 'nuo', 'nv', 'nve', 'o', 'ou', 'pa', 'pai', 'pan', 'pang', 'pao', - 'pei', 'pen', 'peng', 'pi', 'pian', 'piao', 'pie', 'pin', 'ping', 'po', 'pou', 'pu', 'qi', 'qia', 'qian', - 'qiang', 'qiao', 'qie', 'qin', 'qing', 'qiong', 'qiu', 'qu', 'quan', 'que', 'qun', 'ran', 'rang', 'rao', - 're', 'ren', 'reng', 'ri', 'rong', 'rou', 'ru', 'rua', 'ruan', 'rui', 'run', 'ruo', 'sa', 'sai', 'san', - 'sang', 'sao', 'se', 'sen', 'seng', 'sha', 'shai', 'shan', 'shang', 'shao', 'she', 'shei', 'shen', 'sheng', - 'shi', 'shou', 'shu', 'shua', 'shuai', 'shuan', 'shuang', 'shui', 'shun', 'shuo', 'si', 'song', 'sou', - 'su', 'suan', 'sui', 'sun', 'suo', 'ta', 'tai', 'tan', 'tang', 'tao', 'te', 'tei', 'teng', 'ti', 'tian', - 'tiao', 'tie', 'ting', 'tong', 'tou', 'tu', 'tuan', 'tui', 'tun', 'tuo', 'wa', 'wai', 'wan', 'wang', - 'wei', 'wen', 'weng', 'wo', 'wu', 'xi', 'xia', 'xian', 'xiang', 'xiao', 'xie', 'xin', 'xing', 'xiong', - 'xiu', 'xu', 'xuan', 'xue', 'xun', 'ya', 'yan', 'yang', 'yao', 'ye', 'yi', 'yin', 'ying', 'yo', 'yong', - 'you', 'yu', 'yuan', 'yue', 'yun', 'za', 'zai', 'zan', 'zang', 'zao', 'ze', 'zei', 'zen', 'zeng', 'zha', - 'zhai', 'zhan', 'zhang', 'zhao', 'zhe', 'zhei', 'zhen', 'zheng', 'zhi', 'zhong', 'zhou', 'zhu', 'zhua', - 'zhuai', 'zhuan', 'zhuang', 'zhui', 'zhun', 'zhuo', 'zi', 'zong', 'zou', 'zu', 'zuan', 'zui', 'zun', 'zuo']; - var lowerString = input.toLowerCase(); - var length = lowerString.length; - var index = -1; - - for (var i=0; i index ? list.lastIndexOf(name) : index; - } - - // 判断当前 lowerString 是不是拼音(lowerString 在 list 中就是;不在就不是) - if (index >= 0) { - var item = list[index]; - lowerString = lowerString.substring(item.length); - if (lowerString.length == 0) { - return true; - } else { - return isPinYin(lowerString); - // return arguments.callee(lowerString); - } - } else { - return false; - } -} - - -export function isName(input: string): boolean { - if (DENY_LIST.includes(input)) { - return false; - } - return isEmail(input) || isHanZi(input) || isPinYin(input); -} - export async function insertUser(user: {[key: string]: string}) { try { const conditions = []; diff --git a/lib/auth_list.ts b/lib/auth_list.ts new file mode 100644 index 000000000..fdbf3ae18 --- /dev/null +++ b/lib/auth_list.ts @@ -0,0 +1,85 @@ + +export const DENY_LIST: string[] = [ + "suibian", "某某", "张三", "李四", "啊实打实", "官方回复电话", "笑死" +] +export const ADMIN_LIST: string[] = [ + "司金辉", "sijinhui", "sijinhui@qq.com" +] + + +export function isEmail(input: string): boolean { + const emailRegex = /^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/; + return emailRegex.test(input); +} +export function isHanZi(input: string): boolean { + // 汉字的正则表达式 + const regChinese = /^[\p{Unified_Ideograph}]+$/u; + return regChinese.test(input) +} +/** + * 判断输入的一个字符串是不是拼音 + * @param input 需要测试的字符串 + * @returns {boolean} + */ +export function isPinYin(input: string): boolean { + + var list = ['a', 'ai', 'an', 'ang', 'ao', 'ba', 'bai', 'ban', 'bang', 'bao', 'bei', 'ben', + 'beng', 'bi', 'bian', 'biao', 'bie', 'bin', 'bing', 'bo', 'bu', 'ca', 'cai', 'can', 'cang', + 'cao', 'ce', 'cen', 'ceng', 'cha', 'chai', 'chan', 'chang', 'chao', 'che', 'chen', 'cheng', 'chi', + 'chong', 'chou', 'chu', 'chua', 'chuai', 'chuan', 'chuang', 'chui', 'chun', 'chuo', 'ci', 'cong', + 'cou', 'cu', 'cuan', 'cui', 'cun', 'cuo', 'da', 'dai', 'dan', 'dang', 'dao', 'de', 'dei', 'den', + 'deng', 'di', 'dia', 'dian', 'diao', 'die', 'ding', 'diu', 'dong', 'dou', 'du', 'duan', 'dui', 'dun', + 'duo', 'e', 'en', 'eng', 'er', 'fa', 'fan', 'fang', 'fei', 'fen', 'feng', 'fiao', 'fo', 'fou', 'fu', + 'ga', 'gai', 'gan', 'gang', 'gao', 'ge', 'gei', 'gen', 'geng', 'gong', 'gou', 'gu', 'gua', 'guai', 'guan', + 'guang', 'gui', 'gun', 'guo', 'ha', 'hai', 'han', 'hang', 'hao', 'he', 'hei', 'hen', 'heng', 'hong', 'hou', + 'hu', 'hua', 'huai', 'huan', 'huang', 'hui', 'hun', 'huo', 'ji', 'jia', 'jian', 'jiang', 'jiao', 'jie', + 'jin', 'jing', 'jiong', 'jiu', 'ju', 'juan', 'jue', 'ka', 'kai', 'kan', 'kang', 'kao', 'ke', 'ken', + 'keng', 'kong', 'kou', 'ku', 'kua', 'kuai', 'kuan', 'kuang', 'kui', 'kun', 'kuo', 'la', 'lai', 'lan', + 'lang', 'lao', 'le', 'lei', 'leng', 'li', 'lia', 'lian', 'liang', 'liao', 'lie', 'lin', 'ling', 'liu', + 'lo', 'long', 'lou', 'lu', 'luan', 'lun', 'luo', 'lv', 'lve', 'ma', 'mai', 'man', 'mang', 'mao', 'me', + 'mei', 'men', 'meng', 'mi', 'mian', 'miao', 'mie', 'min', 'ming', 'miu', 'mo', 'mou', 'mu', 'na', 'nai', + 'nan', 'nang', 'nao', 'ne', 'nei', 'nen', 'neng', 'ni', 'nian', 'niang', 'niao', 'nie', 'nin', 'ning', + 'niu', 'nong', 'nou', 'nu', 'nuan', 'nun', 'nuo', 'nv', 'nve', 'o', 'ou', 'pa', 'pai', 'pan', 'pang', 'pao', + 'pei', 'pen', 'peng', 'pi', 'pian', 'piao', 'pie', 'pin', 'ping', 'po', 'pou', 'pu', 'qi', 'qia', 'qian', + 'qiang', 'qiao', 'qie', 'qin', 'qing', 'qiong', 'qiu', 'qu', 'quan', 'que', 'qun', 'ran', 'rang', 'rao', + 're', 'ren', 'reng', 'ri', 'rong', 'rou', 'ru', 'rua', 'ruan', 'rui', 'run', 'ruo', 'sa', 'sai', 'san', + 'sang', 'sao', 'se', 'sen', 'seng', 'sha', 'shai', 'shan', 'shang', 'shao', 'she', 'shei', 'shen', 'sheng', + 'shi', 'shou', 'shu', 'shua', 'shuai', 'shuan', 'shuang', 'shui', 'shun', 'shuo', 'si', 'song', 'sou', + 'su', 'suan', 'sui', 'sun', 'suo', 'ta', 'tai', 'tan', 'tang', 'tao', 'te', 'tei', 'teng', 'ti', 'tian', + 'tiao', 'tie', 'ting', 'tong', 'tou', 'tu', 'tuan', 'tui', 'tun', 'tuo', 'wa', 'wai', 'wan', 'wang', + 'wei', 'wen', 'weng', 'wo', 'wu', 'xi', 'xia', 'xian', 'xiang', 'xiao', 'xie', 'xin', 'xing', 'xiong', + 'xiu', 'xu', 'xuan', 'xue', 'xun', 'ya', 'yan', 'yang', 'yao', 'ye', 'yi', 'yin', 'ying', 'yo', 'yong', + 'you', 'yu', 'yuan', 'yue', 'yun', 'za', 'zai', 'zan', 'zang', 'zao', 'ze', 'zei', 'zen', 'zeng', 'zha', + 'zhai', 'zhan', 'zhang', 'zhao', 'zhe', 'zhei', 'zhen', 'zheng', 'zhi', 'zhong', 'zhou', 'zhu', 'zhua', + 'zhuai', 'zhuan', 'zhuang', 'zhui', 'zhun', 'zhuo', 'zi', 'zong', 'zou', 'zu', 'zuan', 'zui', 'zun', 'zuo']; + var lowerString = input.toLowerCase(); + var length = lowerString.length; + var index = -1; + + for (var i=0; i index ? list.lastIndexOf(name) : index; + } + + // 判断当前 lowerString 是不是拼音(lowerString 在 list 中就是;不在就不是) + if (index >= 0) { + var item = list[index]; + lowerString = lowerString.substring(item.length); + if (lowerString.length == 0) { + return true; + } else { + return isPinYin(lowerString); + // return arguments.callee(lowerString); + } + } else { + return false; + } +} + + +export function isName(input: string): boolean { + if (DENY_LIST.includes(input)) { + return false; + } + return isEmail(input) || isHanZi(input) || isPinYin(input); +} diff --git a/middleware.ts b/middleware.ts index 2ecfa0bf6..9a231f903 100644 --- a/middleware.ts +++ b/middleware.ts @@ -1,6 +1,7 @@ import { NextResponse } from "next/server"; import type { NextRequest } from "next/server"; import { getToken } from "next-auth/jwt"; +import {DENY_LIST, isName} from "@/lib/auth_list"; export default async function middleware(req: NextRequest) { const url = req.nextUrl; @@ -16,6 +17,7 @@ export default async function middleware(req: NextRequest) { const session = await getToken({ req }); // console.log('==============,认证,', path, session) + // 认证有点多此一举,页面中的认证应该已经够了 if (!session && path !== "/login") { // 给关键请求特殊待遇 if (path.startsWith('/api/openai/')) { @@ -25,7 +27,9 @@ export default async function middleware(req: NextRequest) { } return NextResponse.redirect(new URL("/login", req.url)); } else if (session) { - if (path.startsWith("/login")) return NextResponse.redirect(new URL("/", req.url)); + // console.log('referer=====', DENY_LIST.includes(session?.name ?? "")) + if (isName(session?.name ?? "") && path.startsWith("/login")) + return NextResponse.redirect(new URL("/", req.url)); } if (path == '/login') {