mirror of
https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web.git
synced 2025-10-01 15:46:39 +08:00
认证中间状态
This commit is contained in:
sijinhui
parent
f5874a4d3d
commit
f686fe09ce
@ -1,15 +1,14 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import prisma from "@/lib/prisma";
|
||||
import { getSessionName } from "@/lib/auth";
|
||||
import { ADMIN_LIST } from "@/lib/auth_list";
|
||||
import { VerifiedAdminUser } from "@/lib/auth";
|
||||
|
||||
async function handle(
|
||||
req: NextRequest,
|
||||
{ params }: { params: { path: string[] } },
|
||||
) {
|
||||
// 认证,管理员权限
|
||||
const { name } = await getSessionName();
|
||||
if (!(name && ADMIN_LIST.includes(name))) {
|
||||
const isAdmin = await VerifiedAdminUser();
|
||||
if (isAdmin) {
|
||||
return NextResponse.json({ error: "无权限" }, { status: 401 });
|
||||
}
|
||||
|
||||
|
||||
@ -150,7 +150,6 @@ export async function requestLog(
|
||||
req: NextRequest,
|
||||
jsonBody: any,
|
||||
url_path: string,
|
||||
name?: string,
|
||||
) {
|
||||
// LOG
|
||||
try {
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getSession } from "@/lib/auth";
|
||||
import { VerifiedUser } from "@/lib/auth";
|
||||
import { getServerSideConfig } from "@/app/config/server";
|
||||
const serverConfig = getServerSideConfig();
|
||||
// Gets an access token.
|
||||
@ -21,9 +21,8 @@ async function handle(
|
||||
) {
|
||||
// 认证
|
||||
|
||||
const session = await getSession();
|
||||
if (!session?.user)
|
||||
return NextResponse.json({ error: "未认证" }, { status: 401 });
|
||||
const isUser = await VerifiedUser();
|
||||
if (!isUser) return NextResponse.json({ error: "未认证" }, { status: 401 });
|
||||
|
||||
const get_access_token = await getAccessToken();
|
||||
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
import "@/app/app/login.scss";
|
||||
import { Metadata } from "next";
|
||||
import { ReactNode } from "react";
|
||||
import { getSession } from "@/lib/auth";
|
||||
import { isName } from "@/lib/auth_list";
|
||||
import { redirect } from "next/navigation";
|
||||
// import { VerifiedUser } from "@/lib/auth";
|
||||
// import { redirect } from "next/navigation";
|
||||
|
||||
export const metadata: Metadata = {
|
||||
title: "Login | 实人认证",
|
||||
@ -14,13 +13,11 @@ export default async function AuthLayout({
|
||||
}: {
|
||||
children: ReactNode;
|
||||
}) {
|
||||
const session = await getSession();
|
||||
// If the user is already authenticated, redirect them to home
|
||||
const name = session?.user?.email || session?.user?.name;
|
||||
if (name && isName(name)) {
|
||||
// Replace '/dashboard' with the desired redirect path
|
||||
redirect("/");
|
||||
}
|
||||
// const isUser = await VerifiedUser();
|
||||
// if (isUser) {
|
||||
// // Replace '/dashboard' with the desired redirect path
|
||||
// redirect("/");
|
||||
// }
|
||||
|
||||
return (
|
||||
<div className="container1 w-full signin">
|
||||
|
||||
13
lib/auth.ts
13
lib/auth.ts
@ -4,7 +4,7 @@ import EmailProvider from "next-auth/providers/email";
|
||||
import CredentialsProvider from "next-auth/providers/credentials";
|
||||
import {PrismaAdapter} from "@next-auth/prisma-adapter";
|
||||
import prisma from "@/lib/prisma";
|
||||
import {isEmail, isName} from "@/lib/auth_list";
|
||||
import {ADMIN_LIST, isEmail, isName} from "@/lib/auth_list";
|
||||
import {createTransport} from "nodemailer";
|
||||
|
||||
const SECURE_COOKIES:boolean = !!process.env.SECURE_COOKIES;
|
||||
@ -165,6 +165,17 @@ export async function getSessionName() {
|
||||
}
|
||||
}
|
||||
|
||||
export async function VerifiedUser() {
|
||||
const { name, session } = await getSessionName();
|
||||
const userId = session?.user?.id
|
||||
return !!(name && isName(name) && userId);
|
||||
}
|
||||
|
||||
export async function VerifiedAdminUser() {
|
||||
const { name, session } = await getSessionName();
|
||||
return !!(name && ADMIN_LIST.includes(name));
|
||||
}
|
||||
|
||||
// export function withSiteAuth(action: any) {
|
||||
// return async (
|
||||
// formData: FormData | null,
|
||||
|
||||
@ -94,7 +94,7 @@ export function isName(input: string): boolean {
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
if (DENY_LIST.includes(input.toLowerCase()) || pinyin.convertToPinyin(input).toLowerCase()) {
|
||||
if (DENY_LIST.includes(input.toLowerCase()) || DENY_LIST.includes(pinyin.convertToPinyin(input).toLowerCase())) {
|
||||
return false;
|
||||
}
|
||||
} catch (e) {
|
||||
|
||||
@ -2,6 +2,7 @@ import { NextResponse } from "next/server";
|
||||
import type { NextRequest } from "next/server";
|
||||
import { getToken } from "next-auth/jwt";
|
||||
import { isName, ADMIN_LIST } from "@/lib/auth_list";
|
||||
import { VerifiedUser, getSessionName } from "@/lib/auth";
|
||||
|
||||
export default async function middleware(req: NextRequest) {
|
||||
const url = req.nextUrl;
|
||||
@ -15,6 +16,7 @@ export default async function middleware(req: NextRequest) {
|
||||
}
|
||||
|
||||
const session = await getToken({ req });
|
||||
// const {session} = await getSessionName();
|
||||
|
||||
// 管理员页面的api接口还是要认证的
|
||||
if (path.startsWith('/api/admin/')) {
|
||||
@ -26,7 +28,6 @@ export default async function middleware(req: NextRequest) {
|
||||
}
|
||||
}
|
||||
if (!is_admin_user) return NextResponse.json({error: '无管理员授权'}, { status: 401 });
|
||||
|
||||
}
|
||||
const userName = session?.name || session?.email
|
||||
if (!isName(userName ?? "") && path !== "/login" ) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user