diff --git a/app/api/admin/users/[[...path]]/route.ts b/app/api/admin/users/[[...path]]/route.ts index b84667a1e..55fad8960 100644 --- a/app/api/admin/users/[[...path]]/route.ts +++ b/app/api/admin/users/[[...path]]/route.ts @@ -1,15 +1,14 @@ import { NextRequest, NextResponse } from "next/server"; import prisma from "@/lib/prisma"; -import { getSessionName } from "@/lib/auth"; -import { ADMIN_LIST } from "@/lib/auth_list"; +import { VerifiedAdminUser } from "@/lib/auth"; async function handle( req: NextRequest, { params }: { params: { path: string[] } }, ) { // 认证,管理员权限 - const { name } = await getSessionName(); - if (!(name && ADMIN_LIST.includes(name))) { + const isAdmin = await VerifiedAdminUser(); + if (isAdmin) { return NextResponse.json({ error: "无权限" }, { status: 401 }); } diff --git a/app/api/common.ts b/app/api/common.ts index 6ec3017d5..5230413b4 100644 --- a/app/api/common.ts +++ b/app/api/common.ts @@ -150,7 +150,6 @@ export async function requestLog( req: NextRequest, jsonBody: any, url_path: string, - name?: string, ) { // LOG try { diff --git a/app/api/get_voice_token/route.ts b/app/api/get_voice_token/route.ts index 9e9bd5fda..07a8d6b5e 100644 --- a/app/api/get_voice_token/route.ts +++ b/app/api/get_voice_token/route.ts @@ -1,5 +1,5 @@ import { NextRequest, NextResponse } from "next/server"; -import { getSession } from "@/lib/auth"; +import { VerifiedUser } from "@/lib/auth"; import { getServerSideConfig } from "@/app/config/server"; const serverConfig = getServerSideConfig(); // Gets an access token. @@ -21,9 +21,8 @@ async function handle( ) { // 认证 - const session = await getSession(); - if (!session?.user) - return NextResponse.json({ error: "未认证" }, { status: 401 }); + const isUser = await VerifiedUser(); + if (!isUser) return NextResponse.json({ error: "未认证" }, { status: 401 }); const get_access_token = await getAccessToken(); diff --git a/app/app/(auth)/layout.tsx b/app/app/(auth)/layout.tsx index a964db852..60f219ccb 100644 --- a/app/app/(auth)/layout.tsx +++ b/app/app/(auth)/layout.tsx @@ -1,9 +1,8 @@ import "@/app/app/login.scss"; import { Metadata } from "next"; import { ReactNode } from "react"; -import { getSession } from "@/lib/auth"; -import { isName } from "@/lib/auth_list"; -import { redirect } from "next/navigation"; +// import { VerifiedUser } from "@/lib/auth"; +// import { redirect } from "next/navigation"; export const metadata: Metadata = { title: "Login | 实人认证", @@ -14,13 +13,11 @@ export default async function AuthLayout({ }: { children: ReactNode; }) { - const session = await getSession(); - // If the user is already authenticated, redirect them to home - const name = session?.user?.email || session?.user?.name; - if (name && isName(name)) { - // Replace '/dashboard' with the desired redirect path - redirect("/"); - } + // const isUser = await VerifiedUser(); + // if (isUser) { + // // Replace '/dashboard' with the desired redirect path + // redirect("/"); + // } return (
diff --git a/lib/auth.ts b/lib/auth.ts index b9e452ee0..ba770b26d 100644 --- a/lib/auth.ts +++ b/lib/auth.ts @@ -4,7 +4,7 @@ import EmailProvider from "next-auth/providers/email"; import CredentialsProvider from "next-auth/providers/credentials"; import {PrismaAdapter} from "@next-auth/prisma-adapter"; import prisma from "@/lib/prisma"; -import {isEmail, isName} from "@/lib/auth_list"; +import {ADMIN_LIST, isEmail, isName} from "@/lib/auth_list"; import {createTransport} from "nodemailer"; const SECURE_COOKIES:boolean = !!process.env.SECURE_COOKIES; @@ -165,6 +165,17 @@ export async function getSessionName() { } } +export async function VerifiedUser() { + const { name, session } = await getSessionName(); + const userId = session?.user?.id + return !!(name && isName(name) && userId); +} + +export async function VerifiedAdminUser() { + const { name, session } = await getSessionName(); + return !!(name && ADMIN_LIST.includes(name)); +} + // export function withSiteAuth(action: any) { // return async ( // formData: FormData | null, diff --git a/lib/auth_list.ts b/lib/auth_list.ts index 7de35c63a..5f8420c4a 100644 --- a/lib/auth_list.ts +++ b/lib/auth_list.ts @@ -94,7 +94,7 @@ export function isName(input: string): boolean { return false; } try { - if (DENY_LIST.includes(input.toLowerCase()) || pinyin.convertToPinyin(input).toLowerCase()) { + if (DENY_LIST.includes(input.toLowerCase()) || DENY_LIST.includes(pinyin.convertToPinyin(input).toLowerCase())) { return false; } } catch (e) { diff --git a/middleware.ts b/middleware.ts index d8d168a32..cf08493c5 100644 --- a/middleware.ts +++ b/middleware.ts @@ -2,6 +2,7 @@ import { NextResponse } from "next/server"; import type { NextRequest } from "next/server"; import { getToken } from "next-auth/jwt"; import { isName, ADMIN_LIST } from "@/lib/auth_list"; +import { VerifiedUser, getSessionName } from "@/lib/auth"; export default async function middleware(req: NextRequest) { const url = req.nextUrl; @@ -15,6 +16,7 @@ export default async function middleware(req: NextRequest) { } const session = await getToken({ req }); + // const {session} = await getSessionName(); // 管理员页面的api接口还是要认证的 if (path.startsWith('/api/admin/')) { @@ -26,7 +28,6 @@ export default async function middleware(req: NextRequest) { } } if (!is_admin_user) return NextResponse.json({error: '无管理员授权'}, { status: 401 }); - } const userName = session?.name || session?.email if (!isName(userName ?? "") && path !== "/login" ) {