Spaces:

CatPtain
/

web_ppt_7.7

Running

App Files Files Community

web_ppt_7.7 / backend /src /routes /auth.js

CatPtain's picture

Upload 85 files

28e1dba verified about 1 month ago

history blame contribute delete

3.67 kB

	import express from 'express';
	import jwt from 'jsonwebtoken';
	import bcrypt from 'bcryptjs';
	import { USERS, JWT_SECRET, JWT_EXPIRES_IN, JWT_ENABLED } from '../config/users.js';

	const router = express.Router();

	// 登录
	router.post('/login', async (req, res, next) => {
	try {
	const { username, password } = req.body;

	// 如果JWT未启用，返回默认用户
	if (!JWT_ENABLED) {
	console.log('JWT disabled, returning default user for login');
	return res.json({
	token: 'no-auth-required',
	user: {
	id: 'PS01',
	username: 'PS01',
	role: 'admin'
	},
	message: 'Authentication disabled'
	});
	}

	if (!username \|\| !password) {
	return res.status(400).json({ error: 'Username and password are required' });
	}

	// 查找用户
	const user = USERS.find(u => u.username === username);
	if (!user) {
	return res.status(401).json({ error: 'Invalid credentials' });
	}

	// 验证密码
	if (user.password !== password) {
	return res.status(401).json({ error: 'Invalid credentials' });
	}

	// 生成JWT token
	const token = jwt.sign(
	{
	userId: user.id,
	username: user.username,
	role: user.role
	},
	JWT_SECRET,
	{ expiresIn: JWT_EXPIRES_IN }
	);

	res.json({
	token,
	user: {
	id: user.id,
	username: user.username,
	role: user.role
	}
	});
	} catch (error) {
	next(error);
	}
	});

	// 验证token
	router.get('/verify', (req, res, next) => {
	try {
	// 如果JWT未启用，返回默认用户
	if (!JWT_ENABLED) {
	console.log('JWT disabled, returning default user for verify');
	return res.json({
	user: {
	id: 'PS01',
	username: 'PS01',
	role: 'admin'
	},
	message: 'Authentication disabled'
	});
	}

	const authHeader = req.headers['authorization'];
	const token = authHeader && authHeader.split(' ')[1];

	if (!token) {
	return res.status(401).json({ error: 'No token provided' });
	}

	jwt.verify(token, JWT_SECRET, (err, decoded) => {
	if (err) {
	return res.status(401).json({ error: 'Invalid token' });
	}

	res.json({
	user: {
	id: decoded.userId,
	username: decoded.username,
	role: decoded.role
	}
	});
	});
	} catch (error) {
	next(error);
	}
	});

	// 获取用户信息
	router.get('/user', (req, res, next) => {
	try {
	// 如果JWT未启用，返回默认用户
	if (!JWT_ENABLED) {
	console.log('JWT disabled, returning default user for user info');
	return res.json({
	id: 'PS01',
	username: 'PS01',
	role: 'admin',
	message: 'Authentication disabled'
	});
	}

	const authHeader = req.headers['authorization'];
	const token = authHeader && authHeader.split(' ')[1];

	if (!token) {
	return res.status(401).json({ error: 'No token provided' });
	}

	jwt.verify(token, JWT_SECRET, (err, decoded) => {
	if (err) {
	return res.status(401).json({ error: 'Invalid token' });
	}

	const user = USERS.find(u => u.id === decoded.userId);
	if (!user) {
	return res.status(404).json({ error: 'User not found' });
	}

	res.json({
	id: user.id,
	username: user.username,
	role: user.role
	});
	});
	} catch (error) {
	next(error);
	}
	});

	export default router;