Ma/LunaTV
1
0
Fork 0
mirror of https://github.com/MoonTechLab/LunaTV.git synced 2026-05-22 06:17:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: auth

Browse Source
This commit is contained in:
shinya
2025-07-14 22:49:56 +08:00
parent 3add216e97
commit 76eacd97f9
1 changed files with 16 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/middleware.ts
View File

@@ -23,13 +23,13 @@ export async function middleware(request: NextRequest) {
const authInfo = getAuthInfoFromCookie(request); const authInfo = getAuthInfoFromCookie(request);
if (!authInfo) { if (!authInfo) {
return redirectToLogin(request, pathname); return handleAuthFailure(request, pathname);
} }
// localstorage模式在middleware中完成验证 // localstorage模式在middleware中完成验证
if (storageType === 'localstorage') { if (storageType === 'localstorage') {
if (!authInfo.password || authInfo.password !== process.env.PASSWORD) { if (!authInfo.password || authInfo.password !== process.env.PASSWORD) {
return redirectToLogin(request, pathname); return handleAuthFailure(request, pathname);
} }
return NextResponse.next(); return NextResponse.next();
} }
@@ -37,7 +37,7 @@ export async function middleware(request: NextRequest) {
// 其他模式:只验证签名 // 其他模式:只验证签名
// 检查是否有用户名非localStorage模式下密码不存储在cookie中 // 检查是否有用户名非localStorage模式下密码不存储在cookie中
if (!authInfo.username || !authInfo.signature) { if (!authInfo.username || !authInfo.signature) {
return redirectToLogin(request, pathname); return handleAuthFailure(request, pathname);
} }
// 验证签名(如果存在) // 验证签名(如果存在)
@@ -55,7 +55,7 @@ export async function middleware(request: NextRequest) {
} }
// 签名验证失败或不存在签名 // 签名验证失败或不存在签名
return redirectToLogin(request, pathname); return handleAuthFailure(request, pathname);
} }
// 验证签名 // 验证签名
@@ -96,8 +96,17 @@ async function verifySignature(
} }
} }
// 重定向到登录页面 // 处理认证失败的情况
function redirectToLogin(request: NextRequest, pathname: string): NextResponse { function handleAuthFailure(
request: NextRequest,
pathname: string
): NextResponse {
// 如果是 API 路由,返回 401 状态码
if (pathname.startsWith('/api')) {
return new NextResponse('Unauthorized', { status: 401 });
}
// 否则重定向到登录页面
const loginUrl = new URL('/login', request.url); const loginUrl = new URL('/login', request.url);
// 保留完整的URL包括查询参数 // 保留完整的URL包括查询参数
const fullUrl = `${pathname}${request.nextUrl.search}`; const fullUrl = `${pathname}${request.nextUrl.search}`;
@@ -108,11 +117,6 @@ function redirectToLogin(request: NextRequest, pathname: string): NextResponse {
// 判断是否需要跳过认证的路径 // 判断是否需要跳过认证的路径
function shouldSkipAuth(pathname: string): boolean { function shouldSkipAuth(pathname: string): boolean {
const skipPaths = [ const skipPaths = [
'/login',
'/api/login',
'/api/register',
'/api/logout',
'/api/server-config',
'/_next', '/_next',
'/favicon.ico', '/favicon.ico',
'/robots.txt', '/robots.txt',
@@ -128,6 +132,6 @@ function shouldSkipAuth(pathname: string): boolean {
// 配置middleware匹配规则 // 配置middleware匹配规则
export const config = { export const config = {
matcher: [ matcher: [
'/((?!_next/static|_next/image|favicon.ico|api/detail|api/search|api/image-proxy|api/douban|api/cron|api/server-config).*)', '/((?!_next/static|_next/image|favicon.ico|login|api/login|api/register|api/logout|api/cron|api/server-config).*)',
], ],
}; };