feat: add role in authInfo

2026-02-21 08:56:09 +08:00 · 2025-07-26 21:10:09 +08:00
parent 5f9e1fb1a8
commit af1f47f4f0
3 changed files with 22 additions and 4 deletions
--- a/src/app/api/login/route.ts
+++ b/src/app/api/login/route.ts
@@ -45,9 +45,10 @@ async function generateSignature(
 async function generateAuthCookie(
  username?: string,
  password?: string,
+  role?: 'owner' | 'admin' | 'user',
  includePassword = false
 ): Promise<string> {
-  const authData: any = {};
+  const authData: any = { role: role || 'user' };

  // 只在需要时包含 password
  if (includePassword && password) {
@@ -101,7 +102,12 @@ export async function POST(req: NextRequest) {

      // 验证成功，设置认证cookie
      const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(undefined, password, true); // localstorage 模式包含 password
+      const cookieValue = await generateAuthCookie(
+        undefined,
+        password,
+        'user',
+        true
+      ); // localstorage 模式包含 password
      const expires = new Date();
      expires.setDate(expires.getDate() + 7); // 7天过期

@@ -133,7 +139,12 @@ export async function POST(req: NextRequest) {
    ) {
      // 验证成功，设置认证cookie
      const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(username, password, false); // 数据库模式不包含 password
+      const cookieValue = await generateAuthCookie(
+        username,
+        password,
+        'owner',
+        false
+      ); // 数据库模式不包含 password
      const expires = new Date();
      expires.setDate(expires.getDate() + 7); // 7天过期

@@ -168,7 +179,12 @@ export async function POST(req: NextRequest) {

      // 验证成功，设置认证cookie
      const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(username, password, false); // 数据库模式不包含 password
+      const cookieValue = await generateAuthCookie(
+        username,
+        password,
+        user?.role || 'user',
+        false
+      ); // 数据库模式不包含 password
      const expires = new Date();
      expires.setDate(expires.getDate() + 7); // 7天过期

--- a/src/app/api/register/route.ts
+++ b/src/app/api/register/route.ts
@@ -44,6 +44,7 @@ async function generateSignature(
 // 生成认证Cookie（带签名）
 async function generateAuthCookie(username: string): Promise<string> {
  const authData: any = {
+    role: 'user',
    username,
    timestamp: Date.now(),
  };
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -28,6 +28,7 @@ export function getAuthInfoFromBrowserCookie(): {
  username?: string;
  signature?: string;
  timestamp?: number;
+  role?: 'owner' | 'admin' | 'user';
 } | null {
  if (typeof window === 'undefined') {
    return null;