feat: 更新认证中间件以添加日志记录，重构视图中间件并增强登录表单

2 months ago · 9611e33b82
5 changed files with 23 additions and 24 deletions
--- a/database/development.sqlite3-shm
+++ b/database/development.sqlite3-shm
--- a/src/middlewares/Auth/auth.js
+++ b/src/middlewares/Auth/auth.js
@ -1,4 +1,4 @@
-// JWT 鉴权中间件，支持白名单和黑名单，白名单/黑名单支持glob语法，白名单可指定是否校验权限（auth: true/false/"try"）
+import { logger } from "@/logger"
 import jwt from "./jwt"
 import { minimatch } from "minimatch"

@ -23,12 +23,17 @@ function verifyToken(ctx) {
    if (!token) {
        token = ctx.cookies.get("authorization")
    }
-    if (!token) return { ok: false }
+    if (!token) {
+        logger.trace("[user:anonymous] Operation");
+        return { ok: false }
+    }
    try {
        ctx.state.user = jwt.verify(token, JWT_SECRET)
+        logger.trace(`[user:${user.username || user.id}] Operation`);
        return { ok: true }
    } catch {
        ctx.state.user = undefined
+        logger.trace("[user:anonymous] Operation");
        return { ok: false }
    }
 }
--- a/src/middlewares/Views/index.js
+++ b/src/middlewares/Views/index.js
@ -11,27 +11,6 @@ function viewsMiddleware(path, { engineSource = consolidate, extension = "html",
    return function views(ctx, next) {
        if (ctx.render) return next()

-        ctx.getRender = function (relPath, locals = {}) {
-            return getPaths(path, relPath, extension).then(paths => {
-                const suffix = paths.ext
-                const state = Object.assign(locals, options, ctx.state || {})
-                state.partials = Object.assign({}, options.partials || {})
-
-                if (isHtml(suffix) && !map) {
-                    return send.getBody(ctx, paths.rel, { root: path })
-                }
-
-                const engineName = map && map[suffix] ? map[suffix] : suffix
-                const render = engineSource[engineName]
-
-                if (!engineName || !render) {
-                    return Promise.reject(new Error(`Engine not found for the ".${suffix}" file extension`))
-                }
-
-                return render(resolve(path, paths.rel), state)
-            })
-        }
-
        // 将 render 注入到 context 和 response 对象中
        ctx.response.render = ctx.render = function (relPath, locals = {}) {
            return getPaths(path, relPath, extension).then(paths => {
--- a/src/views/htmx/fuck.pug
+++ b/src/views/htmx/fuck.pug
@ -1 +1,4 @@
-<a href="/page/htmx">#{title || '默认标题'}</a>
+if title
+    h1 <a href="/page/htmx">#{title}</a>
+else
+    h1 默认标题
--- a/src/views/index.pug
+++ b/src/views/index.pug
@ -24,3 +24,15 @@ block pageContent
          a(href='https://your-website.com', target='_blank')
            i.fas.fa-globe.me-2
            | 个人网站
+
+    // 登录表单区域
+    .row.justify-content-center.mt-5
+      .col-md-6
+        form#loginForm(method="post" action="/api/login" hx-post="/api/login" hx-trigger="submit" hx-target="body" hx-swap="none" hx-on:htmx:afterRequest="if(event.detail.xhr.status===200){window.location='/';}")
+          .mb-3
+            label.form-label(for="username") 用户名
+            input.form-control(type="text" id="username" name="username" required)
+          .mb-3
+            label.form-label(for="password") 密码
+            input.form-control(type="password" id="password" name="password" required)
+          button.btn.btn-primary(type="submit") 登录