Browse Source

feat: 更新认证中间件以添加日志记录,重构视图中间件并增强登录表单

alpha
谢亚昕 2 months ago
parent
commit
9611e33b82
  1. BIN
      database/development.sqlite3-shm
  2. 9
      src/middlewares/Auth/auth.js
  3. 21
      src/middlewares/Views/index.js
  4. 5
      src/views/htmx/fuck.pug
  5. 12
      src/views/index.pug

BIN
database/development.sqlite3-shm

Binary file not shown.

9
src/middlewares/Auth/auth.js

@ -1,4 +1,4 @@
// JWT 鉴权中间件,支持白名单和黑名单,白名单/黑名单支持glob语法,白名单可指定是否校验权限(auth: true/false/"try")
import { logger } from "@/logger"
import jwt from "./jwt"
import { minimatch } from "minimatch"
@ -23,12 +23,17 @@ function verifyToken(ctx) {
if (!token) {
token = ctx.cookies.get("authorization")
}
if (!token) return { ok: false }
if (!token) {
logger.trace("[user:anonymous] Operation");
return { ok: false }
}
try {
ctx.state.user = jwt.verify(token, JWT_SECRET)
logger.trace(`[user:${user.username || user.id}] Operation`);
return { ok: true }
} catch {
ctx.state.user = undefined
logger.trace("[user:anonymous] Operation");
return { ok: false }
}
}

21
src/middlewares/Views/index.js

@ -11,27 +11,6 @@ function viewsMiddleware(path, { engineSource = consolidate, extension = "html",
return function views(ctx, next) {
if (ctx.render) return next()
ctx.getRender = function (relPath, locals = {}) {
return getPaths(path, relPath, extension).then(paths => {
const suffix = paths.ext
const state = Object.assign(locals, options, ctx.state || {})
state.partials = Object.assign({}, options.partials || {})
if (isHtml(suffix) && !map) {
return send.getBody(ctx, paths.rel, { root: path })
}
const engineName = map && map[suffix] ? map[suffix] : suffix
const render = engineSource[engineName]
if (!engineName || !render) {
return Promise.reject(new Error(`Engine not found for the ".${suffix}" file extension`))
}
return render(resolve(path, paths.rel), state)
})
}
// 将 render 注入到 context 和 response 对象中
ctx.response.render = ctx.render = function (relPath, locals = {}) {
return getPaths(path, relPath, extension).then(paths => {

5
src/views/htmx/fuck.pug

@ -1 +1,4 @@
<a href="/page/htmx">#{title || '默认标题'}</a>
if title
h1 <a href="/page/htmx">#{title}</a>
else
h1 默认标题

12
src/views/index.pug

@ -24,3 +24,15 @@ block pageContent
a(href='https://your-website.com', target='_blank')
i.fas.fa-globe.me-2
| 个人网站
// 登录表单区域
.row.justify-content-center.mt-5
.col-md-6
form#loginForm(method="post" action="/api/login" hx-post="/api/login" hx-trigger="submit" hx-target="body" hx-swap="none" hx-on:htmx:afterRequest="if(event.detail.xhr.status===200){window.location='/';}")
.mb-3
label.form-label(for="username") 用户名
input.form-control(type="text" id="username" name="username" required)
.mb-3
label.form-label(for="password") 密码
input.form-control(type="password" id="password" name="password" required)
button.btn.btn-primary(type="submit") 登录

Loading…
Cancel
Save