mirror of https://github.com/msgbyte/tailchat
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.1 KiB
TypeScript
40 lines
1.1 KiB
TypeScript
import type { NextFunction, Request, Response } from 'express';
|
|
import jwt from 'jsonwebtoken';
|
|
import md5 from 'md5';
|
|
|
|
export const adminAuth = {
|
|
username: process.env.ADMIN_USER,
|
|
password: process.env.ADMIN_PASS,
|
|
};
|
|
|
|
export const authSecret =
|
|
(process.env.SECRET || 'tailchat') + md5(JSON.stringify(adminAuth)); // 增加一个md5的盐值确保SECRET没有设置的情况下只修改了用户名密码也不会被人伪造token秘钥
|
|
|
|
export function auth() {
|
|
return (req: Request, res: Response, next: NextFunction) => {
|
|
try {
|
|
const authorization = req.headers.authorization;
|
|
if (!authorization) {
|
|
res.status(401).end('not found authorization in headers');
|
|
return;
|
|
}
|
|
|
|
const token = authorization.slice('Bearer '.length);
|
|
|
|
const payload = jwt.verify(token, authSecret);
|
|
if (typeof payload === 'string') {
|
|
res.status(401).end('payload type error');
|
|
return;
|
|
}
|
|
if (payload.platform !== 'admin') {
|
|
res.status(401).end('Payload invalid');
|
|
return;
|
|
}
|
|
|
|
next();
|
|
} catch (err) {
|
|
res.status(401).end(String(err));
|
|
}
|
|
};
|
|
}
|