feat: 完善全栈 Dashboard 项目 - UI优化、Docker支持、账单系统等

2026-03-09 07:07:28 +08:00
parent f6036cab66
commit 55b6c67271
32 changed files with 1893 additions and 512 deletions
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -5,6 +5,8 @@ import { sessionAuth } from '../middleware/auth.js'

 const router = Router()

+const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || 'newapi-admin'
+
 // POST /api/auth/login
 router.post('/login', async (req: Request, res: Response) => {
  const { userId, accessToken, siteId } = req.body
@@ -22,7 +24,10 @@ router.post('/login', async (req: Request, res: Response) => {

  try {
    const response = await fetch(`${site.url}/api/user/self`, {
-      headers: { 'Authorization': accessToken }
+      headers: {
+        'Authorization': accessToken,
+        'New-Api-User': String(userId),
+      }
    })
    const result = await response.json() as any

@@ -70,9 +75,27 @@ router.get('/me', sessionAuth, (req: Request, res: Response) => {
    success: true,
    data: {
      userInfo: JSON.parse(req.session!.user_info),
-      site
+      site,
+      isAdmin: !!(req.session as any).is_admin
    }
  })
 })

+// POST /api/auth/elevate — promote to dashboard admin
+router.post('/elevate', sessionAuth, (req: Request, res: Response) => {
+  const { password } = req.body
+  if (password !== ADMIN_PASSWORD) {
+    res.json({ success: false, message: '管理密码错误' })
+    return
+  }
+  db.prepare('UPDATE sessions SET is_admin = 1 WHERE id = ?').run(req.session!.id)
+  res.json({ success: true, message: '已升格为管理员' })
+})
+
+// POST /api/auth/demote — revoke dashboard admin
+router.post('/demote', sessionAuth, (req: Request, res: Response) => {
+  db.prepare('UPDATE sessions SET is_admin = 0 WHERE id = ?').run(req.session!.id)
+  res.json({ success: true, message: '已取消管理员权限' })
+})
+
 export default router