51 lines
1.2 KiB
TypeScript
51 lines
1.2 KiB
TypeScript
import { Request, Response, NextFunction } from 'express'
|
|
import db from '../db.js'
|
|
|
|
export interface SessionData {
|
|
id: string
|
|
user_id: number
|
|
access_token: string
|
|
site_id: number
|
|
site_url: string
|
|
user_info: string
|
|
}
|
|
|
|
declare global {
|
|
namespace Express {
|
|
interface Request {
|
|
session?: SessionData
|
|
}
|
|
}
|
|
}
|
|
|
|
export function sessionAuth(req: Request, res: Response, next: NextFunction) {
|
|
const token = req.headers['x-session-token'] as string
|
|
if (!token) {
|
|
res.status(401).json({ success: false, message: '未登录' })
|
|
return
|
|
}
|
|
|
|
const session = db.prepare(
|
|
"SELECT * FROM sessions WHERE id = ? AND expires_at > datetime('now')"
|
|
).get(token) as SessionData | undefined
|
|
|
|
if (!session) {
|
|
res.status(401).json({ success: false, message: '会话已过期,请重新登录' })
|
|
return
|
|
}
|
|
|
|
req.session = session
|
|
next()
|
|
}
|
|
|
|
export function adminAuth(req: Request, res: Response, next: NextFunction) {
|
|
sessionAuth(req, res, () => {
|
|
if (!req.session) return
|
|
if (!(req.session as any).is_admin) {
|
|
res.status(403).json({ success: false, message: '需要 Dashboard 管理员权限,请先升格' })
|
|
return
|
|
}
|
|
next()
|
|
})
|
|
}
|