52 lines
1.5 KiB
JavaScript
52 lines
1.5 KiB
JavaScript
const jwt = require('jsonwebtoken');
|
||
const { getDB } = require('../database');
|
||
|
||
const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key'; // 在生产环境中应该使用环境变量
|
||
|
||
/**
|
||
* 用户认证中间件
|
||
* 验证JWT令牌并检查用户状态(包括是否被拉黑)
|
||
*/
|
||
const auth = async (req, res, next) => {
|
||
try {
|
||
const token = req.header('Authorization')?.replace('Bearer ', '');
|
||
|
||
if (!token) {
|
||
return res.status(401).json({ success: false, message: '未提供认证令牌' });
|
||
}
|
||
|
||
const decoded = jwt.verify(token, JWT_SECRET);
|
||
const db = getDB();
|
||
const [users] = await db.execute('SELECT * FROM users WHERE id = ?', [decoded.userId]);
|
||
|
||
if (users.length === 0) {
|
||
return res.status(401).json({ success: false, message: '用户不存在' });
|
||
}
|
||
|
||
const user = users[0];
|
||
|
||
// 检查用户是否被拉黑
|
||
if (user.is_blacklisted) {
|
||
return res.status(403).json({
|
||
success: false,
|
||
message: '账户已被拉黑,请联系管理员',
|
||
code: 'USER_BLACKLISTED'
|
||
});
|
||
}
|
||
|
||
req.user = user;
|
||
next();
|
||
} catch (error) {
|
||
res.status(401).json({ success: false, message: '无效的认证令牌' });
|
||
}
|
||
};
|
||
|
||
// 管理员认证中间件
|
||
const adminAuth = (req, res, next) => {
|
||
if (req.user.role !== 'admin') {
|
||
return res.status(403).json({ success: false, message: '需要管理员权限' });
|
||
}
|
||
next();
|
||
};
|
||
|
||
module.exports = { auth, adminAuth, JWT_SECRET }; |