refactor: 移除旧版评论系统代码并重构为Vue3前端 docs: 更新后端配置文档说明 fix: 修复评论提交频率限制和邮件通知逻辑 style: 格式化代码并优化样式 test: 添加Vitest测试配置 build: 更新依赖项和构建配置 chore: 清理无用文件和缓存
23 lines
837 B
TypeScript
23 lines
837 B
TypeScript
import { Context, Next } from 'hono';
|
|
import { Bindings } from '../bindings';
|
|
|
|
export const adminAuth = async (c: Context<{ Bindings: Bindings }>, next: Next) => {
|
|
const token = c.req.header('Authorization')?.replace('Bearer ', '');
|
|
if (!token) return c.json({ message: "Unauthorized" }, 401);
|
|
|
|
const sessionData = await c.env.CWD_AUTH_KV.get(`token:${token}`);
|
|
if (!sessionData) {
|
|
return c.json({ message: "Token expired or invalid" }, 401);
|
|
}
|
|
|
|
const session = JSON.parse(sessionData);
|
|
const currentIp = c.req.header('cf-connecting-ip');
|
|
|
|
// 安全检查:如果 IP 发生变化(比如 Token 被盗),要求重新登录
|
|
// if (session.ip !== currentIp) {
|
|
// await c.env.CWD_AUTH_KV.delete(`token:${token}`);
|
|
// return c.json({ message: "Security alert: IP changed" }, 401);
|
|
// }
|
|
|
|
await next();
|
|
}; |