Files
cwd/cwd-comments-api/src/utils/auth.ts
anghunk 3d0e3a317a feat: 新增CWD评论系统前后端代码及文档
refactor: 移除旧版评论系统代码并重构为Vue3前端

docs: 更新后端配置文档说明

fix: 修复评论提交频率限制和邮件通知逻辑

style: 格式化代码并优化样式

test: 添加Vitest测试配置

build: 更新依赖项和构建配置

chore: 清理无用文件和缓存
2026-01-19 14:58:18 +08:00

23 lines
837 B
TypeScript

import { Context, Next } from 'hono';
import { Bindings } from '../bindings';
export const adminAuth = async (c: Context<{ Bindings: Bindings }>, next: Next) => {
const token = c.req.header('Authorization')?.replace('Bearer ', '');
if (!token) return c.json({ message: "Unauthorized" }, 401);
const sessionData = await c.env.CWD_AUTH_KV.get(`token:${token}`);
if (!sessionData) {
return c.json({ message: "Token expired or invalid" }, 401);
}
const session = JSON.parse(sessionData);
const currentIp = c.req.header('cf-connecting-ip');
// 安全检查:如果 IP 发生变化(比如 Token 被盗),要求重新登录
// if (session.ip !== currentIp) {
// await c.env.CWD_AUTH_KV.delete(`token:${token}`);
// return c.json({ message: "Security alert: IP changed" }, 401);
// }
await next();
};