Files
cwd/cwd-api/src/api/public/verifyAdminKey.ts
2026-01-21 10:53:11 +08:00

50 lines
1.7 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import { Context } from 'hono';
import { Bindings } from '../../bindings';
export const verifyAdminKey = async (c: Context<{ Bindings: Bindings }>) => {
const data = await c.req.json();
const { adminToken } = data;
const ip = c.req.header('cf-connecting-ip') || "127.0.0.1";
if (!adminToken) {
return c.json({ message: "请输入管理员密钥" }, 401);
}
// Check lock
const lockKey = `admin_lock:${ip}`;
const isLocked = await c.env.CWD_AUTH_KV.get(lockKey);
if (isLocked) {
return c.json({ message: "验证失败次数过多请30分钟后再试" }, 403);
}
const adminKey = await c.env.CWD_DB.prepare('SELECT value FROM Settings WHERE key = ?').bind('comment_admin_key_hash').first<string>('value');
if (!adminKey) {
// If no key set, verification is technically successful or not needed?
// If key is not set, we can't verify. Return success?
// Requirement says "Provide admin key setting...".
return c.json({ message: "未设置管理员密钥" }, 200);
}
if (adminToken !== adminKey) {
// Handle failure
const failKey = `admin_fail:${ip}`;
const failsStr = await c.env.CWD_AUTH_KV.get(failKey);
let fails = failsStr ? parseInt(failsStr) : 0;
fails++;
if (fails >= 3) {
await c.env.CWD_AUTH_KV.put(lockKey, '1', { expirationTtl: 1800 }); // 30 mins
await c.env.CWD_AUTH_KV.delete(failKey);
return c.json({ message: "验证失败次数过多请30分钟后再试" }, 403);
} else {
await c.env.CWD_AUTH_KV.put(failKey, fails.toString(), { expirationTtl: 3600 }); // 1 hour reset
return c.json({ message: "密钥错误" }, 401);
}
}
// Success
await c.env.CWD_AUTH_KV.delete(`admin_fail:${ip}`);
return c.json({ message: "验证通过" });
};