1

ZeroCatDev · Jan 26, 2025 · 0dba706 · 0dba706
1 parent 4c83160
commit 0dba706
Show file tree

Hide file tree

Showing 8 changed files with 23 additions and 60 deletions.
diff --git a/app.js b/app.js
@@ -83,7 +83,6 @@ app.all("*", async function (req, res, next) {
           res.locals = {
             login: true,
             userid: decodedToken.userid,
-            email: decodedToken.email,
             username: decodedToken.username,
             display_name: decodedToken.display_name,
             avatar: decodedToken.avatar,
@@ -102,7 +101,6 @@ app.all("*", async function (req, res, next) {
     res.locals = {
       login: false,
       userid: "",
-      email: "",
       username: "",
       display_name: "",
       avatar: "",
@@ -184,7 +182,6 @@ app.use((err, req, res, next) => {
 
 //放在最后，友好的处理地址不存在的访问
 app.all("*", function (req, res, next) {
-  res.locals.tipType = "访问错误";
   res.status(404).json({
     status: "error",
     code: "404",

diff --git a/middleware/auth.js b/middleware/auth.js
@@ -9,8 +9,9 @@ import configManager from "../utils/configManager.js";
  */
 async function needlogin(req, res, next) {
   if (!res.locals.login) {
-    logger.info(`[needlogin] - ${req.ip} - 未登录，返回401 Unauthorized状态码`);
-    return res.status(401).send({ status: "error", message: "未登录",code:"AUTH_ERROR_LOGIN" });
+    return res
+      .status(401)
+      .send({ status: "error", message: "未登录", code: "AUTH_ERROR_LOGIN" });
   }
   next(); // 已登录，继续处理请求
 }
@@ -23,20 +24,16 @@ async function needlogin(req, res, next) {
  */
 async function needadmin(req, res, next) {
   if (!res.locals.login) {
-    logger.info(`[needadmin] - ${req.ip} - 未登录，返回401 Unauthorized状态码`);
-    return res.status(401).send({ status: "error", message: "未登录",code:"AUTH_ERROR_LOGIN" });
+    return res
+      .status(401)
+      .send({ status: "error", message: "未登录", code: "AUTH_ERROR_LOGIN" });
   }
 
-  const adminEmail = await configManager.getConfig("security.adminuser");
-  if (res.locals.email !== adminEmail) {
-    logger.info(`[needadmin] - ${req.ip} - 权限不足，返回401 Unauthorized状态码`);
+  if (res.locals.userid !== 1) {
+    logger.info(`[needadmin] - ${req.ip} - 尝试访问管理路由，权限不足`);
     return res.status(401).send({ status: "error", message: "权限不足" });
   }
-  next(); // 已登录，继续处理请求
+  next();
 }
 
-export {
-  needlogin,
-  needadmin
-};
-
+export { needlogin, needadmin };
diff --git a/routes/router_account.js b/routes/router_account.js
@@ -67,32 +67,17 @@ router.post("/login", geetestMiddleware, async function (req, res, next) {
 
     res.locals.userid = user.id;
     res.locals.username = user.username;
-    res.locals.email = user.email;
     res.locals.display_name = user.display_name;
 
-    res.locals.is_admin = 0;
-    if (
-      res.locals.email.indexOf(
-        await configManager.getConfig("security.adminuser")
-      ) == 0
-    ) {
-      if (
-        res.locals.email ===
-        (await configManager.getConfig("security.adminuser"))
-      ) {
-        res.locals.is_admin = 1;
-      } else {
-        let no = parseInt(res.locals.email.substring(8));
-        if (0 <= no && no < 100) {
-          res.locals.is_admin = 1;
-        }
-      }
+    if (res.locals.userid == 1) {
+      res.locals.is_admin = 1;
+    } else {
+      res.locals.is_admin = 0;
     }
 
     const token = await generateJwt({
       userid: user.id,
       username: user.username,
-      email: user.email,
       display_name: user.display_name,
       avatar: user.images,
     });
@@ -101,7 +86,6 @@ router.post("/login", geetestMiddleware, async function (req, res, next) {
       status: "success",
       message: "登录成功",
       userid: parseInt(user.id),
-      email: user.email,
       username: user.username,
       display_name: user.display_name,
       avatar: user.images,
@@ -113,8 +97,7 @@ router.post("/login", geetestMiddleware, async function (req, res, next) {
 });
 
 const logout = function (req, res) {
-  res.locals["userid"] = null;
-  res.locals["email"] = null;
+  res.locals.userid = null;
 
   // res.cookie("userid", "", { maxAge: 0, signed: true });
   // res.cookie("email", "", { maxAge: 0, signed: true });
@@ -209,7 +192,7 @@ router.post("/torepw", geetestMiddleware, async function (req, res, next) {
   let SET;
   let UPDATE;
   try {
-    let userid, email;
+    let userid;
     jsonwebtoken.verify(
       req.body.jwttoken,
       await configManager.getConfig("security.jwttoken"),
@@ -219,7 +202,6 @@ router.post("/torepw", geetestMiddleware, async function (req, res, next) {
           return;
         }
         userid = decoded.userid;
-        email = decoded.email;
       }
     );
     const newPW = hash(req.body.pw);
@@ -498,7 +480,6 @@ router.get("/magiclink/validate", async (req, res) => {
     const jwtToken = await generateJwt({
       userid: user.id,
       username: user.username,
-      email: user.email,
       display_name: user.display_name,
       avatar: user.images,
     });
@@ -507,7 +488,6 @@ router.get("/magiclink/validate", async (req, res) => {
       status: "success",
       message: "登录成功",
       userid: user.id,
-      email: user.email,
       username: user.username,
       display_name: user.display_name,
       avatar: user.images,

diff --git a/routes/router_api.js b/routes/router_api.js
@@ -19,7 +19,6 @@ router.get("/usertx", async function (req, res, next) {
       },
     });
     if (!USER) {
-      res.locals.tip = { opt: "flash", message: "用户不存在" };
       res.status(404).json({
         status: "error",
         code: "404",
@@ -69,7 +68,6 @@ router.get("/getuserinfo", async function (req, res, next) {
     });
     if (!user[0]) {
       logger.debug("用户不存在");
-      res.locals.tip = { opt: "flash", message: "用户不存在" };
       res.status(404).json({
         status: "error",
         code: "404",
@@ -127,10 +125,7 @@ router.get("/projectinfo", async function (req, res, next) {
     });
 
     if (!project) {
-      res.locals.tip = {
-        opt: "flash",
-        message: "项目不存在或未发布",
-      };
+
       res.send({
         code: 404,
         status: "404",
@@ -201,8 +196,8 @@ router.get("/config/:key", async function (req, res, next) {
 });
 
 router.get("/tuxiaochao", async function (req, res) {
-  const userId = res.locals["userid"];
-  const displayName = res.locals["display_name"];
+  const userId = res.locals.userid;
+  const displayName = res.locals.display_name;
 
   // 获取配置
   const txcid = await configManager.getConfig("feedback.txcid");
@@ -223,7 +218,6 @@ router.get("/tuxiaochao", async function (req, res) {
     });
 
     if (!USER) {
-      res.locals.tip = { opt: "flash", message: "用户不存在" };
       res.status(404).json({
         status: "error",
         code: "404",

diff --git a/routes/router_my.js b/routes/router_my.js
@@ -80,7 +80,7 @@ router.post("/set/userinfo", async (req, res) => {
       birthday: new Date(`2000-01-01 00:00:00`),
     },
   });
-  res.locals["display_name"] = req.body["display_name"];
+  res.locals.display_name = req.body.display_name;
 
   res.status(200).send({ status: "success", message: "个人信息修改成功" });
 });
@@ -93,7 +93,7 @@ router.post("/set/username", async (req, res) => {
       username: req.body.username,
     },
   });
-  res.locals["username"] = req.body["username"];
+  res.locals.username = req.body.username;
 
   res.status(200).send({ status: "success", message: "用户名修成成功" });
 });

diff --git a/routes/router_scratch.js b/routes/router_scratch.js
@@ -44,7 +44,6 @@ router.get("/projectinfo", async function (req, res, next) {
     });
 
     if (!project) {
-      res.locals.tip = { opt: "flash", message: "项目不存在或未发布" };
       res.status(404).send({
         code: 404,
         status: "404",
@@ -62,7 +61,7 @@ router.get("/projectinfo", async function (req, res, next) {
       },
     });
 
-    res.locals["is_author"] =
+    res.locals.is_author =
       project.authorid == res.locals.userid ? true : false;
 
     res.json({
@@ -89,7 +88,7 @@ router.get("/projectinfo2", async function (req, res, next) {
         id: result.authorid,
       },
     });
-    res.locals["is_author"] =
+    res.locals.is_author =
       result.authorid == res.locals.userid ? true : false;
     logger.debug(result);
     var resulttype = {

diff --git a/routes/router_user.js b/routes/router_user.js
@@ -28,7 +28,6 @@ router.get("/id/:id", async function (req, res, next) {
 
     if (!user[0]) {
       logger.debug("用户不存在");
-      res.locals.tip = { opt: "flash", message: "用户不存在" };
       res.status(404).json({
         status: "error",
         code: "404",
@@ -64,7 +63,6 @@ router.get("/username/:username", async function (req, res, next) {
 
     if (!user[0]) {
       logger.debug("用户不存在");
-      res.locals.tip = { opt: "flash", message: "用户不存在" };
       res.status(404).json({
         status: "error",
         code: "404",

diff --git a/routes/router_webhost.js b/routes/router_webhost.js
@@ -23,7 +23,6 @@ router.get("/:id/*", function (req, res) {
     })
     .then((PROJECT) => {
       if (!PROJECT) {
-        res.locals.tip = { opt: "flash", message: "项目不存在或未发布" };
         res.status(404).json({
           status: "error",
           code: "404",
@@ -69,7 +68,6 @@ router.get("/:id/*", function (req, res) {
           data: { view_count: { increment: 1 } },
         })
         .catch((err) => {
-          res.locals.tip = { opt: "flash", message: "项目不存在或未发布" };
           res.status(404).json({
             status: "error",
             code: "404",