48 lines
1007 B
JavaScript
Executable File
48 lines
1007 B
JavaScript
Executable File
const express = require('express');
|
|
const {
|
|
AUTH_USERNAME,
|
|
clearAuthCookie,
|
|
isValidCredentials,
|
|
readSession,
|
|
setAuthCookie,
|
|
} = require('../auth');
|
|
|
|
const router = express.Router();
|
|
|
|
router.get('/me', (req, res) => {
|
|
const user = readSession(req);
|
|
|
|
if (!user) {
|
|
return res.status(401).json({ error: '当前未登录' });
|
|
}
|
|
|
|
res.json({ user });
|
|
});
|
|
|
|
router.post('/login', (req, res) => {
|
|
const username = String(req.body.username ?? '').trim();
|
|
const password = String(req.body.password ?? '');
|
|
|
|
if (!username || !password) {
|
|
return res.status(400).json({ error: '请输入用户名和密码' });
|
|
}
|
|
|
|
if (!isValidCredentials(username, password)) {
|
|
return res.status(401).json({ error: '用户名或密码错误' });
|
|
}
|
|
|
|
setAuthCookie(res, AUTH_USERNAME);
|
|
res.json({
|
|
user: {
|
|
username: AUTH_USERNAME,
|
|
},
|
|
});
|
|
});
|
|
|
|
router.post('/logout', (req, res) => {
|
|
clearAuthCookie(res);
|
|
res.json({ message: '已退出登录' });
|
|
});
|
|
|
|
module.exports = router;
|