From e45c1eb1e0445e1c23479357df7cfdb8398a6721 Mon Sep 17 00:00:00 2001 From: archer <545436317@qq.com> Date: Sun, 21 May 2023 10:52:51 +0800 Subject: [PATCH] uniform authuser --- .env.template | 4 +- .../api/chat/delChatRecordByContentId.ts | 4 +- src/pages/api/chat/getHistory.ts | 4 +- src/pages/api/chat/init.ts | 4 +- src/pages/api/chat/removeHistory.ts | 4 +- src/pages/api/chat/saveChat.ts | 4 +- src/pages/api/chat/shareChat/create.ts | 4 +- src/pages/api/chat/shareChat/delete.ts | 4 +- src/pages/api/chat/shareChat/list.ts | 4 +- src/pages/api/model/create.ts | 4 +- src/pages/api/model/del.ts | 4 +- src/pages/api/model/detail.tsx | 4 +- src/pages/api/model/list.ts | 4 +- src/pages/api/model/share/collection.ts | 4 +- src/pages/api/model/share/getCollection.ts | 4 +- src/pages/api/model/update.ts | 4 +- src/pages/api/openapi/chat/chat.ts | 4 +- src/pages/api/openapi/delKey.ts | 4 +- src/pages/api/openapi/getKeys.ts | 4 +- src/pages/api/openapi/kb/delDataById.ts | 4 +- src/pages/api/openapi/kb/pushData.ts | 8 +- src/pages/api/openapi/kb/updateData.ts | 4 +- src/pages/api/openapi/postKey.ts | 4 +- src/pages/api/openapi/text/splitText.ts | 4 +- src/pages/api/plugins/kb/create.ts | 4 +- .../api/plugins/kb/data/exportModelData.ts | 4 +- src/pages/api/plugins/kb/data/getDataList.ts | 4 +- .../api/plugins/kb/data/getTrainingData.ts | 4 +- src/pages/api/plugins/kb/delete.ts | 4 +- src/pages/api/plugins/kb/detail.ts | 4 +- src/pages/api/plugins/kb/list.ts | 4 +- src/pages/api/plugins/kb/update.ts | 4 +- src/pages/api/user/checkPayResult.ts | 4 +- src/pages/api/user/getBill.ts | 4 +- src/pages/api/user/getPayCode.ts | 4 +- src/pages/api/user/getPayOrders.ts | 4 +- .../api/user/promotion/getPromotionData.ts | 4 +- src/pages/api/user/promotion/getPromotions.ts | 4 +- src/pages/api/user/tokenLogin.ts | 4 +- src/pages/api/user/update.ts | 4 +- src/service/utils/auth.ts | 137 ++++++++++++------ 41 files changed, 173 insertions(+), 128 deletions(-) diff --git a/.env.template b/.env.template index 63b43ae6e..f79926885 100644 --- a/.env.template +++ b/.env.template @@ -14,9 +14,11 @@ aliSignName=xxx aliTemplateCode=SMS_xxx # token TOKEN_KEY=xxx +# root key, 最高权限 +ROOT_KEY=xxx # openai # OPENAI_BASE_URL=https://api.openai.com/v1 -# OPENAI_BASE_URL_AUTH=可选的安全凭证 +# OPENAI_BASE_URL_AUTH=可选的安全凭证(不需要的时候,记得去掉) OPENAIKEY=sk-xxx GPT4KEY=sk-xxx # claude diff --git a/src/pages/api/chat/delChatRecordByContentId.ts b/src/pages/api/chat/delChatRecordByContentId.ts index 1252290e2..40a4ca329 100644 --- a/src/pages/api/chat/delChatRecordByContentId.ts +++ b/src/pages/api/chat/delChatRecordByContentId.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Chat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) await connectToDatabase(); // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); const chatRecord = await Chat.findById(chatId); diff --git a/src/pages/api/chat/getHistory.ts b/src/pages/api/chat/getHistory.ts index c2e5ec64d..ac6a9e9a4 100644 --- a/src/pages/api/chat/getHistory.ts +++ b/src/pages/api/chat/getHistory.ts @@ -1,12 +1,12 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Chat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; /* 获取历史记录 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/chat/init.ts b/src/pages/api/chat/init.ts index fd0e8f4a4..06023d94a 100644 --- a/src/pages/api/chat/init.ts +++ b/src/pages/api/chat/init.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Chat, Model } from '@/service/mongo'; import type { InitChatResponse } from '@/api/response/chat'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { ChatItemType } from '@/types/chat'; import { authModel } from '@/service/utils/auth'; import mongoose from 'mongoose'; @@ -12,7 +12,7 @@ import type { ModelSchema } from '@/types/mongoSchema'; /* 初始化我的聊天框,需要身份验证 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); let { modelId, chatId } = req.query as { modelId: '' | string; chatId: '' | string }; diff --git a/src/pages/api/chat/removeHistory.ts b/src/pages/api/chat/removeHistory.ts index c3e2f9771..08dd31aa0 100644 --- a/src/pages/api/chat/removeHistory.ts +++ b/src/pages/api/chat/removeHistory.ts @@ -1,13 +1,13 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Chat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; /* 获取历史记录 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { const { id } = req.query; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/chat/saveChat.ts b/src/pages/api/chat/saveChat.ts index 75657c0f4..4205a24b3 100644 --- a/src/pages/api/chat/saveChat.ts +++ b/src/pages/api/chat/saveChat.ts @@ -3,7 +3,7 @@ import { jsonRes } from '@/service/response'; import { ChatItemType } from '@/types/chat'; import { connectToDatabase, Chat } from '@/service/mongo'; import { authModel } from '@/service/utils/auth'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import mongoose from 'mongoose'; /* 聊天内容存存储 */ @@ -20,7 +20,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) throw new Error('缺少参数'); } - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/chat/shareChat/create.ts b/src/pages/api/chat/shareChat/create.ts index 754c7e2c7..1318591fa 100644 --- a/src/pages/api/chat/shareChat/create.ts +++ b/src/pages/api/chat/shareChat/create.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, ShareChat } from '@/service/mongo'; -import { authModel, authToken } from '@/service/utils/auth'; +import { authModel, authUser } from '@/service/utils/auth'; import type { ShareChatEditType } from '@/types/model'; /* create a shareChat */ @@ -13,7 +13,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) await connectToDatabase(); - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await authModel({ modelId, userId, diff --git a/src/pages/api/chat/shareChat/delete.ts b/src/pages/api/chat/shareChat/delete.ts index 736d7f761..5ca33cbed 100644 --- a/src/pages/api/chat/shareChat/delete.ts +++ b/src/pages/api/chat/shareChat/delete.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, ShareChat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; /* delete a shareChat by shareChatId */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -12,7 +12,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) await connectToDatabase(); - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await ShareChat.findOneAndRemove({ _id: id, diff --git a/src/pages/api/chat/shareChat/list.ts b/src/pages/api/chat/shareChat/list.ts index 2a3894e8b..49b5d1e8f 100644 --- a/src/pages/api/chat/shareChat/list.ts +++ b/src/pages/api/chat/shareChat/list.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, ShareChat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { hashPassword } from '@/service/utils/tools'; /* get shareChat list by modelId */ @@ -13,7 +13,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) await connectToDatabase(); - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); const data = await ShareChat.find({ modelId, diff --git a/src/pages/api/model/create.ts b/src/pages/api/model/create.ts index fbe6f170b..44454a58c 100644 --- a/src/pages/api/model/create.ts +++ b/src/pages/api/model/create.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { ModelStatusEnum } from '@/constants/model'; import { Model } from '@/service/models/model'; @@ -17,7 +17,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/del.ts b/src/pages/api/model/del.ts index 8fb878e5b..972746644 100644 --- a/src/pages/api/model/del.ts +++ b/src/pages/api/model/del.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { Chat, Model, connectToDatabase, Collection, ShareChat } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { authModel } from '@/service/utils/auth'; /* 获取我的模型 */ @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/detail.tsx b/src/pages/api/model/detail.tsx index 19cb24698..7836b1fd9 100644 --- a/src/pages/api/model/detail.tsx +++ b/src/pages/api/model/detail.tsx @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { authModel } from '@/service/utils/auth'; /* 获取我的模型 */ @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/list.ts b/src/pages/api/model/list.ts index 5887809bf..f097e60c2 100644 --- a/src/pages/api/model/list.ts +++ b/src/pages/api/model/list.ts @@ -1,14 +1,14 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Collection, Model } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import type { ModelListResponse } from '@/api/response/model'; /* 获取模型列表 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/share/collection.ts b/src/pages/api/model/share/collection.ts index df3fbfabb..ed97ae569 100644 --- a/src/pages/api/model/share/collection.ts +++ b/src/pages/api/model/share/collection.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Collection, Model } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; /* 模型收藏切换 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -12,7 +12,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< throw new Error('缺少参数'); } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/share/getCollection.ts b/src/pages/api/model/share/getCollection.ts index 75840ecd3..507a8edd1 100644 --- a/src/pages/api/model/share/getCollection.ts +++ b/src/pages/api/model/share/getCollection.ts @@ -1,14 +1,14 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Collection } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import type { ShareModelItem } from '@/types/model'; /* 获取模型列表 */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/model/update.ts b/src/pages/api/model/update.ts index e4101ce46..06d9d4f29 100644 --- a/src/pages/api/model/update.ts +++ b/src/pages/api/model/update.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { Model } from '@/service/models/model'; import type { ModelUpdateParams } from '@/types/model'; import { authModel } from '@/service/utils/auth'; @@ -17,7 +17,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/openapi/chat/chat.ts b/src/pages/api/openapi/chat/chat.ts index eea5a508a..9e10def36 100644 --- a/src/pages/api/openapi/chat/chat.ts +++ b/src/pages/api/openapi/chat/chat.ts @@ -1,6 +1,6 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { connectToDatabase } from '@/service/mongo'; -import { authOpenApiKey, authModel, getApiKey } from '@/service/utils/auth'; +import { authUser, authModel, getApiKey } from '@/service/utils/auth'; import { modelServiceToolMap, resStreamResponse } from '@/service/utils/chat'; import { ChatItemSimpleType } from '@/types/chat'; import { jsonRes } from '@/service/response'; @@ -45,7 +45,7 @@ export default withNextCors(async function handler(req: NextApiRequest, res: Nex let startTime = Date.now(); /* 凭证校验 */ - const { userId } = await authOpenApiKey(req); + const { userId } = await authUser({ req, authOpenApi: true }); const { model } = await authModel({ userId, diff --git a/src/pages/api/openapi/delKey.ts b/src/pages/api/openapi/delKey.ts index 8c8cf3678..f9531c9b2 100644 --- a/src/pages/api/openapi/delKey.ts +++ b/src/pages/api/openapi/delKey.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, OpenApi } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -12,7 +12,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) throw new Error('缺少参数'); } - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/openapi/getKeys.ts b/src/pages/api/openapi/getKeys.ts index a89760607..067ebb297 100644 --- a/src/pages/api/openapi/getKeys.ts +++ b/src/pages/api/openapi/getKeys.ts @@ -2,12 +2,12 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, OpenApi } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { UserOpenApiKey } from '@/types/openapi'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/openapi/kb/delDataById.ts b/src/pages/api/openapi/kb/delDataById.ts index a3905677a..fcb7d086a 100644 --- a/src/pages/api/openapi/kb/delDataById.ts +++ b/src/pages/api/openapi/kb/delDataById.ts @@ -1,6 +1,6 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PgClient } from '@/service/pg'; import { withNextCors } from '@/service/utils/tools'; @@ -15,7 +15,7 @@ export default withNextCors(async function handler(req: NextApiRequest, res: Nex } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await PgClient.delete('modelData', { where: [['user_id', userId], 'AND', ['id', dataId]] diff --git a/src/pages/api/openapi/kb/pushData.ts b/src/pages/api/openapi/kb/pushData.ts index 00570f9bd..df97d1a10 100644 --- a/src/pages/api/openapi/kb/pushData.ts +++ b/src/pages/api/openapi/kb/pushData.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import type { KbDataItemType } from '@/types/plugin'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { generateVector } from '@/service/events/generateVector'; import { PgClient } from '@/service/pg'; import { authKb } from '@/service/utils/auth'; @@ -24,11 +24,11 @@ export default withNextCors(async function handler(req: NextApiRequest, res: Nex throw new Error('缺少参数'); } - // 凭证校验 - const userId = await authToken(req); - await connectToDatabase(); + // 凭证校验 + const { userId } = await authUser({ req }); + await authKb({ userId, kbId diff --git a/src/pages/api/openapi/kb/updateData.ts b/src/pages/api/openapi/kb/updateData.ts index 5ade8020f..96860c36b 100644 --- a/src/pages/api/openapi/kb/updateData.ts +++ b/src/pages/api/openapi/kb/updateData.ts @@ -1,6 +1,6 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { ModelDataStatusEnum } from '@/constants/model'; import { generateVector } from '@/service/events/generateVector'; import { PgClient } from '@/service/pg'; @@ -15,7 +15,7 @@ export default withNextCors(async function handler(req: NextApiRequest, res: Nex } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); // 更新 pg 内容.仅修改a,不需要更新向量。 await PgClient.update('modelData', { diff --git a/src/pages/api/openapi/postKey.ts b/src/pages/api/openapi/postKey.ts index 1069b8678..24cd0f538 100644 --- a/src/pages/api/openapi/postKey.ts +++ b/src/pages/api/openapi/postKey.ts @@ -2,13 +2,13 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, OpenApi } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { customAlphabet } from 'nanoid'; const nanoid = customAlphabet('abcdefghijklmnopqrstuvwxyz1234567890'); export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/openapi/text/splitText.ts b/src/pages/api/openapi/text/splitText.ts index 9f7633a42..15b3ecddc 100644 --- a/src/pages/api/openapi/text/splitText.ts +++ b/src/pages/api/openapi/text/splitText.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, SplitData } from '@/service/mongo'; -import { authKb, authToken } from '@/service/utils/auth'; +import { authKb, authUser } from '@/service/utils/auth'; import { generateVector } from '@/service/events/generateVector'; import { generateQA } from '@/service/events/generateQA'; import { PgClient } from '@/service/pg'; @@ -22,7 +22,7 @@ export default withNextCors(async function handler(req: NextApiRequest, res: Nex } await connectToDatabase(); - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); // 验证是否是该用户的 model await authKb({ diff --git a/src/pages/api/plugins/kb/create.ts b/src/pages/api/plugins/kb/create.ts index be1b276b9..f50c25d86 100644 --- a/src/pages/api/plugins/kb/create.ts +++ b/src/pages/api/plugins/kb/create.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, KB } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -15,7 +15,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/data/exportModelData.ts b/src/pages/api/plugins/kb/data/exportModelData.ts index 20805fbab..22f4dcdae 100644 --- a/src/pages/api/plugins/kb/data/exportModelData.ts +++ b/src/pages/api/plugins/kb/data/exportModelData.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PgClient } from '@/service/pg'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -15,7 +15,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/data/getDataList.ts b/src/pages/api/plugins/kb/data/getDataList.ts index 69314a063..81e3e75ef 100644 --- a/src/pages/api/plugins/kb/data/getDataList.ts +++ b/src/pages/api/plugins/kb/data/getDataList.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PgClient } from '@/service/pg'; import type { PgKBDataItemType } from '@/types/pg'; @@ -23,7 +23,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/data/getTrainingData.ts b/src/pages/api/plugins/kb/data/getTrainingData.ts index f463f8a42..c1dc224e8 100644 --- a/src/pages/api/plugins/kb/data/getTrainingData.ts +++ b/src/pages/api/plugins/kb/data/getTrainingData.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, SplitData, Model } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { ModelDataStatusEnum } from '@/constants/model'; import { PgClient } from '@/service/pg'; @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) } await connectToDatabase(); - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); // split queue data const data = await SplitData.find({ diff --git a/src/pages/api/plugins/kb/delete.ts b/src/pages/api/plugins/kb/delete.ts index 300550535..a2749a59d 100644 --- a/src/pages/api/plugins/kb/delete.ts +++ b/src/pages/api/plugins/kb/delete.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, KB } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PgClient } from '@/service/pg'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -15,7 +15,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/detail.ts b/src/pages/api/plugins/kb/detail.ts index 315c56bf4..a20172108 100644 --- a/src/pages/api/plugins/kb/detail.ts +++ b/src/pages/api/plugins/kb/detail.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, KB } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/list.ts b/src/pages/api/plugins/kb/list.ts index bb137390c..98a62c225 100644 --- a/src/pages/api/plugins/kb/list.ts +++ b/src/pages/api/plugins/kb/list.ts @@ -1,14 +1,14 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, KB } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PgClient } from '@/service/pg'; import { KbItemType } from '@/types/plugin'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/plugins/kb/update.ts b/src/pages/api/plugins/kb/update.ts index 433072aa0..cdd19f336 100644 --- a/src/pages/api/plugins/kb/update.ts +++ b/src/pages/api/plugins/kb/update.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, KB } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import type { KbUpdateParams } from '@/api/plugins/kb'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -13,7 +13,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< } // 凭证校验 - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/checkPayResult.ts b/src/pages/api/user/checkPayResult.ts index e8b077cfc..0d9934e7c 100644 --- a/src/pages/api/user/checkPayResult.ts +++ b/src/pages/api/user/checkPayResult.ts @@ -1,7 +1,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, User, Pay } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { PaySchema, UserModelSchema } from '@/types/mongoSchema'; import dayjs from 'dayjs'; import { getPayResult } from '@/service/utils/wxpay'; @@ -13,7 +13,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) try { let { payId } = req.query as { payId: string }; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/getBill.ts b/src/pages/api/user/getBill.ts index 2bfd9147d..b782b315d 100644 --- a/src/pages/api/user/getBill.ts +++ b/src/pages/api/user/getBill.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, Bill } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import type { BillSchema } from '@/types/mongoSchema'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { @@ -12,7 +12,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) pageNum = +pageNum; pageSize = +pageSize; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/getPayCode.ts b/src/pages/api/user/getPayCode.ts index 2b9bed0c4..e0aacfe2e 100644 --- a/src/pages/api/user/getPayCode.ts +++ b/src/pages/api/user/getPayCode.ts @@ -1,6 +1,6 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { customAlphabet } from 'nanoid'; import { connectToDatabase, Pay } from '@/service/mongo'; import { PRICE_SCALE } from '@/constants/common'; @@ -14,7 +14,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) let { amount = 0 } = req.query as { amount: string }; amount = +amount; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); const id = nanoid(); await connectToDatabase(); diff --git a/src/pages/api/user/getPayOrders.ts b/src/pages/api/user/getPayOrders.ts index 6dfea570f..f3d2b29b8 100644 --- a/src/pages/api/user/getPayOrders.ts +++ b/src/pages/api/user/getPayOrders.ts @@ -1,11 +1,11 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { connectToDatabase, Pay } from '@/service/mongo'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/promotion/getPromotionData.ts b/src/pages/api/user/promotion/getPromotionData.ts index 21796b9b7..fee442ae2 100644 --- a/src/pages/api/user/promotion/getPromotionData.ts +++ b/src/pages/api/user/promotion/getPromotionData.ts @@ -2,12 +2,12 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, User, promotionRecord } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import mongoose from 'mongoose'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/promotion/getPromotions.ts b/src/pages/api/user/promotion/getPromotions.ts index 86ad1e080..9d86b2b16 100644 --- a/src/pages/api/user/promotion/getPromotions.ts +++ b/src/pages/api/user/promotion/getPromotions.ts @@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase, promotionRecord } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -10,7 +10,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) pageNum = +pageNum; pageSize = +pageSize; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/tokenLogin.ts b/src/pages/api/user/tokenLogin.ts index adef7b47f..a227797e4 100644 --- a/src/pages/api/user/tokenLogin.ts +++ b/src/pages/api/user/tokenLogin.ts @@ -3,11 +3,11 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { connectToDatabase } from '@/service/mongo'; import { User } from '@/service/models/user'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); diff --git a/src/pages/api/user/update.ts b/src/pages/api/user/update.ts index 34cc1f225..0490e68bc 100644 --- a/src/pages/api/user/update.ts +++ b/src/pages/api/user/update.ts @@ -3,7 +3,7 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import { jsonRes } from '@/service/response'; import { User } from '@/service/models/user'; import { connectToDatabase } from '@/service/mongo'; -import { authToken } from '@/service/utils/auth'; +import { authUser } from '@/service/utils/auth'; import { UserUpdateParams } from '@/types/user'; /* 更新一些基本信息 */ @@ -11,7 +11,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse< try { const { openaiKey, avatar } = req.body as UserUpdateParams; - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); await connectToDatabase(); // 更新对应的记录 diff --git a/src/service/utils/auth.ts b/src/service/utils/auth.ts index b6fb40b63..59faa3938 100644 --- a/src/service/utils/auth.ts +++ b/src/service/utils/auth.ts @@ -1,6 +1,6 @@ import type { NextApiRequest } from 'next'; import jwt from 'jsonwebtoken'; -import cookie from 'cookie'; +import Cookie from 'cookie'; import { Chat, Model, OpenApi, User, ShareChat, KB } from '../mongo'; import type { ModelSchema } from '@/types/mongoSchema'; import type { ChatItemSimpleType } from '@/types/chat'; @@ -11,29 +11,100 @@ import { ERROR_ENUM } from '../errorCode'; import { ChatModelType, OpenAiChatEnum } from '@/constants/model'; import { hashPassword } from '@/service/utils/tools'; -/* 校验 token */ -export const authToken = (req: NextApiRequest): Promise => { - return new Promise((resolve, reject) => { - // 获取 cookie - const cookies = cookie.parse(req.headers.cookie || ''); - const token = cookies.token; +/* uniform auth user */ +export const authUser = async ({ + req, + userId = '', + authToken = false, + authOpenApi = false, + authRoot = false +}: { + req: NextApiRequest; + userId?: string; + authToken?: boolean; + authOpenApi?: boolean; + authRoot?: boolean; +}) => { + const parseCookie = (cookie?: string): Promise => { + return new Promise((resolve, reject) => { + // 获取 cookie + const cookies = Cookie.parse(cookie || ''); + const token = cookies.token; - if (!token) { - return reject(ERROR_ENUM.unAuthorization); + if (!token) { + return reject(ERROR_ENUM.unAuthorization); + } + + const key = process.env.TOKEN_KEY as string; + + jwt.verify(token, key, function (err, decoded: any) { + if (err || !decoded?.userId) { + reject(ERROR_ENUM.unAuthorization); + return; + } + resolve(decoded.userId); + }); + }); + }; + const parseOpenApiKey = async (apiKey?: string) => { + if (!apiKey) { + return Promise.reject(ERROR_ENUM.unAuthorization); } - const key = process.env.TOKEN_KEY as string; - - jwt.verify(token, key, function (err, decoded: any) { - if (err || !decoded?.userId) { - reject(ERROR_ENUM.unAuthorization); - return; + try { + const openApi = await OpenApi.findOne({ apiKey }); + if (!openApi) { + return Promise.reject(ERROR_ENUM.unAuthorization); } - resolve(decoded.userId); - }); - }); + const userId = String(openApi.userId); + + // 更新使用的时间 + await OpenApi.findByIdAndUpdate(openApi._id, { + lastUsedTime: new Date() + }); + + return userId; + } catch (error) { + return Promise.reject(error); + } + }; + const parseRootKey = async (rootKey?: string) => { + if (!rootKey || !process.env.ROOT_KEY || rootKey !== process.env.ROOT_KEY) { + return Promise.reject(ERROR_ENUM.unAuthorization); + } + return userId; + }; + + const { cookie, apikey, rootkey } = (req.headers || {}) as { + cookie?: string; + apikey?: string; + rootkey?: string; + }; + + let uid = ''; + + if (authToken) { + uid = await parseCookie(cookie); + } else if (authOpenApi) { + uid = await parseOpenApiKey(apikey); + } else if (authRoot) { + uid = await parseRootKey(rootkey); + } else if (cookie) { + uid = await parseCookie(cookie); + } else if (apikey) { + uid = await parseOpenApiKey(apikey); + } else if (rootkey) { + uid = await parseRootKey(rootkey); + } else { + return Promise.reject(ERROR_ENUM.unAuthorization); + } + + return { + userId: uid + }; }; +/* random get openai api key */ export const getOpenAiKey = () => { // 纯字符串类型 const keys = process.env.OPENAIKEY?.split(',') || []; @@ -158,7 +229,7 @@ export const authChat = async ({ chatId: '' | string; req: NextApiRequest; }) => { - const userId = await authToken(req); + const { userId } = await authUser({ req, authToken: true }); // 获取 model 数据 const { model, showModelDetail } = await authModel({ @@ -249,31 +320,3 @@ export const authShareChat = async ({ showModelDetail }; }; - -/* 校验 open api key */ -export const authOpenApiKey = async (req: NextApiRequest) => { - const { apikey: apiKey } = req.headers; - - if (!apiKey) { - return Promise.reject(ERROR_ENUM.unAuthorization); - } - - try { - const openApi = await OpenApi.findOne({ apiKey }); - if (!openApi) { - return Promise.reject(ERROR_ENUM.unAuthorization); - } - const userId = String(openApi.userId); - - // 更新使用的时间 - await OpenApi.findByIdAndUpdate(openApi._id, { - lastUsedTime: new Date() - }); - - return { - userId - }; - } catch (error) { - return Promise.reject(error); - } -};