fix: 合并 exchange+login 为一步,直接从 jumpToken 响应提取用户信息签发JWT
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
kkfluous
@@ -9,7 +9,7 @@ const app = new Hono();
|
||||
const EXTERNAL_API_BASE = process.env.EXTERNAL_API_BASE || 'https://beta.lnh2e.com';
|
||||
const JWT_SECRET = process.env.JWT_SECRET || 'ln-bi-default-secret';
|
||||
|
||||
/** GET /api/auth/exchange?jumpToken=xxx — 代理 jumpToken 换取 sessionToken */
|
||||
/** GET /api/auth/exchange?jumpToken=xxx — 一步完成:换取用户信息 + 签发 JWT */
|
||||
app.get('/exchange', async (c) => {
|
||||
const jumpToken = c.req.query('jumpToken');
|
||||
if (!jumpToken) return c.json({ error: 'Missing jumpToken' }, 400);
|
||||
@@ -18,47 +18,27 @@ app.get('/exchange', async (c) => {
|
||||
const res = await fetch(
|
||||
`${EXTERNAL_API_BASE}/api/lingniu-manager-v1/v1/auth/issueTokenByJump?jumpToken=${encodeURIComponent(jumpToken)}`
|
||||
);
|
||||
const data = await res.json() as { code: number; data: string | null; message: string };
|
||||
|
||||
if (data.code !== 0 || !data.data) {
|
||||
return c.json({ error: 'Token exchange failed', message: data.message }, 401);
|
||||
}
|
||||
|
||||
return c.json({ token: data.data });
|
||||
} catch (e: unknown) {
|
||||
console.error('jumpToken exchange error:', e);
|
||||
return c.json({ error: 'Token exchange failed' }, 500);
|
||||
}
|
||||
});
|
||||
|
||||
/** POST /api/auth/login — 用外部 sessionToken 获取用户信息,签发 JWT */
|
||||
app.post('/login', async (c) => {
|
||||
const body = await c.req.json<{ token: string }>().catch(() => null);
|
||||
if (!body?.token) return c.json({ error: 'Missing token' }, 400);
|
||||
|
||||
try {
|
||||
// 调用外部 API 获取用户信息
|
||||
const res = await fetch(
|
||||
`${EXTERNAL_API_BASE}/api/lingniu-manager-v1/v1/auth/getLoginUserInfo`,
|
||||
{ headers: { g7litegtoken: body.token } }
|
||||
);
|
||||
const data = await res.json() as {
|
||||
code: number;
|
||||
data: {
|
||||
id: string;
|
||||
userName: string;
|
||||
loginName: string;
|
||||
depCode: string;
|
||||
orgId: string;
|
||||
roles: { roleName: string; id: string }[];
|
||||
userInfo: {
|
||||
id: string;
|
||||
userName: string;
|
||||
loginName: string;
|
||||
depCode: string;
|
||||
orgId: string;
|
||||
roles: { roleName: string; id: string }[];
|
||||
};
|
||||
token: string;
|
||||
} | null;
|
||||
message: string;
|
||||
};
|
||||
|
||||
if (data.code !== 0 || !data.data) {
|
||||
return c.json({ error: 'Failed to get user info' }, 401);
|
||||
if (data.code !== 0 || !data.data?.userInfo) {
|
||||
return c.json({ error: 'Token exchange failed', message: data.message }, 401);
|
||||
}
|
||||
|
||||
const userInfo = data.data;
|
||||
const userInfo = data.data.userInfo;
|
||||
const roleNames = userInfo.roles.map(r => r.roleName);
|
||||
|
||||
// 确定权限级别
|
||||
@@ -89,13 +69,12 @@ app.post('/login', async (c) => {
|
||||
};
|
||||
|
||||
const token = jwt.sign(payload, JWT_SECRET, { expiresIn: '8h' });
|
||||
|
||||
const authUser: AuthUser = { ...payload };
|
||||
|
||||
return c.json({ token, user: authUser });
|
||||
} catch (e: unknown) {
|
||||
console.error('login error:', e);
|
||||
return c.json({ error: 'Login failed' }, 500);
|
||||
console.error('auth exchange error:', e);
|
||||
return c.json({ error: 'Authentication failed' }, 500);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user