Add authenticated login and SSO protection

app/api/auth/captcha/route.ts

@@ -0,0 +1,25 @@
+import { getAuthRuntimeConfig } from "@/lib/auth/config";
+import { jsonError } from "@/lib/server/api";
+
+export const runtime = "nodejs";
+
+export async function GET(request: Request) {
+  try {
+    const config = getAuthRuntimeConfig();
+    if (!config.authBaseUrl) throw new Error("认证中心地址未配置。");
+    const randomStr = new URL(request.url).searchParams.get("randomStr")?.trim();
+    if (!randomStr) throw new Error("randomStr is required.");
+    const response = await fetch(`${config.authBaseUrl}/code/image?randomStr=${encodeURIComponent(randomStr)}`, {
+      cache: "no-store"
+    });
+    if (!response.ok) throw new Error(`验证码获取失败：${response.status}`);
+    return new Response(new Uint8Array(await response.arrayBuffer()), {
+      headers: {
+        "Content-Type": response.headers.get("content-type") || "image/png",
+        "Cache-Control": "no-store"
+      }
+    });
+  } catch (error) {
+    return jsonError(error, 500);
+  }
+}