wangxuming/NianAIGC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改认证中心对接方式

Browse Source
This commit is contained in:
brother7
2026-06-04 12:02:53 +08:00
parent fb0229ba06
commit ce358df201
13 changed files with 195 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/api/auth/password/route.ts
View File

@@ -2,6 +2,7 @@ import { SESSION_COOKIE_NAME, getAuthRuntimeConfig, safeNextPath, shouldUseSecur
import { createSessionCookieValue } from "@/lib/auth/session";
import { jsonError, jsonOk, readJsonBody } from "@/lib/server/api";
import { createSessionFromClaims, verifyAuthJwt } from "@/lib/server/auth/jwt";
import { prepareAuthPassword } from "@/lib/server/auth/password";
export const runtime = "nodejs";
@@ -26,6 +27,8 @@ export async function POST(request: Request) {
const body = await readJsonBody<{
username?: string;
password?: string;
password_encrypted?: boolean;
passwordEncrypted?: boolean;
code?: string;
randomStr?: string;
next?: string;
@@ -34,7 +37,7 @@ export async function POST(request: Request) {
const password = body.password || "";
const code = body.code?.trim();
const randomStr = body.randomStr?.trim();
if (!username || !password || !code || !randomStr) throw new PasswordLoginError("账号、密码和验证码不能为空。");
if (!username || !password) throw new PasswordLoginError("账号和密码不能为空。");
const token = await exchangePasswordToken({
tokenUrl: config.tokenUrl,
@@ -42,7 +45,10 @@ export async function POST(request: Request) {
clientSecret: config.clientSecret,
scope: config.scope,
username,
password,
password: prepareAuthPassword(password, {
passwordEncrypted: body.password_encrypted || body.passwordEncrypted,
passwordEncryptionKey: config.passwordEncryptionKey
}),
code,
randomStr
});
@@ -74,16 +80,16 @@ async function exchangePasswordToken(input: {
scope: string;
username: string;
password: string;
code: string;
randomStr: string;
code?: string;
randomStr?: string;
}): Promise<PasswordTokenResponse> {
const form = new URLSearchParams();
form.set("grant_type", "password");
form.set("scope", input.scope);
form.set("username", input.username);
form.set("password", input.password);
form.set("code", input.code);
form.set("randomStr", input.randomStr);
if (input.code) form.set("code", input.code);
if (input.randomStr) form.set("randomStr", input.randomStr);
const response = await fetch(input.tokenUrl, {
method: "POST",
headers: {