@code2rich/jpage 1.5.0

package/routes/files/upload.js

@@ -0,0 +1,204 @@
+// 上传路由：multipart / JSON / ZIP(base64)。同名文件自动覆盖并保留版本历史。
+// 从 routes/files.js 提取，行为保持不变。挂在共享 router 上。
+// 注册顺序：必须在 `/:id` 系列之前注册。
+
+const fs = require('fs');
+const path = require('path');
+const { dbGet, dbRun } = require('../../lib/db');
+const { requireAuth } = require('../../lib/middleware/auth');
+const { now, unlinkQuiet, generateShareKey, currentUserId, clientIp, decodeFilename } = require('../../lib/util');
+const { UPLOAD_DIR } = require('../../lib/paths');
+const { isFtsIndexable, indexFileContent } = require('../../lib/fts');
+const { handleZipUpload } = require('../../lib/zip');
+const { uploadLimiter, upload, largeJson, MAX_FILE_SIZE, ALLOWED_TEXT_EXTS, backupAndApplyVersion } = require('./_shared');
+const logger = require('../../logger');
+
+function registerUpload(router) {
+  // --- multipart 上传 ---
+  router.post('/upload', requireAuth, uploadLimiter, upload.single('file'), async (req, res) => {
+    if (!req.file) return res.status(400).json({ error: '未上传文件' });
+    req.file.originalname = decodeFilename(req.file.originalname);
+    const ext = path.extname(req.file.originalname).toLowerCase();
+    // ZIP 处理
+    if (ext === '.zip') {
+      return handleZipUpload(req, res, await fs.promises.readFile(req.file.path));
+    }
+    let fileType = 'html';
+    if (ext === '.md' || ext === '.markdown') fileType = 'markdown';
+    const isPublic = req.body.isPublic === 'true' || req.body.isPublic === true;
+    try {
+      // 检查同名文件
+      const existing = await dbGet(
+        'SELECT id, stored_name, size, uploaded_by, file_type, is_public FROM files WHERE original_name = ?',
+        [req.file.originalname]
+      );
+
+      if (existing) {
+        // 同名文件：校验文件类型
+        if (existing.file_type !== fileType) {
+          // 类型不匹配，清理已上传的文件，拒绝覆盖
+          await unlinkQuiet(path.join(UPLOAD_DIR, req.file.filename));
+          return res.status(400).json({ error: '文件类型不匹配' });
+        }
+
+        // 备份当前版本并更新主记录（新文件已由 multer 写入磁盘）
+        const { version } = await backupAndApplyVersion(
+          existing,
+          { storedName: req.file.filename, size: req.file.size },
+          existing.uploaded_by
+        );
+
+        // FTS 索引同步
+        if (isFtsIndexable(fileType, req.file.filename)) {
+          indexFileContent(existing.id, req.file.filename);
+        }
+
+        const shareKey = await dbGet('SELECT share_key FROM files WHERE id = ?', [existing.id]).then(r => r?.share_key);
+        logger.audit('file.overwrite', { fileId: existing.id, fileName: req.file.originalname, version, fileType, size: req.file.size, ip: clientIp(req) });
+        return res.json({
+          id: existing.id,
+          overwritten: true,
+          version,
+          original_name: req.file.originalname,
+          file_type: fileType,
+          size: req.file.size,
+          is_public: existing.is_public,
+          share_key: shareKey
+        });
+      }
+
+      // 不存在同名文件：新建
+      const result = await dbRun(
+        'INSERT INTO files (original_name, stored_name, file_type, size, is_public, uploaded_by, share_key, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)',
+        [req.file.originalname, req.file.filename, fileType, req.file.size, isPublic ? 1 : 0, currentUserId(req), generateShareKey(), now()]
+      );
+      // FTS 索引同步
+      if (isFtsIndexable(fileType, req.file.filename)) {
+        indexFileContent(result.lastID, req.file.filename);
+      }
+      const shareKey = await dbGet('SELECT share_key FROM files WHERE id = ?', [result.lastID]).then(r => r?.share_key);
+      logger.audit('file.upload', { fileId: result.lastID, fileName: req.file.originalname, fileType, size: req.file.size, ip: clientIp(req) });
+      res.json({
+        id: result.lastID,
+        original_name: req.file.originalname,
+        file_type: fileType,
+        size: req.file.size,
+        is_public: isPublic ? 1 : 0,
+        share_key: shareKey
+      });
+    } catch (e) {
+      res.status(500).json({ error: '保存文件记录失败' });
+    }
+  });
+
+  // --- JSON 上传 ---
+  router.post('/upload-json', requireAuth, uploadLimiter, largeJson, async (req, res) => {
+    const { name, content, isPublic } = req.body || {};
+    if (typeof name !== 'string' || !name.trim()) return res.status(400).json({ error: '文件名不能为空' });
+    if (typeof content !== 'string') return res.status(400).json({ error: 'content 必须是字符串' });
+    const decoded = decodeFilename(name.trim());
+    const ext = path.extname(decoded).toLowerCase();
+    if (!ALLOWED_TEXT_EXTS.includes(ext)) return res.status(400).json({ error: '仅支持 HTML 和 Markdown 文件' });
+    const size = Buffer.byteLength(content, 'utf-8');
+    if (size > MAX_FILE_SIZE) return res.status(400).json({ error: '文件大小超过50MB限制' });
+    const fileType = (ext === '.md' || ext === '.markdown') ? 'markdown' : 'html';
+    const { generateStoredName } = require('./_shared');
+    const storedName = generateStoredName(ext);
+    const filePath = path.join(UPLOAD_DIR, storedName);
+    try {
+      await fs.promises.writeFile(filePath, content, 'utf-8');
+    } catch (e) {
+      logger.error({ type: 'app', message: '写入文件失败', error: e.message });
+      return res.status(500).json({ error: '写入文件失败' });
+    }
+
+    // 检查同名文件
+    const existing = await dbGet(
+      'SELECT id, stored_name, size, uploaded_by, file_type, is_public, share_key FROM files WHERE original_name = ?',
+      [decoded]
+    ).catch(() => null);
+
+    if (existing) {
+      // 同名文件：校验文件类型
+      if (existing.file_type !== fileType) {
+        await unlinkQuiet(filePath);
+        return res.status(400).json({ error: '文件类型不匹配' });
+      }
+
+      try {
+        const { version } = await backupAndApplyVersion(
+          existing,
+          { storedName, size },
+          existing.uploaded_by
+        );
+
+        // FTS 索引同步
+        if (isFtsIndexable(fileType, storedName)) {
+          indexFileContent(existing.id, storedName);
+        }
+
+        logger.audit('file.overwrite', { fileId: existing.id, fileName: decoded, version, fileType, size, ip: clientIp(req) });
+        return res.json({
+          id: existing.id,
+          overwritten: true,
+          version,
+          original_name: decoded,
+          file_type: fileType,
+          size,
+          is_public: existing.is_public,
+          share_key: existing.share_key
+        });
+      } catch (e) {
+        await unlinkQuiet(filePath);
+        return res.status(500).json({ error: '覆盖上传失败' });
+      }
+    }
+
+    // 不存在同名文件：新建
+    const isPublicFlag = isPublic === false ? 0 : 1;
+    try {
+      const result = await dbRun(
+        'INSERT INTO files (original_name, stored_name, file_type, size, is_public, uploaded_by, share_key, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)',
+        [decoded, storedName, fileType, size, isPublicFlag, currentUserId(req), generateShareKey(), now()]
+      );
+      // FTS 索引同步
+      if (isFtsIndexable(fileType, storedName)) {
+        indexFileContent(result.lastID, storedName);
+      }
+      const shareKey = await dbGet('SELECT share_key FROM files WHERE id = ?', [result.lastID]).then(r => r?.share_key);
+      logger.audit('file.upload', { fileId: result.lastID, fileName: decoded, fileType, size, ip: clientIp(req) });
+      res.json({
+        id: result.lastID,
+        original_name: decoded,
+        file_type: fileType,
+        size,
+        is_public: isPublicFlag,
+        share_key: shareKey
+      });
+    } catch (e) {
+      await unlinkQuiet(filePath);
+      res.status(500).json({ error: '保存文件记录失败' });
+    }
+  });
+
+  // --- ZIP(base64) 上传 ---
+  router.post('/upload-zip-base64', requireAuth, uploadLimiter, largeJson, async (req, res) => {
+    const { name, content, isPublic } = req.body || {};
+    if (typeof name !== 'string' || !name.trim()) return res.status(400).json({ error: '文件名不能为空' });
+    if (typeof content !== 'string') return res.status(400).json({ error: 'content 必须是字符串' });
+    const ext = path.extname(name).toLowerCase();
+    if (ext !== '.zip') return res.status(400).json({ error: '仅支持 ZIP 文件' });
+    try {
+      const zipBuffer = Buffer.from(content, 'base64');
+      if (zipBuffer.length > MAX_FILE_SIZE) return res.status(400).json({ error: 'ZIP 文件超过50MB限制' });
+      req.file = { originalname: decodeFilename(name) };
+      req.body.isPublic = isPublic;
+      return await handleZipUpload(req, res, zipBuffer);
+    } catch (e) {
+      logger.error({ type: 'app', action: 'zip.base64', error: e.message });
+      return res.status(500).json({ error: 'ZIP 处理失败: ' + e.message });
+    }
+  });
+}
+
+module.exports = { registerUpload };

package/routes/files/versions.js

@@ -0,0 +1,166 @@
+// 版本历史路由：列表 / 内容 / 渲染 / 恢复 / 删除单版本。
+// 从 routes/files.js 提取，行为保持不变。挂在共享 router 上。
+
+const fs = require('fs');
+const path = require('path');
+const { dbGet, dbAll, dbRun } = require('../../lib/db');
+const { requireAuth } = require('../../lib/middleware/auth');
+const { unlinkQuiet, currentUserId, clientIp } = require('../../lib/util');
+const { UPLOAD_DIR } = require('../../lib/paths');
+const { renderFile } = require('../../lib/render');
+const { generateStoredName, backupAndApplyVersion } = require('./_shared');
+const logger = require('../../logger');
+
+function registerVersions(router) {
+  // --- 版本列表 ---
+  router.get('/:id/versions', requireAuth, async (req, res) => {
+    try {
+      const file = await dbGet('SELECT id, size, updated_at FROM files WHERE id = ?', [req.params.id]);
+      if (!file) return res.status(404).json({ error: '文件不存在' });
+
+      const versions = await dbAll(
+        'SELECT id, version, size, created_at FROM file_versions WHERE file_id = ? ORDER BY version DESC',
+        [req.params.id]
+      );
+
+      res.json({
+        file_id: file.id,
+        current: { size: file.size, updated_at: file.updated_at },
+        versions
+      });
+    } catch (e) {
+      res.status(500).json({ error: '获取版本列表失败' });
+    }
+  });
+
+  // --- 版本内容（原文） ---
+  router.get('/:id/versions/:ver/content', requireAuth, async (req, res) => {
+    try {
+      const ver = await dbGet(
+        'SELECT * FROM file_versions WHERE file_id = ? AND version = ?',
+        [req.params.id, req.params.ver]
+      );
+      if (!ver) return res.status(404).json({ error: '版本不存在' });
+
+      const filePath = path.join(UPLOAD_DIR, ver.stored_name);
+
+      const file = await dbGet('SELECT original_name, file_type, uploaded_by FROM files WHERE id = ?', [req.params.id]);
+      if (req.userRole !== 'admin' && file?.uploaded_by !== req.userId) {
+        return res.status(403).json({ error: '无权读取此文件原文' });
+      }
+      let content;
+      try {
+        content = await fs.promises.readFile(filePath, 'utf-8');
+      } catch (e) {
+        if (e && e.code === 'ENOENT') return res.status(404).json({ error: '版本文件已丢失' });
+        throw e;
+      }
+      res.json({
+        id: parseInt(req.params.id),
+        version: ver.version,
+        original_name: file?.original_name,
+        file_type: file?.file_type,
+        content
+      });
+    } catch (e) {
+      res.status(500).json({ error: '读取版本内容失败' });
+    }
+  });
+
+  // --- 版本渲染 ---
+  router.get('/:id/versions/:ver/render', requireAuth, async (req, res) => {
+    try {
+      const ver = await dbGet(
+        'SELECT * FROM file_versions WHERE file_id = ? AND version = ?',
+        [req.params.id, req.params.ver]
+      );
+      if (!ver) return res.status(404).json({ error: '版本不存在' });
+
+      const file = await dbGet('SELECT * FROM files WHERE id = ?', [req.params.id]);
+      if (!file) return res.status(404).json({ error: '文件不存在' });
+
+      // 构造一个 file-like 对象，使用历史版本的 stored_name
+      const versionFile = { ...file, stored_name: ver.stored_name };
+      await renderFile(res, versionFile);
+    } catch (e) {
+      res.status(500).json({ error: '渲染版本失败' });
+    }
+  });
+
+  // --- 恢复历史版本 ---
+  router.post('/:id/versions/:ver/restore', requireAuth, async (req, res) => {
+    let newStoredName;
+    try {
+      const file = await dbGet('SELECT * FROM files WHERE id = ?', [req.params.id]);
+      if (!file) return res.status(404).json({ error: '文件不存在' });
+
+      const targetVer = await dbGet(
+        'SELECT * FROM file_versions WHERE file_id = ? AND version = ?',
+        [req.params.id, req.params.ver]
+      );
+      if (!targetVer) return res.status(404).json({ error: '版本不存在' });
+
+      // 读取目标版本文件内容
+      const targetPath = path.join(UPLOAD_DIR, targetVer.stored_name);
+      let targetContent;
+      try {
+        targetContent = await fs.promises.readFile(targetPath, 'utf-8');
+      } catch (e) {
+        if (e && e.code === 'ENOENT') return res.status(404).json({ error: '版本文件已丢失' });
+        throw e;
+      }
+
+      // 复制到新磁盘文件
+      const ext = file.file_type === 'markdown' ? '.md' : '.html';
+      newStoredName = generateStoredName(ext);
+      await fs.promises.writeFile(path.join(UPLOAD_DIR, newStoredName), targetContent, 'utf-8');
+
+      // 当前版本备份并更新主记录。
+      // 注意：restore 记录的是执行恢复的用户（currentUserId），与 upload/overwrite
+      // 记录 file.uploaded_by（原始上传者）的语义不同，此处刻意保留原行为。
+      const newSize = Buffer.byteLength(targetContent, 'utf-8');
+      const { version } = await backupAndApplyVersion(
+        file,
+        { storedName: newStoredName, size: newSize },
+        currentUserId(req)
+      );
+
+      logger.audit('file.restore', { fileId: file.id, fileName: file.original_name, restoredVersion: parseInt(req.params.ver), newVersion: version, ip: clientIp(req) });
+      res.json({
+        success: true,
+        id: file.id,
+        version,
+        restored_from: parseInt(req.params.ver),
+        size: newSize
+      });
+    } catch (e) {
+      if (newStoredName) { await unlinkQuiet(path.join(UPLOAD_DIR, newStoredName)); }
+      res.status(500).json({ error: '恢复版本失败' });
+    }
+  });
+
+  // --- 删除单版本 ---
+  router.delete('/:id/versions/:ver', requireAuth, async (req, res) => {
+    try {
+      const ver = await dbGet(
+        'SELECT * FROM file_versions WHERE file_id = ? AND version = ?',
+        [req.params.id, req.params.ver]
+      );
+      if (!ver) return res.status(404).json({ error: '版本不存在' });
+
+      // 删除磁盘文件
+      const filePath = path.join(UPLOAD_DIR, ver.stored_name);
+      if (fs.existsSync(filePath)) await unlinkQuiet(filePath);
+
+      // 删除版本记录
+      await dbRun('DELETE FROM file_versions WHERE id = ?', [ver.id]);
+
+      logger.audit('file.version.delete', { fileId: parseInt(req.params.id), version: parseInt(req.params.ver), ip: clientIp(req) });
+      res.json({ success: true });
+    } catch (e) {
+      res.status(500).json({ error: '删除版本失败' });
+    }
+  });
+}
+
+module.exports = { registerVersions };

package/routes/files.js

@@ -0,0 +1,16 @@
+// 文件路由入口（re-export 聚合器）。
+//
+// 历史上 routes/files.js 是一个 1097 行的单体文件。已按子域拆分到 routes/files/ 目录：
+//   _shared.js        上传配置 + 版本备份序列 + 下载头 + 路径守卫（共享层）
+//   list.js           GET /, GET /search
+//   upload.js         POST /upload, /upload-json, /upload-zip-base64
+//   crud.js           PUT /:id, DELETE /:id, POST /batch
+//   detail-serve.js   GET /:id, /:id/content, /:id/asset/*, /:id/render, /:id/download
+//   overwrite.js      POST /:id/overwrite, /:id/overwrite-json
+//   versions.js       GET /:id/versions, content/render/restore, DELETE version
+//   associations.js   PUT /:id/tags, star/unstar, /:id/category, GET /:id/stats
+//   index.js          聚合器（按原始顺序注册到单一 router）
+//
+// 此文件保留为外部入口，re-export 聚合器，使 server.js 的 require('./routes/files')
+// 与挂载点 /api/files 零变化。行为与拆分前完全一致。
+module.exports = require('./files/index');

package/routes/skills.js

@@ -0,0 +1,93 @@
+// Skills 与 MCP 配置路由。从 server.js 提取，行为保持不变。
+// 挂载点：/api（内部路径 /skills、/skills/:name、/skills/:name/download、/mcp/config）
+
+const express = require('express');
+const { dbAll } = require('../lib/db');
+const { requireAuth } = require('../lib/middleware/auth');
+const { marked } = require('../lib/templates');
+const { listSkills, getSkill, createZipStream } = require('../skills-registry');
+const logger = require('../logger');
+
+const router = express.Router();
+
+router.get('/skills', requireAuth, async (req, res) => {
+  try {
+    res.json({ skills: listSkills() });
+  } catch (e) {
+    logger.error({ type: 'app', message: '列出 skills 失败', error: e.message });
+    res.status(500).json({ error: '列出 skills 失败' });
+  }
+});
+
+router.get('/skills/:name', requireAuth, async (req, res) => {
+  const skill = getSkill(req.params.name);
+  if (!skill) return res.status(404).json({ error: 'Skill 不存在' });
+  if (skill.installBody) {
+    skill.installHtml = marked.parse(skill.installBody, { gfm: true, breaks: false, async: false });
+  }
+  res.json(skill);
+});
+
+// 生成标准 mcpServers 配置块（所有客户端共用同一格式，仅目标文件/说明不同）
+function buildServerConfig(url, token) {
+  return {
+    mcpServers: {
+      jpage: {
+        type: 'http',
+        url,
+        headers: { Authorization: `Bearer ${token || '<YOUR_TOKEN>'}` }
+      }
+    }
+  };
+}
+
+router.get('/mcp/config', requireAuth, async (req, res) => {
+  const enabled = !!process.env.MCP_TOKEN || true; // 现在总是可以用用户级 Token
+  const host = req.headers.host || `localhost:${process.env.PORT || 8858}`;
+  const protocol = req.protocol || 'http';
+  const url = `${protocol}://${host}/mcp`;
+
+  // 获取当前用户的 Token 列表
+  const tokens = await dbAll(
+    'SELECT id, name, token_prefix, created_at FROM tokens WHERE user_id = ? ORDER BY created_at DESC',
+    [req.userId]
+  );
+
+  const globalToken = process.env.MCP_TOKEN && req.userRole === 'admin' ? process.env.MCP_TOKEN : null;
+
+  // 所有客户端共用同一配置对象；差异仅在目标文件路径/说明文字
+  const config = buildServerConfig(url, globalToken);
+  const configs = [
+    { id: 'claude-code',    label: 'Claude Code',    path: '.mcp.json（项目根）或 ~/.claude.json', config },
+    { id: 'claude-desktop', label: 'Claude Desktop', path: 'claude_desktop_config.json',           config },
+    { id: 'cursor',         label: 'Cursor',         path: '~/.cursor/mcp.json',                   config },
+    { id: 'zcode',          label: 'ZCode',          path: 'ZCode 设置 → MCP 服务器',              config },
+    { id: 'generic',        label: '通用/标准 JSON', path: '任意支持 mcpServers 的客户端',         config }
+  ];
+
+  res.json({
+    enabled,
+    globalToken,
+    url,
+    tokens,
+    config,
+    configs
+  });
+});
+
+router.get('/skills/:name/download', requireAuth, (req, res) => {
+  const archive = createZipStream(req.params.name);
+  if (!archive) return res.status(404).json({ error: 'Skill 不存在' });
+  const fname = `${req.params.name}.zip`;
+  const encoded = encodeURIComponent(fname);
+  res.setHeader('Content-Type', 'application/zip');
+  res.setHeader('Content-Disposition', `attachment; filename="${encoded}"; filename*=UTF-8''${encoded}`);
+  archive.on('end', () => res.end());
+  archive.pipe(res);
+  archive.finalize().catch(e => {
+    logger.error({ type: 'app', message: 'archiver finalize 失败', error: e.message });
+    if (!res.headersSent) res.status(500).json({ error: '打包失败' });
+  });
+});
+
+module.exports = router;

package/routes/tags.js

@@ -0,0 +1,65 @@
+// 标签 CRUD 路由。从 server.js 提取，行为保持不变。
+// 挂载点：/api/tags
+// 注：文件的标签关联 /api/files/:id/tags 归 routes/files.js（同为 /api/files 前缀）。
+
+const express = require('express');
+const { dbAll, dbGet, dbRun } = require('../lib/db');
+const { requireAuth } = require('../lib/middleware/auth');
+const { clientIp } = require('../lib/util');
+const logger = require('../logger');
+
+const router = express.Router();
+
+router.get('/', requireAuth, async (req, res) => {
+  try {
+    const role = req.userRole;
+    const userId = req.userId;
+    let tags;
+    if (role === 'admin') {
+      tags = await dbAll(`
+        SELECT t.id, t.name, t.created_at, COUNT(ft.file_id) AS file_count
+        FROM tags t LEFT JOIN file_tags ft ON t.id = ft.tag_id
+        GROUP BY t.id ORDER BY t.name ASC
+      `);
+    } else {
+      tags = await dbAll(`
+        SELECT t.id, t.name, t.created_at, COUNT(ft.file_id) AS file_count
+        FROM tags t LEFT JOIN file_tags ft ON t.id = ft.tag_id
+          LEFT JOIN files f ON ft.file_id = f.id AND f.uploaded_by = ?
+        GROUP BY t.id ORDER BY t.name ASC
+      `, [userId]);
+    }
+    res.json({ tags });
+  } catch (e) {
+    res.status(500).json({ error: '获取标签失败' });
+  }
+});
+
+router.post('/', requireAuth, async (req, res) => {
+  const { name } = req.body || {};
+  if (!name || !name.trim()) return res.status(400).json({ error: '标签名不能为空' });
+  try {
+    const existing = await dbGet('SELECT id, name, created_at FROM tags WHERE name = ?', [name.trim()]);
+    if (existing) return res.json(existing);
+    const result = await dbRun('INSERT INTO tags (name) VALUES (?)', [name.trim()]);
+    res.json({ id: result.lastID, name: name.trim() });
+    logger.audit('tag.create', { tagId: result.lastID, tagName: name.trim(), ip: clientIp(req) });
+  } catch (e) {
+    res.status(500).json({ error: '创建标签失败' });
+  }
+});
+
+router.delete('/:id', requireAuth, async (req, res) => {
+  try {
+    const tag = await dbGet('SELECT id FROM tags WHERE id = ?', [req.params.id]);
+    if (!tag) return res.status(404).json({ error: '标签不存在' });
+    await dbRun('DELETE FROM file_tags WHERE tag_id = ?', [req.params.id]);
+    await dbRun('DELETE FROM tags WHERE id = ?', [req.params.id]);
+    res.json({ success: true });
+    logger.audit('tag.delete', { tagId: req.params.id, ip: clientIp(req) });
+  } catch (e) {
+    res.status(500).json({ error: '删除标签失败' });
+  }
+});
+
+module.exports = router;

package/routes/tokens.js

@@ -0,0 +1,110 @@
+// API Token 管理路由：创建 / 列表 / 查看明文 / 删除。
+// 鉴权用 SHA-256 哈希比对（lib/middleware/auth.js），与可逆加密存储（lib/crypto.js）相互独立：
+//   - token_hash：不可逆哈希，用于 Bearer 鉴权。
+//   - token_enc：AES-256-GCM 密文，使已登录用户可在 UI 上再次查看/复制明文。
+
+const express = require('express');
+const crypto = require('crypto');
+const { dbGet, dbRun, dbAll } = require('../lib/db');
+const { requireAuth } = require('../lib/middleware/auth');
+const { clientIp } = require('../lib/util');
+const { encryptToken, decryptToken } = require('../lib/crypto');
+const logger = require('../logger');
+
+const router = express.Router();
+
+function generateApiToken() {
+  const chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+  const bytes = crypto.randomBytes(32);
+  let token = 'jp_';
+  for (let i = 0; i < 32; i++) {
+    token += chars[bytes[i] % chars.length];
+  }
+  return token;
+}
+
+router.get('/', requireAuth, async (req, res) => {
+  try {
+    const tokens = await dbAll(
+      'SELECT id, name, token_prefix, last_used_at, created_at, token_enc IS NOT NULL AS viewable FROM tokens WHERE user_id = ? ORDER BY created_at DESC',
+      [req.userId]
+    );
+    res.json({ tokens });
+  } catch (e) {
+    res.status(500).json({ error: '获取令牌列表失败' });
+  }
+});
+
+router.post('/', requireAuth, async (req, res) => {
+  const { name } = req.body || {};
+  if (!name || !name.trim()) return res.status(400).json({ error: '令牌名称不能为空' });
+  try {
+    // 每用户最多 10 个 Token
+    const count = await dbGet('SELECT COUNT(*) AS c FROM tokens WHERE user_id = ?', [req.userId]);
+    if (count.c >= 10) return res.status(400).json({ error: '最多创建 10 个令牌' });
+
+    const tokenValue = generateApiToken();
+    const tokenHash = crypto.createHash('sha256').update(tokenValue).digest('hex');
+    const tokenPrefix = tokenValue.slice(0, 8);
+    const tokenEnc = encryptToken(tokenValue); // 可逆加密存储，用于后续查看明文
+
+    const result = await dbRun(
+      'INSERT INTO tokens (user_id, name, token_hash, token_prefix, token_enc) VALUES (?, ?, ?, ?, ?)',
+      [req.userId, name.trim(), tokenHash, tokenPrefix, tokenEnc]
+    );
+    logger.audit('token.create', { tokenId: result.lastID, name: name.trim(), userId: req.userId, ip: clientIp(req) });
+    res.json({
+      id: result.lastID,
+      name: name.trim(),
+      token: tokenValue,
+      token_prefix: tokenPrefix,
+    });
+  } catch (e) {
+    res.status(500).json({ error: '创建令牌失败' });
+  }
+});
+
+// 查看令牌明文：旧令牌（token_enc 为 NULL）不可查看，仅返回友好提示。
+router.post('/:id/reveal', requireAuth, async (req, res) => {
+  const tokenId = parseInt(req.params.id);
+  if (isNaN(tokenId)) return res.status(400).json({ error: '无效令牌 ID' });
+  try {
+    const token = await dbGet('SELECT * FROM tokens WHERE id = ?', [tokenId]);
+    if (!token) return res.status(404).json({ error: '令牌不存在' });
+    if (token.user_id !== req.userId && req.userRole !== 'admin') {
+      return res.status(403).json({ error: '无权查看此令牌' });
+    }
+    if (!token.token_enc) {
+      return res.status(409).json({ error: '此令牌创建于功能启用前，无法查看明文，请删除后重建' });
+    }
+    try {
+      const plain = decryptToken(token.token_enc);
+      logger.audit('token.reveal', { tokenId, userId: req.userId, ip: clientIp(req) });
+      res.json({ token: plain });
+    } catch (e) {
+      // 密钥变更或密文损坏，无法解密
+      res.status(409).json({ error: '此令牌无法解密，请删除后重建' });
+    }
+  } catch (e) {
+    res.status(500).json({ error: '查看令牌失败' });
+  }
+});
+
+router.delete('/:id', requireAuth, async (req, res) => {
+  const tokenId = parseInt(req.params.id);
+  if (isNaN(tokenId)) return res.status(400).json({ error: '无效令牌 ID' });
+  try {
+    const token = await dbGet('SELECT * FROM tokens WHERE id = ?', [tokenId]);
+    if (!token) return res.status(404).json({ error: '令牌不存在' });
+    if (token.user_id !== req.userId && req.userRole !== 'admin') {
+      return res.status(403).json({ error: '无权删除此令牌' });
+    }
+    await dbRun('DELETE FROM tokens WHERE id = ?', [tokenId]);
+    logger.audit('token.delete', { tokenId, userId: req.userId, ip: clientIp(req) });
+    res.json({ success: true });
+  } catch (e) {
+    res.status(500).json({ error: '删除令牌失败' });
+  }
+});
+
+module.exports = router;