@wecode-team/cms-supabase-api 0.1.39 → 0.1.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.esm.js +342 -174
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +342 -174
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.esm.js
CHANGED
|
@@ -1018,8 +1018,8 @@ function _defineProperty(e, r, t) {
|
|
|
1018
1018
|
}) : e[r] = t, e;
|
|
1019
1019
|
}
|
|
1020
1020
|
|
|
1021
|
-
function ownKeys$
|
|
1022
|
-
function _objectSpread$
|
|
1021
|
+
function ownKeys$3(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
1022
|
+
function _objectSpread$3(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$3(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$3(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
1023
1023
|
function _createForOfIteratorHelper$2(r, e) { var t = "undefined" != typeof Symbol && r[Symbol.iterator] || r["@@iterator"]; if (!t) { if (Array.isArray(r) || (t = _unsupportedIterableToArray$3(r)) || e && r && "number" == typeof r.length) { t && (r = t); var _n = 0, F = function F() {}; return { s: F, n: function n() { return _n >= r.length ? { done: !0 } : { done: !1, value: r[_n++] }; }, e: function e(r) { throw r; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var o, a = !0, u = !1; return { s: function s() { t = t.call(r); }, n: function n() { var r = t.next(); return a = r.done, r; }, e: function e(r) { u = !0, o = r; }, f: function f() { try { a || null == t["return"] || t["return"](); } finally { if (u) throw o; } } }; }
|
|
1024
1024
|
function _unsupportedIterableToArray$3(r, a) { if (r) { if ("string" == typeof r) return _arrayLikeToArray$3(r, a); var t = {}.toString.call(r).slice(8, -1); return "Object" === t && r.constructor && (t = r.constructor.name), "Map" === t || "Set" === t ? Array.from(r) : "Arguments" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? _arrayLikeToArray$3(r, a) : void 0; } }
|
|
1025
1025
|
function _arrayLikeToArray$3(r, a) { (null == a || a > r.length) && (a = r.length); for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e]; return n; }
|
|
@@ -2074,7 +2074,7 @@ var DynamicTableService = /*#__PURE__*/function () {
|
|
|
2074
2074
|
throw error;
|
|
2075
2075
|
case 2:
|
|
2076
2076
|
return _context14.abrupt("return", (data || []).map(function (item) {
|
|
2077
|
-
return _objectSpread$
|
|
2077
|
+
return _objectSpread$3({
|
|
2078
2078
|
id: item.id,
|
|
2079
2079
|
label: item[displayField] || "ID: ".concat(item.id)
|
|
2080
2080
|
}, item);
|
|
@@ -2187,8 +2187,8 @@ function getDynamicTableService() {
|
|
|
2187
2187
|
return defaultService$1;
|
|
2188
2188
|
}
|
|
2189
2189
|
|
|
2190
|
-
function ownKeys$
|
|
2191
|
-
function _objectSpread$
|
|
2190
|
+
function ownKeys$2(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
2191
|
+
function _objectSpread$2(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$2(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$2(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
2192
2192
|
var AuthService = /*#__PURE__*/function () {
|
|
2193
2193
|
function AuthService() {
|
|
2194
2194
|
_classCallCheck(this, AuthService);
|
|
@@ -2365,7 +2365,7 @@ var AuthService = /*#__PURE__*/function () {
|
|
|
2365
2365
|
return _regeneratorRuntime.wrap(function (_context4) {
|
|
2366
2366
|
while (1) switch (_context4.prev = _context4.next) {
|
|
2367
2367
|
case 0:
|
|
2368
|
-
finalUserData = _objectSpread$
|
|
2368
|
+
finalUserData = _objectSpread$2({
|
|
2369
2369
|
tableName: this.defaultTableName
|
|
2370
2370
|
}, userData);
|
|
2371
2371
|
_context4.prev = 1;
|
|
@@ -2423,7 +2423,7 @@ var AuthService = /*#__PURE__*/function () {
|
|
|
2423
2423
|
case 0:
|
|
2424
2424
|
updateData = _args5.length > 1 && _args5[1] !== undefined ? _args5[1] : {};
|
|
2425
2425
|
// 设置默认值
|
|
2426
|
-
finalUpdateData = _objectSpread$
|
|
2426
|
+
finalUpdateData = _objectSpread$2({
|
|
2427
2427
|
tableName: this.defaultTableName
|
|
2428
2428
|
}, updateData);
|
|
2429
2429
|
_context5.prev = 1;
|
|
@@ -4205,8 +4205,8 @@ var _excluded = ["id", "created_at", "updated_at"],
|
|
|
4205
4205
|
function _createForOfIteratorHelper(r, e) { var t = "undefined" != typeof Symbol && r[Symbol.iterator] || r["@@iterator"]; if (!t) { if (Array.isArray(r) || (t = _unsupportedIterableToArray(r)) || e && r && "number" == typeof r.length) { t && (r = t); var _n2 = 0, F = function F() {}; return { s: F, n: function n() { return _n2 >= r.length ? { done: !0 } : { done: !1, value: r[_n2++] }; }, e: function e(r) { throw r; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var o, a = !0, u = !1; return { s: function s() { t = t.call(r); }, n: function n() { var r = t.next(); return a = r.done, r; }, e: function e(r) { u = !0, o = r; }, f: function f() { try { a || null == t["return"] || t["return"](); } finally { if (u) throw o; } } }; }
|
|
4206
4206
|
function _unsupportedIterableToArray(r, a) { if (r) { if ("string" == typeof r) return _arrayLikeToArray(r, a); var t = {}.toString.call(r).slice(8, -1); return "Object" === t && r.constructor && (t = r.constructor.name), "Map" === t || "Set" === t ? Array.from(r) : "Arguments" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? _arrayLikeToArray(r, a) : void 0; } }
|
|
4207
4207
|
function _arrayLikeToArray(r, a) { (null == a || a > r.length) && (a = r.length); for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e]; return n; }
|
|
4208
|
-
function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
4209
|
-
function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
4208
|
+
function ownKeys$1(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
4209
|
+
function _objectSpread$1(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$1(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$1(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
4210
4210
|
function normalizeJsonLikeFields(schemaFields, payload) {
|
|
4211
4211
|
if (!schemaFields || schemaFields.length === 0) return payload;
|
|
4212
4212
|
var jsonLikeFieldNames = new Set(schemaFields.filter(function (f) {
|
|
@@ -4215,7 +4215,7 @@ function normalizeJsonLikeFields(schemaFields, payload) {
|
|
|
4215
4215
|
return f.name;
|
|
4216
4216
|
}));
|
|
4217
4217
|
if (jsonLikeFieldNames.size === 0) return payload;
|
|
4218
|
-
var normalized = _objectSpread({}, payload);
|
|
4218
|
+
var normalized = _objectSpread$1({}, payload);
|
|
4219
4219
|
for (var _i = 0, _Object$entries = Object.entries(payload); _i < _Object$entries.length; _i++) {
|
|
4220
4220
|
var _Object$entries$_i = _slicedToArray(_Object$entries[_i], 2),
|
|
4221
4221
|
key = _Object$entries$_i[0],
|
|
@@ -5311,6 +5311,8 @@ var AuthUtils = /*#__PURE__*/function () {
|
|
|
5311
5311
|
}]);
|
|
5312
5312
|
}();
|
|
5313
5313
|
|
|
5314
|
+
function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
5315
|
+
function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
5314
5316
|
function getRoleFromSupabaseUser$2(user) {
|
|
5315
5317
|
var _user$app_metadata, _user$user_metadata;
|
|
5316
5318
|
var appRole = user === null || user === void 0 || (_user$app_metadata = user.app_metadata) === null || _user$app_metadata === void 0 ? void 0 : _user$app_metadata.role;
|
|
@@ -5335,68 +5337,225 @@ function toSupabaseEmail(account, sessionId) {
|
|
|
5335
5337
|
var sid = normalizeSessionId(sessionId);
|
|
5336
5338
|
return "".concat(sid, "_").concat(localPart, "@").concat(domain);
|
|
5337
5339
|
}
|
|
5340
|
+
function buildAdminMetadata(existingMetadata, sessionId, account) {
|
|
5341
|
+
return _objectSpread(_objectSpread({}, existingMetadata || {}), {}, {
|
|
5342
|
+
role: "admin",
|
|
5343
|
+
session_id: normalizeSessionId(sessionId),
|
|
5344
|
+
original_username: account
|
|
5345
|
+
});
|
|
5346
|
+
}
|
|
5347
|
+
function findAuthUserByEmail(_x, _x2) {
|
|
5348
|
+
return _findAuthUserByEmail.apply(this, arguments);
|
|
5349
|
+
}
|
|
5350
|
+
function _findAuthUserByEmail() {
|
|
5351
|
+
_findAuthUserByEmail = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee2(supabase, email) {
|
|
5352
|
+
var normalizedEmail, page, _yield$supabase$auth$2, data, error, users, matchedUser;
|
|
5353
|
+
return _regeneratorRuntime.wrap(function (_context2) {
|
|
5354
|
+
while (1) switch (_context2.prev = _context2.next) {
|
|
5355
|
+
case 0:
|
|
5356
|
+
normalizedEmail = email.trim().toLowerCase();
|
|
5357
|
+
page = 1;
|
|
5358
|
+
case 1:
|
|
5359
|
+
if (!(page <= 10)) {
|
|
5360
|
+
_context2.next = 6;
|
|
5361
|
+
break;
|
|
5362
|
+
}
|
|
5363
|
+
_context2.next = 2;
|
|
5364
|
+
return supabase.auth.admin.listUsers({
|
|
5365
|
+
page: page,
|
|
5366
|
+
perPage: 200
|
|
5367
|
+
});
|
|
5368
|
+
case 2:
|
|
5369
|
+
_yield$supabase$auth$2 = _context2.sent;
|
|
5370
|
+
data = _yield$supabase$auth$2.data;
|
|
5371
|
+
error = _yield$supabase$auth$2.error;
|
|
5372
|
+
if (!error) {
|
|
5373
|
+
_context2.next = 3;
|
|
5374
|
+
break;
|
|
5375
|
+
}
|
|
5376
|
+
throw error;
|
|
5377
|
+
case 3:
|
|
5378
|
+
users = (data === null || data === void 0 ? void 0 : data.users) || [];
|
|
5379
|
+
matchedUser = users.find(function (user) {
|
|
5380
|
+
var _user$email;
|
|
5381
|
+
return ((_user$email = user.email) === null || _user$email === void 0 ? void 0 : _user$email.trim().toLowerCase()) === normalizedEmail;
|
|
5382
|
+
});
|
|
5383
|
+
if (!matchedUser) {
|
|
5384
|
+
_context2.next = 4;
|
|
5385
|
+
break;
|
|
5386
|
+
}
|
|
5387
|
+
return _context2.abrupt("return", matchedUser);
|
|
5388
|
+
case 4:
|
|
5389
|
+
if (!(users.length < 200)) {
|
|
5390
|
+
_context2.next = 5;
|
|
5391
|
+
break;
|
|
5392
|
+
}
|
|
5393
|
+
return _context2.abrupt("return", null);
|
|
5394
|
+
case 5:
|
|
5395
|
+
page += 1;
|
|
5396
|
+
_context2.next = 1;
|
|
5397
|
+
break;
|
|
5398
|
+
case 6:
|
|
5399
|
+
return _context2.abrupt("return", null);
|
|
5400
|
+
case 7:
|
|
5401
|
+
case "end":
|
|
5402
|
+
return _context2.stop();
|
|
5403
|
+
}
|
|
5404
|
+
}, _callee2);
|
|
5405
|
+
}));
|
|
5406
|
+
return _findAuthUserByEmail.apply(this, arguments);
|
|
5407
|
+
}
|
|
5408
|
+
function insertAdminRegistryRow(_x3, _x4, _x5, _x6) {
|
|
5409
|
+
return _insertAdminRegistryRow.apply(this, arguments);
|
|
5410
|
+
}
|
|
5411
|
+
function _insertAdminRegistryRow() {
|
|
5412
|
+
_insertAdminRegistryRow = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee3(supabase, sessionId, userId, account) {
|
|
5413
|
+
return _regeneratorRuntime.wrap(function (_context3) {
|
|
5414
|
+
while (1) switch (_context3.prev = _context3.next) {
|
|
5415
|
+
case 0:
|
|
5416
|
+
_context3.next = 1;
|
|
5417
|
+
return supabase.from("_cms_admin_registry").insert({
|
|
5418
|
+
session_id: normalizeSessionId(sessionId),
|
|
5419
|
+
user_id: userId,
|
|
5420
|
+
email: account
|
|
5421
|
+
});
|
|
5422
|
+
case 1:
|
|
5423
|
+
return _context3.abrupt("return", _context3.sent);
|
|
5424
|
+
case 2:
|
|
5425
|
+
case "end":
|
|
5426
|
+
return _context3.stop();
|
|
5427
|
+
}
|
|
5428
|
+
}, _callee3);
|
|
5429
|
+
}));
|
|
5430
|
+
return _insertAdminRegistryRow.apply(this, arguments);
|
|
5431
|
+
}
|
|
5432
|
+
function promoteExistingUserToSessionAdmin(_x7, _x8, _x9, _x0) {
|
|
5433
|
+
return _promoteExistingUserToSessionAdmin.apply(this, arguments);
|
|
5434
|
+
}
|
|
5435
|
+
function _promoteExistingUserToSessionAdmin() {
|
|
5436
|
+
_promoteExistingUserToSessionAdmin = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee4(supabase, email, sessionId, account) {
|
|
5437
|
+
var existingUser, _yield$supabase$auth$3, updatedData, updateError, insertRes;
|
|
5438
|
+
return _regeneratorRuntime.wrap(function (_context4) {
|
|
5439
|
+
while (1) switch (_context4.prev = _context4.next) {
|
|
5440
|
+
case 0:
|
|
5441
|
+
_context4.next = 1;
|
|
5442
|
+
return findAuthUserByEmail(supabase, email);
|
|
5443
|
+
case 1:
|
|
5444
|
+
existingUser = _context4.sent;
|
|
5445
|
+
if (existingUser) {
|
|
5446
|
+
_context4.next = 2;
|
|
5447
|
+
break;
|
|
5448
|
+
}
|
|
5449
|
+
return _context4.abrupt("return", {
|
|
5450
|
+
success: false,
|
|
5451
|
+
message: "用户名已存在,但未能找到对应用户"
|
|
5452
|
+
});
|
|
5453
|
+
case 2:
|
|
5454
|
+
_context4.next = 3;
|
|
5455
|
+
return supabase.auth.admin.updateUserById(existingUser.id, {
|
|
5456
|
+
app_metadata: buildAdminMetadata(existingUser.app_metadata, sessionId, account),
|
|
5457
|
+
user_metadata: buildAdminMetadata(existingUser.user_metadata, sessionId, account)
|
|
5458
|
+
});
|
|
5459
|
+
case 3:
|
|
5460
|
+
_yield$supabase$auth$3 = _context4.sent;
|
|
5461
|
+
updatedData = _yield$supabase$auth$3.data;
|
|
5462
|
+
updateError = _yield$supabase$auth$3.error;
|
|
5463
|
+
if (!(updateError || !(updatedData !== null && updatedData !== void 0 && updatedData.user))) {
|
|
5464
|
+
_context4.next = 4;
|
|
5465
|
+
break;
|
|
5466
|
+
}
|
|
5467
|
+
return _context4.abrupt("return", {
|
|
5468
|
+
success: false,
|
|
5469
|
+
message: (updateError === null || updateError === void 0 ? void 0 : updateError.message) || "管理员账号升级失败"
|
|
5470
|
+
});
|
|
5471
|
+
case 4:
|
|
5472
|
+
_context4.next = 5;
|
|
5473
|
+
return insertAdminRegistryRow(supabase, sessionId, updatedData.user.id, account);
|
|
5474
|
+
case 5:
|
|
5475
|
+
insertRes = _context4.sent;
|
|
5476
|
+
if (!insertRes.error) {
|
|
5477
|
+
_context4.next = 6;
|
|
5478
|
+
break;
|
|
5479
|
+
}
|
|
5480
|
+
return _context4.abrupt("return", {
|
|
5481
|
+
success: false,
|
|
5482
|
+
message: "管理员已被创建,请使用已有账号登录"
|
|
5483
|
+
});
|
|
5484
|
+
case 6:
|
|
5485
|
+
return _context4.abrupt("return", {
|
|
5486
|
+
success: true,
|
|
5487
|
+
user: updatedData.user
|
|
5488
|
+
});
|
|
5489
|
+
case 7:
|
|
5490
|
+
case "end":
|
|
5491
|
+
return _context4.stop();
|
|
5492
|
+
}
|
|
5493
|
+
}, _callee4);
|
|
5494
|
+
}));
|
|
5495
|
+
return _promoteExistingUserToSessionAdmin.apply(this, arguments);
|
|
5496
|
+
}
|
|
5338
5497
|
function getUserSessionId(user) {
|
|
5339
5498
|
var _user$user_metadata2;
|
|
5340
5499
|
return normalizeSessionId(user === null || user === void 0 || (_user$user_metadata2 = user.user_metadata) === null || _user$user_metadata2 === void 0 ? void 0 : _user$user_metadata2.session_id);
|
|
5341
5500
|
}
|
|
5342
|
-
function getEffectiveRoleForSession(
|
|
5501
|
+
function getEffectiveRoleForSession(_x1, _x10) {
|
|
5343
5502
|
return _getEffectiveRoleForSession.apply(this, arguments);
|
|
5344
5503
|
} // POST - 用户登录
|
|
5345
5504
|
function _getEffectiveRoleForSession() {
|
|
5346
|
-
_getEffectiveRoleForSession = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5505
|
+
_getEffectiveRoleForSession = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee5(user, sessionId) {
|
|
5347
5506
|
var supabase, sid, role, ok;
|
|
5348
|
-
return _regeneratorRuntime.wrap(function (
|
|
5349
|
-
while (1) switch (
|
|
5507
|
+
return _regeneratorRuntime.wrap(function (_context5) {
|
|
5508
|
+
while (1) switch (_context5.prev = _context5.next) {
|
|
5350
5509
|
case 0:
|
|
5351
5510
|
supabase = getSupabase();
|
|
5352
5511
|
sid = normalizeSessionId(sessionId);
|
|
5353
5512
|
role = getRoleFromSupabaseUser$2(user) || "user";
|
|
5354
5513
|
if (!(role !== "admin")) {
|
|
5355
|
-
|
|
5514
|
+
_context5.next = 1;
|
|
5356
5515
|
break;
|
|
5357
5516
|
}
|
|
5358
|
-
return
|
|
5517
|
+
return _context5.abrupt("return", role);
|
|
5359
5518
|
case 1:
|
|
5360
5519
|
if (!(getUserSessionId(user) !== sid)) {
|
|
5361
|
-
|
|
5520
|
+
_context5.next = 2;
|
|
5362
5521
|
break;
|
|
5363
5522
|
}
|
|
5364
|
-
return
|
|
5523
|
+
return _context5.abrupt("return", "user");
|
|
5365
5524
|
case 2:
|
|
5366
|
-
|
|
5525
|
+
_context5.next = 3;
|
|
5367
5526
|
return isUserSessionAdmin(supabase, sid, user.id);
|
|
5368
5527
|
case 3:
|
|
5369
|
-
ok =
|
|
5370
|
-
return
|
|
5528
|
+
ok = _context5.sent;
|
|
5529
|
+
return _context5.abrupt("return", ok ? "admin" : "user");
|
|
5371
5530
|
case 4:
|
|
5372
5531
|
case "end":
|
|
5373
|
-
return
|
|
5532
|
+
return _context5.stop();
|
|
5374
5533
|
}
|
|
5375
|
-
},
|
|
5534
|
+
}, _callee5);
|
|
5376
5535
|
}));
|
|
5377
5536
|
return _getEffectiveRoleForSession.apply(this, arguments);
|
|
5378
5537
|
}
|
|
5379
|
-
function login(
|
|
5538
|
+
function login(_x11, _x12) {
|
|
5380
5539
|
return _login.apply(this, arguments);
|
|
5381
5540
|
}
|
|
5382
5541
|
// GET - 是否允许注册(首次进入需要创建管理员账号)
|
|
5383
5542
|
function _login() {
|
|
5384
|
-
_login = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5385
|
-
var _data$session, body, username, password, supabase, sessionId, email, _yield$supabase$auth$
|
|
5386
|
-
return _regeneratorRuntime.wrap(function (
|
|
5387
|
-
while (1) switch (
|
|
5543
|
+
_login = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee6(c, tableName) {
|
|
5544
|
+
var _data$session, body, username, password, supabase, sessionId, email, _yield$supabase$auth$4, data, error, token, user, role, _t3;
|
|
5545
|
+
return _regeneratorRuntime.wrap(function (_context6) {
|
|
5546
|
+
while (1) switch (_context6.prev = _context6.next) {
|
|
5388
5547
|
case 0:
|
|
5389
|
-
|
|
5390
|
-
|
|
5548
|
+
_context6.prev = 0;
|
|
5549
|
+
_context6.next = 1;
|
|
5391
5550
|
return c.req.json();
|
|
5392
5551
|
case 1:
|
|
5393
|
-
body =
|
|
5552
|
+
body = _context6.sent;
|
|
5394
5553
|
username = body.username, password = body.password; // 验证必填字段
|
|
5395
5554
|
if (!(!username || !password)) {
|
|
5396
|
-
|
|
5555
|
+
_context6.next = 2;
|
|
5397
5556
|
break;
|
|
5398
5557
|
}
|
|
5399
|
-
return
|
|
5558
|
+
return _context6.abrupt("return", c.json({
|
|
5400
5559
|
success: false,
|
|
5401
5560
|
message: "用户名和密码不能为空"
|
|
5402
5561
|
}, 200));
|
|
@@ -5405,43 +5564,43 @@ function _login() {
|
|
|
5405
5564
|
supabase = getSupabase();
|
|
5406
5565
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5407
5566
|
if (username.includes("@")) {
|
|
5408
|
-
|
|
5567
|
+
_context6.next = 3;
|
|
5409
5568
|
break;
|
|
5410
5569
|
}
|
|
5411
|
-
return
|
|
5570
|
+
return _context6.abrupt("return", c.json({
|
|
5412
5571
|
success: false,
|
|
5413
5572
|
message: "请输入邮箱格式的用户名"
|
|
5414
5573
|
}, 200));
|
|
5415
5574
|
case 3:
|
|
5416
5575
|
email = toSupabaseEmail(username, sessionId);
|
|
5417
|
-
|
|
5576
|
+
_context6.next = 4;
|
|
5418
5577
|
return supabase.auth.signInWithPassword({
|
|
5419
5578
|
email: email,
|
|
5420
5579
|
password: password
|
|
5421
5580
|
});
|
|
5422
5581
|
case 4:
|
|
5423
|
-
_yield$supabase$auth$
|
|
5424
|
-
data = _yield$supabase$auth$
|
|
5425
|
-
error = _yield$supabase$auth$
|
|
5582
|
+
_yield$supabase$auth$4 = _context6.sent;
|
|
5583
|
+
data = _yield$supabase$auth$4.data;
|
|
5584
|
+
error = _yield$supabase$auth$4.error;
|
|
5426
5585
|
if (!(error || !(data !== null && data !== void 0 && (_data$session = data.session) !== null && _data$session !== void 0 && _data$session.access_token) || !(data !== null && data !== void 0 && data.user))) {
|
|
5427
|
-
|
|
5586
|
+
_context6.next = 5;
|
|
5428
5587
|
break;
|
|
5429
5588
|
}
|
|
5430
|
-
return
|
|
5589
|
+
return _context6.abrupt("return", c.json({
|
|
5431
5590
|
success: false,
|
|
5432
5591
|
message: (error === null || error === void 0 ? void 0 : error.message) || "登录失败"
|
|
5433
5592
|
}, 200));
|
|
5434
5593
|
case 5:
|
|
5435
5594
|
token = data.session.access_token;
|
|
5436
5595
|
user = data.user;
|
|
5437
|
-
|
|
5596
|
+
_context6.next = 6;
|
|
5438
5597
|
return ensureAdminRegistryTable(supabase);
|
|
5439
5598
|
case 6:
|
|
5440
|
-
|
|
5599
|
+
_context6.next = 7;
|
|
5441
5600
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5442
5601
|
case 7:
|
|
5443
|
-
role =
|
|
5444
|
-
return
|
|
5602
|
+
role = _context6.sent;
|
|
5603
|
+
return _context6.abrupt("return", c.json({
|
|
5445
5604
|
success: true,
|
|
5446
5605
|
message: "登录成功",
|
|
5447
5606
|
data: {
|
|
@@ -5455,44 +5614,44 @@ function _login() {
|
|
|
5455
5614
|
}
|
|
5456
5615
|
}, 200));
|
|
5457
5616
|
case 8:
|
|
5458
|
-
|
|
5459
|
-
_t3 =
|
|
5617
|
+
_context6.prev = 8;
|
|
5618
|
+
_t3 = _context6["catch"](0);
|
|
5460
5619
|
console.error("登录失败:", _t3);
|
|
5461
|
-
return
|
|
5620
|
+
return _context6.abrupt("return", c.json({
|
|
5462
5621
|
success: false,
|
|
5463
5622
|
message: "登录失败",
|
|
5464
5623
|
error: _t3.message
|
|
5465
5624
|
}, 500));
|
|
5466
5625
|
case 9:
|
|
5467
5626
|
case "end":
|
|
5468
|
-
return
|
|
5627
|
+
return _context6.stop();
|
|
5469
5628
|
}
|
|
5470
|
-
},
|
|
5629
|
+
}, _callee6, null, [[0, 8]]);
|
|
5471
5630
|
}));
|
|
5472
5631
|
return _login.apply(this, arguments);
|
|
5473
5632
|
}
|
|
5474
|
-
function signupStatus(
|
|
5633
|
+
function signupStatus(_x13, _x14) {
|
|
5475
5634
|
return _signupStatus.apply(this, arguments);
|
|
5476
5635
|
}
|
|
5477
5636
|
// POST - 首次注册管理员(每个 session_id 只允许一个)
|
|
5478
5637
|
function _signupStatus() {
|
|
5479
|
-
_signupStatus = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5638
|
+
_signupStatus = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee7(c, tableName) {
|
|
5480
5639
|
var supabase, sessionId, ok, row, data, _t4;
|
|
5481
|
-
return _regeneratorRuntime.wrap(function (
|
|
5482
|
-
while (1) switch (
|
|
5640
|
+
return _regeneratorRuntime.wrap(function (_context7) {
|
|
5641
|
+
while (1) switch (_context7.prev = _context7.next) {
|
|
5483
5642
|
case 0:
|
|
5484
|
-
|
|
5643
|
+
_context7.prev = 0;
|
|
5485
5644
|
supabase = getSupabase();
|
|
5486
5645
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5487
|
-
|
|
5646
|
+
_context7.next = 1;
|
|
5488
5647
|
return ensureAdminRegistryTable(supabase);
|
|
5489
5648
|
case 1:
|
|
5490
|
-
ok =
|
|
5649
|
+
ok = _context7.sent;
|
|
5491
5650
|
if (ok) {
|
|
5492
|
-
|
|
5651
|
+
_context7.next = 2;
|
|
5493
5652
|
break;
|
|
5494
5653
|
}
|
|
5495
|
-
return
|
|
5654
|
+
return _context7.abrupt("return", c.json({
|
|
5496
5655
|
success: false,
|
|
5497
5656
|
message: "缺少表 _cms_admin_registry,请先在 Supabase SQL 编辑器手动创建",
|
|
5498
5657
|
data: {
|
|
@@ -5500,58 +5659,58 @@ function _signupStatus() {
|
|
|
5500
5659
|
}
|
|
5501
5660
|
}, 200));
|
|
5502
5661
|
case 2:
|
|
5503
|
-
|
|
5662
|
+
_context7.next = 3;
|
|
5504
5663
|
return getSessionAdminRow(supabase, sessionId);
|
|
5505
5664
|
case 3:
|
|
5506
|
-
row =
|
|
5665
|
+
row = _context7.sent;
|
|
5507
5666
|
data = {
|
|
5508
5667
|
session_id: sessionId,
|
|
5509
5668
|
hasAdmin: !!row,
|
|
5510
5669
|
allowSignup: !row
|
|
5511
5670
|
};
|
|
5512
|
-
return
|
|
5671
|
+
return _context7.abrupt("return", c.json({
|
|
5513
5672
|
success: true,
|
|
5514
5673
|
data: data
|
|
5515
5674
|
}, 200));
|
|
5516
5675
|
case 4:
|
|
5517
|
-
|
|
5518
|
-
_t4 =
|
|
5676
|
+
_context7.prev = 4;
|
|
5677
|
+
_t4 = _context7["catch"](0);
|
|
5519
5678
|
console.error("获取注册状态失败:", _t4);
|
|
5520
|
-
return
|
|
5679
|
+
return _context7.abrupt("return", c.json({
|
|
5521
5680
|
success: false,
|
|
5522
5681
|
message: "获取注册状态失败",
|
|
5523
5682
|
error: _t4.message
|
|
5524
5683
|
}, 500));
|
|
5525
5684
|
case 5:
|
|
5526
5685
|
case "end":
|
|
5527
|
-
return
|
|
5686
|
+
return _context7.stop();
|
|
5528
5687
|
}
|
|
5529
|
-
},
|
|
5688
|
+
}, _callee7, null, [[0, 4]]);
|
|
5530
5689
|
}));
|
|
5531
5690
|
return _signupStatus.apply(this, arguments);
|
|
5532
5691
|
}
|
|
5533
|
-
function signup(
|
|
5692
|
+
function signup(_x15, _x16) {
|
|
5534
5693
|
return _signup.apply(this, arguments);
|
|
5535
5694
|
}
|
|
5536
5695
|
// POST - 验证token
|
|
5537
5696
|
function _signup() {
|
|
5538
|
-
_signup = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5539
|
-
var _body$username, _data$session2, body, account, password, supabase, sessionId, email, ok, existing, _yield$supabase$auth$
|
|
5540
|
-
return _regeneratorRuntime.wrap(function (
|
|
5541
|
-
while (1) switch (
|
|
5697
|
+
_signup = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee8(c, tableName) {
|
|
5698
|
+
var _body$username, _data$session2, body, account, password, supabase, sessionId, email, ok, existing, _yield$supabase$auth$5, data, error, promoted, insertRes, token, user, role, _t5;
|
|
5699
|
+
return _regeneratorRuntime.wrap(function (_context8) {
|
|
5700
|
+
while (1) switch (_context8.prev = _context8.next) {
|
|
5542
5701
|
case 0:
|
|
5543
|
-
|
|
5544
|
-
|
|
5702
|
+
_context8.prev = 0;
|
|
5703
|
+
_context8.next = 1;
|
|
5545
5704
|
return c.req.json();
|
|
5546
5705
|
case 1:
|
|
5547
|
-
body =
|
|
5706
|
+
body = _context8.sent;
|
|
5548
5707
|
account = (_body$username = body.username) === null || _body$username === void 0 ? void 0 : _body$username.trim();
|
|
5549
5708
|
password = body.password;
|
|
5550
5709
|
if (!(!account || !password)) {
|
|
5551
|
-
|
|
5710
|
+
_context8.next = 2;
|
|
5552
5711
|
break;
|
|
5553
5712
|
}
|
|
5554
|
-
return
|
|
5713
|
+
return _context8.abrupt("return", c.json({
|
|
5555
5714
|
success: false,
|
|
5556
5715
|
message: "账号和密码不能为空"
|
|
5557
5716
|
}, 200));
|
|
@@ -5559,24 +5718,24 @@ function _signup() {
|
|
|
5559
5718
|
supabase = getSupabase();
|
|
5560
5719
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5561
5720
|
if (account.includes("@")) {
|
|
5562
|
-
|
|
5721
|
+
_context8.next = 3;
|
|
5563
5722
|
break;
|
|
5564
5723
|
}
|
|
5565
|
-
return
|
|
5724
|
+
return _context8.abrupt("return", c.json({
|
|
5566
5725
|
success: false,
|
|
5567
5726
|
message: "请输入邮箱格式的用户名"
|
|
5568
5727
|
}, 200));
|
|
5569
5728
|
case 3:
|
|
5570
5729
|
email = toSupabaseEmail(account, sessionId);
|
|
5571
|
-
|
|
5730
|
+
_context8.next = 4;
|
|
5572
5731
|
return ensureAdminRegistryTable(supabase);
|
|
5573
5732
|
case 4:
|
|
5574
|
-
ok =
|
|
5733
|
+
ok = _context8.sent;
|
|
5575
5734
|
if (ok) {
|
|
5576
|
-
|
|
5735
|
+
_context8.next = 5;
|
|
5577
5736
|
break;
|
|
5578
5737
|
}
|
|
5579
|
-
return
|
|
5738
|
+
return _context8.abrupt("return", c.json({
|
|
5580
5739
|
success: false,
|
|
5581
5740
|
message: "缺少表 _cms_admin_registry,请先在 Supabase SQL 编辑器手动创建",
|
|
5582
5741
|
data: {
|
|
@@ -5584,20 +5743,20 @@ function _signup() {
|
|
|
5584
5743
|
}
|
|
5585
5744
|
}, 200));
|
|
5586
5745
|
case 5:
|
|
5587
|
-
|
|
5746
|
+
_context8.next = 6;
|
|
5588
5747
|
return getSessionAdminRow(supabase, sessionId);
|
|
5589
5748
|
case 6:
|
|
5590
|
-
existing =
|
|
5749
|
+
existing = _context8.sent;
|
|
5591
5750
|
if (!existing) {
|
|
5592
|
-
|
|
5751
|
+
_context8.next = 7;
|
|
5593
5752
|
break;
|
|
5594
5753
|
}
|
|
5595
|
-
return
|
|
5754
|
+
return _context8.abrupt("return", c.json({
|
|
5596
5755
|
success: false,
|
|
5597
5756
|
message: "该 session 已存在管理员账号,请直接登录"
|
|
5598
5757
|
}, 200));
|
|
5599
5758
|
case 7:
|
|
5600
|
-
|
|
5759
|
+
_context8.next = 8;
|
|
5601
5760
|
return supabase.auth.signUp({
|
|
5602
5761
|
// Supabase Auth 这里仍使用 email 字段;不在服务端强制校验格式,由 Supabase 返回错误信息
|
|
5603
5762
|
email: email,
|
|
@@ -5611,60 +5770,69 @@ function _signup() {
|
|
|
5611
5770
|
}
|
|
5612
5771
|
});
|
|
5613
5772
|
case 8:
|
|
5614
|
-
_yield$supabase$auth$
|
|
5615
|
-
data = _yield$supabase$auth$
|
|
5616
|
-
error = _yield$supabase$auth$
|
|
5773
|
+
_yield$supabase$auth$5 = _context8.sent;
|
|
5774
|
+
data = _yield$supabase$auth$5.data;
|
|
5775
|
+
error = _yield$supabase$auth$5.error;
|
|
5617
5776
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5618
|
-
|
|
5777
|
+
_context8.next = 12;
|
|
5619
5778
|
break;
|
|
5620
5779
|
}
|
|
5621
5780
|
if (!isSupabaseUserAlreadyExistsError(error)) {
|
|
5622
|
-
|
|
5781
|
+
_context8.next = 11;
|
|
5623
5782
|
break;
|
|
5624
5783
|
}
|
|
5625
|
-
|
|
5784
|
+
_context8.next = 9;
|
|
5785
|
+
return promoteExistingUserToSessionAdmin(supabase, email, sessionId, account);
|
|
5786
|
+
case 9:
|
|
5787
|
+
promoted = _context8.sent;
|
|
5788
|
+
if (promoted.success) {
|
|
5789
|
+
_context8.next = 10;
|
|
5790
|
+
break;
|
|
5791
|
+
}
|
|
5792
|
+
return _context8.abrupt("return", c.json({
|
|
5626
5793
|
success: false,
|
|
5627
|
-
message:
|
|
5794
|
+
message: promoted.message
|
|
5628
5795
|
}, 200));
|
|
5629
|
-
case
|
|
5630
|
-
return
|
|
5796
|
+
case 10:
|
|
5797
|
+
return _context8.abrupt("return", c.json({
|
|
5798
|
+
success: true,
|
|
5799
|
+
message: "管理员账号已启用,请登录"
|
|
5800
|
+
}, 200));
|
|
5801
|
+
case 11:
|
|
5802
|
+
return _context8.abrupt("return", c.json({
|
|
5631
5803
|
success: false,
|
|
5632
5804
|
message: (error === null || error === void 0 ? void 0 : error.message) || "注册失败"
|
|
5633
5805
|
}, 200));
|
|
5634
|
-
case
|
|
5806
|
+
case 12:
|
|
5635
5807
|
if ((_data$session2 = data.session) !== null && _data$session2 !== void 0 && _data$session2.access_token) {
|
|
5636
|
-
|
|
5808
|
+
_context8.next = 13;
|
|
5637
5809
|
break;
|
|
5638
5810
|
}
|
|
5639
|
-
return
|
|
5811
|
+
return _context8.abrupt("return", c.json({
|
|
5640
5812
|
success: true,
|
|
5641
5813
|
message: "注册成功,请完成邮箱验证后登录"
|
|
5642
5814
|
}, 200));
|
|
5643
|
-
case
|
|
5644
|
-
|
|
5645
|
-
return supabase.
|
|
5646
|
-
|
|
5647
|
-
|
|
5648
|
-
email: account
|
|
5649
|
-
});
|
|
5650
|
-
case 12:
|
|
5651
|
-
insertRes = _context5.sent;
|
|
5815
|
+
case 13:
|
|
5816
|
+
_context8.next = 14;
|
|
5817
|
+
return insertAdminRegistryRow(supabase, sessionId, data.user.id, account);
|
|
5818
|
+
case 14:
|
|
5819
|
+
insertRes = _context8.sent;
|
|
5652
5820
|
if (!insertRes.error) {
|
|
5653
|
-
|
|
5821
|
+
_context8.next = 15;
|
|
5654
5822
|
break;
|
|
5655
5823
|
}
|
|
5656
|
-
return
|
|
5824
|
+
return _context8.abrupt("return", c.json({
|
|
5657
5825
|
success: false,
|
|
5658
5826
|
message: "管理员已被创建,请使用已有账号登录"
|
|
5659
5827
|
}, 200));
|
|
5660
|
-
case
|
|
5828
|
+
case 15:
|
|
5661
5829
|
token = data.session.access_token;
|
|
5662
5830
|
user = data.user;
|
|
5663
|
-
|
|
5831
|
+
_context8.next = 16;
|
|
5664
5832
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5665
|
-
case
|
|
5666
|
-
role =
|
|
5667
|
-
return
|
|
5833
|
+
case 16:
|
|
5834
|
+
role = _context8.sent;
|
|
5835
|
+
return _context8.abrupt("return", c.json({
|
|
5668
5836
|
success: true,
|
|
5669
5837
|
message: "注册成功",
|
|
5670
5838
|
data: {
|
|
@@ -5677,151 +5845,151 @@ function _signup() {
|
|
|
5677
5845
|
}
|
|
5678
5846
|
}
|
|
5679
5847
|
}, 200));
|
|
5680
|
-
case
|
|
5681
|
-
|
|
5682
|
-
_t5 =
|
|
5848
|
+
case 17:
|
|
5849
|
+
_context8.prev = 17;
|
|
5850
|
+
_t5 = _context8["catch"](0);
|
|
5683
5851
|
console.error("注册失败:", _t5);
|
|
5684
|
-
return
|
|
5852
|
+
return _context8.abrupt("return", c.json({
|
|
5685
5853
|
success: false,
|
|
5686
5854
|
message: "注册失败",
|
|
5687
5855
|
error: _t5.message
|
|
5688
5856
|
}, 500));
|
|
5689
|
-
case
|
|
5857
|
+
case 18:
|
|
5690
5858
|
case "end":
|
|
5691
|
-
return
|
|
5859
|
+
return _context8.stop();
|
|
5692
5860
|
}
|
|
5693
|
-
},
|
|
5861
|
+
}, _callee8, null, [[0, 17]]);
|
|
5694
5862
|
}));
|
|
5695
5863
|
return _signup.apply(this, arguments);
|
|
5696
5864
|
}
|
|
5697
|
-
function verifyAuth(
|
|
5865
|
+
function verifyAuth(_x17, _x18) {
|
|
5698
5866
|
return _verifyAuth.apply(this, arguments);
|
|
5699
5867
|
}
|
|
5700
5868
|
// GET - 获取当前用户信息
|
|
5701
5869
|
function _verifyAuth() {
|
|
5702
|
-
_verifyAuth = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5703
|
-
var authHeader, token, supabase, _yield$supabase$auth$
|
|
5704
|
-
return _regeneratorRuntime.wrap(function (
|
|
5705
|
-
while (1) switch (
|
|
5870
|
+
_verifyAuth = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee9(c, tableName) {
|
|
5871
|
+
var authHeader, token, supabase, _yield$supabase$auth$6, data, error, sessionId, role, decoded, message, responseMessage, _t6, _t7;
|
|
5872
|
+
return _regeneratorRuntime.wrap(function (_context9) {
|
|
5873
|
+
while (1) switch (_context9.prev = _context9.next) {
|
|
5706
5874
|
case 0:
|
|
5707
|
-
|
|
5875
|
+
_context9.prev = 0;
|
|
5708
5876
|
authHeader = c.req.header('Authorization');
|
|
5709
5877
|
token = AuthUtils.extractTokenFromHeader(authHeader || null);
|
|
5710
5878
|
if (token) {
|
|
5711
|
-
|
|
5879
|
+
_context9.next = 1;
|
|
5712
5880
|
break;
|
|
5713
5881
|
}
|
|
5714
|
-
return
|
|
5882
|
+
return _context9.abrupt("return", c.json({
|
|
5715
5883
|
success: false,
|
|
5716
5884
|
message: "缺少认证信息"
|
|
5717
5885
|
}, 200));
|
|
5718
5886
|
case 1:
|
|
5719
|
-
|
|
5887
|
+
_context9.prev = 1;
|
|
5720
5888
|
supabase = getSupabase();
|
|
5721
|
-
|
|
5889
|
+
_context9.next = 2;
|
|
5722
5890
|
return supabase.auth.getUser(token);
|
|
5723
5891
|
case 2:
|
|
5724
|
-
_yield$supabase$auth$
|
|
5725
|
-
data = _yield$supabase$auth$
|
|
5726
|
-
error = _yield$supabase$auth$
|
|
5892
|
+
_yield$supabase$auth$6 = _context9.sent;
|
|
5893
|
+
data = _yield$supabase$auth$6.data;
|
|
5894
|
+
error = _yield$supabase$auth$6.error;
|
|
5727
5895
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5728
|
-
|
|
5896
|
+
_context9.next = 3;
|
|
5729
5897
|
break;
|
|
5730
5898
|
}
|
|
5731
5899
|
throw new Error('INVALID_TOKEN');
|
|
5732
5900
|
case 3:
|
|
5733
5901
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5734
|
-
|
|
5902
|
+
_context9.next = 4;
|
|
5735
5903
|
return ensureAdminRegistryTable(supabase);
|
|
5736
5904
|
case 4:
|
|
5737
|
-
|
|
5905
|
+
_context9.next = 5;
|
|
5738
5906
|
return getEffectiveRoleForSession(data.user, sessionId);
|
|
5739
5907
|
case 5:
|
|
5740
|
-
role =
|
|
5908
|
+
role = _context9.sent;
|
|
5741
5909
|
decoded = {
|
|
5742
5910
|
id: data.user.id,
|
|
5743
5911
|
role: role,
|
|
5744
5912
|
session_id: sessionId
|
|
5745
5913
|
};
|
|
5746
|
-
return
|
|
5914
|
+
return _context9.abrupt("return", c.json({
|
|
5747
5915
|
success: true,
|
|
5748
5916
|
message: "认证有效",
|
|
5749
5917
|
data: decoded
|
|
5750
5918
|
}));
|
|
5751
5919
|
case 6:
|
|
5752
|
-
|
|
5753
|
-
_t6 =
|
|
5920
|
+
_context9.prev = 6;
|
|
5921
|
+
_t6 = _context9["catch"](1);
|
|
5754
5922
|
message = _t6.message;
|
|
5755
5923
|
responseMessage = message === 'TOKEN_EXPIRED' ? "登录已过期,请重新登录" : "认证信息无效";
|
|
5756
|
-
return
|
|
5924
|
+
return _context9.abrupt("return", c.json({
|
|
5757
5925
|
success: false,
|
|
5758
5926
|
message: responseMessage
|
|
5759
5927
|
}, 200));
|
|
5760
5928
|
case 7:
|
|
5761
|
-
|
|
5762
|
-
_t7 =
|
|
5929
|
+
_context9.prev = 7;
|
|
5930
|
+
_t7 = _context9["catch"](0);
|
|
5763
5931
|
console.error("验证认证失败:", _t7);
|
|
5764
|
-
return
|
|
5932
|
+
return _context9.abrupt("return", c.json({
|
|
5765
5933
|
success: false,
|
|
5766
5934
|
message: "验证认证失败",
|
|
5767
5935
|
error: _t7.message
|
|
5768
5936
|
}, 500));
|
|
5769
5937
|
case 8:
|
|
5770
5938
|
case "end":
|
|
5771
|
-
return
|
|
5939
|
+
return _context9.stop();
|
|
5772
5940
|
}
|
|
5773
|
-
},
|
|
5941
|
+
}, _callee9, null, [[0, 7], [1, 6]]);
|
|
5774
5942
|
}));
|
|
5775
5943
|
return _verifyAuth.apply(this, arguments);
|
|
5776
5944
|
}
|
|
5777
|
-
function getCurrentUser(
|
|
5945
|
+
function getCurrentUser(_x19, _x20) {
|
|
5778
5946
|
return _getCurrentUser.apply(this, arguments);
|
|
5779
5947
|
}
|
|
5780
5948
|
// 中间件:验证 Supabase JWT token
|
|
5781
5949
|
function _getCurrentUser() {
|
|
5782
|
-
_getCurrentUser = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5783
|
-
var authHeader, token, supabase, _yield$supabase$auth$
|
|
5784
|
-
return _regeneratorRuntime.wrap(function (
|
|
5785
|
-
while (1) switch (
|
|
5950
|
+
_getCurrentUser = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee0(c, tableName) {
|
|
5951
|
+
var authHeader, token, supabase, _yield$supabase$auth$7, data, error, user, sessionId, role, _t8;
|
|
5952
|
+
return _regeneratorRuntime.wrap(function (_context0) {
|
|
5953
|
+
while (1) switch (_context0.prev = _context0.next) {
|
|
5786
5954
|
case 0:
|
|
5787
|
-
|
|
5955
|
+
_context0.prev = 0;
|
|
5788
5956
|
authHeader = c.req.header('Authorization');
|
|
5789
5957
|
token = AuthUtils.extractTokenFromHeader(authHeader || null);
|
|
5790
5958
|
if (token) {
|
|
5791
|
-
|
|
5959
|
+
_context0.next = 1;
|
|
5792
5960
|
break;
|
|
5793
5961
|
}
|
|
5794
|
-
return
|
|
5962
|
+
return _context0.abrupt("return", c.json({
|
|
5795
5963
|
success: false,
|
|
5796
5964
|
message: "缺少认证信息"
|
|
5797
5965
|
}, 200));
|
|
5798
5966
|
case 1:
|
|
5799
5967
|
supabase = getSupabase();
|
|
5800
|
-
|
|
5968
|
+
_context0.next = 2;
|
|
5801
5969
|
return supabase.auth.getUser(token);
|
|
5802
5970
|
case 2:
|
|
5803
|
-
_yield$supabase$auth$
|
|
5804
|
-
data = _yield$supabase$auth$
|
|
5805
|
-
error = _yield$supabase$auth$
|
|
5971
|
+
_yield$supabase$auth$7 = _context0.sent;
|
|
5972
|
+
data = _yield$supabase$auth$7.data;
|
|
5973
|
+
error = _yield$supabase$auth$7.error;
|
|
5806
5974
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5807
|
-
|
|
5975
|
+
_context0.next = 3;
|
|
5808
5976
|
break;
|
|
5809
5977
|
}
|
|
5810
|
-
return
|
|
5978
|
+
return _context0.abrupt("return", c.json({
|
|
5811
5979
|
success: false,
|
|
5812
5980
|
message: "认证信息无效"
|
|
5813
5981
|
}, 200));
|
|
5814
5982
|
case 3:
|
|
5815
5983
|
user = data.user;
|
|
5816
5984
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5817
|
-
|
|
5985
|
+
_context0.next = 4;
|
|
5818
5986
|
return ensureAdminRegistryTable(supabase);
|
|
5819
5987
|
case 4:
|
|
5820
|
-
|
|
5988
|
+
_context0.next = 5;
|
|
5821
5989
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5822
5990
|
case 5:
|
|
5823
|
-
role =
|
|
5824
|
-
return
|
|
5991
|
+
role = _context0.sent;
|
|
5992
|
+
return _context0.abrupt("return", c.json({
|
|
5825
5993
|
success: true,
|
|
5826
5994
|
message: "获取用户信息成功",
|
|
5827
5995
|
data: {
|
|
@@ -5834,19 +6002,19 @@ function _getCurrentUser() {
|
|
|
5834
6002
|
}
|
|
5835
6003
|
}, 200));
|
|
5836
6004
|
case 6:
|
|
5837
|
-
|
|
5838
|
-
_t8 =
|
|
6005
|
+
_context0.prev = 6;
|
|
6006
|
+
_t8 = _context0["catch"](0);
|
|
5839
6007
|
console.error("获取用户信息失败:", _t8);
|
|
5840
|
-
return
|
|
6008
|
+
return _context0.abrupt("return", c.json({
|
|
5841
6009
|
success: false,
|
|
5842
6010
|
message: "获取用户信息失败",
|
|
5843
6011
|
error: _t8.message
|
|
5844
6012
|
}, 500));
|
|
5845
6013
|
case 7:
|
|
5846
6014
|
case "end":
|
|
5847
|
-
return
|
|
6015
|
+
return _context0.stop();
|
|
5848
6016
|
}
|
|
5849
|
-
},
|
|
6017
|
+
}, _callee0, null, [[0, 6]]);
|
|
5850
6018
|
}));
|
|
5851
6019
|
return _getCurrentUser.apply(this, arguments);
|
|
5852
6020
|
}
|
|
@@ -5920,7 +6088,7 @@ function requireAuth(handler) {
|
|
|
5920
6088
|
}
|
|
5921
6089
|
}, _callee, null, [[0, 5], [1, 4]]);
|
|
5922
6090
|
}));
|
|
5923
|
-
return function (
|
|
6091
|
+
return function (_x21) {
|
|
5924
6092
|
return _ref.apply(this, arguments);
|
|
5925
6093
|
};
|
|
5926
6094
|
}();
|
|
@@ -5973,7 +6141,7 @@ function _resolveUploadMaxSize() {
|
|
|
5973
6141
|
return _resolveUploadMaxSize.apply(this, arguments);
|
|
5974
6142
|
}
|
|
5975
6143
|
function readSessionId(c) {
|
|
5976
|
-
return
|
|
6144
|
+
return c.req.header("X-Session-Id") || c.req.header("x-session-id") || '';
|
|
5977
6145
|
}
|
|
5978
6146
|
function uploadToOss(_x3) {
|
|
5979
6147
|
return _uploadToOss.apply(this, arguments);
|