@wecode-team/cms-supabase-api 0.1.40 → 0.1.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.esm.js +359 -180
- package/dist/index.esm.js.map +1 -1
- package/dist/index.js +359 -180
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -1040,8 +1040,8 @@ function _defineProperty(e, r, t) {
|
|
|
1040
1040
|
}) : e[r] = t, e;
|
|
1041
1041
|
}
|
|
1042
1042
|
|
|
1043
|
-
function ownKeys$
|
|
1044
|
-
function _objectSpread$
|
|
1043
|
+
function ownKeys$3(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
1044
|
+
function _objectSpread$3(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$3(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$3(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
1045
1045
|
function _createForOfIteratorHelper$2(r, e) { var t = "undefined" != typeof Symbol && r[Symbol.iterator] || r["@@iterator"]; if (!t) { if (Array.isArray(r) || (t = _unsupportedIterableToArray$3(r)) || e && r && "number" == typeof r.length) { t && (r = t); var _n = 0, F = function F() {}; return { s: F, n: function n() { return _n >= r.length ? { done: !0 } : { done: !1, value: r[_n++] }; }, e: function e(r) { throw r; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var o, a = !0, u = !1; return { s: function s() { t = t.call(r); }, n: function n() { var r = t.next(); return a = r.done, r; }, e: function e(r) { u = !0, o = r; }, f: function f() { try { a || null == t["return"] || t["return"](); } finally { if (u) throw o; } } }; }
|
|
1046
1046
|
function _unsupportedIterableToArray$3(r, a) { if (r) { if ("string" == typeof r) return _arrayLikeToArray$3(r, a); var t = {}.toString.call(r).slice(8, -1); return "Object" === t && r.constructor && (t = r.constructor.name), "Map" === t || "Set" === t ? Array.from(r) : "Arguments" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? _arrayLikeToArray$3(r, a) : void 0; } }
|
|
1047
1047
|
function _arrayLikeToArray$3(r, a) { (null == a || a > r.length) && (a = r.length); for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e]; return n; }
|
|
@@ -2096,7 +2096,7 @@ var DynamicTableService = /*#__PURE__*/function () {
|
|
|
2096
2096
|
throw error;
|
|
2097
2097
|
case 2:
|
|
2098
2098
|
return _context14.abrupt("return", (data || []).map(function (item) {
|
|
2099
|
-
return _objectSpread$
|
|
2099
|
+
return _objectSpread$3({
|
|
2100
2100
|
id: item.id,
|
|
2101
2101
|
label: item[displayField] || "ID: ".concat(item.id)
|
|
2102
2102
|
}, item);
|
|
@@ -2209,8 +2209,8 @@ function getDynamicTableService() {
|
|
|
2209
2209
|
return defaultService$1;
|
|
2210
2210
|
}
|
|
2211
2211
|
|
|
2212
|
-
function ownKeys$
|
|
2213
|
-
function _objectSpread$
|
|
2212
|
+
function ownKeys$2(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
2213
|
+
function _objectSpread$2(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$2(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$2(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
2214
2214
|
var AuthService = /*#__PURE__*/function () {
|
|
2215
2215
|
function AuthService() {
|
|
2216
2216
|
_classCallCheck(this, AuthService);
|
|
@@ -2387,7 +2387,7 @@ var AuthService = /*#__PURE__*/function () {
|
|
|
2387
2387
|
return _regeneratorRuntime.wrap(function (_context4) {
|
|
2388
2388
|
while (1) switch (_context4.prev = _context4.next) {
|
|
2389
2389
|
case 0:
|
|
2390
|
-
finalUserData = _objectSpread$
|
|
2390
|
+
finalUserData = _objectSpread$2({
|
|
2391
2391
|
tableName: this.defaultTableName
|
|
2392
2392
|
}, userData);
|
|
2393
2393
|
_context4.prev = 1;
|
|
@@ -2445,7 +2445,7 @@ var AuthService = /*#__PURE__*/function () {
|
|
|
2445
2445
|
case 0:
|
|
2446
2446
|
updateData = _args5.length > 1 && _args5[1] !== undefined ? _args5[1] : {};
|
|
2447
2447
|
// 设置默认值
|
|
2448
|
-
finalUpdateData = _objectSpread$
|
|
2448
|
+
finalUpdateData = _objectSpread$2({
|
|
2449
2449
|
tableName: this.defaultTableName
|
|
2450
2450
|
}, updateData);
|
|
2451
2451
|
_context5.prev = 1;
|
|
@@ -4227,8 +4227,8 @@ var _excluded = ["id", "created_at", "updated_at"],
|
|
|
4227
4227
|
function _createForOfIteratorHelper(r, e) { var t = "undefined" != typeof Symbol && r[Symbol.iterator] || r["@@iterator"]; if (!t) { if (Array.isArray(r) || (t = _unsupportedIterableToArray(r)) || e && r && "number" == typeof r.length) { t && (r = t); var _n2 = 0, F = function F() {}; return { s: F, n: function n() { return _n2 >= r.length ? { done: !0 } : { done: !1, value: r[_n2++] }; }, e: function e(r) { throw r; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var o, a = !0, u = !1; return { s: function s() { t = t.call(r); }, n: function n() { var r = t.next(); return a = r.done, r; }, e: function e(r) { u = !0, o = r; }, f: function f() { try { a || null == t["return"] || t["return"](); } finally { if (u) throw o; } } }; }
|
|
4228
4228
|
function _unsupportedIterableToArray(r, a) { if (r) { if ("string" == typeof r) return _arrayLikeToArray(r, a); var t = {}.toString.call(r).slice(8, -1); return "Object" === t && r.constructor && (t = r.constructor.name), "Map" === t || "Set" === t ? Array.from(r) : "Arguments" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? _arrayLikeToArray(r, a) : void 0; } }
|
|
4229
4229
|
function _arrayLikeToArray(r, a) { (null == a || a > r.length) && (a = r.length); for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e]; return n; }
|
|
4230
|
-
function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
4231
|
-
function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
4230
|
+
function ownKeys$1(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
4231
|
+
function _objectSpread$1(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys$1(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys$1(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
4232
4232
|
function normalizeJsonLikeFields(schemaFields, payload) {
|
|
4233
4233
|
if (!schemaFields || schemaFields.length === 0) return payload;
|
|
4234
4234
|
var jsonLikeFieldNames = new Set(schemaFields.filter(function (f) {
|
|
@@ -4237,7 +4237,7 @@ function normalizeJsonLikeFields(schemaFields, payload) {
|
|
|
4237
4237
|
return f.name;
|
|
4238
4238
|
}));
|
|
4239
4239
|
if (jsonLikeFieldNames.size === 0) return payload;
|
|
4240
|
-
var normalized = _objectSpread({}, payload);
|
|
4240
|
+
var normalized = _objectSpread$1({}, payload);
|
|
4241
4241
|
for (var _i = 0, _Object$entries = Object.entries(payload); _i < _Object$entries.length; _i++) {
|
|
4242
4242
|
var _Object$entries$_i = _slicedToArray(_Object$entries[_i], 2),
|
|
4243
4243
|
key = _Object$entries$_i[0],
|
|
@@ -5333,6 +5333,8 @@ var AuthUtils = /*#__PURE__*/function () {
|
|
|
5333
5333
|
}]);
|
|
5334
5334
|
}();
|
|
5335
5335
|
|
|
5336
|
+
function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
5337
|
+
function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
5336
5338
|
function getRoleFromSupabaseUser$2(user) {
|
|
5337
5339
|
var _user$app_metadata, _user$user_metadata;
|
|
5338
5340
|
var appRole = user === null || user === void 0 || (_user$app_metadata = user.app_metadata) === null || _user$app_metadata === void 0 ? void 0 : _user$app_metadata.role;
|
|
@@ -5357,68 +5359,225 @@ function toSupabaseEmail(account, sessionId) {
|
|
|
5357
5359
|
var sid = normalizeSessionId(sessionId);
|
|
5358
5360
|
return "".concat(sid, "_").concat(localPart, "@").concat(domain);
|
|
5359
5361
|
}
|
|
5362
|
+
function buildAdminMetadata(existingMetadata, sessionId, account) {
|
|
5363
|
+
return _objectSpread(_objectSpread({}, existingMetadata || {}), {}, {
|
|
5364
|
+
role: "admin",
|
|
5365
|
+
session_id: normalizeSessionId(sessionId),
|
|
5366
|
+
original_username: account
|
|
5367
|
+
});
|
|
5368
|
+
}
|
|
5369
|
+
function findAuthUserByEmail(_x, _x2) {
|
|
5370
|
+
return _findAuthUserByEmail.apply(this, arguments);
|
|
5371
|
+
}
|
|
5372
|
+
function _findAuthUserByEmail() {
|
|
5373
|
+
_findAuthUserByEmail = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee2(supabase, email) {
|
|
5374
|
+
var normalizedEmail, page, _yield$supabase$auth$2, data, error, users, matchedUser;
|
|
5375
|
+
return _regeneratorRuntime.wrap(function (_context2) {
|
|
5376
|
+
while (1) switch (_context2.prev = _context2.next) {
|
|
5377
|
+
case 0:
|
|
5378
|
+
normalizedEmail = email.trim().toLowerCase();
|
|
5379
|
+
page = 1;
|
|
5380
|
+
case 1:
|
|
5381
|
+
if (!(page <= 10)) {
|
|
5382
|
+
_context2.next = 6;
|
|
5383
|
+
break;
|
|
5384
|
+
}
|
|
5385
|
+
_context2.next = 2;
|
|
5386
|
+
return supabase.auth.admin.listUsers({
|
|
5387
|
+
page: page,
|
|
5388
|
+
perPage: 200
|
|
5389
|
+
});
|
|
5390
|
+
case 2:
|
|
5391
|
+
_yield$supabase$auth$2 = _context2.sent;
|
|
5392
|
+
data = _yield$supabase$auth$2.data;
|
|
5393
|
+
error = _yield$supabase$auth$2.error;
|
|
5394
|
+
if (!error) {
|
|
5395
|
+
_context2.next = 3;
|
|
5396
|
+
break;
|
|
5397
|
+
}
|
|
5398
|
+
throw error;
|
|
5399
|
+
case 3:
|
|
5400
|
+
users = (data === null || data === void 0 ? void 0 : data.users) || [];
|
|
5401
|
+
matchedUser = users.find(function (user) {
|
|
5402
|
+
var _user$email;
|
|
5403
|
+
return ((_user$email = user.email) === null || _user$email === void 0 ? void 0 : _user$email.trim().toLowerCase()) === normalizedEmail;
|
|
5404
|
+
});
|
|
5405
|
+
if (!matchedUser) {
|
|
5406
|
+
_context2.next = 4;
|
|
5407
|
+
break;
|
|
5408
|
+
}
|
|
5409
|
+
return _context2.abrupt("return", matchedUser);
|
|
5410
|
+
case 4:
|
|
5411
|
+
if (!(users.length < 200)) {
|
|
5412
|
+
_context2.next = 5;
|
|
5413
|
+
break;
|
|
5414
|
+
}
|
|
5415
|
+
return _context2.abrupt("return", null);
|
|
5416
|
+
case 5:
|
|
5417
|
+
page += 1;
|
|
5418
|
+
_context2.next = 1;
|
|
5419
|
+
break;
|
|
5420
|
+
case 6:
|
|
5421
|
+
return _context2.abrupt("return", null);
|
|
5422
|
+
case 7:
|
|
5423
|
+
case "end":
|
|
5424
|
+
return _context2.stop();
|
|
5425
|
+
}
|
|
5426
|
+
}, _callee2);
|
|
5427
|
+
}));
|
|
5428
|
+
return _findAuthUserByEmail.apply(this, arguments);
|
|
5429
|
+
}
|
|
5430
|
+
function insertAdminRegistryRow(_x3, _x4, _x5, _x6) {
|
|
5431
|
+
return _insertAdminRegistryRow.apply(this, arguments);
|
|
5432
|
+
}
|
|
5433
|
+
function _insertAdminRegistryRow() {
|
|
5434
|
+
_insertAdminRegistryRow = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee3(supabase, sessionId, userId, account) {
|
|
5435
|
+
return _regeneratorRuntime.wrap(function (_context3) {
|
|
5436
|
+
while (1) switch (_context3.prev = _context3.next) {
|
|
5437
|
+
case 0:
|
|
5438
|
+
_context3.next = 1;
|
|
5439
|
+
return supabase.from("_cms_admin_registry").insert({
|
|
5440
|
+
session_id: normalizeSessionId(sessionId),
|
|
5441
|
+
user_id: userId,
|
|
5442
|
+
email: account
|
|
5443
|
+
});
|
|
5444
|
+
case 1:
|
|
5445
|
+
return _context3.abrupt("return", _context3.sent);
|
|
5446
|
+
case 2:
|
|
5447
|
+
case "end":
|
|
5448
|
+
return _context3.stop();
|
|
5449
|
+
}
|
|
5450
|
+
}, _callee3);
|
|
5451
|
+
}));
|
|
5452
|
+
return _insertAdminRegistryRow.apply(this, arguments);
|
|
5453
|
+
}
|
|
5454
|
+
function promoteExistingUserToSessionAdmin(_x7, _x8, _x9, _x0) {
|
|
5455
|
+
return _promoteExistingUserToSessionAdmin.apply(this, arguments);
|
|
5456
|
+
}
|
|
5457
|
+
function _promoteExistingUserToSessionAdmin() {
|
|
5458
|
+
_promoteExistingUserToSessionAdmin = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee4(supabase, email, sessionId, account) {
|
|
5459
|
+
var existingUser, _yield$supabase$auth$3, updatedData, updateError, insertRes;
|
|
5460
|
+
return _regeneratorRuntime.wrap(function (_context4) {
|
|
5461
|
+
while (1) switch (_context4.prev = _context4.next) {
|
|
5462
|
+
case 0:
|
|
5463
|
+
_context4.next = 1;
|
|
5464
|
+
return findAuthUserByEmail(supabase, email);
|
|
5465
|
+
case 1:
|
|
5466
|
+
existingUser = _context4.sent;
|
|
5467
|
+
if (existingUser) {
|
|
5468
|
+
_context4.next = 2;
|
|
5469
|
+
break;
|
|
5470
|
+
}
|
|
5471
|
+
return _context4.abrupt("return", {
|
|
5472
|
+
success: false,
|
|
5473
|
+
message: "用户名已存在,但未能找到对应用户"
|
|
5474
|
+
});
|
|
5475
|
+
case 2:
|
|
5476
|
+
_context4.next = 3;
|
|
5477
|
+
return supabase.auth.admin.updateUserById(existingUser.id, {
|
|
5478
|
+
app_metadata: buildAdminMetadata(existingUser.app_metadata, sessionId, account),
|
|
5479
|
+
user_metadata: buildAdminMetadata(existingUser.user_metadata, sessionId, account)
|
|
5480
|
+
});
|
|
5481
|
+
case 3:
|
|
5482
|
+
_yield$supabase$auth$3 = _context4.sent;
|
|
5483
|
+
updatedData = _yield$supabase$auth$3.data;
|
|
5484
|
+
updateError = _yield$supabase$auth$3.error;
|
|
5485
|
+
if (!(updateError || !(updatedData !== null && updatedData !== void 0 && updatedData.user))) {
|
|
5486
|
+
_context4.next = 4;
|
|
5487
|
+
break;
|
|
5488
|
+
}
|
|
5489
|
+
return _context4.abrupt("return", {
|
|
5490
|
+
success: false,
|
|
5491
|
+
message: (updateError === null || updateError === void 0 ? void 0 : updateError.message) || "管理员账号升级失败"
|
|
5492
|
+
});
|
|
5493
|
+
case 4:
|
|
5494
|
+
_context4.next = 5;
|
|
5495
|
+
return insertAdminRegistryRow(supabase, sessionId, updatedData.user.id, account);
|
|
5496
|
+
case 5:
|
|
5497
|
+
insertRes = _context4.sent;
|
|
5498
|
+
if (!insertRes.error) {
|
|
5499
|
+
_context4.next = 6;
|
|
5500
|
+
break;
|
|
5501
|
+
}
|
|
5502
|
+
return _context4.abrupt("return", {
|
|
5503
|
+
success: false,
|
|
5504
|
+
message: "管理员已被创建,请使用已有账号登录"
|
|
5505
|
+
});
|
|
5506
|
+
case 6:
|
|
5507
|
+
return _context4.abrupt("return", {
|
|
5508
|
+
success: true,
|
|
5509
|
+
user: updatedData.user
|
|
5510
|
+
});
|
|
5511
|
+
case 7:
|
|
5512
|
+
case "end":
|
|
5513
|
+
return _context4.stop();
|
|
5514
|
+
}
|
|
5515
|
+
}, _callee4);
|
|
5516
|
+
}));
|
|
5517
|
+
return _promoteExistingUserToSessionAdmin.apply(this, arguments);
|
|
5518
|
+
}
|
|
5360
5519
|
function getUserSessionId(user) {
|
|
5361
5520
|
var _user$user_metadata2;
|
|
5362
5521
|
return normalizeSessionId(user === null || user === void 0 || (_user$user_metadata2 = user.user_metadata) === null || _user$user_metadata2 === void 0 ? void 0 : _user$user_metadata2.session_id);
|
|
5363
5522
|
}
|
|
5364
|
-
function getEffectiveRoleForSession(
|
|
5523
|
+
function getEffectiveRoleForSession(_x1, _x10) {
|
|
5365
5524
|
return _getEffectiveRoleForSession.apply(this, arguments);
|
|
5366
5525
|
} // POST - 用户登录
|
|
5367
5526
|
function _getEffectiveRoleForSession() {
|
|
5368
|
-
_getEffectiveRoleForSession = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5527
|
+
_getEffectiveRoleForSession = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee5(user, sessionId) {
|
|
5369
5528
|
var supabase, sid, role, ok;
|
|
5370
|
-
return _regeneratorRuntime.wrap(function (
|
|
5371
|
-
while (1) switch (
|
|
5529
|
+
return _regeneratorRuntime.wrap(function (_context5) {
|
|
5530
|
+
while (1) switch (_context5.prev = _context5.next) {
|
|
5372
5531
|
case 0:
|
|
5373
5532
|
supabase = getSupabase();
|
|
5374
5533
|
sid = normalizeSessionId(sessionId);
|
|
5375
5534
|
role = getRoleFromSupabaseUser$2(user) || "user";
|
|
5376
5535
|
if (!(role !== "admin")) {
|
|
5377
|
-
|
|
5536
|
+
_context5.next = 1;
|
|
5378
5537
|
break;
|
|
5379
5538
|
}
|
|
5380
|
-
return
|
|
5539
|
+
return _context5.abrupt("return", role);
|
|
5381
5540
|
case 1:
|
|
5382
5541
|
if (!(getUserSessionId(user) !== sid)) {
|
|
5383
|
-
|
|
5542
|
+
_context5.next = 2;
|
|
5384
5543
|
break;
|
|
5385
5544
|
}
|
|
5386
|
-
return
|
|
5545
|
+
return _context5.abrupt("return", "user");
|
|
5387
5546
|
case 2:
|
|
5388
|
-
|
|
5547
|
+
_context5.next = 3;
|
|
5389
5548
|
return isUserSessionAdmin(supabase, sid, user.id);
|
|
5390
5549
|
case 3:
|
|
5391
|
-
ok =
|
|
5392
|
-
return
|
|
5550
|
+
ok = _context5.sent;
|
|
5551
|
+
return _context5.abrupt("return", ok ? "admin" : "user");
|
|
5393
5552
|
case 4:
|
|
5394
5553
|
case "end":
|
|
5395
|
-
return
|
|
5554
|
+
return _context5.stop();
|
|
5396
5555
|
}
|
|
5397
|
-
},
|
|
5556
|
+
}, _callee5);
|
|
5398
5557
|
}));
|
|
5399
5558
|
return _getEffectiveRoleForSession.apply(this, arguments);
|
|
5400
5559
|
}
|
|
5401
|
-
function login(
|
|
5560
|
+
function login(_x11, _x12) {
|
|
5402
5561
|
return _login.apply(this, arguments);
|
|
5403
5562
|
}
|
|
5404
5563
|
// GET - 是否允许注册(首次进入需要创建管理员账号)
|
|
5405
5564
|
function _login() {
|
|
5406
|
-
_login = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5407
|
-
var _data$session, body, username, password, supabase, sessionId, email, _yield$supabase$auth$
|
|
5408
|
-
return _regeneratorRuntime.wrap(function (
|
|
5409
|
-
while (1) switch (
|
|
5565
|
+
_login = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee6(c, tableName) {
|
|
5566
|
+
var _data$session, body, username, password, supabase, sessionId, email, _yield$supabase$auth$4, data, error, token, user, role, _t3;
|
|
5567
|
+
return _regeneratorRuntime.wrap(function (_context6) {
|
|
5568
|
+
while (1) switch (_context6.prev = _context6.next) {
|
|
5410
5569
|
case 0:
|
|
5411
|
-
|
|
5412
|
-
|
|
5570
|
+
_context6.prev = 0;
|
|
5571
|
+
_context6.next = 1;
|
|
5413
5572
|
return c.req.json();
|
|
5414
5573
|
case 1:
|
|
5415
|
-
body =
|
|
5574
|
+
body = _context6.sent;
|
|
5416
5575
|
username = body.username, password = body.password; // 验证必填字段
|
|
5417
5576
|
if (!(!username || !password)) {
|
|
5418
|
-
|
|
5577
|
+
_context6.next = 2;
|
|
5419
5578
|
break;
|
|
5420
5579
|
}
|
|
5421
|
-
return
|
|
5580
|
+
return _context6.abrupt("return", c.json({
|
|
5422
5581
|
success: false,
|
|
5423
5582
|
message: "用户名和密码不能为空"
|
|
5424
5583
|
}, 200));
|
|
@@ -5427,43 +5586,43 @@ function _login() {
|
|
|
5427
5586
|
supabase = getSupabase();
|
|
5428
5587
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5429
5588
|
if (username.includes("@")) {
|
|
5430
|
-
|
|
5589
|
+
_context6.next = 3;
|
|
5431
5590
|
break;
|
|
5432
5591
|
}
|
|
5433
|
-
return
|
|
5592
|
+
return _context6.abrupt("return", c.json({
|
|
5434
5593
|
success: false,
|
|
5435
5594
|
message: "请输入邮箱格式的用户名"
|
|
5436
5595
|
}, 200));
|
|
5437
5596
|
case 3:
|
|
5438
5597
|
email = toSupabaseEmail(username, sessionId);
|
|
5439
|
-
|
|
5598
|
+
_context6.next = 4;
|
|
5440
5599
|
return supabase.auth.signInWithPassword({
|
|
5441
5600
|
email: email,
|
|
5442
5601
|
password: password
|
|
5443
5602
|
});
|
|
5444
5603
|
case 4:
|
|
5445
|
-
_yield$supabase$auth$
|
|
5446
|
-
data = _yield$supabase$auth$
|
|
5447
|
-
error = _yield$supabase$auth$
|
|
5604
|
+
_yield$supabase$auth$4 = _context6.sent;
|
|
5605
|
+
data = _yield$supabase$auth$4.data;
|
|
5606
|
+
error = _yield$supabase$auth$4.error;
|
|
5448
5607
|
if (!(error || !(data !== null && data !== void 0 && (_data$session = data.session) !== null && _data$session !== void 0 && _data$session.access_token) || !(data !== null && data !== void 0 && data.user))) {
|
|
5449
|
-
|
|
5608
|
+
_context6.next = 5;
|
|
5450
5609
|
break;
|
|
5451
5610
|
}
|
|
5452
|
-
return
|
|
5611
|
+
return _context6.abrupt("return", c.json({
|
|
5453
5612
|
success: false,
|
|
5454
5613
|
message: (error === null || error === void 0 ? void 0 : error.message) || "登录失败"
|
|
5455
5614
|
}, 200));
|
|
5456
5615
|
case 5:
|
|
5457
5616
|
token = data.session.access_token;
|
|
5458
5617
|
user = data.user;
|
|
5459
|
-
|
|
5618
|
+
_context6.next = 6;
|
|
5460
5619
|
return ensureAdminRegistryTable(supabase);
|
|
5461
5620
|
case 6:
|
|
5462
|
-
|
|
5621
|
+
_context6.next = 7;
|
|
5463
5622
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5464
5623
|
case 7:
|
|
5465
|
-
role =
|
|
5466
|
-
return
|
|
5624
|
+
role = _context6.sent;
|
|
5625
|
+
return _context6.abrupt("return", c.json({
|
|
5467
5626
|
success: true,
|
|
5468
5627
|
message: "登录成功",
|
|
5469
5628
|
data: {
|
|
@@ -5477,44 +5636,44 @@ function _login() {
|
|
|
5477
5636
|
}
|
|
5478
5637
|
}, 200));
|
|
5479
5638
|
case 8:
|
|
5480
|
-
|
|
5481
|
-
_t3 =
|
|
5639
|
+
_context6.prev = 8;
|
|
5640
|
+
_t3 = _context6["catch"](0);
|
|
5482
5641
|
console.error("登录失败:", _t3);
|
|
5483
|
-
return
|
|
5642
|
+
return _context6.abrupt("return", c.json({
|
|
5484
5643
|
success: false,
|
|
5485
5644
|
message: "登录失败",
|
|
5486
5645
|
error: _t3.message
|
|
5487
5646
|
}, 500));
|
|
5488
5647
|
case 9:
|
|
5489
5648
|
case "end":
|
|
5490
|
-
return
|
|
5649
|
+
return _context6.stop();
|
|
5491
5650
|
}
|
|
5492
|
-
},
|
|
5651
|
+
}, _callee6, null, [[0, 8]]);
|
|
5493
5652
|
}));
|
|
5494
5653
|
return _login.apply(this, arguments);
|
|
5495
5654
|
}
|
|
5496
|
-
function signupStatus(
|
|
5655
|
+
function signupStatus(_x13, _x14) {
|
|
5497
5656
|
return _signupStatus.apply(this, arguments);
|
|
5498
5657
|
}
|
|
5499
5658
|
// POST - 首次注册管理员(每个 session_id 只允许一个)
|
|
5500
5659
|
function _signupStatus() {
|
|
5501
|
-
_signupStatus = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5660
|
+
_signupStatus = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee7(c, tableName) {
|
|
5502
5661
|
var supabase, sessionId, ok, row, data, _t4;
|
|
5503
|
-
return _regeneratorRuntime.wrap(function (
|
|
5504
|
-
while (1) switch (
|
|
5662
|
+
return _regeneratorRuntime.wrap(function (_context7) {
|
|
5663
|
+
while (1) switch (_context7.prev = _context7.next) {
|
|
5505
5664
|
case 0:
|
|
5506
|
-
|
|
5665
|
+
_context7.prev = 0;
|
|
5507
5666
|
supabase = getSupabase();
|
|
5508
5667
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5509
|
-
|
|
5668
|
+
_context7.next = 1;
|
|
5510
5669
|
return ensureAdminRegistryTable(supabase);
|
|
5511
5670
|
case 1:
|
|
5512
|
-
ok =
|
|
5671
|
+
ok = _context7.sent;
|
|
5513
5672
|
if (ok) {
|
|
5514
|
-
|
|
5673
|
+
_context7.next = 2;
|
|
5515
5674
|
break;
|
|
5516
5675
|
}
|
|
5517
|
-
return
|
|
5676
|
+
return _context7.abrupt("return", c.json({
|
|
5518
5677
|
success: false,
|
|
5519
5678
|
message: "缺少表 _cms_admin_registry,请先在 Supabase SQL 编辑器手动创建",
|
|
5520
5679
|
data: {
|
|
@@ -5522,58 +5681,58 @@ function _signupStatus() {
|
|
|
5522
5681
|
}
|
|
5523
5682
|
}, 200));
|
|
5524
5683
|
case 2:
|
|
5525
|
-
|
|
5684
|
+
_context7.next = 3;
|
|
5526
5685
|
return getSessionAdminRow(supabase, sessionId);
|
|
5527
5686
|
case 3:
|
|
5528
|
-
row =
|
|
5687
|
+
row = _context7.sent;
|
|
5529
5688
|
data = {
|
|
5530
5689
|
session_id: sessionId,
|
|
5531
5690
|
hasAdmin: !!row,
|
|
5532
5691
|
allowSignup: !row
|
|
5533
5692
|
};
|
|
5534
|
-
return
|
|
5693
|
+
return _context7.abrupt("return", c.json({
|
|
5535
5694
|
success: true,
|
|
5536
5695
|
data: data
|
|
5537
5696
|
}, 200));
|
|
5538
5697
|
case 4:
|
|
5539
|
-
|
|
5540
|
-
_t4 =
|
|
5698
|
+
_context7.prev = 4;
|
|
5699
|
+
_t4 = _context7["catch"](0);
|
|
5541
5700
|
console.error("获取注册状态失败:", _t4);
|
|
5542
|
-
return
|
|
5701
|
+
return _context7.abrupt("return", c.json({
|
|
5543
5702
|
success: false,
|
|
5544
5703
|
message: "获取注册状态失败",
|
|
5545
5704
|
error: _t4.message
|
|
5546
5705
|
}, 500));
|
|
5547
5706
|
case 5:
|
|
5548
5707
|
case "end":
|
|
5549
|
-
return
|
|
5708
|
+
return _context7.stop();
|
|
5550
5709
|
}
|
|
5551
|
-
},
|
|
5710
|
+
}, _callee7, null, [[0, 4]]);
|
|
5552
5711
|
}));
|
|
5553
5712
|
return _signupStatus.apply(this, arguments);
|
|
5554
5713
|
}
|
|
5555
|
-
function signup(
|
|
5714
|
+
function signup(_x15, _x16) {
|
|
5556
5715
|
return _signup.apply(this, arguments);
|
|
5557
5716
|
}
|
|
5558
5717
|
// POST - 验证token
|
|
5559
5718
|
function _signup() {
|
|
5560
|
-
_signup = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5561
|
-
var _body$username, _data$session2, body, account, password, supabase, sessionId, email, ok, existing, _yield$supabase$auth$
|
|
5562
|
-
return _regeneratorRuntime.wrap(function (
|
|
5563
|
-
while (1) switch (
|
|
5719
|
+
_signup = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee8(c, tableName) {
|
|
5720
|
+
var _body$username, _data$session2, body, account, password, supabase, sessionId, email, ok, existing, _yield$supabase$auth$5, data, error, promoted, insertRes, token, user, role, _t5;
|
|
5721
|
+
return _regeneratorRuntime.wrap(function (_context8) {
|
|
5722
|
+
while (1) switch (_context8.prev = _context8.next) {
|
|
5564
5723
|
case 0:
|
|
5565
|
-
|
|
5566
|
-
|
|
5724
|
+
_context8.prev = 0;
|
|
5725
|
+
_context8.next = 1;
|
|
5567
5726
|
return c.req.json();
|
|
5568
5727
|
case 1:
|
|
5569
|
-
body =
|
|
5728
|
+
body = _context8.sent;
|
|
5570
5729
|
account = (_body$username = body.username) === null || _body$username === void 0 ? void 0 : _body$username.trim();
|
|
5571
5730
|
password = body.password;
|
|
5572
5731
|
if (!(!account || !password)) {
|
|
5573
|
-
|
|
5732
|
+
_context8.next = 2;
|
|
5574
5733
|
break;
|
|
5575
5734
|
}
|
|
5576
|
-
return
|
|
5735
|
+
return _context8.abrupt("return", c.json({
|
|
5577
5736
|
success: false,
|
|
5578
5737
|
message: "账号和密码不能为空"
|
|
5579
5738
|
}, 200));
|
|
@@ -5581,24 +5740,24 @@ function _signup() {
|
|
|
5581
5740
|
supabase = getSupabase();
|
|
5582
5741
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5583
5742
|
if (account.includes("@")) {
|
|
5584
|
-
|
|
5743
|
+
_context8.next = 3;
|
|
5585
5744
|
break;
|
|
5586
5745
|
}
|
|
5587
|
-
return
|
|
5746
|
+
return _context8.abrupt("return", c.json({
|
|
5588
5747
|
success: false,
|
|
5589
5748
|
message: "请输入邮箱格式的用户名"
|
|
5590
5749
|
}, 200));
|
|
5591
5750
|
case 3:
|
|
5592
5751
|
email = toSupabaseEmail(account, sessionId);
|
|
5593
|
-
|
|
5752
|
+
_context8.next = 4;
|
|
5594
5753
|
return ensureAdminRegistryTable(supabase);
|
|
5595
5754
|
case 4:
|
|
5596
|
-
ok =
|
|
5755
|
+
ok = _context8.sent;
|
|
5597
5756
|
if (ok) {
|
|
5598
|
-
|
|
5757
|
+
_context8.next = 5;
|
|
5599
5758
|
break;
|
|
5600
5759
|
}
|
|
5601
|
-
return
|
|
5760
|
+
return _context8.abrupt("return", c.json({
|
|
5602
5761
|
success: false,
|
|
5603
5762
|
message: "缺少表 _cms_admin_registry,请先在 Supabase SQL 编辑器手动创建",
|
|
5604
5763
|
data: {
|
|
@@ -5606,20 +5765,20 @@ function _signup() {
|
|
|
5606
5765
|
}
|
|
5607
5766
|
}, 200));
|
|
5608
5767
|
case 5:
|
|
5609
|
-
|
|
5768
|
+
_context8.next = 6;
|
|
5610
5769
|
return getSessionAdminRow(supabase, sessionId);
|
|
5611
5770
|
case 6:
|
|
5612
|
-
existing =
|
|
5771
|
+
existing = _context8.sent;
|
|
5613
5772
|
if (!existing) {
|
|
5614
|
-
|
|
5773
|
+
_context8.next = 7;
|
|
5615
5774
|
break;
|
|
5616
5775
|
}
|
|
5617
|
-
return
|
|
5776
|
+
return _context8.abrupt("return", c.json({
|
|
5618
5777
|
success: false,
|
|
5619
5778
|
message: "该 session 已存在管理员账号,请直接登录"
|
|
5620
5779
|
}, 200));
|
|
5621
5780
|
case 7:
|
|
5622
|
-
|
|
5781
|
+
_context8.next = 8;
|
|
5623
5782
|
return supabase.auth.signUp({
|
|
5624
5783
|
// Supabase Auth 这里仍使用 email 字段;不在服务端强制校验格式,由 Supabase 返回错误信息
|
|
5625
5784
|
email: email,
|
|
@@ -5633,60 +5792,69 @@ function _signup() {
|
|
|
5633
5792
|
}
|
|
5634
5793
|
});
|
|
5635
5794
|
case 8:
|
|
5636
|
-
_yield$supabase$auth$
|
|
5637
|
-
data = _yield$supabase$auth$
|
|
5638
|
-
error = _yield$supabase$auth$
|
|
5795
|
+
_yield$supabase$auth$5 = _context8.sent;
|
|
5796
|
+
data = _yield$supabase$auth$5.data;
|
|
5797
|
+
error = _yield$supabase$auth$5.error;
|
|
5639
5798
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5640
|
-
|
|
5799
|
+
_context8.next = 12;
|
|
5641
5800
|
break;
|
|
5642
5801
|
}
|
|
5643
5802
|
if (!isSupabaseUserAlreadyExistsError(error)) {
|
|
5644
|
-
|
|
5803
|
+
_context8.next = 11;
|
|
5804
|
+
break;
|
|
5805
|
+
}
|
|
5806
|
+
_context8.next = 9;
|
|
5807
|
+
return promoteExistingUserToSessionAdmin(supabase, email, sessionId, account);
|
|
5808
|
+
case 9:
|
|
5809
|
+
promoted = _context8.sent;
|
|
5810
|
+
if (promoted.success) {
|
|
5811
|
+
_context8.next = 10;
|
|
5645
5812
|
break;
|
|
5646
5813
|
}
|
|
5647
|
-
return
|
|
5814
|
+
return _context8.abrupt("return", c.json({
|
|
5648
5815
|
success: false,
|
|
5649
|
-
message:
|
|
5816
|
+
message: promoted.message
|
|
5650
5817
|
}, 200));
|
|
5651
|
-
case
|
|
5652
|
-
return
|
|
5818
|
+
case 10:
|
|
5819
|
+
return _context8.abrupt("return", c.json({
|
|
5820
|
+
success: true,
|
|
5821
|
+
message: "管理员账号已启用,请登录"
|
|
5822
|
+
}, 200));
|
|
5823
|
+
case 11:
|
|
5824
|
+
return _context8.abrupt("return", c.json({
|
|
5653
5825
|
success: false,
|
|
5654
5826
|
message: (error === null || error === void 0 ? void 0 : error.message) || "注册失败"
|
|
5655
5827
|
}, 200));
|
|
5656
|
-
case
|
|
5828
|
+
case 12:
|
|
5657
5829
|
if ((_data$session2 = data.session) !== null && _data$session2 !== void 0 && _data$session2.access_token) {
|
|
5658
|
-
|
|
5830
|
+
_context8.next = 13;
|
|
5659
5831
|
break;
|
|
5660
5832
|
}
|
|
5661
|
-
return
|
|
5833
|
+
return _context8.abrupt("return", c.json({
|
|
5662
5834
|
success: true,
|
|
5663
5835
|
message: "注册成功,请完成邮箱验证后登录"
|
|
5664
5836
|
}, 200));
|
|
5665
|
-
case
|
|
5666
|
-
|
|
5667
|
-
return supabase.
|
|
5668
|
-
|
|
5669
|
-
|
|
5670
|
-
email: account
|
|
5671
|
-
});
|
|
5672
|
-
case 12:
|
|
5673
|
-
insertRes = _context5.sent;
|
|
5837
|
+
case 13:
|
|
5838
|
+
_context8.next = 14;
|
|
5839
|
+
return insertAdminRegistryRow(supabase, sessionId, data.user.id, account);
|
|
5840
|
+
case 14:
|
|
5841
|
+
insertRes = _context8.sent;
|
|
5674
5842
|
if (!insertRes.error) {
|
|
5675
|
-
|
|
5843
|
+
_context8.next = 15;
|
|
5676
5844
|
break;
|
|
5677
5845
|
}
|
|
5678
|
-
return
|
|
5846
|
+
return _context8.abrupt("return", c.json({
|
|
5679
5847
|
success: false,
|
|
5680
5848
|
message: "管理员已被创建,请使用已有账号登录"
|
|
5681
5849
|
}, 200));
|
|
5682
|
-
case
|
|
5850
|
+
case 15:
|
|
5683
5851
|
token = data.session.access_token;
|
|
5684
5852
|
user = data.user;
|
|
5685
|
-
|
|
5853
|
+
_context8.next = 16;
|
|
5686
5854
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5687
|
-
case
|
|
5688
|
-
role =
|
|
5689
|
-
return
|
|
5855
|
+
case 16:
|
|
5856
|
+
role = _context8.sent;
|
|
5857
|
+
return _context8.abrupt("return", c.json({
|
|
5690
5858
|
success: true,
|
|
5691
5859
|
message: "注册成功",
|
|
5692
5860
|
data: {
|
|
@@ -5699,151 +5867,151 @@ function _signup() {
|
|
|
5699
5867
|
}
|
|
5700
5868
|
}
|
|
5701
5869
|
}, 200));
|
|
5702
|
-
case
|
|
5703
|
-
|
|
5704
|
-
_t5 =
|
|
5870
|
+
case 17:
|
|
5871
|
+
_context8.prev = 17;
|
|
5872
|
+
_t5 = _context8["catch"](0);
|
|
5705
5873
|
console.error("注册失败:", _t5);
|
|
5706
|
-
return
|
|
5874
|
+
return _context8.abrupt("return", c.json({
|
|
5707
5875
|
success: false,
|
|
5708
5876
|
message: "注册失败",
|
|
5709
5877
|
error: _t5.message
|
|
5710
5878
|
}, 500));
|
|
5711
|
-
case
|
|
5879
|
+
case 18:
|
|
5712
5880
|
case "end":
|
|
5713
|
-
return
|
|
5881
|
+
return _context8.stop();
|
|
5714
5882
|
}
|
|
5715
|
-
},
|
|
5883
|
+
}, _callee8, null, [[0, 17]]);
|
|
5716
5884
|
}));
|
|
5717
5885
|
return _signup.apply(this, arguments);
|
|
5718
5886
|
}
|
|
5719
|
-
function verifyAuth(
|
|
5887
|
+
function verifyAuth(_x17, _x18) {
|
|
5720
5888
|
return _verifyAuth.apply(this, arguments);
|
|
5721
5889
|
}
|
|
5722
5890
|
// GET - 获取当前用户信息
|
|
5723
5891
|
function _verifyAuth() {
|
|
5724
|
-
_verifyAuth = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5725
|
-
var authHeader, token, supabase, _yield$supabase$auth$
|
|
5726
|
-
return _regeneratorRuntime.wrap(function (
|
|
5727
|
-
while (1) switch (
|
|
5892
|
+
_verifyAuth = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee9(c, tableName) {
|
|
5893
|
+
var authHeader, token, supabase, _yield$supabase$auth$6, data, error, sessionId, role, decoded, message, responseMessage, _t6, _t7;
|
|
5894
|
+
return _regeneratorRuntime.wrap(function (_context9) {
|
|
5895
|
+
while (1) switch (_context9.prev = _context9.next) {
|
|
5728
5896
|
case 0:
|
|
5729
|
-
|
|
5897
|
+
_context9.prev = 0;
|
|
5730
5898
|
authHeader = c.req.header('Authorization');
|
|
5731
5899
|
token = AuthUtils.extractTokenFromHeader(authHeader || null);
|
|
5732
5900
|
if (token) {
|
|
5733
|
-
|
|
5901
|
+
_context9.next = 1;
|
|
5734
5902
|
break;
|
|
5735
5903
|
}
|
|
5736
|
-
return
|
|
5904
|
+
return _context9.abrupt("return", c.json({
|
|
5737
5905
|
success: false,
|
|
5738
5906
|
message: "缺少认证信息"
|
|
5739
5907
|
}, 200));
|
|
5740
5908
|
case 1:
|
|
5741
|
-
|
|
5909
|
+
_context9.prev = 1;
|
|
5742
5910
|
supabase = getSupabase();
|
|
5743
|
-
|
|
5911
|
+
_context9.next = 2;
|
|
5744
5912
|
return supabase.auth.getUser(token);
|
|
5745
5913
|
case 2:
|
|
5746
|
-
_yield$supabase$auth$
|
|
5747
|
-
data = _yield$supabase$auth$
|
|
5748
|
-
error = _yield$supabase$auth$
|
|
5914
|
+
_yield$supabase$auth$6 = _context9.sent;
|
|
5915
|
+
data = _yield$supabase$auth$6.data;
|
|
5916
|
+
error = _yield$supabase$auth$6.error;
|
|
5749
5917
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5750
|
-
|
|
5918
|
+
_context9.next = 3;
|
|
5751
5919
|
break;
|
|
5752
5920
|
}
|
|
5753
5921
|
throw new Error('INVALID_TOKEN');
|
|
5754
5922
|
case 3:
|
|
5755
5923
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5756
|
-
|
|
5924
|
+
_context9.next = 4;
|
|
5757
5925
|
return ensureAdminRegistryTable(supabase);
|
|
5758
5926
|
case 4:
|
|
5759
|
-
|
|
5927
|
+
_context9.next = 5;
|
|
5760
5928
|
return getEffectiveRoleForSession(data.user, sessionId);
|
|
5761
5929
|
case 5:
|
|
5762
|
-
role =
|
|
5930
|
+
role = _context9.sent;
|
|
5763
5931
|
decoded = {
|
|
5764
5932
|
id: data.user.id,
|
|
5765
5933
|
role: role,
|
|
5766
5934
|
session_id: sessionId
|
|
5767
5935
|
};
|
|
5768
|
-
return
|
|
5936
|
+
return _context9.abrupt("return", c.json({
|
|
5769
5937
|
success: true,
|
|
5770
5938
|
message: "认证有效",
|
|
5771
5939
|
data: decoded
|
|
5772
5940
|
}));
|
|
5773
5941
|
case 6:
|
|
5774
|
-
|
|
5775
|
-
_t6 =
|
|
5942
|
+
_context9.prev = 6;
|
|
5943
|
+
_t6 = _context9["catch"](1);
|
|
5776
5944
|
message = _t6.message;
|
|
5777
5945
|
responseMessage = message === 'TOKEN_EXPIRED' ? "登录已过期,请重新登录" : "认证信息无效";
|
|
5778
|
-
return
|
|
5946
|
+
return _context9.abrupt("return", c.json({
|
|
5779
5947
|
success: false,
|
|
5780
5948
|
message: responseMessage
|
|
5781
5949
|
}, 200));
|
|
5782
5950
|
case 7:
|
|
5783
|
-
|
|
5784
|
-
_t7 =
|
|
5951
|
+
_context9.prev = 7;
|
|
5952
|
+
_t7 = _context9["catch"](0);
|
|
5785
5953
|
console.error("验证认证失败:", _t7);
|
|
5786
|
-
return
|
|
5954
|
+
return _context9.abrupt("return", c.json({
|
|
5787
5955
|
success: false,
|
|
5788
5956
|
message: "验证认证失败",
|
|
5789
5957
|
error: _t7.message
|
|
5790
5958
|
}, 500));
|
|
5791
5959
|
case 8:
|
|
5792
5960
|
case "end":
|
|
5793
|
-
return
|
|
5961
|
+
return _context9.stop();
|
|
5794
5962
|
}
|
|
5795
|
-
},
|
|
5963
|
+
}, _callee9, null, [[0, 7], [1, 6]]);
|
|
5796
5964
|
}));
|
|
5797
5965
|
return _verifyAuth.apply(this, arguments);
|
|
5798
5966
|
}
|
|
5799
|
-
function getCurrentUser(
|
|
5967
|
+
function getCurrentUser(_x19, _x20) {
|
|
5800
5968
|
return _getCurrentUser.apply(this, arguments);
|
|
5801
5969
|
}
|
|
5802
5970
|
// 中间件:验证 Supabase JWT token
|
|
5803
5971
|
function _getCurrentUser() {
|
|
5804
|
-
_getCurrentUser = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function
|
|
5805
|
-
var authHeader, token, supabase, _yield$supabase$auth$
|
|
5806
|
-
return _regeneratorRuntime.wrap(function (
|
|
5807
|
-
while (1) switch (
|
|
5972
|
+
_getCurrentUser = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime.mark(function _callee0(c, tableName) {
|
|
5973
|
+
var authHeader, token, supabase, _yield$supabase$auth$7, data, error, user, sessionId, role, _t8;
|
|
5974
|
+
return _regeneratorRuntime.wrap(function (_context0) {
|
|
5975
|
+
while (1) switch (_context0.prev = _context0.next) {
|
|
5808
5976
|
case 0:
|
|
5809
|
-
|
|
5977
|
+
_context0.prev = 0;
|
|
5810
5978
|
authHeader = c.req.header('Authorization');
|
|
5811
5979
|
token = AuthUtils.extractTokenFromHeader(authHeader || null);
|
|
5812
5980
|
if (token) {
|
|
5813
|
-
|
|
5981
|
+
_context0.next = 1;
|
|
5814
5982
|
break;
|
|
5815
5983
|
}
|
|
5816
|
-
return
|
|
5984
|
+
return _context0.abrupt("return", c.json({
|
|
5817
5985
|
success: false,
|
|
5818
5986
|
message: "缺少认证信息"
|
|
5819
5987
|
}, 200));
|
|
5820
5988
|
case 1:
|
|
5821
5989
|
supabase = getSupabase();
|
|
5822
|
-
|
|
5990
|
+
_context0.next = 2;
|
|
5823
5991
|
return supabase.auth.getUser(token);
|
|
5824
5992
|
case 2:
|
|
5825
|
-
_yield$supabase$auth$
|
|
5826
|
-
data = _yield$supabase$auth$
|
|
5827
|
-
error = _yield$supabase$auth$
|
|
5993
|
+
_yield$supabase$auth$7 = _context0.sent;
|
|
5994
|
+
data = _yield$supabase$auth$7.data;
|
|
5995
|
+
error = _yield$supabase$auth$7.error;
|
|
5828
5996
|
if (!(error || !(data !== null && data !== void 0 && data.user))) {
|
|
5829
|
-
|
|
5997
|
+
_context0.next = 3;
|
|
5830
5998
|
break;
|
|
5831
5999
|
}
|
|
5832
|
-
return
|
|
6000
|
+
return _context0.abrupt("return", c.json({
|
|
5833
6001
|
success: false,
|
|
5834
6002
|
message: "认证信息无效"
|
|
5835
6003
|
}, 200));
|
|
5836
6004
|
case 3:
|
|
5837
6005
|
user = data.user;
|
|
5838
6006
|
sessionId = extractSessionIdFromAuthTableName(tableName);
|
|
5839
|
-
|
|
6007
|
+
_context0.next = 4;
|
|
5840
6008
|
return ensureAdminRegistryTable(supabase);
|
|
5841
6009
|
case 4:
|
|
5842
|
-
|
|
6010
|
+
_context0.next = 5;
|
|
5843
6011
|
return getEffectiveRoleForSession(user, sessionId);
|
|
5844
6012
|
case 5:
|
|
5845
|
-
role =
|
|
5846
|
-
return
|
|
6013
|
+
role = _context0.sent;
|
|
6014
|
+
return _context0.abrupt("return", c.json({
|
|
5847
6015
|
success: true,
|
|
5848
6016
|
message: "获取用户信息成功",
|
|
5849
6017
|
data: {
|
|
@@ -5856,19 +6024,19 @@ function _getCurrentUser() {
|
|
|
5856
6024
|
}
|
|
5857
6025
|
}, 200));
|
|
5858
6026
|
case 6:
|
|
5859
|
-
|
|
5860
|
-
_t8 =
|
|
6027
|
+
_context0.prev = 6;
|
|
6028
|
+
_t8 = _context0["catch"](0);
|
|
5861
6029
|
console.error("获取用户信息失败:", _t8);
|
|
5862
|
-
return
|
|
6030
|
+
return _context0.abrupt("return", c.json({
|
|
5863
6031
|
success: false,
|
|
5864
6032
|
message: "获取用户信息失败",
|
|
5865
6033
|
error: _t8.message
|
|
5866
6034
|
}, 500));
|
|
5867
6035
|
case 7:
|
|
5868
6036
|
case "end":
|
|
5869
|
-
return
|
|
6037
|
+
return _context0.stop();
|
|
5870
6038
|
}
|
|
5871
|
-
},
|
|
6039
|
+
}, _callee0, null, [[0, 6]]);
|
|
5872
6040
|
}));
|
|
5873
6041
|
return _getCurrentUser.apply(this, arguments);
|
|
5874
6042
|
}
|
|
@@ -5942,7 +6110,7 @@ function requireAuth(handler) {
|
|
|
5942
6110
|
}
|
|
5943
6111
|
}, _callee, null, [[0, 5], [1, 4]]);
|
|
5944
6112
|
}));
|
|
5945
|
-
return function (
|
|
6113
|
+
return function (_x21) {
|
|
5946
6114
|
return _ref.apply(this, arguments);
|
|
5947
6115
|
};
|
|
5948
6116
|
}();
|
|
@@ -6074,6 +6242,10 @@ function _uploadToOss() {
|
|
|
6074
6242
|
return _uploadToOss.apply(this, arguments);
|
|
6075
6243
|
}
|
|
6076
6244
|
|
|
6245
|
+
var AUTH_REQUIRED = "CMS_AUTH_REQUIRED";
|
|
6246
|
+
var AUTH_INVALID = "CMS_AUTH_INVALID";
|
|
6247
|
+
var CMS_FORBIDDEN = "CMS_FORBIDDEN";
|
|
6248
|
+
var CMS_SESSION_MISMATCH = "CMS_SESSION_MISMATCH";
|
|
6077
6249
|
function getRoleFromSupabaseUser$1(user) {
|
|
6078
6250
|
var _user$app_metadata, _user$user_metadata;
|
|
6079
6251
|
var appRole = user === null || user === void 0 || (_user$app_metadata = user.app_metadata) === null || _user$app_metadata === void 0 ? void 0 : _user$app_metadata.role;
|
|
@@ -6094,7 +6266,8 @@ var requireJwtAuth = /*#__PURE__*/function () {
|
|
|
6094
6266
|
}
|
|
6095
6267
|
return _context.abrupt("return", c.json({
|
|
6096
6268
|
success: false,
|
|
6097
|
-
message: "缺少认证信息"
|
|
6269
|
+
message: "缺少认证信息",
|
|
6270
|
+
error: AUTH_REQUIRED
|
|
6098
6271
|
}, 200));
|
|
6099
6272
|
case 1:
|
|
6100
6273
|
_context.prev = 1;
|
|
@@ -6111,7 +6284,8 @@ var requireJwtAuth = /*#__PURE__*/function () {
|
|
|
6111
6284
|
}
|
|
6112
6285
|
return _context.abrupt("return", c.json({
|
|
6113
6286
|
success: false,
|
|
6114
|
-
message: "认证信息无效"
|
|
6287
|
+
message: "认证信息无效",
|
|
6288
|
+
error: AUTH_INVALID
|
|
6115
6289
|
}, 200));
|
|
6116
6290
|
case 3:
|
|
6117
6291
|
auth = {
|
|
@@ -6129,7 +6303,8 @@ var requireJwtAuth = /*#__PURE__*/function () {
|
|
|
6129
6303
|
_context["catch"](1);
|
|
6130
6304
|
return _context.abrupt("return", c.json({
|
|
6131
6305
|
success: false,
|
|
6132
|
-
message: "认证信息无效"
|
|
6306
|
+
message: "认证信息无效",
|
|
6307
|
+
error: AUTH_INVALID
|
|
6133
6308
|
}, 200));
|
|
6134
6309
|
case 6:
|
|
6135
6310
|
case "end":
|
|
@@ -6156,7 +6331,8 @@ var requireAdminRole = /*#__PURE__*/function () {
|
|
|
6156
6331
|
}
|
|
6157
6332
|
return _context2.abrupt("return", c.json({
|
|
6158
6333
|
success: false,
|
|
6159
|
-
message: "缺少认证信息"
|
|
6334
|
+
message: "缺少认证信息",
|
|
6335
|
+
error: AUTH_REQUIRED
|
|
6160
6336
|
}, 200));
|
|
6161
6337
|
case 1:
|
|
6162
6338
|
if (!(role !== "admin")) {
|
|
@@ -6165,7 +6341,8 @@ var requireAdminRole = /*#__PURE__*/function () {
|
|
|
6165
6341
|
}
|
|
6166
6342
|
return _context2.abrupt("return", c.json({
|
|
6167
6343
|
success: false,
|
|
6168
|
-
message: "权限不足:你不是管理员"
|
|
6344
|
+
message: "权限不足:你不是管理员",
|
|
6345
|
+
error: CMS_FORBIDDEN
|
|
6169
6346
|
}, 200));
|
|
6170
6347
|
case 2:
|
|
6171
6348
|
// session_id 维度权限:必须带 session_id,且与用户 metadata 一致,并且命中 registry
|
|
@@ -6179,7 +6356,8 @@ var requireAdminRole = /*#__PURE__*/function () {
|
|
|
6179
6356
|
}
|
|
6180
6357
|
return _context2.abrupt("return", c.json({
|
|
6181
6358
|
success: false,
|
|
6182
|
-
message: "权限不足:session_id 不匹配"
|
|
6359
|
+
message: "权限不足:session_id 不匹配",
|
|
6360
|
+
error: CMS_SESSION_MISMATCH
|
|
6183
6361
|
}, 200));
|
|
6184
6362
|
case 3:
|
|
6185
6363
|
supabase = getSupabase();
|
|
@@ -6206,7 +6384,8 @@ var requireAdminRole = /*#__PURE__*/function () {
|
|
|
6206
6384
|
}
|
|
6207
6385
|
return _context2.abrupt("return", c.json({
|
|
6208
6386
|
success: false,
|
|
6209
|
-
message: "权限不足:你不是该 session 的管理员"
|
|
6387
|
+
message: "权限不足:你不是该 session 的管理员",
|
|
6388
|
+
error: CMS_FORBIDDEN
|
|
6210
6389
|
}, 200));
|
|
6211
6390
|
case 7:
|
|
6212
6391
|
_context2.next = 8;
|