sa2kit 1.0.0

package/dist/chunk-C64RY2OW.mjs

@@ -0,0 +1,295 @@
+import { getTokenFromRequest } from './chunk-U2L6V7KD.mjs';
+
+// src/auth/routes/login.ts
+function createLoginHandler(config) {
+  return async (request) => {
+    let requestBody = {};
+    try {
+      requestBody = await request.json();
+      const { email, password } = requestBody;
+      if (!email || !password) {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u90AE\u7BB1\u548C\u5BC6\u7801\u4E0D\u80FD\u4E3A\u7A7A"
+          }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+      const result = await config.authService.signIn(email, password);
+      if (config.analytics) {
+        try {
+          await config.analytics.track("user_login_success", {
+            userId: result.user.id,
+            userRole: result.user.role,
+            email: result.user.email,
+            loginMethod: "email_password",
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
+          });
+        } catch (analyticsError) {
+          console.error("Failed to track login analytics:", analyticsError);
+        }
+      }
+      const response = new Response(
+        JSON.stringify({
+          success: true,
+          data: {
+            user: result.user,
+            token: result.token
+          },
+          message: "\u767B\u5F55\u6210\u529F"
+        }),
+        {
+          status: 200,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+      if (config.cookieOptions) {
+        const cookieOptions = {
+          name: config.cookieOptions?.name || "auth_token",
+          httpOnly: config.cookieOptions?.httpOnly !== false,
+          secure: config.cookieOptions?.secure !== false && process.env.NODE_ENV === "production",
+          sameSite: config.cookieOptions?.sameSite || "lax",
+          maxAge: config.cookieOptions?.maxAge || 60 * 60 * 24 * 7,
+          // 7天
+          path: config.cookieOptions?.path || "/"
+        };
+        const cookieValue = `${cookieOptions.name}=${result.token}; HttpOnly=${cookieOptions.httpOnly}; Secure=${cookieOptions.secure}; SameSite=${cookieOptions.sameSite}; Max-Age=${cookieOptions.maxAge}; Path=${cookieOptions.path}`;
+        response.headers.set("Set-Cookie", cookieValue);
+      }
+      return response;
+    } catch (error) {
+      console.error("Login error:", error);
+      if (config.analytics) {
+        try {
+          await config.analytics.track("user_login_failed", {
+            errorMessage: error.message || "\u767B\u5F55\u5931\u8D25",
+            email: requestBody.email,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
+          });
+        } catch (analyticsError) {
+          console.error("Failed to track login failure analytics:", analyticsError);
+        }
+      }
+      return new Response(
+        JSON.stringify({
+          success: false,
+          error: error.message || "\u767B\u5F55\u5931\u8D25\uFF0C\u8BF7\u68C0\u67E5\u90AE\u7BB1\u548C\u5BC6\u7801"
+        }),
+        {
+          status: 401,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    }
+  };
+}
+
+// src/auth/routes/register.ts
+function createRegisterHandler(config) {
+  return async (request) => {
+    try {
+      const { email, password, username } = await request.json();
+      if (!email || !password) {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u90AE\u7BB1\u548C\u5BC6\u7801\u4E0D\u80FD\u4E3A\u7A7A"
+          }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+      if (password.length < 6) {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u5BC6\u7801\u957F\u5EA6\u81F3\u5C11\u4E3A 6 \u4F4D"
+          }),
+          {
+            status: 400,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+      const result = await config.authService.signUp(
+        email,
+        password,
+        username,
+        config.defaultRole || "USER"
+      );
+      if (config.analytics) {
+        try {
+          await config.analytics.track("user_register_success", {
+            userId: result.user.id,
+            email: result.user.email,
+            username: result.user.username,
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
+          });
+        } catch (analyticsError) {
+          console.error("Failed to track register analytics:", analyticsError);
+        }
+      }
+      const response = new Response(
+        JSON.stringify({
+          success: true,
+          data: {
+            user: result.user,
+            token: result.token
+          },
+          message: "\u6CE8\u518C\u6210\u529F"
+        }),
+        {
+          status: 201,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+      if (config.cookieOptions) {
+        const cookieOptions = {
+          name: config.cookieOptions?.name || "auth_token",
+          httpOnly: config.cookieOptions?.httpOnly !== false,
+          secure: config.cookieOptions?.secure !== false && process.env.NODE_ENV === "production",
+          sameSite: config.cookieOptions?.sameSite || "lax",
+          maxAge: config.cookieOptions?.maxAge || 60 * 60 * 24 * 7,
+          path: config.cookieOptions?.path || "/"
+        };
+        const cookieValue = `${cookieOptions.name}=${result.token}; HttpOnly=${cookieOptions.httpOnly}; Secure=${cookieOptions.secure}; SameSite=${cookieOptions.sameSite}; Max-Age=${cookieOptions.maxAge}; Path=${cookieOptions.path}`;
+        response.headers.set("Set-Cookie", cookieValue);
+      }
+      return response;
+    } catch (error) {
+      console.error("Register error:", error);
+      if (config.analytics) {
+        try {
+          await config.analytics.track("user_register_failed", {
+            errorMessage: error.message || "\u6CE8\u518C\u5931\u8D25",
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
+          });
+        } catch (analyticsError) {
+          console.error("Failed to track register failure analytics:", analyticsError);
+        }
+      }
+      return new Response(
+        JSON.stringify({
+          success: false,
+          error: error.message || "\u6CE8\u518C\u5931\u8D25"
+        }),
+        {
+          status: 400,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    }
+  };
+}
+
+// src/auth/routes/me.ts
+function createMeHandler(config) {
+  return async (request) => {
+    try {
+      const token = getTokenFromRequest(request);
+      if (!token) {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u672A\u63D0\u4F9B\u8BA4\u8BC1\u4EE4\u724C"
+          }),
+          {
+            status: 401,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+      const result = await config.authService.verifyToken(token);
+      return new Response(
+        JSON.stringify({
+          success: true,
+          data: result.user
+        }),
+        {
+          status: 200,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    } catch (error) {
+      console.error("Get user info error:", error);
+      return new Response(
+        JSON.stringify({
+          success: false,
+          error: "\u8BA4\u8BC1\u5931\u8D25"
+        }),
+        {
+          status: 401,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    }
+  };
+}
+
+// src/auth/routes/logout.ts
+function createLogoutHandler(config) {
+  return async (request) => {
+    try {
+      const token = getTokenFromRequest(request);
+      if (!token) {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u672A\u63D0\u4F9B\u8BA4\u8BC1\u4EE4\u724C"
+          }),
+          {
+            status: 401,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+      await config.authService.signOut(token);
+      if (config.analytics) {
+        try {
+          await config.analytics.track("user_logout", {
+            timestamp: (/* @__PURE__ */ new Date()).toISOString()
+          });
+        } catch (analyticsError) {
+          console.error("Failed to track logout analytics:", analyticsError);
+        }
+      }
+      const response = new Response(
+        JSON.stringify({
+          success: true,
+          message: "\u767B\u51FA\u6210\u529F"
+        }),
+        {
+          status: 200,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+      response.headers.set(
+        "Set-Cookie",
+        "auth_token=; HttpOnly; Secure; SameSite=Lax; Max-Age=0; Path=/"
+      );
+      return response;
+    } catch (error) {
+      console.error("Logout error:", error);
+      return new Response(
+        JSON.stringify({
+          success: false,
+          error: "\u767B\u51FA\u5931\u8D25"
+        }),
+        {
+          status: 500,
+          headers: { "Content-Type": "application/json" }
+        }
+      );
+    }
+  };
+}
+
+export { createLoginHandler, createLogoutHandler, createMeHandler, createRegisterHandler };
+//# sourceMappingURL=chunk-C64RY2OW.mjs.map
+//# sourceMappingURL=chunk-C64RY2OW.mjs.map

package/dist/chunk-C64RY2OW.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/auth/routes/login.ts","../src/auth/routes/register.ts","../src/auth/routes/me.ts","../src/auth/routes/logout.ts"],"names":[],"mappings":";;;AAoBO,SAAS,mBAAmB,MAAA,EAA0B;AAC3D,EAAA,OAAO,OAAO,OAAA,KAAqB;AACjC,IAAA,IAAI,cAAmB,EAAC;AAExB,IAAA,IAAI;AAEF,MAAA,WAAA,GAAc,MAAM,QAAQ,IAAA,EAAK;AACjC,MAAA,MAAM,EAAE,KAAA,EAAO,QAAA,EAAS,GAAI,WAAA;AAG5B,MAAA,IAAI,CAAC,KAAA,IAAS,CAAC,QAAA,EAAU;AACvB,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACO,CAAA;AAAA,UAChB;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAGA,MAAA,MAAM,SAAS,MAAM,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,OAAO,QAAQ,CAAA;AAG9D,MAAA,IAAI,OAAO,SAAA,EAAW;AACpB,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,oBAAA,EAAsB;AAAA,YACjD,MAAA,EAAQ,OAAO,IAAA,CAAK,EAAA;AAAA,YACpB,QAAA,EAAU,OAAO,IAAA,CAAK,IAAA;AAAA,YACtB,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,YACnB,WAAA,EAAa,gBAAA;AAAA,YACb,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,WACnC,CAAA;AAAA,QACH,SAAS,cAAA,EAAgB;AACvB,UAAA,OAAA,CAAQ,KAAA,CAAM,oCAAoC,cAAc,CAAA;AAAA,QAClE;AAAA,MACF;AAGA,MAAA,MAAM,WAAW,IAAI,QAAA;AAAA,QACnB,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,IAAA;AAAA,UACT,IAAA,EAAM;AAAA,YACJ,MAAM,MAAA,CAAO,IAAA;AAAA,YACb,OAAO,MAAA,CAAO;AAAA,WAChB;AAAA,UACA,OAAA,EAAS;AAAA,SACK,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAGA,MAAA,IAAI,OAAO,aAAA,EAAe;AACxB,QAAA,MAAM,aAAA,GAAgB;AAAA,UACpB,IAAA,EAAM,MAAA,CAAO,aAAA,EAAe,IAAA,IAAQ,YAAA;AAAA,UACpC,QAAA,EAAU,MAAA,CAAO,aAAA,EAAe,QAAA,KAAa,KAAA;AAAA,UAC7C,QAAQ,MAAA,CAAO,aAAA,EAAe,WAAW,KAAA,IAAS,OAAA,CAAQ,IAAI,QAAA,KAAa,YAAA;AAAA,UAC3E,QAAA,EAAU,MAAA,CAAO,aAAA,EAAe,QAAA,IAAY,KAAA;AAAA,UAC5C,QAAQ,MAAA,CAAO,aAAA,EAAe,MAAA,IAAU,EAAA,GAAK,KAAK,EAAA,GAAK,CAAA;AAAA;AAAA,UACvD,IAAA,EAAM,MAAA,CAAO,aAAA,EAAe,IAAA,IAAQ;AAAA,SACtC;AAGA,QAAA,MAAM,WAAA,GAAc,GAAG,aAAA,CAAc,IAAI,IAAI,MAAA,CAAO,KAAK,cAAc,aAAA,CAAc,QAAQ,YAAY,aAAA,CAAc,MAAM,cAAc,aAAA,CAAc,QAAQ,aAAa,aAAA,CAAc,MAAM,CAAA,OAAA,EAAU,aAAA,CAAc,IAAI,CAAA,CAAA;AAC9N,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAA,EAAc,WAAW,CAAA;AAAA,MAChD;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,gBAAgB,KAAK,CAAA;AAGnC,MAAA,IAAI,OAAO,SAAA,EAAW;AACpB,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,mBAAA,EAAqB;AAAA,YAChD,YAAA,EAAe,MAAc,OAAA,IAAW,0BAAA;AAAA,YACxC,OAAO,WAAA,CAAY,KAAA;AAAA,YACnB,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,WACnC,CAAA;AAAA,QACH,SAAS,cAAA,EAAgB;AACvB,UAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,cAAc,CAAA;AAAA,QAC1E;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA;AAAA,QACT,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,KAAA;AAAA,UACT,KAAA,EAAQ,MAAc,OAAA,IAAW;AAAA,SACnB,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAAA,IACF;AAAA,EACF,CAAA;AACF;;;ACtGO,SAAS,sBAAsB,MAAA,EAA6B;AACjE,EAAA,OAAO,OAAO,OAAA,KAAqB;AACjC,IAAA,IAAI;AAEF,MAAA,MAAM,EAAE,KAAA,EAAO,QAAA,EAAU,UAAS,GAAI,MAAM,QAAQ,IAAA,EAAK;AAGzD,MAAA,IAAI,CAAC,KAAA,IAAS,CAAC,QAAA,EAAU;AACvB,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACO,CAAA;AAAA,UAChB;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAGA,MAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACvB,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACO,CAAA;AAAA,UAChB;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,WAAA,CAAY,MAAA;AAAA,QACtC,KAAA;AAAA,QACA,QAAA;AAAA,QACA,QAAA;AAAA,QACA,OAAO,WAAA,IAAe;AAAA,OACxB;AAGA,MAAA,IAAI,OAAO,SAAA,EAAW;AACpB,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,uBAAA,EAAyB;AAAA,YACpD,MAAA,EAAQ,OAAO,IAAA,CAAK,EAAA;AAAA,YACpB,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,YACnB,QAAA,EAAU,OAAO,IAAA,CAAK,QAAA;AAAA,YACtB,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,WACnC,CAAA;AAAA,QACH,SAAS,cAAA,EAAgB;AACvB,UAAA,OAAA,CAAQ,KAAA,CAAM,uCAAuC,cAAc,CAAA;AAAA,QACrE;AAAA,MACF;AAGA,MAAA,MAAM,WAAW,IAAI,QAAA;AAAA,QACnB,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,IAAA;AAAA,UACT,IAAA,EAAM;AAAA,YACJ,MAAM,MAAA,CAAO,IAAA;AAAA,YACb,OAAO,MAAA,CAAO;AAAA,WAChB;AAAA,UACA,OAAA,EAAS;AAAA,SACK,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAGA,MAAA,IAAI,OAAO,aAAA,EAAe;AACxB,QAAA,MAAM,aAAA,GAAgB;AAAA,UACpB,IAAA,EAAM,MAAA,CAAO,aAAA,EAAe,IAAA,IAAQ,YAAA;AAAA,UACpC,QAAA,EAAU,MAAA,CAAO,aAAA,EAAe,QAAA,KAAa,KAAA;AAAA,UAC7C,QAAQ,MAAA,CAAO,aAAA,EAAe,WAAW,KAAA,IAAS,OAAA,CAAQ,IAAI,QAAA,KAAa,YAAA;AAAA,UAC3E,QAAA,EAAU,MAAA,CAAO,aAAA,EAAe,QAAA,IAAY,KAAA;AAAA,UAC5C,QAAQ,MAAA,CAAO,aAAA,EAAe,MAAA,IAAU,EAAA,GAAK,KAAK,EAAA,GAAK,CAAA;AAAA,UACvD,IAAA,EAAM,MAAA,CAAO,aAAA,EAAe,IAAA,IAAQ;AAAA,SACtC;AAEA,QAAA,MAAM,WAAA,GAAc,GAAG,aAAA,CAAc,IAAI,IAAI,MAAA,CAAO,KAAK,cAAc,aAAA,CAAc,QAAQ,YAAY,aAAA,CAAc,MAAM,cAAc,aAAA,CAAc,QAAQ,aAAa,aAAA,CAAc,MAAM,CAAA,OAAA,EAAU,aAAA,CAAc,IAAI,CAAA,CAAA;AAC9N,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,YAAA,EAAc,WAAW,CAAA;AAAA,MAChD;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,mBAAmB,KAAK,CAAA;AAGtC,MAAA,IAAI,OAAO,SAAA,EAAW;AACpB,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,sBAAA,EAAwB;AAAA,YACnD,YAAA,EAAe,MAAc,OAAA,IAAW,0BAAA;AAAA,YACxC,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,WACnC,CAAA;AAAA,QACH,SAAS,cAAA,EAAgB;AACvB,UAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,cAAc,CAAA;AAAA,QAC7E;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA;AAAA,QACT,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,KAAA;AAAA,UACT,KAAA,EAAQ,MAAc,OAAA,IAAW;AAAA,SACnB,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAAA,IACF;AAAA,EACF,CAAA;AACF;;;ACnHO,SAAS,gBAAgB,MAAA,EAAyB;AACvD,EAAA,OAAO,OAAO,OAAA,KAAqB;AACjC,IAAA,IAAI;AAEF,MAAA,MAAM,KAAA,GAAQ,oBAAoB,OAAO,CAAA;AAEzC,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACO,CAAA;AAAA,UAChB;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,WAAA,CAAY,YAAY,KAAK,CAAA;AAEzD,MAAA,OAAO,IAAI,QAAA;AAAA,QACT,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,IAAA;AAAA,UACT,MAAM,MAAA,CAAO;AAAA,SACC,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,wBAAwB,KAAK,CAAA;AAE3C,MAAA,OAAO,IAAI,QAAA;AAAA,QACT,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,KAAA;AAAA,UACT,KAAA,EAAO;AAAA,SACO,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAAA,IACF;AAAA,EACF,CAAA;AACF;;;AC/CO,SAAS,oBAAoB,MAAA,EAAyB;AAC3D,EAAA,OAAO,OAAO,OAAA,KAAqB;AACjC,IAAA,IAAI;AAEF,MAAA,MAAM,KAAA,GAAQ,oBAAoB,OAAO,CAAA;AAEzC,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACO,CAAA;AAAA,UAChB;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAGA,MAAA,MAAM,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,KAAK,CAAA;AAGtC,MAAA,IAAI,OAAO,SAAA,EAAW;AACpB,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,CAAM,aAAA,EAAe;AAAA,YAC1C,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,WACnC,CAAA;AAAA,QACH,SAAS,cAAA,EAAgB;AACvB,UAAA,OAAA,CAAQ,KAAA,CAAM,qCAAqC,cAAc,CAAA;AAAA,QACnE;AAAA,MACF;AAGA,MAAA,MAAM,WAAW,IAAI,QAAA;AAAA,QACnB,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,IAAA;AAAA,UACT,OAAA,EAAS;AAAA,SACK,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAGA,MAAA,QAAA,CAAS,OAAA,CAAQ,GAAA;AAAA,QACf,YAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,iBAAiB,KAAK,CAAA;AAEpC,MAAA,OAAO,IAAI,QAAA;AAAA,QACT,KAAK,SAAA,CAAU;AAAA,UACb,OAAA,EAAS,KAAA;AAAA,UACT,KAAA,EAAO;AAAA,SACO,CAAA;AAAA,QAChB;AAAA,UACE,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,OACF;AAAA,IACF;AAAA,EACF,CAAA;AACF","file":"chunk-C64RY2OW.mjs","sourcesContent":["/**\n * Auth Routes - Login\n * 登录路由处理器\n */\n\nimport type { LoginRouteConfig, ApiResponse } from './types';\n\n/**\n * 创建登录路由处理器\n *\n * @example\n * ```typescript\n * import { createLoginHandler } from '@qhr123/sa2kit/auth/routes';\n *\n * export const POST = createLoginHandler({\n *   authService: myAuthService,\n *   analytics: myAnalytics,\n * });\n * ```\n */\nexport function createLoginHandler(config: LoginRouteConfig) {\n  return async (request: Request) => {\n    let requestBody: any = {};\n\n    try {\n      // 解析请求体\n      requestBody = await request.json();\n      const { email, password } = requestBody;\n\n      // 验证必填字段\n      if (!email || !password) {\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '邮箱和密码不能为空',\n          } as ApiResponse),\n          {\n            status: 400,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n\n      // 执行登录\n      const result = await config.authService.signIn(email, password);\n\n      // 记录登录成功埋点\n      if (config.analytics) {\n        try {\n          await config.analytics.track('user_login_success', {\n            userId: result.user.id,\n            userRole: result.user.role,\n            email: result.user.email,\n            loginMethod: 'email_password',\n            timestamp: new Date().toISOString(),\n          });\n        } catch (analyticsError) {\n          console.error('Failed to track login analytics:', analyticsError);\n        }\n      }\n\n      // 创建响应\n      const response = new Response(\n        JSON.stringify({\n          success: true,\n          data: {\n            user: result.user,\n            token: result.token,\n          },\n          message: '登录成功',\n        } as ApiResponse),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n\n      // 设置 Cookie（如果有配置）\n      if (config.cookieOptions) {\n        const cookieOptions = {\n          name: config.cookieOptions?.name || 'auth_token',\n          httpOnly: config.cookieOptions?.httpOnly !== false,\n          secure: config.cookieOptions?.secure !== false && process.env.NODE_ENV === 'production',\n          sameSite: config.cookieOptions?.sameSite || 'lax',\n          maxAge: config.cookieOptions?.maxAge || 60 * 60 * 24 * 7, // 7天\n          path: config.cookieOptions?.path || '/',\n        };\n\n        // 设置 Set-Cookie header\n        const cookieValue = `${cookieOptions.name}=${result.token}; HttpOnly=${cookieOptions.httpOnly}; Secure=${cookieOptions.secure}; SameSite=${cookieOptions.sameSite}; Max-Age=${cookieOptions.maxAge}; Path=${cookieOptions.path}`;\n        response.headers.set('Set-Cookie', cookieValue);\n      }\n\n      return response;\n    } catch (error) {\n      console.error('Login error:', error);\n\n      // 记录登录失败埋点\n      if (config.analytics) {\n        try {\n          await config.analytics.track('user_login_failed', {\n            errorMessage: (error as any).message || '登录失败',\n            email: requestBody.email,\n            timestamp: new Date().toISOString(),\n          });\n        } catch (analyticsError) {\n          console.error('Failed to track login failure analytics:', analyticsError);\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: false,\n          error: (error as any).message || '登录失败，请检查邮箱和密码',\n        } as ApiResponse),\n        {\n          status: 401,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n    }\n  };\n}\n\n","/**\n * Auth Routes - Register\n * 注册路由处理器\n */\n\nimport type { RegisterRouteConfig, ApiResponse } from './types';\n\n/**\n * 创建注册路由处理器\n *\n * @example\n * ```typescript\n * import { createRegisterHandler } from '@qhr123/sa2kit/auth/routes';\n *\n * export const POST = createRegisterHandler({\n *   authService: myAuthService,\n *   defaultRole: 'USER',\n * });\n * ```\n */\nexport function createRegisterHandler(config: RegisterRouteConfig) {\n  return async (request: Request) => {\n    try {\n      // 解析请求体\n      const { email, password, username } = await request.json();\n\n      // 验证必填字段\n      if (!email || !password) {\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '邮箱和密码不能为空',\n          } as ApiResponse),\n          {\n            status: 400,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n\n      // 密码强度验证\n      if (password.length < 6) {\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '密码长度至少为 6 位',\n          } as ApiResponse),\n          {\n            status: 400,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n\n      // 执行注册\n      const result = await config.authService.signUp(\n        email,\n        password,\n        username,\n        config.defaultRole || 'USER'\n      );\n\n      // 记录注册成功埋点\n      if (config.analytics) {\n        try {\n          await config.analytics.track('user_register_success', {\n            userId: result.user.id,\n            email: result.user.email,\n            username: result.user.username,\n            timestamp: new Date().toISOString(),\n          });\n        } catch (analyticsError) {\n          console.error('Failed to track register analytics:', analyticsError);\n        }\n      }\n\n      // 创建响应\n      const response = new Response(\n        JSON.stringify({\n          success: true,\n          data: {\n            user: result.user,\n            token: result.token,\n          },\n          message: '注册成功',\n        } as ApiResponse),\n        {\n          status: 201,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n\n      // 设置 Cookie（如果有配置）\n      if (config.cookieOptions) {\n        const cookieOptions = {\n          name: config.cookieOptions?.name || 'auth_token',\n          httpOnly: config.cookieOptions?.httpOnly !== false,\n          secure: config.cookieOptions?.secure !== false && process.env.NODE_ENV === 'production',\n          sameSite: config.cookieOptions?.sameSite || 'lax',\n          maxAge: config.cookieOptions?.maxAge || 60 * 60 * 24 * 7,\n          path: config.cookieOptions?.path || '/',\n        };\n\n        const cookieValue = `${cookieOptions.name}=${result.token}; HttpOnly=${cookieOptions.httpOnly}; Secure=${cookieOptions.secure}; SameSite=${cookieOptions.sameSite}; Max-Age=${cookieOptions.maxAge}; Path=${cookieOptions.path}`;\n        response.headers.set('Set-Cookie', cookieValue);\n      }\n\n      return response;\n    } catch (error) {\n      console.error('Register error:', error);\n\n      // 记录注册失败埋点\n      if (config.analytics) {\n        try {\n          await config.analytics.track('user_register_failed', {\n            errorMessage: (error as any).message || '注册失败',\n            timestamp: new Date().toISOString(),\n          });\n        } catch (analyticsError) {\n          console.error('Failed to track register failure analytics:', analyticsError);\n        }\n      }\n\n      return new Response(\n        JSON.stringify({\n          success: false,\n          error: (error as any).message || '注册失败',\n        } as ApiResponse),\n        {\n          status: 400,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n    }\n  };\n}\n\n","/**\n * Auth Routes - Me\n * 获取当前用户信息路由处理器\n */\n\nimport { getTokenFromRequest } from '../services';\nimport type { BaseRouteConfig, ApiResponse } from './types';\n\n/**\n * 创建获取当前用户信息路由处理器\n *\n * @example\n * ```typescript\n * import { createMeHandler } from '@qhr123/sa2kit/auth/routes';\n *\n * export const GET = createMeHandler({\n *   authService: myAuthService,\n * });\n * ```\n */\nexport function createMeHandler(config: BaseRouteConfig) {\n  return async (request: Request) => {\n    try {\n      // 获取 token\n      const token = getTokenFromRequest(request);\n\n      if (!token) {\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '未提供认证令牌',\n          } as ApiResponse),\n          {\n            status: 401,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n\n      // 验证 token 并获取用户信息\n      const result = await config.authService.verifyToken(token);\n\n      return new Response(\n        JSON.stringify({\n          success: true,\n          data: result.user,\n        } as ApiResponse),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n    } catch (error) {\n      console.error('Get user info error:', error);\n\n      return new Response(\n        JSON.stringify({\n          success: false,\n          error: '认证失败',\n        } as ApiResponse),\n        {\n          status: 401,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n    }\n  };\n}\n\n","/**\n * Auth Routes - Logout\n * 登出路由处理器\n */\n\nimport { getTokenFromRequest } from '../services';\nimport type { BaseRouteConfig, ApiResponse } from './types';\n\n/**\n * 创建登出路由处理器\n *\n * @example\n * ```typescript\n * import { createLogoutHandler } from '@qhr123/sa2kit/auth/routes';\n *\n * export const POST = createLogoutHandler({\n *   authService: myAuthService,\n * });\n * ```\n */\nexport function createLogoutHandler(config: BaseRouteConfig) {\n  return async (request: Request) => {\n    try {\n      // 获取 token\n      const token = getTokenFromRequest(request);\n\n      if (!token) {\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '未提供认证令牌',\n          } as ApiResponse),\n          {\n            status: 401,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n\n      // 删除会话\n      await config.authService.signOut(token);\n\n      // 记录登出埋点\n      if (config.analytics) {\n        try {\n          await config.analytics.track('user_logout', {\n            timestamp: new Date().toISOString(),\n          });\n        } catch (analyticsError) {\n          console.error('Failed to track logout analytics:', analyticsError);\n        }\n      }\n\n      // 创建响应并清除 Cookie\n      const response = new Response(\n        JSON.stringify({\n          success: true,\n          message: '登出成功',\n        } as ApiResponse),\n        {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n\n      // 清除 auth_token cookie\n      response.headers.set(\n        'Set-Cookie',\n        'auth_token=; HttpOnly; Secure; SameSite=Lax; Max-Age=0; Path=/'\n      );\n\n      return response;\n    } catch (error) {\n      console.error('Logout error:', error);\n\n      return new Response(\n        JSON.stringify({\n          success: false,\n          error: '登出失败',\n        } as ApiResponse),\n        {\n          status: 500,\n          headers: { 'Content-Type': 'application/json' },\n        }\n      );\n    }\n  };\n}\n\n"]}

package/dist/chunk-DGUM43GV.js

@@ -0,0 +1,12 @@
+'use strict';
+
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+
+exports.__require = __require;
+//# sourceMappingURL=chunk-DGUM43GV.js.map
+//# sourceMappingURL=chunk-DGUM43GV.js.map

package/dist/chunk-DGUM43GV.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":"","file":"chunk-DGUM43GV.js"}

package/dist/chunk-FV3FNHQY.js

@@ -0,0 +1,92 @@
+'use strict';
+
+var chunk6BL3AZGD_js = require('./chunk-6BL3AZGD.js');
+
+// src/auth/middleware/with-auth.ts
+function createAuthMiddleware(config) {
+  function withAuth(handler, level = "user") {
+    return async (request, context = {}) => {
+      if (level === "none") {
+        return await handler(request, context);
+      }
+      try {
+        const token = chunk6BL3AZGD_js.getTokenFromRequest(request);
+        if (!token) {
+          return new Response(
+            JSON.stringify({
+              success: false,
+              error: "\u672A\u63D0\u4F9B\u8BA4\u8BC1\u4EE4\u724C"
+            }),
+            {
+              status: 401,
+              headers: { "Content-Type": "application/json" }
+            }
+          );
+        }
+        const result = await config.authService.verifyToken(token);
+        if (level === "admin" || level === "super_admin") {
+          if (!["ADMIN", "SUPER_ADMIN"].includes(result.user.role)) {
+            return new Response(
+              JSON.stringify({
+                success: false,
+                error: "\u9700\u8981\u7BA1\u7406\u5458\u6743\u9650"
+              }),
+              {
+                status: 403,
+                headers: { "Content-Type": "application/json" }
+              }
+            );
+          }
+        }
+        if (level === "super_admin") {
+          if (result.user.role !== "SUPER_ADMIN") {
+            return new Response(
+              JSON.stringify({
+                success: false,
+                error: "\u9700\u8981\u8D85\u7EA7\u7BA1\u7406\u5458\u6743\u9650"
+              }),
+              {
+                status: 403,
+                headers: { "Content-Type": "application/json" }
+              }
+            );
+          }
+        }
+        context.user = result.user;
+        context.session = result.session;
+        return await handler(request, context);
+      } catch (error) {
+        console.error("Auth middleware error:", error);
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: "\u8BA4\u8BC1\u5931\u8D25"
+          }),
+          {
+            status: 401,
+            headers: { "Content-Type": "application/json" }
+          }
+        );
+      }
+    };
+  }
+  function requireAuth(handler) {
+    return withAuth(handler, "user");
+  }
+  function requireAdmin(handler) {
+    return withAuth(handler, "admin");
+  }
+  function requireSuperAdmin(handler) {
+    return withAuth(handler, "super_admin");
+  }
+  return {
+    withAuth,
+    requireAuth,
+    requireAdmin,
+    requireSuperAdmin
+  };
+}
+
+exports.createAuthMiddleware = createAuthMiddleware;
+//# sourceMappingURL=chunk-FV3FNHQY.js.map
+//# sourceMappingURL=chunk-FV3FNHQY.js.map

package/dist/chunk-FV3FNHQY.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/auth/middleware/with-auth.ts"],"names":["getTokenFromRequest"],"mappings":";;;;;AA+BO,SAAS,qBAAqB,MAAA,EAA8B;AAIjE,EAAA,SAAS,QAAA,CACP,OAAA,EACA,KAAA,GAAmB,MAAA,EACL;AACd,IAAA,OAAO,OAAO,OAAA,EAAkB,OAAA,GAAwB,EAAC,KAAM;AAE7D,MAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,QAAA,OAAO,MAAM,OAAA,CAAQ,OAAA,EAAS,OAAO,CAAA;AAAA,MACvC;AAEA,MAAA,IAAI;AAEF,QAAA,MAAM,KAAA,GAAQA,qCAAoB,OAAO,CAAA;AAEzC,QAAA,IAAI,CAAC,KAAA,EAAO;AACV,UAAA,OAAO,IAAI,QAAA;AAAA,YACT,KAAK,SAAA,CAAU;AAAA,cACb,OAAA,EAAS,KAAA;AAAA,cACT,KAAA,EAAO;AAAA,aACR,CAAA;AAAA,YACD;AAAA,cACE,MAAA,EAAQ,GAAA;AAAA,cACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,WACF;AAAA,QACF;AAGA,QAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,WAAA,CAAY,YAAY,KAAK,CAAA;AAGzD,QAAA,IAAI,KAAA,KAAU,OAAA,IAAW,KAAA,KAAU,aAAA,EAAe;AAChD,UAAA,IAAI,CAAC,CAAC,OAAA,EAAS,aAAa,EAAE,QAAA,CAAS,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,EAAG;AACxD,YAAA,OAAO,IAAI,QAAA;AAAA,cACT,KAAK,SAAA,CAAU;AAAA,gBACb,OAAA,EAAS,KAAA;AAAA,gBACT,KAAA,EAAO;AAAA,eACR,CAAA;AAAA,cACD;AAAA,gBACE,MAAA,EAAQ,GAAA;AAAA,gBACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,aACF;AAAA,UACF;AAAA,QACF;AAEA,QAAA,IAAI,UAAU,aAAA,EAAe;AAC3B,UAAA,IAAI,MAAA,CAAO,IAAA,CAAK,IAAA,KAAS,aAAA,EAAe;AACtC,YAAA,OAAO,IAAI,QAAA;AAAA,cACT,KAAK,SAAA,CAAU;AAAA,gBACb,OAAA,EAAS,KAAA;AAAA,gBACT,KAAA,EAAO;AAAA,eACR,CAAA;AAAA,cACD;AAAA,gBACE,MAAA,EAAQ,GAAA;AAAA,gBACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,aACF;AAAA,UACF;AAAA,QACF;AAGA,QAAA,OAAA,CAAQ,OAAO,MAAA,CAAO,IAAA;AACtB,QAAA,OAAA,CAAQ,UAAU,MAAA,CAAO,OAAA;AAGzB,QAAA,OAAO,MAAM,OAAA,CAAQ,OAAA,EAAS,OAAO,CAAA;AAAA,MACvC,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,0BAA0B,KAAK,CAAA;AAC7C,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,OAAA,EAAS,KAAA;AAAA,YACT,KAAA,EAAO;AAAA,WACR,CAAA;AAAA,UACD;AAAA,YACE,MAAA,EAAQ,GAAA;AAAA,YACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAChD,SACF;AAAA,MACF;AAAA,IACF,CAAA;AAAA,EACF;AAKA,EAAA,SAAS,YAAY,OAAA,EAAqC;AACxD,IAAA,OAAO,QAAA,CAAS,SAAS,MAAM,CAAA;AAAA,EACjC;AAKA,EAAA,SAAS,aAAa,OAAA,EAAqC;AACzD,IAAA,OAAO,QAAA,CAAS,SAAS,OAAO,CAAA;AAAA,EAClC;AAKA,EAAA,SAAS,kBAAkB,OAAA,EAAqC;AAC9D,IAAA,OAAO,QAAA,CAAS,SAAS,aAAa,CAAA;AAAA,EACxC;AAEA,EAAA,OAAO;AAAA,IACL,QAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA;AAAA,GACF;AACF","file":"chunk-FV3FNHQY.js","sourcesContent":["/**\n * Auth Middleware - withAuth\n * 认证中间件\n */\n\nimport { getTokenFromRequest } from '../services';\nimport type {\n  AuthMiddlewareConfig,\n  AuthLevel,\n  RouteHandler,\n  RouteContext,\n} from './types';\n\n/**\n * 创建认证中间件\n *\n * @example\n * ```typescript\n * import { createAuthMiddleware } from '@qhr123/sa2kit/auth/middleware';\n *\n * const { withAuth, requireAdmin } = createAuthMiddleware({\n *   authService: myAuthService,\n * });\n *\n * // 使用中间件\n * export const GET = requireAdmin(async (request, context) => {\n *   const { user } = context; // 自动注入用户信息\n *   // ... 业务逻辑\n * });\n * ```\n */\nexport function createAuthMiddleware(config: AuthMiddlewareConfig) {\n  /**\n   * 认证中间件核心函数\n   */\n  function withAuth(\n    handler: RouteHandler,\n    level: AuthLevel = 'user'\n  ): RouteHandler {\n    return async (request: Request, context: RouteContext = {}) => {\n      // 不需要认证，直接执行\n      if (level === 'none') {\n        return await handler(request, context);\n      }\n\n      try {\n        // 获取 token\n        const token = getTokenFromRequest(request);\n\n        if (!token) {\n          return new Response(\n            JSON.stringify({\n              success: false,\n              error: '未提供认证令牌',\n            }),\n            {\n              status: 401,\n              headers: { 'Content-Type': 'application/json' },\n            }\n          );\n        }\n\n        // 验证 token 并获取用户信息\n        const result = await config.authService.verifyToken(token);\n\n        // 检查权限级别\n        if (level === 'admin' || level === 'super_admin') {\n          if (!['ADMIN', 'SUPER_ADMIN'].includes(result.user.role)) {\n            return new Response(\n              JSON.stringify({\n                success: false,\n                error: '需要管理员权限',\n              }),\n              {\n                status: 403,\n                headers: { 'Content-Type': 'application/json' },\n              }\n            );\n          }\n        }\n\n        if (level === 'super_admin') {\n          if (result.user.role !== 'SUPER_ADMIN') {\n            return new Response(\n              JSON.stringify({\n                success: false,\n                error: '需要超级管理员权限',\n              }),\n              {\n                status: 403,\n                headers: { 'Content-Type': 'application/json' },\n              }\n            );\n          }\n        }\n\n        // 注入用户信息到 context\n        context.user = result.user;\n        context.session = result.session;\n\n        // 执行业务逻辑\n        return await handler(request, context);\n      } catch (error) {\n        console.error('Auth middleware error:', error);\n        return new Response(\n          JSON.stringify({\n            success: false,\n            error: '认证失败',\n          }),\n          {\n            status: 401,\n            headers: { 'Content-Type': 'application/json' },\n          }\n        );\n      }\n    };\n  }\n\n  /**\n   * 快捷方法：需要用户登录\n   */\n  function requireAuth(handler: RouteHandler): RouteHandler {\n    return withAuth(handler, 'user');\n  }\n\n  /**\n   * 快捷方法：需要管理员权限\n   */\n  function requireAdmin(handler: RouteHandler): RouteHandler {\n    return withAuth(handler, 'admin');\n  }\n\n  /**\n   * 快捷方法：需要超级管理员权限\n   */\n  function requireSuperAdmin(handler: RouteHandler): RouteHandler {\n    return withAuth(handler, 'super_admin');\n  }\n\n  return {\n    withAuth,\n    requireAuth,\n    requireAdmin,\n    requireSuperAdmin,\n  };\n}\n\n"]}