diff --git a/src/app/api/admin/config/route.ts b/src/app/api/admin/config/route.ts index 8aebd61..70af5aa 100644 --- a/src/app/api/admin/config/route.ts +++ b/src/app/api/admin/config/route.ts @@ -34,31 +34,17 @@ export async function GET(request: NextRequest) { if (username === process.env.USERNAME) { result.Role = 'owner'; } else { - // 优先从新版本获取用户信息 + // 从新版数据库获取用户信息 const { db } = await import('@/lib/db'); const userInfoV2 = await db.getUserInfoV2(username); - if (userInfoV2) { - // 使用新版本用户信息 - if (userInfoV2.role === 'admin' && !userInfoV2.banned) { - result.Role = 'admin'; - } else { - return NextResponse.json( - { error: '你是管理员吗你就访问?' }, - { status: 401 } - ); - } + if (userInfoV2 && userInfoV2.role === 'admin' && !userInfoV2.banned) { + result.Role = 'admin'; } else { - // 回退到配置中查找 - const user = config.UserConfig.Users.find((u) => u.username === username); - if (user && user.role === 'admin' && !user.banned) { - result.Role = 'admin'; - } else { - return NextResponse.json( - { error: '你是管理员吗你就访问?' }, - { status: 401 } - ); - } + return NextResponse.json( + { error: '你是管理员吗你就访问?' }, + { status: 401 } + ); } } diff --git a/src/app/api/admin/user/route.ts b/src/app/api/admin/user/route.ts index 01d5124..fca18aa 100644 --- a/src/app/api/admin/user/route.ts +++ b/src/app/api/admin/user/route.ts @@ -454,21 +454,9 @@ export async function POST(request: NextRequest) { // 权限检查:站长可批量配置所有人的用户组,管理员只能批量配置普通用户 if (operatorRole !== 'owner') { for (const targetUsername of usernames) { - // 先从配置中查找 - let targetUser = adminConfig.UserConfig.Users.find(u => u.username === targetUsername); - // 如果配置中没有,从V2存储中查找 - if (!targetUser) { - const userV2 = await db.getUserInfoV2(targetUsername); - if (userV2) { - targetUser = { - username: targetUsername, - role: userV2.role, - banned: userV2.banned, - tags: userV2.tags, - }; - } - } - if (targetUser && targetUser.role === 'admin' && targetUsername !== username) { + // 从V2存储中查找用户 + const userV2 = await db.getUserInfoV2(targetUsername); + if (userV2 && userV2.role === 'admin' && targetUsername !== username) { return NextResponse.json({ error: `管理员无法操作其他管理员 ${targetUsername}` }, { status: 400 }); } } diff --git a/src/app/api/auth/oidc/callback/route.ts b/src/app/api/auth/oidc/callback/route.ts index ccb96a5..024cfa8 100644 --- a/src/app/api/auth/oidc/callback/route.ts +++ b/src/app/api/auth/oidc/callback/route.ts @@ -202,12 +202,11 @@ export async function GET(request: NextRequest) { } // 检查用户是否已存在(通过OIDC sub查找) - // 优先使用新版本查找 - let username = await db.getUserByOidcSub(oidcSub); + const username = await db.getUserByOidcSub(oidcSub); let userRole: 'owner' | 'admin' | 'user' = 'user'; if (username) { - // 从新版本获取用户信息 + // 获取用户信息 const userInfoV2 = await db.getUserInfoV2(username); if (userInfoV2) { userRole = userInfoV2.role; @@ -218,19 +217,6 @@ export async function GET(request: NextRequest) { ); } } - } else { - // 回退到配置中查找 - const existingUser = config.UserConfig.Users.find((u: any) => u.oidcSub === oidcSub); - if (existingUser) { - username = existingUser.username; - userRole = existingUser.role || 'user'; - // 检查用户是否被封禁 - if (existingUser.banned) { - return NextResponse.redirect( - new URL('/login?error=' + encodeURIComponent('用户被封禁'), origin) - ); - } - } } if (username) { diff --git a/src/app/api/auth/oidc/complete-register/route.ts b/src/app/api/auth/oidc/complete-register/route.ts index a0db3c1..c914cb3 100644 --- a/src/app/api/auth/oidc/complete-register/route.ts +++ b/src/app/api/auth/oidc/complete-register/route.ts @@ -176,7 +176,7 @@ export async function POST(request: NextRequest) { ); } - // 检查用户名是否已存在(优先使用新版本) + // 检查用户名是否已存在 const userExists = await db.checkUserExistV2(username); if (userExists) { return NextResponse.json( @@ -185,24 +185,8 @@ export async function POST(request: NextRequest) { ); } - // 检查配置中是否已存在 - const existingUser = config.UserConfig.Users.find((u) => u.username === username); - if (existingUser) { - return NextResponse.json( - { error: '用户名已存在' }, - { status: 409 } - ); - } - - // 检查OIDC sub是否已被使用(优先使用新版本) - let existingOIDCUsername = await db.getUserByOidcSub(oidcSession.sub); - if (!existingOIDCUsername) { - // 回退到配置中查找 - const existingOIDCUser = config.UserConfig.Users.find((u: any) => u.oidcSub === oidcSession.sub); - if (existingOIDCUser) { - existingOIDCUsername = existingOIDCUser.username; - } - } + // 检查OIDC sub是否已被使用 + const existingOIDCUsername = await db.getUserByOidcSub(oidcSession.sub); if (existingOIDCUsername) { return NextResponse.json( { error: '该OIDC账号已被注册' }, diff --git a/src/app/api/login/route.ts b/src/app/api/login/route.ts index 604b8f1..a39a897 100644 --- a/src/app/api/login/route.ts +++ b/src/app/api/login/route.ts @@ -280,15 +280,12 @@ export async function POST(req: NextRequest) { return NextResponse.json({ error: '用户名或密码错误' }, { status: 401 }); } - const config = await getConfig(); - const user = config.UserConfig.Users.find((u) => u.username === username); - - // 优先使用新版本的用户验证 + // 使用新版本的用户验证 let pass = false; let userRole: 'owner' | 'admin' | 'user' = 'user'; let isBanned = false; - // 尝试使用新版本验证 + // 验证用户 const userInfoV2 = await db.getUserInfoV2(username); if (userInfoV2) { diff --git a/src/lib/config.ts b/src/lib/config.ts index 6c09dd7..c974204 100644 --- a/src/lib/config.ts +++ b/src/lib/config.ts @@ -267,32 +267,9 @@ async function getInitConfig(configFile: string, subConfig: { LiveConfig: [], }; - // 补充用户信息 - let userNames: string[] = []; - try { - userNames = await db.getAllUsers(); - } catch (e) { - console.error('获取用户列表失败:', e); - } - - // localStorage 模式下,只使用环境变量中的站长账号 - const storageType = process.env.NEXT_PUBLIC_STORAGE_TYPE || 'localstorage'; - if (storageType === 'localstorage') { - userNames = []; - } - - const ownerUsername = process.env.USERNAME || 'default'; - const allUsers = userNames.filter((u) => u !== ownerUsername).map((u) => ({ - username: u, - role: 'user', - banned: false, - })); - allUsers.unshift({ - username: ownerUsername, - role: 'owner', - banned: false, - }); - adminConfig.UserConfig.Users = allUsers as any; + // 用户信息已迁移到新版数据库,不再填充 UserConfig.Users + // 保持为空数组,避免与新版用户系统冲突 + adminConfig.UserConfig.Users = []; // 从配置文件中补充源信息 Object.entries(cfgFile.api_site || []).forEach(([key, site]) => { @@ -488,35 +465,14 @@ export function configSelfCheck(adminConfig: AdminConfig): AdminConfig { adminConfig.LiveConfig = []; } - // 站长变更自检 + // 用户信息已迁移到新版数据库 + // 这里只保留站长用户用于兼容性,其他用户从数据库读取 const ownerUser = process.env.USERNAME; - - // 去重 - const seenUsernames = new Set(); - adminConfig.UserConfig.Users = adminConfig.UserConfig.Users.filter((user) => { - if (seenUsernames.has(user.username)) { - return false; - } - seenUsernames.add(user.username); - return true; - }); - // 过滤站长 - const originOwnerCfg = adminConfig.UserConfig.Users.find((u) => u.username === ownerUser); - adminConfig.UserConfig.Users = adminConfig.UserConfig.Users.filter((user) => user.username !== ownerUser); - // 其他用户不得拥有 owner 权限 - adminConfig.UserConfig.Users.forEach((user) => { - if (user.role === 'owner') { - user.role = 'user'; - } - }); - // 重新添加回站长 - adminConfig.UserConfig.Users.unshift({ + adminConfig.UserConfig.Users = [{ username: ownerUser!, role: 'owner', banned: false, - enabledApis: originOwnerCfg?.enabledApis || undefined, - tags: originOwnerCfg?.tags || undefined, - }); + }]; // 采集源去重 const seenSourceKeys = new Set();