移除旧版用户兼容
This commit is contained in:
@@ -34,31 +34,17 @@ export async function GET(request: NextRequest) {
|
||||
if (username === process.env.USERNAME) {
|
||||
result.Role = 'owner';
|
||||
} else {
|
||||
// 优先从新版本获取用户信息
|
||||
// 从新版数据库获取用户信息
|
||||
const { db } = await import('@/lib/db');
|
||||
const userInfoV2 = await db.getUserInfoV2(username);
|
||||
|
||||
if (userInfoV2) {
|
||||
// 使用新版本用户信息
|
||||
if (userInfoV2.role === 'admin' && !userInfoV2.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
if (userInfoV2 && userInfoV2.role === 'admin' && !userInfoV2.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
// 回退到配置中查找
|
||||
const user = config.UserConfig.Users.find((u) => u.username === username);
|
||||
if (user && user.role === 'admin' && !user.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -454,21 +454,9 @@ export async function POST(request: NextRequest) {
|
||||
// 权限检查:站长可批量配置所有人的用户组,管理员只能批量配置普通用户
|
||||
if (operatorRole !== 'owner') {
|
||||
for (const targetUsername of usernames) {
|
||||
// 先从配置中查找
|
||||
let targetUser = adminConfig.UserConfig.Users.find(u => u.username === targetUsername);
|
||||
// 如果配置中没有,从V2存储中查找
|
||||
if (!targetUser) {
|
||||
const userV2 = await db.getUserInfoV2(targetUsername);
|
||||
if (userV2) {
|
||||
targetUser = {
|
||||
username: targetUsername,
|
||||
role: userV2.role,
|
||||
banned: userV2.banned,
|
||||
tags: userV2.tags,
|
||||
};
|
||||
}
|
||||
}
|
||||
if (targetUser && targetUser.role === 'admin' && targetUsername !== username) {
|
||||
// 从V2存储中查找用户
|
||||
const userV2 = await db.getUserInfoV2(targetUsername);
|
||||
if (userV2 && userV2.role === 'admin' && targetUsername !== username) {
|
||||
return NextResponse.json({ error: `管理员无法操作其他管理员 ${targetUsername}` }, { status: 400 });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -202,12 +202,11 @@ export async function GET(request: NextRequest) {
|
||||
}
|
||||
|
||||
// 检查用户是否已存在(通过OIDC sub查找)
|
||||
// 优先使用新版本查找
|
||||
let username = await db.getUserByOidcSub(oidcSub);
|
||||
const username = await db.getUserByOidcSub(oidcSub);
|
||||
let userRole: 'owner' | 'admin' | 'user' = 'user';
|
||||
|
||||
if (username) {
|
||||
// 从新版本获取用户信息
|
||||
// 获取用户信息
|
||||
const userInfoV2 = await db.getUserInfoV2(username);
|
||||
if (userInfoV2) {
|
||||
userRole = userInfoV2.role;
|
||||
@@ -218,19 +217,6 @@ export async function GET(request: NextRequest) {
|
||||
);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// 回退到配置中查找
|
||||
const existingUser = config.UserConfig.Users.find((u: any) => u.oidcSub === oidcSub);
|
||||
if (existingUser) {
|
||||
username = existingUser.username;
|
||||
userRole = existingUser.role || 'user';
|
||||
// 检查用户是否被封禁
|
||||
if (existingUser.banned) {
|
||||
return NextResponse.redirect(
|
||||
new URL('/login?error=' + encodeURIComponent('用户被封禁'), origin)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (username) {
|
||||
|
||||
@@ -176,7 +176,7 @@ export async function POST(request: NextRequest) {
|
||||
);
|
||||
}
|
||||
|
||||
// 检查用户名是否已存在(优先使用新版本)
|
||||
// 检查用户名是否已存在
|
||||
const userExists = await db.checkUserExistV2(username);
|
||||
if (userExists) {
|
||||
return NextResponse.json(
|
||||
@@ -185,24 +185,8 @@ export async function POST(request: NextRequest) {
|
||||
);
|
||||
}
|
||||
|
||||
// 检查配置中是否已存在
|
||||
const existingUser = config.UserConfig.Users.find((u) => u.username === username);
|
||||
if (existingUser) {
|
||||
return NextResponse.json(
|
||||
{ error: '用户名已存在' },
|
||||
{ status: 409 }
|
||||
);
|
||||
}
|
||||
|
||||
// 检查OIDC sub是否已被使用(优先使用新版本)
|
||||
let existingOIDCUsername = await db.getUserByOidcSub(oidcSession.sub);
|
||||
if (!existingOIDCUsername) {
|
||||
// 回退到配置中查找
|
||||
const existingOIDCUser = config.UserConfig.Users.find((u: any) => u.oidcSub === oidcSession.sub);
|
||||
if (existingOIDCUser) {
|
||||
existingOIDCUsername = existingOIDCUser.username;
|
||||
}
|
||||
}
|
||||
// 检查OIDC sub是否已被使用
|
||||
const existingOIDCUsername = await db.getUserByOidcSub(oidcSession.sub);
|
||||
if (existingOIDCUsername) {
|
||||
return NextResponse.json(
|
||||
{ error: '该OIDC账号已被注册' },
|
||||
|
||||
@@ -280,15 +280,12 @@ export async function POST(req: NextRequest) {
|
||||
return NextResponse.json({ error: '用户名或密码错误' }, { status: 401 });
|
||||
}
|
||||
|
||||
const config = await getConfig();
|
||||
const user = config.UserConfig.Users.find((u) => u.username === username);
|
||||
|
||||
// 优先使用新版本的用户验证
|
||||
// 使用新版本的用户验证
|
||||
let pass = false;
|
||||
let userRole: 'owner' | 'admin' | 'user' = 'user';
|
||||
let isBanned = false;
|
||||
|
||||
// 尝试使用新版本验证
|
||||
// 验证用户
|
||||
const userInfoV2 = await db.getUserInfoV2(username);
|
||||
|
||||
if (userInfoV2) {
|
||||
|
||||
Reference in New Issue
Block a user