opensource

2025-06-11 17:05:32 +08:00
parent f6387fbe55
commit 60668026a0
44 changed files with 4920 additions and 1 deletions
--- a/src/auth.js
+++ b/src/auth.js
@@ -0,0 +1,177 @@
+// src/auth.js
+const SESSION_COOKIE_NAME = 'session_id_89757';
+const SESSION_EXPIRATION_SECONDS = 60 * 60; // 1 hour
+
+// Function to generate the login page HTML
+function generateLoginPage(redirectUrl) {
+    return `
+        <!DOCTYPE html>
+        <html lang="en">
+        <head>
+            <meta charset="UTF-8">
+            <meta name="viewport" content="width=device-width, initial-scale=1.0">
+            <title>Login</title>
+            <style>
+                body { font-family: sans-serif; display: flex; justify-content: center; align-items: center; min-height: 100vh; background-color: #f4f4f4; margin: 0; }
+                .login-container { background-color: #fff; padding: 30px; border-radius: 8px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); width: 100%; max-width: 400px; text-align: center; }
+                h2 { color: #333; margin-bottom: 20px; }
+                .form-group { margin-bottom: 15px; text-align: left; }
+                label { display: block; margin-bottom: 5px; color: #555; }
+                input[type="text"], input[type="password"] { width: calc(100% - 20px); padding: 10px; border: 1px solid #ddd; border-radius: 4px; box-sizing: border-box; }
+                button { background-color: #007bff; color: white; padding: 10px 20px; border: none; border-radius: 4px; cursor: pointer; font-size: 16px; width: 100%; }
+                button:hover { background-color: #0056b3; }
+                .error-message { color: red; margin-top: 10px; }
+            </style>
+        </head>
+        <body>
+            <div class="login-container">
+                <h2>Login</h2>
+                <form id="loginForm" method="POST" action="/login">
+                    <div class="form-group">
+                        <label for="username">Username:</label>
+                        <input type="text" id="username" name="username" required>
+                    </div>
+                    <div class="form-group">
+                        <label for="password">Password:</label>
+                        <input type="password" id="password" name="password" required>
+                    </div>
+                    <input type="hidden" name="redirect" value="${redirectUrl}">
+                    <button type="submit">Login</button>
+                    <p id="errorMessage" class="error-message"></p>
+                </form>
+                <script>
+                    const form = document.getElementById('loginForm');
+                    const errorMessage = document.getElementById('errorMessage');
+                    form.addEventListener('submit', async (event) => {
+                        event.preventDefault();
+                        const formData = new FormData(form);
+                        const response = await fetch('/login', {
+                            method: 'POST',
+                            body: new URLSearchParams(formData).toString(),
+                            headers: {
+                                'Content-Type': 'application/x-www-form-urlencoded'
+                            }
+                        });
+                        if (response.ok) {
+                            const redirectUrl = response.headers.get('X-Redirect-Url');
+                            if (redirectUrl && redirectUrl !== '/') {
+                                window.location.href = redirectUrl;
+                            } else {
+                                window.location.href = '/getContentHtml'; // Fallback to home
+                            }
+                        } else {
+                            const errorText = await response.text();
+                            errorMessage.textContent = errorText || 'Login failed. Please try again.';
+                        }
+                    });
+                </script>
+            </div>
+        </body>
+        </html>
+    `;
+}
+
+// Function to set or renew the session cookie
+function setSessionCookie(sessionId) {
+    const expirationDate = new Date(Date.now() + SESSION_EXPIRATION_SECONDS * 1000);
+    return `${SESSION_COOKIE_NAME}=${sessionId}; Path=/; Expires=${expirationDate.toUTCString()}; HttpOnly; Secure; SameSite=Lax`;
+}
+
+// Function to handle login requests
+async function handleLogin(request, env) {
+    if (request.method === 'GET') {
+        const url = new URL(request.url);
+        const redirectUrl = url.searchParams.get('redirect') || '/getContentHtml';
+        return new Response(generateLoginPage(redirectUrl), {
+            headers: { 'Content-Type': 'text/html; charset=utf-8' },
+        });
+    } else if (request.method === 'POST') {
+        const formData = await request.formData();
+        const username = formData.get('username');
+        const password = formData.get('password');
+        const redirect = formData.get('redirect') || '/';
+
+        if (username === env.LOGIN_USERNAME && password === env.LOGIN_PASSWORD) {
+            const sessionId = crypto.randomUUID(); // Generate a simple session ID
+            
+            // Store sessionId in KV store for persistent sessions
+            // await env.DATA_KV.put(`session:${sessionId}`, 'valid', { expirationTtl: SESSION_EXPIRATION_SECONDS });
+
+            const cookie = setSessionCookie(sessionId);
+
+            return new Response('Login successful', {
+                status: 200,
+                headers: {
+                    'Set-Cookie': cookie,
+                    'X-Redirect-Url': redirect, // Custom header for client-side redirect
+                },
+            });
+        } else {
+            return new Response('Invalid username or password', { status: 401 });
+        }
+    }
+    return new Response('Method Not Allowed', { status: 405 });
+}
+
+// Function to check and renew session cookie
+async function isAuthenticated(request, env) {
+    const cookieHeader = request.headers.get('Cookie');
+    if (!cookieHeader) {
+        return { authenticated: false, cookie: null };
+    }
+
+    const cookies = cookieHeader.split(';').map(c => c.trim());
+    const sessionCookie = cookies.find(cookie => cookie.startsWith(`${SESSION_COOKIE_NAME}=`));
+
+    if (!sessionCookie) {
+        return { authenticated: false, cookie: null };
+    }
+
+    const sessionId = sessionCookie.split('=')[1];
+
+    // Validate sessionId against KV store
+    // const storedSession = await env.DATA_KV.get(`session:${sessionId}`);
+    // if (storedSession !== 'valid') {
+    //     return { authenticated: false, cookie: null };
+    // }
+
+    // Renew the session cookie
+    const newCookie = setSessionCookie(sessionId);
+    return { authenticated: true, cookie: newCookie };
+}
+
+// Function to handle logout requests
+async function handleLogout(request, env) {
+    const cookieHeader = request.headers.get('Cookie');
+    if (cookieHeader) {
+        const cookies = cookieHeader.split(';').map(c => c.trim());
+        const sessionCookie = cookies.find(cookie => cookie.startsWith(`${SESSION_COOKIE_NAME}=`));
+        if (sessionCookie) {
+            const sessionId = sessionCookie.split('=')[1];
+            // Delete session from KV store
+            // await env.DATA_KV.delete(`session:${sessionId}`);
+        }
+    }
+
+    const expiredDate = new Date(0); // Set expiration to a past date
+    const cookie = `${SESSION_COOKIE_NAME}=; Path=/; Expires=${expiredDate.toUTCString()}; HttpOnly; Secure; SameSite=Lax`;
+
+    const url = new URL(request.url);
+    const redirectUrl = url.searchParams.get('redirect') || '/login'; // Redirect to login page by default
+
+    return new Response('Logged out', {
+        status: 302,
+        headers: {
+            'Set-Cookie': cookie,
+            'Location': redirectUrl,
+        },
+    });
+}
+
+export {
+    handleLogin,
+    isAuthenticated,
+    handleLogout,
+    SESSION_COOKIE_NAME,
+    SESSION_EXPIRATION_SECONDS,
+};