admin/nexus-terminal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Baobhan Sith
2025-05-08 16:43:02 +08:00
parent 7513e98cdf
commit 787114bb4c
7 changed files with 74 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/backend/src/auth/auth.controller.ts
+17
View File
@@ -921,3 +921,20 @@ export const getPublicCaptchaConfig = async (req: Request, res: Response): Promi
});
}
};
/**
* 检查系统中是否配置了任何 Passkey (GET /api/v1/auth/passkey/has-configured)
* 或者特定用户是否配置了 Passkey (GET /api/v1/auth/passkey/has-configured?username=xxx)
* 公开访问,用于登录页面判断是否显示 Passkey 登录按钮。
*/
export const checkHasPasskeys = async (req: Request, res: Response): Promise<void> => {
const username = req.query.username as string | undefined;
try {
const hasPasskeys = await passkeyService.hasPasskeysConfigured(username);
res.status(200).json({ hasPasskeys });
} catch (error: any) {
console.error(`[AuthController] 检查 Passkey 配置状态时出错 (username: ${username || 'any'}):`, error.message);
// 即使出错,也返回 false,避免登录流程中断
res.status(200).json({ hasPasskeys: false, error: '检查 Passkey 配置时出错。' });
}
};
packages/backend/src/auth/auth.routes.ts
+6 -1
View File
@@ -19,7 +19,8 @@ import {
// 新的 Passkey 管理处理器
listUserPasskeysHandler,
deleteUserPasskeyHandler,
updateUserPasskeyNameHandler // 新增:更新 Passkey 名称的处理器
updateUserPasskeyNameHandler, // 新增:更新 Passkey 名称的处理器
checkHasPasskeys // +++ 新增:检查是否有 Passkey 配置的处理器
} from './auth.controller';
import { isAuthenticated } from './auth.middleware';
import { ipBlacklistCheckMiddleware } from './ipBlacklistCheck.middleware';
@@ -70,9 +71,13 @@ router.post('/passkey/register', isAuthenticated, verifyPasskeyRegistrationHandl
// POST /api/v1/auth/passkey/authentication-options - 生成 Passkey 认证选项 (公开或半公开,取决于是否提供了用户名)
router.post('/passkey/authentication-options', generatePasskeyAuthenticationOptionsHandler);
// POST /api/v1/auth/passkey/authenticate - 验证 Passkey 并登录用户 (公开)
router.post('/passkey/authenticate', ipBlacklistCheckMiddleware, verifyPasskeyAuthenticationHandler);
// GET /api/v1/auth/passkey/has-configured - 检查是否配置了 Passkey (公开)
router.get('/passkey/has-configured', checkHasPasskeys);
// --- User's Passkey Management Routes (New) ---
// GET /api/v1/auth/user/passkeys - 获取当前用户的所有 Passkey (需要认证)
router.get('/user/passkeys', isAuthenticated, listUserPasskeysHandler);
packages/backend/src/repositories/passkey.repository.ts
+7
View File
@@ -142,6 +142,13 @@ export class PasskeyRepository {
const { changes } = await runDb(db, sql, [name, credentialId]);
return changes > 0;
}
async getFirstPasskey(): Promise<Passkey | null> {
const db = await getDbInstance();
const sql = 'SELECT * FROM passkeys LIMIT 1';
const result = await getDb<any>(db, sql);
return mapPasskeyResult(result);
}
}
export const passkeyRepository = new PasskeyRepository();
packages/backend/src/services/passkey.service.ts
+16
View File
@@ -301,6 +301,22 @@ export class PasskeyService {
}
await this.passkeyRepo.updatePasskeyName(credentialID, newName);
}
async hasPasskeysConfigured(username?: string): Promise<boolean> {
if (username) {
const user = await this.userRepo.findUserByUsername(username);
if (!user) {
return false; // 如果提供了用户名但用户不存在,则认为没有配置 passkey
}
const passkeys = await this.passkeyRepo.getPasskeysByUserId(user.id);
return passkeys.length > 0;
} else {
// 如果没有提供用户名,检查整个系统中是否存在任何 passkey
// 这对于“可发现凭证”场景可能有用,或者简单地检查系统是否启用了 passkey 功能
const anyPasskey = await this.passkeyRepo.getFirstPasskey();
return !!anyPasskey;
}
}
}
export const passkeyService = new PasskeyService(passkeyRepository, userRepository);