inint

module/server/koa/auth.js

@@ -1,27 +1,38 @@
-import jwt from "jsonwebtoken";
-import * as log4js from "../log4js.js";
+import jwt from 'jsonwebtoken'
+import * as log4js from '../log4js.js'
 
 const whiteList = [
   '/',
   '/api/login',
-  "/api/server/list"
+  '/api/register',
+  '/api/send_code',
+  '/api/reset_password',
+  '/api/check',          // 旧版 token 验证，无需 JWT
+  '/api/server/list',
+  '/api/misc/agree',
+  '/api/config',
+  '/api/linuxdo/authorize',
+  '/api/linuxdo/callback',
+  '/api/linuxdo/bind',
+  '/api/bind_account',   // 游戏服务端内部：绑定第三方账号
+  '/api/link',           // 游戏服务端内部：按 connect_id 反查账号
 ]
 
 async function auth(ctx, next) {
   try {
-    log4js.koa.debug("接口请求:", ctx.path)
+    log4js.koa.debug(`鉴权: ${ctx.method} ${ctx.path}`)
     if (whiteList.includes(ctx.path)) {
-      await next();
-      return; // 终止后续验证逻辑
+      await next()
+      return
     }
-    const token = ctx.request.headers.authorization?.split(' ')[1];
-    if (!token) throw new Error('无token');
-    ctx.user = jwt.verify(token, process.env.SECRET_KEY);
-    await next();
+    const token = ctx.request.headers.authorization?.split(' ')[1]
+    if (!token) throw new Error('无token')
+    ctx.user = jwt.verify(token, process.env.SECRET_KEY || 'chuanqi_secret')
+    await next()
   } catch (err) {
-    ctx.status = 401;
-    ctx.body = {msg: 'token无效或过期', code: 401};
+    ctx.status = 401
+    ctx.body = { code: 401, message: 'token无效或过期，请重新登录' }
   }
 }
 
-export default auth;
+export default auth