apps/moemail
1
0
Fork 0
mirror of https://github.com/beilunyang/moemail.git synced 2025-12-24 11:30:51 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: /api/config endpoint can be called using APIKey

Browse Source
This commit is contained in:
beilunyang
2025-05-13 00:01:15 +08:00
parent fa1dadfb21
commit eb6c3fe5eb
3 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/api/config/route.ts
View File

@@ -1,6 +1,7 @@
import { Role, ROLES } from "@/lib/permissions"
import { PERMISSIONS, Role, ROLES } from "@/lib/permissions"
import { getRequestContext } from "@cloudflare/next-on-pages"
import { EMAIL_CONFIG } from "@/config"
import { checkPermission } from "@/lib/auth"
export const runtime = "edge"
@@ -22,6 +23,14 @@ export async function GET() {
}
export async function POST(request: Request) {
const canAccess = await checkPermission(PERMISSIONS.MANAGE_CONFIG)
if (!canAccess) {
return Response.json({
error: "权限不足"
}, { status: 403 })
}
const { defaultRole, emailDomains, adminContact, maxEmails } = await request.json() as {
defaultRole: Exclude<Role, typeof ROLES.EMPEROR>,
emailDomains: string,

2
app/lib/apiKey.ts
View File

@@ -25,7 +25,7 @@ async function getUserByApiKey(key: string): Promise<User | null> {
}
export async function handleApiKeyAuth(apiKey: string, pathname: string) {
if (!pathname.startsWith('/api/emails')) {
if (!pathname.startsWith('/api/emails') && !pathname.startsWith('/api/config')) {
return NextResponse.json(
{ error: "无权限查看" },
{ status: 403 }

8
app/lib/auth.ts
View File

@@ -10,6 +10,7 @@ import CredentialsProvider from "next-auth/providers/credentials"
import { hashPassword, comparePassword } from "@/lib/utils"
import { authSchema } from "@/lib/validation"
import { generateAvatarUrl } from "./avatar"
import { getUserId } from "./apiKey"
const ROLE_DESCRIPTIONS: Record<Role, string> = {
[ROLES.EMPEROR]: "皇帝(网站所有者)",
@@ -62,12 +63,13 @@ export async function getUserRole(userId: string) {
}
export async function checkPermission(permission: Permission) {
const session = await auth()
if (!session?.user?.id) return false
const userId = await getUserId()
if (!userId) return false
const db = createDb()
const userRoleRecords = await db.query.userRoles.findMany({
where: eq(userRoles.userId, session.user.id),
where: eq(userRoles.userId, userId),
with: { role: true },
})