Add authentication features for admin access

- Introduce a new `auth` module with login, logout, and user verification endpoints for a single admin user.
- Update backend routes to require admin authentication for sensitive operations, enhancing security.
- Modify frontend components to include an authentication provider and gate, ensuring only authorized users can access the application.
- Implement a login page for admin access, improving user experience and security management.
- Update API request handling to redirect unauthorized users to the login page, ensuring proper access control.
This commit is contained in:
Xin Wang
2026-07-09 23:27:50 +08:00
parent d857401ef3
commit 590cb33cbd
20 changed files with 534 additions and 29 deletions

View File

@@ -12,8 +12,16 @@ export type ModelType = "LLM" | "ASR" | "TTS" | "Realtime" | "Embedding" | "Agen
async function request<T>(path: string, init?: RequestInit): Promise<T> {
const res = await fetch(`${API_BASE}${path}`, {
headers: { "Content-Type": "application/json" },
credentials: "include",
...init,
});
if (
res.status === 401 &&
typeof window !== "undefined" &&
!path.startsWith("/api/auth/")
) {
window.location.href = "/login";
}
if (!res.ok) {
let detail = `请求失败 (${res.status})`;
try {
@@ -29,6 +37,25 @@ async function request<T>(path: string, init?: RequestInit): Promise<T> {
return (text ? JSON.parse(text) : undefined) as T;
}
export type AdminUser = {
username: string;
displayName: string;
role: "super_admin";
};
export const authApi = {
login: (body: { username: string; password: string }) =>
request<AdminUser>("/api/auth/login", {
method: "POST",
body: JSON.stringify(body),
}),
logout: () =>
request<{ ok: boolean }>("/api/auth/logout", {
method: "POST",
}),
me: () => request<AdminUser>("/api/auth/me"),
};
// ---------- 接口定义驱动的模型注册表 ----------
export type InterfaceField = {
key: string;