Add authentication features for admin access
- Introduce a new `auth` module with login, logout, and user verification endpoints for a single admin user. - Update backend routes to require admin authentication for sensitive operations, enhancing security. - Modify frontend components to include an authentication provider and gate, ensuring only authorized users can access the application. - Implement a login page for admin access, improving user experience and security management. - Update API request handling to redirect unauthorized users to the login page, ensuring proper access control.
This commit is contained in:
@@ -12,8 +12,16 @@ export type ModelType = "LLM" | "ASR" | "TTS" | "Realtime" | "Embedding" | "Agen
|
||||
async function request<T>(path: string, init?: RequestInit): Promise<T> {
|
||||
const res = await fetch(`${API_BASE}${path}`, {
|
||||
headers: { "Content-Type": "application/json" },
|
||||
credentials: "include",
|
||||
...init,
|
||||
});
|
||||
if (
|
||||
res.status === 401 &&
|
||||
typeof window !== "undefined" &&
|
||||
!path.startsWith("/api/auth/")
|
||||
) {
|
||||
window.location.href = "/login";
|
||||
}
|
||||
if (!res.ok) {
|
||||
let detail = `请求失败 (${res.status})`;
|
||||
try {
|
||||
@@ -29,6 +37,25 @@ async function request<T>(path: string, init?: RequestInit): Promise<T> {
|
||||
return (text ? JSON.parse(text) : undefined) as T;
|
||||
}
|
||||
|
||||
export type AdminUser = {
|
||||
username: string;
|
||||
displayName: string;
|
||||
role: "super_admin";
|
||||
};
|
||||
|
||||
export const authApi = {
|
||||
login: (body: { username: string; password: string }) =>
|
||||
request<AdminUser>("/api/auth/login", {
|
||||
method: "POST",
|
||||
body: JSON.stringify(body),
|
||||
}),
|
||||
logout: () =>
|
||||
request<{ ok: boolean }>("/api/auth/logout", {
|
||||
method: "POST",
|
||||
}),
|
||||
me: () => request<AdminUser>("/api/auth/me"),
|
||||
};
|
||||
|
||||
// ---------- 接口定义驱动的模型注册表 ----------
|
||||
export type InterfaceField = {
|
||||
key: string;
|
||||
|
||||
Reference in New Issue
Block a user