给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)

This commit is contained in:
2025-10-17 15:28:22 +08:00
parent 9ec6d30573
commit 59706b70d0
70 changed files with 2279 additions and 688 deletions
+15 -8
View File
@@ -64,28 +64,32 @@ interface ActionData {
// 加载函数
export async function loader({ request }: LoaderFunctionArgs) {
try {
// 获取用户会话信息
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
const url = new URL(request.url);
const id = url.searchParams.get("id");
const mode = url.searchParams.get("mode") || "create";
// 模板数据,如果是新建则为空
let template = null;
if (id) {
// 从API获取数据
const result = await getPromptTemplate(id);
const result = await getPromptTemplate(id, frontendJWT);
if (result.error) {
console.error('获取提示词模板失败:', result.error);
throw new Error(result.error);
}
template = result.data || null;
if (!template) {
throw new Error(`未找到ID为${id}的模板`);
}
}
return Response.json({
template,
mode
@@ -104,6 +108,9 @@ export async function loader({ request }: LoaderFunctionArgs) {
// Action函数 - 处理表单提交
export async function action({ request }: ActionFunctionArgs) {
const { getUserSession } = await import("~/api/login/auth.server");
const { frontendJWT } = await getUserSession(request);
const formData = await request.formData();
const id = formData.get("id") as string;
const template_name = formData.get("template_name") as string;
@@ -158,10 +165,10 @@ export async function action({ request }: ActionFunctionArgs) {
let result;
if (id) {
// 更新模板
result = await updatePromptTemplate(id, apiTemplate);
result = await updatePromptTemplate(id, apiTemplate, frontendJWT);
} else {
// 创建模板
result = await createPromptTemplate(apiTemplate);
result = await createPromptTemplate(apiTemplate, frontendJWT);
}
if (result.error) {