XNSim/XNSimHtml/routes/auth.js

const express = require('express');
const router = express.Router();
const { loginLib, stringToBuffer } = require('../utils/systemMonitor');
const jwt = require('jsonwebtoken');

// JWT密钥
const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';

// 生成token
const generateToken = (user) => {
    return jwt.sign(
        { 
            id: user.id,
            username: user.username,
            access_level: user.access_level,
            full_name: user.full_name,
            phone: user.phone,
            email: user.email,
            department: user.department,
            position: user.position
        },
        JWT_SECRET,
        { expiresIn: '24h' }
    );
};

// 登录API路由
router.post('/login', (req, res) => {
  const { username, password } = req.body;
  
  if (!username || !password) {
    return res.status(400).json({ success: false, message: '用户名和密码不能为空' });
  }
  
  try {
    if (!loginLib) {
      throw new Error('动态库未正确加载');
    }
    
    const usernameData = stringToBuffer(username);
    const passwordData = stringToBuffer(password);
    
    try {
      const userId = loginLib.validateUser(
        usernameData.buffer,
        usernameData.length,
        passwordData.buffer,
        passwordData.length
      );
      
      if (userId > 0) {
        try {
          const userInfoStr = loginLib.getUserInfo(userId);
          let userInfo;
          try {
            userInfo = JSON.parse(userInfoStr);
            
            // 生成token
            const token = generateToken(userInfo);
            
            // 设置HttpOnly Cookie
            res.cookie('authToken', token, {
                httpOnly: true,
                secure: process.env.NODE_ENV === 'production', // 在生产环境中使用HTTPS
                sameSite: 'strict',
                maxAge: 24 * 60 * 60 * 1000 // 24小时
            });
            
            // 返回用户信息时排除密码字段
            const { password, ...userInfoWithoutPassword } = userInfo;
            
            res.json({ 
              success: true, 
              message: '登录成功',
              user: userInfoWithoutPassword  // 返回不包含密码的用户信息
            });
          } finally {
            if (userInfoStr) {
              //loginLib.freeUserInfo(userInfoStr);
            }
          }
        } catch (userInfoError) {
          console.error('获取用户信息失败:', userInfoError);
          res.status(500).json({ 
            success: false, 
            message: '获取用户信息失败',
            error: userInfoError.message 
          });
        }
      } else {
        res.json({ success: false, message: '用户名或密码错误' });
      }
    } catch (callError) {
      throw callError;
    }
  } catch (error) {
    console.error('登录处理过程出错:', error);
    res.status(500).json({ 
      success: false, 
      message: '服务器内部错误',
      error: error.message 
    });
  }
});

// 登出API路由
router.post('/logout', (req, res) => {
    res.clearCookie('authToken');
    res.json({
        success: true,
        message: '已安全退出登录'
    });
});

// 认证检查API路由
router.get('/check-auth', (req, res) => {
    try {
        const token = req.cookies.authToken;
        
        if (!token) {
            return res.json({
                success: false,
                message: '未登录'
            });
        }
        
        // 验证token
        const user = jwt.verify(token, JWT_SECRET);
        
        res.json({
            success: true,
            user: user  // 返回完整的用户信息（不包含密码）
        });
    } catch (error) {
        console.error('认证检查错误:', error);
        res.json({
            success: false,
            message: '登录已过期'
        });
    }
});

// 注册用户API路由
router.post('/register', (req, res) => {
  const { username, password, userInfo } = req.body;
  
  if (!username || !password || !userInfo) {
    return res.status(400).json({ success: false, message: '用户名、密码和用户信息不能为空' });
  }

  try {
    if (!loginLib) {
      throw new Error('动态库未正确加载');
    }

    const usernameData = stringToBuffer(username);
    const passwordData = stringToBuffer(password);
    const userInfoData = stringToBuffer(JSON.stringify(userInfo));

    try {
      const userId = loginLib.registerUser(
        usernameData.buffer,
        usernameData.length,
        passwordData.buffer,
        passwordData.length,
        userInfoData.buffer,
        userInfoData.length
      );

      switch (userId) {
        case -1:
          res.status(500).json({ success: false, message: '注册失败：一般错误' });
          break;
        case -2:
          res.status(400).json({ success: false, message: '用户名已存在' });
          break;
        case -3:
          res.status(400).json({ success: false, message: '无效的用户信息格式' });
          break;
        default:
          if (userId > 0) {
            res.json({ 
              success: true, 
              message: '注册成功',
              userId: userId
            });
          } else {
            res.status(500).json({ success: false, message: '未知错误' });
          }
      }
    } catch (callError) {
      throw callError;
    }
  } catch (error) {
    console.error('注册处理过程出错:', error);
    res.status(500).json({ 
      success: false, 
      message: '服务器内部错误',
      error: error.message 
    });
  }
});

// 获取环境变量
router.get('/env', (req, res) => {
  const { name } = req.query;
  if (!name) {
    return res.status(400).json({ error: '缺少环境变量名称参数' });
  }

  // 出于安全考虑，只允许查询特定的环境变量
  const allowedEnvVars = ['XNCore', 'PATH'];
  if (!allowedEnvVars.includes(name)) {
    return res.status(403).json({ error: '不允许查询该环境变量' });
  }

  const value = process.env[name] || '';
  res.json({ name, value });
});

module.exports = router;