feat: 更新开发脚本，添加新的环境变量支持，优化管理员登录流程

assistant/src/routes/index.ts

@@ -14,7 +14,7 @@ export const getTokenUser = async (ctx: any) => {
   const res = await query.post({
     path: 'user',
     key: 'me',
-    token: ctx.state.token,
+    token: ctx.state.token || ctx.query.token,
   });
   if (res.code !== 200) {
     return ctx.throw(401, 'not login');
@@ -26,7 +26,7 @@ const checkAuth = async (ctx: any, isAdmin = false) => {
   const config = assistantConfig.getConfig();
   const { auth = {} } = config;
   const token = ctx.query.token;
-
+  console.log('checkAuth', ctx.query, { token });
   if (!token) {
     return ctx.throw(401, 'not login');
   }
@@ -47,8 +47,17 @@ const checkAuth = async (ctx: any, isAdmin = false) => {
     auth.username = username;
     assistantConfig.setConfig({ auth });
   }
-  if (isAdmin) {
-    if (auth.username && auth.username !== username) {
+  if (isAdmin && auth.username) {
+    const admins = config.auth?.admin || [];
+    let isCheckAdmin = false;
+    const admin = auth.username;
+    if (admin === username) {
+      isCheckAdmin = true;
+    }
+    if (!isCheckAdmin && admins.length > 0 && admins.includes(username)) {
+      isCheckAdmin = true;
+    }
+    if (!isCheckAdmin) {
       return ctx.throw(403, 'not admin user');
     }
   }
@@ -70,6 +79,7 @@ app
     description: '管理员鉴权, 获取用户信息，并验证是否为管理员。',
   })
   .define(async (ctx) => {
+    console.log('query', ctx.query);
     await checkAuth(ctx, true);
   })
   .addTo(app);

assistant/src/routes/user/index.ts

@@ -6,29 +6,64 @@ app.route({
   description: '管理员用户登录',
 }).define(async (ctx) => {
   const { username, password } = ctx.query;
-  const query = assistantConfig.query;
   const auth = assistantConfig.getConfig().auth || {};
-  const res = await query.post({
-    path: 'user',
-    key: 'login',
-    data: {
-      username,
-      password,
-    },
-  })
-  if (res.code !== 200) {
-    return ctx.throw(401, 'login failed');
-  }
-  const loginUser = res.data.username;
-  if (auth.username && loginUser !== auth.username) {
+  if (auth && auth.username && auth.username !== username) {
     return ctx.throw(403, 'login user is not admin user');
   }
-  if (!auth.username) {
-    // 初始管理员账号
-    auth.username = loginUser;
-    assistantConfig.setConfig({ auth });
-  }
-  // 保存配置
+  // 发起请求，转发客户端 cookie
+  const res = await fetch(`${assistantConfig.baseURL}`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify({
+      path: 'user',
+      key: 'login',
+      username,
+      password,
+    }),
+  });
 
-  ctx.body = res.data;
+  // 转发上游服务器返回的所有 set-cookie（支持多个 cookie）
+  const setCookieHeaders = res.headers.getSetCookie?.() || [];
+  if (setCookieHeaders.length > 0) {
+    // 设置多个 cookie 到原生 http.ServerResponse
+    ctx.res.setHeader('Set-Cookie', setCookieHeaders);
+  } else {
+    // 兼容旧版本，使用 get 方法
+    const setCookieHeader = res.headers.get('set-cookie');
+    if (setCookieHeader) {
+      ctx.res.setHeader('Set-Cookie', setCookieHeader);
+    }
+  }
+
+  const responseData = await res.json();
+  console.debug('admin login response', { res: responseData });
+  if (responseData.code !== 200) {
+    console.debug('admin login failed', { res: responseData });
+    return ctx.throw(401, 'login failed');
+  }
+  const me = await assistantConfig.query.post({
+    path: 'user',
+    key: 'me',
+    token: responseData.data.token,
+  })
+  if (me.code === 200) {
+    const loginUser = me.data.username;
+    if (auth.username && loginUser !== auth.username) {
+      return ctx.throw(403, 'login user is not admin user');
+    }
+    if (!auth.username) {
+      // 初始管理员账号
+      auth.username = loginUser;
+      if (!auth.type) {
+        auth.type = 'public';
+      }
+      assistantConfig.setConfig({ auth });
+      console.log('set first admin user', { username: loginUser });
+    }
+    // 保存配置
+  }
+
+  ctx.body = responseData.data;
 }).addTo(app);