feat: 更新N5代理逻辑，支持使用用户JWKS令牌进行身份验证

2026-03-03 18:33:41 +08:00
parent 120303961c
commit bb4096ce7e
2 changed files with 29 additions and 3 deletions
--- a/src/modules/n5/index.ts
+++ b/src/modules/n5/index.ts
@@ -1,4 +1,5 @@
 import { convex, convexApi } from '@/app.ts';
+import { User } from '@/models/user.ts';
 import { IncomingMessage, ServerResponse } from 'http';

 type ProxyOptions = {
@@ -19,11 +20,33 @@ export const N5Proxy = async (req: IncomingMessage, res: ServerResponse, opts?:
    opts?.createNotFoundPage?.('应用未找到');
    return false;
  }
-  const link = convexResult.data.link;
+  const data = convexResult.data ?? {};
+  const link = data.link;
  if (!link) {
    opts?.createNotFoundPage?.('应用未找到');
    return false;
  }
+  if (data?.useOwnerToken) {
+    const userId = convexResult.userId;
+    if (!userId) {
+      opts?.createNotFoundPage?.('未绑定账号');
+      return false;
+    }
+    try {
+      const user = await User.findByPk(userId);
+      const token = await User.createJwksTokenResponse({ id: userId, username: user?.username || '' }, { save: false });
+      const urlObj = new URL(link);
+      urlObj.searchParams.set('token', token.accessToken);
+      const resultLink = await fetch(urlObj.toString(), { method: 'GET' }).then(res => res.json())
+      res.end(JSON.stringify(resultLink));
+    } catch (e) {
+      console.error('Error fetching the link:', e);
+      res.writeHead(500, { 'Content-Type': 'application/json' });
+      res.end(JSON.stringify({ error: 'Failed to fetch the link' }));
+    }
+
+    return true;
+  }
  res.writeHead(302, {
    Location: link,
  });