增加JWT逻辑

2025-07-09 10:15:07 +08:00
parent a9c5d91e56
commit 6b1ff4e408
5 changed files with 161 additions and 3 deletions
--- a/routes/stream.js
+++ b/routes/stream.js
@ -7,15 +7,40 @@
 */

 const express = require('express');
-const { v4: uuidV4 } = require('uuid');
-const { setupSSEHeaders } = require('../lib/sse');
+const {v4: uuidV4} = require('uuid');
+const {setupSSEHeaders} = require('../lib/sse');
 const clients = require('../lib/clients');
 const timestamp = require('../utils/timeFormatter');
+const jwt = require('jsonwebtoken');
+const config = require('../config'); // 引入配置

 const router = express.Router();

 router.get('/', (req, res) => {
-    const clientId = req.query.clientId || uuidV4();
+    const token = req.query.token;
+    // 增加解析token逻辑，
+    if (!token) {
+        res.status(401).json({message: 'Unauthorized: Token missing'});
+        return;
+    }
+    // 解析Token 提取客户端ID
+    let clientId
+
+    try {
+        // 解析Token并验证签名：
+        const decoded = jwt.verify(token, config.jwt.jwtSecret, {
+            algorithms: ['HS256'],
+            clockTolerance: 15 // 防止 Hyperf 生成后立即验证因 nbf 失败
+        });
+
+        clientId = decoded.claims?.user_client_id || decoded.sub || uuidV4();
+    } catch (err) {
+        res.status(401).json({
+            message: 'Unauthorized: Invalid token',
+            error: err.message
+        });
+        return;
+    }

    setupSSEHeaders(res);