[+] Password for admin login

This commit is contained in:
2025-11-25 10:36:22 +08:00
parent a5317c670f
commit 6932d586d4
4 changed files with 11 additions and 3 deletions
+1 -1
View File
@@ -25,7 +25,7 @@ export const API = {
netease: {
startImport: async (link: string) => await post('/api/import/netease/start', { link }),
checkProgress: async (id: string) => await post('/api/import/netease/progress', { id }),
checkLogin: async () => await post('/admin/netease-login', {})
checkLogin: async (pwd?: string) => await post('/admin/netease-login', { pwd })
},
user: {
+3 -1
View File
@@ -9,6 +9,7 @@ This page is vibe-coded. It's not a part of the regular UI intended for users an
-->
<script lang="ts">
import { onDestroy, onMount } from 'svelte';
import { page } from '$app/stores';
import { API } from '$lib/client';
import { fade, scale } from 'svelte/transition';
import AppBar from "$lib/ui/appbar/AppBar.svelte";
@@ -23,7 +24,8 @@ This page is vibe-coded. It's not a part of the regular UI intended for users an
async function check() {
try {
const res = await API.netease.checkLogin();
const pwd = $page.url.searchParams.get('pwd') ?? undefined;
const res = await API.netease.checkLogin(pwd);
if (res.code === 801) {
if (status !== 'waiting_scan') {
status = 'waiting_scan';
@@ -1,5 +1,6 @@
import * as ne from '@neteasecloudmusicapienhanced/api'
import { error, json } from '@sveltejs/kit'
import { env } from '$env/dynamic/private'
import { loginWithSyncCode } from '$lib/server/user'
import type { RequestHandler } from './$types'
import { db } from '$lib/server/db'
@@ -15,6 +16,11 @@ async function createQr() {
}
export const POST: RequestHandler = async ({ request, cookies }) => {
const { pwd } = await request.json().catch(() => ({}))
if (env.ADMIN_PASSWORD && pwd !== env.ADMIN_PASSWORD) {
throw error(403, 'Invalid password')
}
if (!globalSession.key) await createQr()
// Check key validity