// lib/auth.ts - 简化版认证工具 // 用于在 Next.js 中获取主应用的登录信息 export interface User { id: string; username: string; email: string; subscription_tier: string; avatar?: string; } export interface AuthInfo { isAuthenticated: boolean; user?: User; canAccessChat?: boolean; message?: string; } /** * 客户端检查认证状态 * 直接调用 Flask 后端的 session 接口 */ export async function checkAuth(): Promise { try { // 调用主应用的 session 检查接口 const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/auth/session`, { credentials: 'include', // 重要：携带 Cookie headers: { 'Content-Type': 'application/json', }, }); if (!response.ok) { return { isAuthenticated: false }; } const data = await response.json(); // 检查是否登录 if (!data.isAuthenticated || !data.user) { return { isAuthenticated: false, message: '请先登录' }; } // 检查订阅权限 const canAccessChat = ['premium', 'pro', 'enterprise'].includes( data.user.subscription_tier?.toLowerCase() ); return { isAuthenticated: true, user: data.user, canAccessChat, message: canAccessChat ? undefined : '需要订阅才能使用 AI 助手功能' }; } catch (error) { console.error('Auth check failed:', error); return { isAuthenticated: false, message: '认证服务暂时不可用' }; } } /** * 调用 MCP API * 自动携带认证信息 */ export async function callMCPApi(endpoint: string, options: RequestInit = {}) { const url = `${process.env.NEXT_PUBLIC_API_URL}${endpoint}`; const response = await fetch(url, { ...options, credentials: 'include', // 携带 Cookie headers: { 'Content-Type': 'application/json', ...options.headers, }, }); if (response.status === 401) { // 未登录，跳转到主应用登录页 window.location.href = `${process.env.NEXT_PUBLIC_MAIN_APP_URL}/auth/sign-in?redirect=/chat`; throw new Error('Unauthorized'); } if (response.status === 403) { // 无权限，跳转到订阅页 window.location.href = `${process.env.NEXT_PUBLIC_MAIN_APP_URL}/subscription?feature=ai-chat`; throw new Error('Subscription required'); } return response; } /** * 登出（跳转到主应用的登出接口） */ export function logout() { window.location.href = `${process.env.NEXT_PUBLIC_MAIN_APP_URL}/api/auth/logout?redirect=/`; }