diff --git a/.env.example b/.env.example index ffaab1c..8efa588 100644 --- a/.env.example +++ b/.env.example @@ -5,6 +5,10 @@ DB_NAME=skills_market JWT_SECRET=your-jwt-secret-key-change-in-production JWT_EXPIRES_IN=7d +# 登录白名单:固定验证码,不发邮件,多个邮箱用逗号分隔 +WHITELIST_EMAILS=1311711287@email.com +WHITELIST_CODE=888888 + ALIYUN_ACCESS_KEY_ID=LTAI5tP7ufyq46H86SrzmxPL ALIYUN_ACCESS_KEY_SECRET=PFqfWD4POJnzYjqGv7S0YygemaC8GS ALIYUN_DM_ACCOUNT_NAME=login@mail.como.video diff --git a/deploy.bat b/deploy.bat new file mode 100644 index 0000000..a6cec24 --- /dev/null +++ b/deploy.bat @@ -0,0 +1,7 @@ +@echo off +set "PATH=%PATH%;C:\Program Files\Git\cmd" +git fetch origin +git reset --hard origin/main +npm install --omit=dev +pm2 restart skills-market-server +echo Deploy done. diff --git a/package.json b/package.json index 2542cfc..42da203 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,8 @@ "main": "server.js", "scripts": { "start": "node server.js", - "dev": "node --watch server.js" + "dev": "node --watch server.js", + "deploy": "node scripts/deploy.js" }, "dependencies": { "@alicloud/dm20151123": "^1.8.3", diff --git a/routes/auth.js b/routes/auth.js index bc924de..f2ffaff 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -4,6 +4,10 @@ const { sendVerificationCode, verifyCode } = require('../services/auth') const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key-change-in-production' const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || '7d' +const WHITELIST_CODE = process.env.WHITELIST_CODE || '888888' +const WHITELIST_EMAILS = (process.env.WHITELIST_EMAILS || '') + .split(',').map(e => e.trim().toLowerCase()).filter(Boolean) + function createAuthRoutes(db) { const usersCollection = db.collection('users') @@ -16,6 +20,10 @@ function createAuthRoutes(db) { return res.status(400).json({ success: false, error: '邮箱不能为空' }) } + if (WHITELIST_EMAILS.includes(email.toLowerCase())) { + return res.json({ success: true, message: '验证码已发送' }) + } + const result = await sendVerificationCode(db, email.toLowerCase()) if (!result.success) { @@ -38,10 +46,16 @@ function createAuthRoutes(db) { } const emailLower = email.toLowerCase() - const verifyResult = await verifyCode(db, emailLower, code) - - if (!verifyResult.success) { - return res.status(400).json(verifyResult) + + if (WHITELIST_EMAILS.includes(emailLower)) { + if (code !== WHITELIST_CODE) { + return res.status(400).json({ success: false, error: '验证码错误' }) + } + } else { + const verifyResult = await verifyCode(db, emailLower, code) + if (!verifyResult.success) { + return res.status(400).json(verifyResult) + } } let user = await usersCollection.findOne({ email: emailLower }) diff --git a/scripts/deploy.js b/scripts/deploy.js new file mode 100644 index 0000000..bcf7d18 --- /dev/null +++ b/scripts/deploy.js @@ -0,0 +1,30 @@ +#!/usr/bin/env node +/** + * Deploy script for skills-market-server + * Usage: npm run deploy + * + * What it does: + * 1. git push (local → remote repo) + * 2. SSH into server and run deploy script + */ + +const { execSync } = require('child_process') + +const SERVER_USER = 'Administrator' +const SERVER_HOST = '118.145.101.146' +const SERVER_PATH = 'C:\\apps\\skills-market-server' + +function run(cmd, opts = {}) { + console.log(`\n$ ${cmd}`) + execSync(cmd, { stdio: 'inherit', ...opts }) +} + +// ── Push local changes ──────────────────────────────────────────── +console.log('\n📦 Pushing to remote repo...') +run('git push') + +// ── SSH: run deploy script on server ─────────────────────────────── +console.log('\n🚀 Deploying to server...') +run(`ssh ${SERVER_USER}@${SERVER_HOST} "cd /d ${SERVER_PATH} && deploy.bat"`) + +console.log('\n✅ Deploy done!\n')