liuq
/
simple_navigation_page


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410
							import express from 'express';
import cors from 'cors';
import axios from 'axios';
import { NodeRSA } from 'node-rsa';
import cookieParser from 'cookie-parser';
import { readFileSync } from 'fs';
import { fileURLToPath } from 'url';
import { dirname, join } from 'path';

const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);

const app = express();
const PORT = process.env.PORT || 8888;

// 中间件
app.use(cors({
  origin: true,
  credentials: true
}));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());

// 加载自动登录配置
let autoLoginConfig = {};
try {
  const configPath = join(__dirname, 'auto-login-config.json');
  const configData = readFileSync(configPath, 'utf-8');
  autoLoginConfig = JSON.parse(configData);
  console.log('已加载自动登录配置:', Object.keys(autoLoginConfig).join(', '));
} catch (error) {
  console.error('加载自动登录配置失败:', error.message);
  console.log('将使用默认配置');
}

// RSA 加密函数
function encryptWithRSA(text, publicKey) {
  const key = new NodeRSA(publicKey);
  return key.encrypt(text, 'base64');
}

// 解析 Cookie
function parseCookies(setCookieHeaders) {
  return setCookieHeaders.map(cookie => {
    const match = cookie.match(/^([^=]+)=([^;]+)/);
    if (match) {
      const name = match[1];
      const value = match[2];
      
      // 提取其他属性
      const pathMatch = cookie.match(/Path=([^;]+)/);
      const expiresMatch = cookie.match(/Expires=([^;]+)/);
      const maxAgeMatch = cookie.match(/Max-Age=([^;]+)/);
      const httpOnlyMatch = cookie.match(/HttpOnly/);
      const secureMatch = cookie.match(/Secure/);
      const sameSiteMatch = cookie.match(/SameSite=([^;]+)/);
      
      return {
        name,
        value,
        path: pathMatch ? pathMatch[1] : '/',
        expires: expiresMatch ? expiresMatch[1] : null,
        maxAge: maxAgeMatch ? maxAgeMatch[1] : null,
        httpOnly: !!httpOnlyMatch,
        secure: !!secureMatch,
        sameSite: sameSiteMatch ? sameSiteMatch[1] : null
      };
    }
    return null;
  }).filter(Boolean);
}

// 生成跳转 HTML
function generateRedirectHTML(cookieData, targetHost, targetDomain) {
  return `
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>自动登录中...</title>
    <style>
        body {
            display: flex;
            justify-content: center;
            align-items: center;
            height: 100vh;
            margin: 0;
            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
            background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
        }
        .loading {
            text-align: center;
        }
        .spinner {
            border: 4px solid #f3f3f3;
            border-top: 4px solid #3498db;
            border-radius: 50%;
            width: 50px;
            height: 50px;
            animation: spin 1s linear infinite;
            margin: 0 auto 20px;
        }
        @keyframes spin {
            0% { transform: rotate(0deg); }
            100% { transform: rotate(360deg); }
        }
        .message {
            color: #333;
            font-size: 18px;
        }
    </style>
</head>
<body>
    <div class="loading">
        <div class="spinner"></div>
        <div class="message">正在自动登录，请稍候...</div>
    </div>
    <iframe id="cookieFrame" style="display:none;"></iframe>
    <script>
        (function() {
            const cookies = ${JSON.stringify(cookieData)};
            const targetUrl = 'http://${targetHost}/';
            const targetDomain = '${targetDomain}';
            
            console.log('准备设置 Cookie:', cookies);
            
            // 方法1: 尝试直接设置 Cookie（可能因为跨域限制而失败）
            cookies.forEach(function(cookie) {
                try {
                    // 构建 Cookie 字符串
                    let cookieStr = cookie.name + '=' + cookie.value;
                    cookieStr += '; path=' + cookie.path;
                    if (cookie.maxAge) {
                        cookieStr += '; max-age=' + cookie.maxAge;
                    }
                    if (cookie.expires) {
                        cookieStr += '; expires=' + cookie.expires;
                    }
                    if (cookie.secure) {
                        cookieStr += '; secure';
                    }
                    if (cookie.sameSite) {
                        cookieStr += '; samesite=' + cookie.sameSite;
                    }
                    // 注意：Domain 属性无法通过 JavaScript 设置跨域 Cookie
                    // 但我们可以尝试设置（浏览器会忽略跨域的 Domain）
                    cookieStr += '; domain=' + targetDomain;
                    
                    document.cookie = cookieStr;
                    console.log('尝试设置 Cookie:', cookie.name);
                } catch(e) {
                    console.error('设置 Cookie 失败:', cookie.name, e);
                }
            });
            
            // 方法2: 使用隐藏的 iframe 加载目标站点，让服务器设置 Cookie
            // 然后跳转到目标站点
            const iframe = document.getElementById('cookieFrame');
            iframe.src = targetUrl;
            
            // 延迟跳转，确保 iframe 加载完成
            setTimeout(function() {
                console.log('跳转到目标站点:', targetUrl);
                window.location.href = targetUrl;
            }, 1000);
        })();
    </script>
</body>
</html>
  `;
}

// 处理 RSA 加密表单登录
async function handleRSAEncryptedFormLogin(config, credentials) {
  const { targetBaseUrl, loginUrl, loginMethodConfig } = config;
  const { publicKey, usernameField, passwordField, captchaField, captchaRequired, contentType, successCode, successField } = loginMethodConfig;
  
  // 加密用户名和密码
  const usernameEncrypted = encryptWithRSA(credentials.username, publicKey);
  const passwordEncrypted = encryptWithRSA(credentials.password, publicKey);
  
  console.log('用户名和密码已加密');
  
  // 构建请求数据
  const requestData = {
    [usernameField]: usernameEncrypted,
    [passwordField]: passwordEncrypted
  };
  
  if (captchaField) {
    requestData[captchaField] = captchaRequired ? '' : '';
  }
  
  // 发送登录请求
  const headers = {};
  let requestBody;
  
  if (contentType === 'application/x-www-form-urlencoded') {
    headers['Content-Type'] = 'application/x-www-form-urlencoded';
    requestBody = new URLSearchParams(requestData).toString();
  } else if (contentType === 'application/json') {
    headers['Content-Type'] = 'application/json';
    requestBody = JSON.stringify(requestData);
  } else {
    requestBody = requestData;
  }
  
  const loginResponse = await axios.post(
    `${targetBaseUrl}${loginUrl}`,
    requestBody,
    {
      headers,
      withCredentials: true,
      maxRedirects: 0,
      validateStatus: function (status) {
        return status >= 200 && status < 400;
      }
    }
  );
  
  // 检查登录是否成功
  const responseData = loginResponse.data || {};
  const successValue = successField ? responseData[successField] : responseData.code;
  
  if (successValue === successCode) {
    return {
      success: true,
      cookies: loginResponse.headers['set-cookie'] || [],
      response: loginResponse.data
    };
  } else {
    return {
      success: false,
      message: responseData.msg || responseData.message || '登录失败',
      response: responseData
    };
  }
}

// 处理普通表单登录（未加密）
async function handlePlainFormLogin(config, credentials) {
  const { targetBaseUrl, loginUrl, loginMethodConfig } = config;
  const { usernameField, passwordField, captchaField, contentType, successCode, successField } = loginMethodConfig;
  
  // 构建请求数据
  const requestData = {
    [usernameField]: credentials.username,
    [passwordField]: credentials.password
  };
  
  if (captchaField) {
    requestData[captchaField] = '';
  }
  
  // 发送登录请求
  const headers = {};
  let requestBody;
  
  if (contentType === 'application/x-www-form-urlencoded') {
    headers['Content-Type'] = 'application/x-www-form-urlencoded';
    requestBody = new URLSearchParams(requestData).toString();
  } else if (contentType === 'application/json') {
    headers['Content-Type'] = 'application/json';
    requestBody = JSON.stringify(requestData);
  } else {
    requestBody = requestData;
  }
  
  const loginResponse = await axios.post(
    `${targetBaseUrl}${loginUrl}`,
    requestBody,
    {
      headers,
      withCredentials: true,
      maxRedirects: 0,
      validateStatus: function (status) {
        return status >= 200 && status < 400;
      }
    }
  );
  
  // 检查登录是否成功
  const responseData = loginResponse.data || {};
  const successValue = successField ? responseData[successField] : responseData.code;
  
  if (successValue === successCode) {
    return {
      success: true,
      cookies: loginResponse.headers['set-cookie'] || [],
      response: loginResponse.data
    };
  } else {
    return {
      success: false,
      message: responseData.msg || responseData.message || '登录失败',
      response: responseData
    };
  }
}

// 通用的自动登录端点
app.get('/api/auto-login/:siteId', async (req, res) => {
  try {
    const { siteId } = req.params;
    console.log(`开始自动登录流程，网站ID: ${siteId}`);
    
    // 获取网站配置
    const config = autoLoginConfig[siteId];
    if (!config) {
      return res.status(404).json({
        success: false,
        message: `未找到网站ID "${siteId}" 的配置`
      });
    }
    
    console.log(`网站名称: ${config.name}`);
    
    // 获取登录凭据（优先使用环境变量）
    const credentials = {
      username: process.env[config.credentials.envUsername] || config.credentials.username,
      password: process.env[config.credentials.envPassword] || config.credentials.password
    };
    
    if (!credentials.username || !credentials.password) {
      return res.status(400).json({
        success: false,
        message: '登录凭据未配置'
      });
    }
    
    // 根据登录方法处理登录
    let loginResult;
    switch (config.loginMethod) {
      case 'rsa-encrypted-form':
        loginResult = await handleRSAEncryptedFormLogin(config, credentials);
        break;
      case 'plain-form':
        loginResult = await handlePlainFormLogin(config, credentials);
        break;
      default:
        return res.status(400).json({
          success: false,
          message: `不支持的登录方法: ${config.loginMethod}`
        });
    }
    
    if (!loginResult.success) {
      console.error('登录失败:', loginResult.message);
      return res.status(500).json({
        success: false,
        message: loginResult.message
      });
    }
    
    console.log('登录成功！');
    
    // 解析 Cookie
    const cookieData = parseCookies(loginResult.cookies);
    console.log('获取到 Cookie 数量:', cookieData.length);
    
    // 生成跳转 HTML
    const html = generateRedirectHTML(
      cookieData,
      config.targetHost,
      config.targetDomain
    );
    
    // 在响应头中设置 Cookie
    loginResult.cookies.forEach(cookie => {
      // 修改 Cookie 的 Domain，移除端口号
      let modifiedCookie = cookie.replace(/Domain=[^;]+/i, `Domain=${config.targetDomain}`);
      res.setHeader('Set-Cookie', modifiedCookie);
    });
    
    res.send(html);
  } catch (error) {
    console.error('自动登录错误:', error.message);
    if (error.response) {
      console.error('响应状态:', error.response.status);
      console.error('响应数据:', error.response.data);
    }
    res.status(500).json({
      success: false,
      message: '自动登录失败: ' + error.message
    });
  }
});

// 获取所有配置的网站列表
app.get('/api/auto-login', (req, res) => {
  const sites = Object.keys(autoLoginConfig).map(siteId => ({
    id: siteId,
    name: autoLoginConfig[siteId].name,
    endpoint: `/api/auto-login/${siteId}`
  }));
  res.json({ sites });
});

// 健康检查端点
app.get('/api/health', (req, res) => {
  res.json({ status: 'ok' });
});

app.listen(PORT, '0.0.0.0', () => {
  console.log(`后端服务器运行在 http://0.0.0.0:${PORT}`);
  console.log(`已配置的自动登录网站: ${Object.keys(autoLoginConfig).join(', ') || '无'}`);
  console.log(`自动登录端点格式: http://0.0.0.0:${PORT}/api/auto-login/:siteId`);
});