Skip to content

Deprecate device password endpoints to resolve JWT authentication errors #53

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Copilot wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Deprecate device password endpoints to resolve JWT authentication errors #53

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8a7500a
Initial plan
Copilot Nov 14, 2025
6b3e58d
Deprecate device password management endpoints to resolve JWT token e…
Copilot Nov 14, 2025
172137a
Add validation tests for deprecated endpoints
Copilot Nov 14, 2025
3c163e0
Remove package-lock.json and add to gitignore
Copilot Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,3 +145,4 @@ dist

prisma/database/data
data/
package-lock.json
151 changes: 10 additions & 141 deletions routes/device.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,192 +173,61 @@ router.put(

/**
* POST /devices/:uuid/password
* @deprecated 此端点已弃用,请使用 AutoAuth 自动授权功能
* 初次设置设备密码 (无需认证,仅当设备未设置密码时)
*/
router.post(
"/:uuid/password",
errors.catchAsync(async (req, res, next) => {
const { uuid } = req.params;
const newPassword = req.query.newPassword || req.body.newPassword;

if (!newPassword) {
return next(errors.createError(400, "新密码是必需的"));
}

// 查找设备
const device = await prisma.device.findUnique({
where: { uuid },
});

if (!device) {
return next(errors.createError(404, "设备不存在"));
}

// 只有在设备未设置密码时才允许无认证设置
if (device.password) {
return next(errors.createError(403, "设备已设置密码,请使用修改密码接口"));
}

const hashedPassword = await hashPassword(newPassword);

await prisma.device.update({
where: { id: device.id },
data: {
password: hashedPassword,
},
});

return res.json({
success: true,
message: "密码设置成功",
});
return next(errors.createError(410, "此功能已弃用,请使用 AutoAuth 自动授权功能代替设备密码"));
})
);

/**
* PUT /devices/:uuid/password
* @deprecated 此端点已弃用,请使用 AutoAuth 自动授权功能
* 修改设备密码 (需要UUID认证和当前密码验证,账户拥有者除外)
*/
router.put(
"/:uuid/password",
uuidAuth,
errors.catchAsync(async (req, res, next) => {
const currentPassword = req.query.currentPassword;
const newPassword = req.query.newPassword || req.body.newPassword;
const passwordHint = req.query.passwordHint || req.body.passwordHint;
const device = res.locals.device;
const isAccountOwner = res.locals.isAccountOwner;

if (!newPassword) {
return next(errors.createError(400, "新密码是必需的"));
}

// 如果是账户拥有者,无需验证当前密码
if (!isAccountOwner) {
if (!device.password) {
return next(errors.createError(400, "设备未设置密码,请使用设置密码接口"));
}

if (!currentPassword) {
return next(errors.createError(400, "当前密码是必需的"));
}

// 验证当前密码
const isCurrentPasswordValid = await verifyDevicePassword(currentPassword, device.password);
if (!isCurrentPasswordValid) {
return next(errors.createError(401, "当前密码错误"));
}
}

const hashedNewPassword = await hashPassword(newPassword);

await prisma.device.update({
where: { id: device.id },
data: {
password: hashedNewPassword,
passwordHint: passwordHint !== undefined ? passwordHint : device.passwordHint,
},
});

return res.json({
success: true,
message: "密码修改成功",
});
return next(errors.createError(410, "此功能已弃用,请使用 AutoAuth 自动授权功能代替设备密码"));
})
);

/**
* PUT /devices/:uuid/password-hint
* @deprecated 此端点已弃用,请使用 AutoAuth 自动授权功能
* 设置密码提示 (需要UUID认证)
*/
router.put(
"/:uuid/password-hint",
uuidAuth,
errors.catchAsync(async (req, res, next) => {
const { passwordHint } = req.body;
const device = res.locals.device;

await prisma.device.update({
where: { id: device.id },
data: { passwordHint: passwordHint || null },
});

return res.json({
success: true,
message: "密码提示设置成功",
passwordHint: passwordHint || null,
});
return next(errors.createError(410, "此功能已弃用,请使用 AutoAuth 自动授权功能代替设备密码"));
})
);

/**
* GET /devices/:uuid/password-hint
* @deprecated 此端点已弃用,请使用 AutoAuth 自动授权功能
* 获取设备密码提示 (无需认证)
*/
router.get(
"/:uuid/password-hint",
errors.catchAsync(async (req, res, next) => {
const { uuid } = req.params;

const device = await prisma.device.findUnique({
where: { uuid },
select: {
passwordHint: true,
},
});

if (!device) {
return next(errors.createError(404, "设备不存在"));
}

return res.json({
success: true,
passwordHint: device.passwordHint || null,
});
return next(errors.createError(410, "此功能已弃用,请使用 AutoAuth 自动授权功能代替设备密码"));
})
);

/**
* DELETE /devices/:uuid/password
* @deprecated 此端点已弃用,请使用 AutoAuth 自动授权功能
* 删除设备密码 (需要UUID认证和密码验证,账户拥有者除外)
*/
router.delete(
"/:uuid/password",
uuidAuth,
errors.catchAsync(async (req, res, next) => {
const password = req.query.password;
const device = res.locals.device;
const isAccountOwner = res.locals.isAccountOwner;

if (!device.password) {
return next(errors.createError(400, "设备未设置密码"));
}

// 如果不是账户拥有者,需要验证密码
if (!isAccountOwner) {
if (!password) {
return next(errors.createError(400, "密码是必需的"));
}

// 验证密码
const isPasswordValid = await verifyDevicePassword(password, device.password);
if (!isPasswordValid) {
return next(errors.createError(401, "密码错误"));
}
}

await prisma.device.update({
where: { id: device.id },
data: {
password: null,
passwordHint: null,
},
});

return res.json({
success: true,
message: "密码删除成功",
});
return next(errors.createError(410, "此功能已弃用,请使用 AutoAuth 自动授权功能代替设备密码"));
})
);

Expand Down