diff --git a/src/drizzle/db.ts b/src/drizzle/db.ts index b71e17c..bb3d7f8 100644 --- a/src/drizzle/db.ts +++ b/src/drizzle/db.ts @@ -8,7 +8,7 @@ const pool = new Pool({ port: parseInt(process.env.DB_PORT || '35433'), user: process.env.DB_USER || 'postgres', password: process.env.DB_PASSWORD || 'postgres', - database: process.env.DB_NAME || 'lioncode_ui', + database: process.env.DB_NAME || 'cchcode_ui', max: 10, // 最大连接数 idleTimeoutMillis: 30000, // 空闲超时 connectionTimeoutMillis: 5000, // 连接超时 diff --git a/src/lib/auth.ts b/src/lib/auth.ts index d45a39f..b99e434 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -1,10 +1,11 @@ import { SignJWT, jwtVerify } from 'jose'; import { cookies } from 'next/headers'; -// JWT 密钥(生产环境应使用环境变量) -const JWT_SECRET = new TextEncoder().encode( - process.env.JWT_SECRET || 'lioncode-jwt-secret-key-2024' -); +// JWT 密钥(必须通过环境变量配置) +if (!process.env.JWT_SECRET) { + throw new Error('环境变量 JWT_SECRET 未配置,请在 .env.local 中设置'); +} +const JWT_SECRET = new TextEncoder().encode(process.env.JWT_SECRET); // Token 有效期:7 天 const TOKEN_EXPIRY = '7d'; diff --git a/src/lib/crypto.ts b/src/lib/crypto.ts index c2c5ebd..9a11518 100644 --- a/src/lib/crypto.ts +++ b/src/lib/crypto.ts @@ -1,8 +1,11 @@ import crypto from 'crypto'; // 加密密钥(32字节 = 256位,用于 AES-256) -// 生产环境应使用环境变量 -const ENCRYPTION_KEY = process.env.ENCRYPTION_KEY || 'lioncode-encryption-key-2024-sec'; +// 必须通过环境变量配置 +if (!process.env.ENCRYPTION_KEY) { + throw new Error('环境变量 ENCRYPTION_KEY 未配置,请在 .env.local 中设置'); +} +const ENCRYPTION_KEY = process.env.ENCRYPTION_KEY; // 确保密钥长度为32字节 const getKey = (): Buffer => { diff --git a/src/middleware.ts b/src/middleware.ts index 332a5eb..ccef20d 100644 --- a/src/middleware.ts +++ b/src/middleware.ts @@ -2,16 +2,16 @@ import { NextResponse } from 'next/server'; import type { NextRequest } from 'next/server'; import { jwtVerify } from 'jose'; -// JWT 密钥 +// JWT 密钥(必须通过环境变量配置) const JWT_SECRET = new TextEncoder().encode( - process.env.JWT_SECRET || 'lioncode-jwt-secret-key-2024' + process.env.JWT_SECRET || '' ); // Cookie 名称 const AUTH_COOKIE_NAME = 'lioncode_auth_token'; // 需要登录才能访问的路由 -const protectedRoutes = ['/', '/chat', '/settings']; +const protectedRoutes = ['/', '/chat', '/settings', '/assistants', '/notes']; // 公开路由(已登录用户访问会重定向到首页) const publicRoutes = ['/login', '/register', '/reset-password'];