Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

大佬你好,能否增加一个密码访问或者登陆访问控制,防止被其他人滥用 #15

Open
panhuanghe opened this issue Apr 15, 2023 · 2 comments
Open

大佬你好,能否增加一个密码访问或者登陆访问控制,防止被其他人滥用 #15

panhuanghe opened this issue Apr 15, 2023 · 2 comments
Labels
good first issue Good for newcomers help wanted Extra attention is needed

Comments

@panhuanghe
Copy link

非常感谢大佬的源码,非常好用,响应速度真的很快,就是没有任何保护措施的话,地址泄露后可能会被滥用
@blrchen
Copy link
Owner

blrchen commented Apr 16, 2023

@panhuanghe 感谢你的反馈。我问了一下GPT4,它给了我以下回答,我后面找个时间来试一下,如果你有兴趣,也欢迎提个PR。

作为一个AI助手,我会帮您用TypeScript和Next.js实现一个简单的密码认证功能。这个例子将使用一个简单的密码验证逻辑,但您可以根据需要替换成更复杂的验证逻辑。

首先,我们需要安装Next.js和相关的TypeScript依赖:

npx create-next-app your-app-name --typescript
cd your-app-name

接下来,在pages文件夹中创建一个名为api的文件夹。在api文件夹中,创建一个名为auth.ts的文件,并添加以下代码:

// pages/api/auth.ts
import type { NextApiRequest, NextApiResponse } from 'next'

const SECRET_PASSWORD = 'your_secret_password'

export default function handler(
  req: NextApiRequest,
  res: NextApiResponse
) {
  const { password } = req.body

  if (password === SECRET_PASSWORD) {
    res.status(200).json({ authenticated: true })
  } else {
    res.status(401).json({ authenticated: false })
  }
}

在pages文件夹中创建一个名为gptlite.tsx的文件,这将是我们的受保护页面。将以下代码添加到该文件:

// pages/gptlite.tsx
import { useRouter } from 'next/router'
import { useState } from 'react'

export default function GptLite() {
  const [password, setPassword] = useState('')
  const [error, setError] = useState('')
  const router = useRouter()

  async function handleSubmit(event: React.FormEvent) {
    event.preventDefault()

    const response = await fetch('/api/auth', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ password })
    })

    if (response.status === 200) {
      router.push('https://gptlite.vercel.app')
    } else {
      setError('Incorrect password. Please try again.')
    }
  }

  return (
    <div>
      <h1>GPT Lite - Password Protected</h1>
      <form onSubmit={handleSubmit}>
        <label>
          Password:
          <input
            type="password"
            value={password}
            onChange={(e) => setPassword(e.target.value)}
          />
        </label>
        <button type="submit">Enter</button>
      </form>
      {error && <p>{error}</p>}
    </div>
  )
}

现在,当用户访问 /gptlite 页面时,他们需要输入正确的密码才能被重定向到 https://gptlite.vercel.app。验证逻辑在Next.js的服务端实现,保证了安全性。

请注意,这个例子仅用于演示目的,实际应用中,您可能需要实现更复杂的身份验证和授权逻辑。

@blrchen blrchen added the good first issue Good for newcomers label Apr 17, 2023
@blrchen blrchen pinned this issue May 26, 2023
@johnnyqian
Copy link

闭环了

@blrchen blrchen added the help wanted Extra attention is needed label Aug 11, 2023
@blrchen blrchen unpinned this issue Aug 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@blrchen @johnnyqian @panhuanghe