You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

46 lines
1.5 KiB

1 month ago
// 引入所需的模块
const express = require('express');
const bcrypt = require('bcrypt');
const cors = require('cors');
const rateLimit = require('express-rate-limit');
const morgan = require('morgan');
// 创建 Express 应用实例
const app = express();
const PORT = 3000; // 可以根据需要修改端口
// 使用中间件
app.use(cors()); // 允许跨域请求
app.use(express.json()); // 解析 JSON 请求体
app.use(express.urlencoded({ extended: true })); // 解析 URL 编码请求体
app.use(morgan('combined')); // 记录请求日志
// 模拟的用户数据在实际应用中这通常来自数据库
const users = [
{ username: 'user1', password: bcrypt.hashSync('password1', 10) },
{ username: 'user2', password: bcrypt.hashSync('password2', 10) }
];
// 请求速率限制
const loginLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 分钟
max: 100, // 每个 IP 最多允许 100 次请求
message: 'Too many login attempts from this IP, please try again later.'
});
// 登录接口
app.post('/login', loginLimiter, async (req, res) => {
const { username, password } = req.body;
const user = users.find(u => u.username === username);
if (user && await bcrypt.compare(password, user.password)) {
return res.status(200).json({ message: 'Login successful!' });
} else {
return res.status(401).json({ message: 'Invalid username or password.' });
}
});
// 启动服务器
app.listen(PORT, () => {
console.log(`Server is running on http://localhost:${PORT}`);
});