diff --git a/log.py b/log.py new file mode 100644 index 0000000..64b846a --- /dev/null +++ b/log.py @@ -0,0 +1,46 @@ +// 引入所需的模块 +const express = require('express'); +const bcrypt = require('bcrypt'); +const cors = require('cors'); +const rateLimit = require('express-rate-limit'); +const morgan = require('morgan'); + +// 创建 Express 应用实例 +const app = express(); +const PORT = 3000; // 可以根据需要修改端口 + +// 使用中间件 +app.use(cors()); // 允许跨域请求 +app.use(express.json()); // 解析 JSON 请求体 +app.use(express.urlencoded({ extended: true })); // 解析 URL 编码请求体 +app.use(morgan('combined')); // 记录请求日志 + +// 模拟的用户数据(在实际应用中,这通常来自数据库) +const users = [ + { username: 'user1', password: bcrypt.hashSync('password1', 10) }, + { username: 'user2', password: bcrypt.hashSync('password2', 10) } +]; + +// 请求速率限制 +const loginLimiter = rateLimit({ + windowMs: 15 * 60 * 1000, // 15 分钟 + max: 100, // 每个 IP 最多允许 100 次请求 + message: 'Too many login attempts from this IP, please try again later.' +}); + +// 登录接口 +app.post('/login', loginLimiter, async (req, res) => { + const { username, password } = req.body; + + const user = users.find(u => u.username === username); + if (user && await bcrypt.compare(password, user.password)) { + return res.status(200).json({ message: 'Login successful!' }); + } else { + return res.status(401).json({ message: 'Invalid username or password.' }); + } +}); + +// 启动服务器 +app.listen(PORT, () => { + console.log(`Server is running on http://localhost:${PORT}`); +}); \ No newline at end of file