feat: implement authentication middleware and routes

- Added `auth.ts` for JWT authentication middleware.
- Created `auth` route to handle authentication and token verification.
- Integrated authentication middleware into `media.ts` for protected routes.
- Updated `main.ts` to register the new authentication route.

auth.ts

@@ -0,0 +1,29 @@
+/*
+ * @Date: 2025-06-23 14:36:45
+ * @LastEditors: 陈子健
+ * @LastEditTime: 2025-06-23 14:37:26
+ * @FilePath: /my-score/honoback/auth.ts
+ */
+import { createMiddleware } from 'hono/factory'
+import { verify } from 'hono/jwt'
+
+const AUTH_SECRET = 'it-is-a-secret'
+
+export const authMiddleware = createMiddleware(async (c, next) => {
+  const authHeader = c.req.header('Authorization')
+
+  if (!authHeader || !authHeader.startsWith('Basic ')) {
+    return c.json({ message: 'Unauthorized' }, 401)
+  }
+
+  const token = authHeader.substring(6).trim()
+
+  try {
+    const payload = await verify(token, AUTH_SECRET)
+    c.set('jwtPayload', payload)
+  } catch (error) {
+    return c.json({ message: 'Invalid token' }, 401)
+  }
+
+  await next()
+}) 

deploy.sh

@@ -2,7 +2,7 @@
 ###
  # @Date: 2025-06-13 16:11:38
  # @LastEditors: 陈子健
- # @LastEditTime: 2025-06-18 16:46:20
+ # @LastEditTime: 2025-06-23 16:56:58
  # @FilePath: /my-score/honoback/deploy.sh
 ### 
 
@@ -25,12 +25,6 @@ rsync -avz --exclude 'db/media.db' \
     --exclude '.git' \
     ./ $USER@$SERVER:$REMOTE_DIR/
 
-# 在服务器上安装依赖并启动服务
+# 在服务器上安装依赖并重启服务
 echo "Installing and starting systemd service..."
-ssh $USER@$SERVER "cd $REMOTE_DIR && \
+ssh $USER@$SERVER "systemctl restart my-score"
-    deno cache main.ts && \
-    sudo cp my-score.service /etc/systemd/system/ && \
-    sudo systemctl daemon-reload && \
-    sudo systemctl enable my-score.service && \
-    sudo systemctl restart my-score.service && \
-    sudo systemctl status my-score.service" 

main.ts

@@ -9,6 +9,7 @@ import { jwt } from 'hono/jwt'
 import type { JwtVariables } from 'hono/jwt'
 import user from './routes/user.ts'
 import media from './routes/media.ts'
+import auth from './routes/auth.ts'
 
 const app = new Hono<{ Variables: JwtVariables }>()
 
@@ -20,6 +21,9 @@ app.use('*', async (c, next) => {
   await next()
 })
 
+// 注册认证路由
+app.route('/api/auth', auth)
+
 // 注册用户路由
 app.route('/api/user', user)
 

routes/auth.ts

@@ -0,0 +1,20 @@
+import { Hono } from 'hono'
+import type { JwtVariables } from 'hono/jwt'
+import { authMiddleware } from '../auth.ts'
+
+const auth = new Hono<{ Variables: JwtVariables }>()
+
+auth.use('/*', authMiddleware)
+
+auth.get('/verify', (c) => {
+  const payload = c.get('jwtPayload')
+  return c.json({
+    code: 0,
+    data: {
+      username: payload.username,
+    },
+    message: '认证成功',
+  })
+})
+
+export default auth 

routes/media.ts

@@ -1,9 +1,12 @@
 import { Hono } from 'hono'
 import { db } from '../db/index.ts'
 import type { JwtVariables } from 'hono/jwt'
+import { authMiddleware } from '../auth.ts'
 
 const media = new Hono<{ Variables: JwtVariables }>()
 
+media.use('/*', authMiddleware)
+
 // 获取所有媒体记录
 media.get('/list', (c) => {
   try {