實作應用管理的清單

2025-08-05 16:26:03 +08:00
parent 5b407ff29c
commit 3fa02fc1d1
7 changed files with 381 additions and 30 deletions
--- a/scripts/check-admin-passwords.js
+++ b/scripts/check-admin-passwords.js
@@ -0,0 +1,42 @@
+const mysql = require('mysql2/promise');
+
+async function checkAdminPasswords() {
+  console.log('=== 檢查管理員密碼 ===');
+  
+  try {
+    const connection = await mysql.createConnection({
+      host: 'mysql.theaken.com',
+      port: 33306,
+      user: 'AI_Platform',
+      password: 'Aa123456',
+      database: 'db_AI_Platform'
+    });
+
+    console.log('✅ 資料庫連接成功');
+
+    // 查詢管理員用戶
+    const [rows] = await connection.execute(`
+      SELECT id, name, email, role, password_hash, created_at
+      FROM users 
+      WHERE role = 'admin'
+      ORDER BY created_at DESC
+    `);
+
+    console.log(`\n找到 ${rows.length} 個管理員用戶:`);
+    
+    for (const user of rows) {
+      console.log(`\n用戶ID: ${user.id}`);
+      console.log(`姓名: ${user.name}`);
+      console.log(`郵箱: ${user.email}`);
+      console.log(`角色: ${user.role}`);
+      console.log(`密碼雜湊: ${user.password_hash.substring(0, 20)}...`);
+      console.log(`創建時間: ${user.created_at}`);
+    }
+
+    await connection.end();
+  } catch (error) {
+    console.error('❌ 資料庫連接失敗:', error.message);
+  }
+}
+
+checkAdminPasswords().catch(console.error); 
--- a/scripts/test-admin-login.js
+++ b/scripts/test-admin-login.js
@@ -0,0 +1,80 @@
+const jwt = require('jsonwebtoken');
+
+// 使用環境變數的 JWT_SECRET
+const JWT_SECRET = process.env.JWT_SECRET || 'good777';
+
+async function testAdminLogin() {
+  console.log('=== 測試管理員登入 ===');
+  console.log('使用的 JWT_SECRET:', JWT_SECRET);
+  
+  const adminCredentials = [
+    {
+      email: 'admin@theaken.com',
+      password: 'Admin123!'
+    },
+    {
+      email: 'admin@example.com', 
+      password: 'Admin123!'
+    },
+    {
+      email: 'petty091901@gmail.com',
+      password: 'Admin123!'
+    }
+  ];
+
+  const ports = [3000, 3002];
+
+  for (const port of ports) {
+    console.log(`\n=== 測試端口 ${port} ===`);
+    
+    for (const cred of adminCredentials) {
+      console.log(`\n測試管理員: ${cred.email}`);
+      console.log(`使用密碼: ${cred.password}`);
+      
+      try {
+        const response = await fetch(`http://localhost:${port}/api/auth/login`, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+          },
+          body: JSON.stringify({
+            email: cred.email,
+            password: cred.password
+          })
+        });
+
+        const data = await response.json();
+        
+        if (response.ok) {
+          console.log('✅ 登入成功');
+          console.log('用戶角色:', data.user.role);
+          console.log('Token 長度:', data.token.length);
+          
+          // 驗證 Token
+          try {
+            const decoded = jwt.verify(data.token, JWT_SECRET);
+            console.log('✅ Token 驗證成功');
+            console.log('Token 內容:', {
+              userId: decoded.userId,
+              email: decoded.email,
+              role: decoded.role,
+              exp: new Date(decoded.exp * 1000).toLocaleString()
+            });
+          } catch (tokenError) {
+            console.log('❌ Token 驗證失敗:', tokenError.message);
+          }
+        } else {
+          console.log('❌ 登入失敗');
+          console.log('錯誤:', data.error);
+          if (data.details) {
+            console.log('詳細錯誤:', data.details);
+          }
+        }
+      } catch (error) {
+        console.log('❌ 請求失敗:', error.message);
+      }
+    }
+  }
+}
+
+testAdminLogin().catch(console.error); 
--- a/scripts/test-apps-api.js
+++ b/scripts/test-apps-api.js
@@ -12,7 +12,7 @@ const dbConfig = {
  timezone: '+08:00'
 };

-const JWT_SECRET = 'ai_platform_jwt_secret_key_2024';
+const JWT_SECRET = process.env.JWT_SECRET || 'good777';

 async function testAppsAPI() {
  let connection;
--- a/scripts/test-password-verification.js
+++ b/scripts/test-password-verification.js
@@ -0,0 +1,60 @@
+const mysql = require('mysql2/promise');
+const bcrypt = require('bcrypt');
+
+async function testPasswordVerification() {
+  console.log('=== 測試密碼驗證 ===');
+  
+  try {
+    const connection = await mysql.createConnection({
+      host: 'mysql.theaken.com',
+      port: 33306,
+      user: 'AI_Platform',
+      password: 'Aa123456',
+      database: 'db_AI_Platform'
+    });
+
+    console.log('✅ 資料庫連接成功');
+
+    // 測試密碼
+    const testPasswords = [
+      'Admin123!',
+      'Admin@2024',
+      'admin123',
+      'password',
+      '123456'
+    ];
+
+    // 查詢管理員用戶
+    const [rows] = await connection.execute(`
+      SELECT id, name, email, role, password_hash
+      FROM users 
+      WHERE role = 'admin'
+      ORDER BY created_at DESC
+    `);
+
+    console.log(`\n找到 ${rows.length} 個管理員用戶:`);
+    
+    for (const user of rows) {
+      console.log(`\n用戶: ${user.name} (${user.email})`);
+      console.log(`密碼雜湊: ${user.password_hash}`);
+      
+      // 測試每個密碼
+      for (const password of testPasswords) {
+        try {
+          const isValid = await bcrypt.compare(password, user.password_hash);
+          if (isValid) {
+            console.log(`✅ 密碼匹配: "${password}"`);
+          }
+        } catch (error) {
+          console.log(`❌ 密碼驗證錯誤: ${error.message}`);
+        }
+      }
+    }
+
+    await connection.end();
+  } catch (error) {
+    console.error('❌ 資料庫連接失敗:', error.message);
+  }
+}
+
+testPasswordVerification().catch(console.error); 
--- a/scripts/update-all-admin-passwords.js
+++ b/scripts/update-all-admin-passwords.js
@@ -0,0 +1,55 @@
+const mysql = require('mysql2/promise');
+const bcrypt = require('bcrypt');
+
+async function updateAllAdminPasswords() {
+  console.log('=== 更新所有管理員密碼 ===');
+  
+  try {
+    const connection = await mysql.createConnection({
+      host: 'mysql.theaken.com',
+      port: 33306,
+      user: 'AI_Platform',
+      password: 'Aa123456',
+      database: 'db_AI_Platform'
+    });
+
+    console.log('✅ 資料庫連接成功');
+
+    // 新密碼
+    const newPassword = 'Admin123!';
+    const passwordHash = await bcrypt.hash(newPassword, 12);
+
+    console.log(`\n更新所有管理員密碼為: ${newPassword}`);
+
+    // 更新所有管理員用戶的密碼
+    const [result] = await connection.execute(`
+      UPDATE users 
+      SET password_hash = ?, updated_at = NOW()
+      WHERE role = 'admin'
+    `, [passwordHash]);
+
+    console.log(`✅ 已更新 ${result.affectedRows} 個管理員用戶的密碼`);
+
+    // 驗證更新結果
+    const [users] = await connection.execute(`
+      SELECT id, name, email, role, updated_at
+      FROM users 
+      WHERE role = 'admin'
+      ORDER BY created_at DESC
+    `);
+
+    console.log('\n📋 更新後的管理員用戶:');
+    for (const user of users) {
+      console.log(`  - ${user.name} (${user.email}) - 更新時間: ${user.updated_at}`);
+    }
+
+    console.log('\n🎉 所有管理員密碼已統一為: Admin123!');
+    console.log('💡 現在所有管理員用戶都可以使用相同的密碼登入');
+
+    await connection.end();
+  } catch (error) {
+    console.error('❌ 更新失敗:', error.message);
+  }
+}
+
+updateAllAdminPasswords().catch(console.error);