237899745/vue-driven-cloud-storage
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

📖 添加验证码快速修复指南

Browse Source
This commit is contained in:
喻勇祥
2025-11-21 17:05:22 +00:00
parent 225c3a5ded
commit 3ef0fa844a
1 changed files with 268 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

268
CAPTCHA_QUICK_FIX.md Normal file
View File

@@ -0,0 +1,268 @@
# 验证码快速修复指南
## 🔍 问题诊断
你的验证码API **没有返回Set-Cookie**,说明配置没有正确应用。
测试结果:
```
curl -si https://cs.workyai.cn/api/captcha
HTTP/2 200
❌ 没有 Set-Cookie 响应头
```
## 🎯 解决方案(按顺序检查)
### 步骤1检查Nginx配置文件
```bash
# 在服务器上运行
cd /root/vue-driven-cloud-storage # 或你的项目路径
# 方法1查找配置文件
find /etc/nginx -name "*.conf" -exec grep -l "workyai.cn\|40001" {} \;
# 方法2查看nginx主配置
nginx -T | grep -A 30 "location /api"
```
**检查项**
- [ ] 是否有 `proxy_set_header Cookie $http_cookie;`
- [ ] 是否有 `proxy_pass_header Set-Cookie;`
### 步骤2手动添加Cookie配置
假设你的Nginx配置文件是 `/etc/nginx/conf.d/xxx.conf`
```bash
# 1. 找到配置文件
nginx -T | grep -B 5 "location /api" | grep "# configuration file"
# 2. 编辑配置文件(替换为你的实际路径)
vim /etc/nginx/conf.d/玩玩云.conf
# 3. 在 location /api 块中,找到这一行:
# proxy_set_header X-Forwarded-Proto $scheme;
#
# 在它后面添加3行
# Cookie传递配置验证码session需要
proxy_set_header Cookie $http_cookie;
proxy_pass_header Set-Cookie;
# 4. 保存并测试
nginx -t
# 5. 如果测试通过,重新加载
nginx -s reload
```
### 步骤3验证修改是否生效
```bash
# 测试验证码API是否返回Set-Cookie
curl -si https://cs.workyai.cn/api/captcha | grep -i "set-cookie"
# 应该看到类似:
# Set-Cookie: captcha.sid=s%3A...; Path=/; HttpOnly; SameSite=Lax
```
如果还是没有,继续下一步。
### 步骤4检查后端是否正确启动
```bash
# 检查后端进程
ps aux | grep "node.*server.js"
# 检查后端日志
pm2 logs backend # 如果使用pm2
# 或
tail -f /path/to/backend/logs/error.log
# 重启后端
pm2 restart backend # 如果使用pm2
# 或
pkill -f "node server.js"
cd /path/to/backend
node server.js > /dev/null 2>&1 &
```
### 步骤5检查后端依赖
```bash
cd /path/to/backend
# 检查session依赖是否安装
npm list express-session svg-captcha
# 如果未安装,安装它们
npm install express-session svg-captcha
# 重启后端
pm2 restart backend
```
### 步骤6检查.env配置
```bash
cd /path/to/backend
# 查看.env文件
cat .env
# 确保有这些配置(可选,有默认值)
# SESSION_SECRET=your-random-secret
# COOKIE_SECURE=false # 或true如果是HTTPS
```
## 🔧 完整的修复脚本
在服务器上创建并运行:
```bash
cat > fix_captcha.sh << 'SCRIPT_EOF'
#!/bin/bash
set -e
echo "🔧 验证码快速修复脚本"
echo "================================"
echo ""
# 1. 查找Nginx配置
echo "1. 查找Nginx配置文件..."
NGINX_CONF=$(find /etc/nginx /www/server -name "*.conf" -exec grep -l "location /api" {} \; 2>/dev/null | grep -v backup | head -1)
if [[ -z "$NGINX_CONF" ]]; then
echo "❌ 未找到Nginx配置文件"
exit 1
fi
echo "找到配置: $NGINX_CONF"
echo ""
# 2. 检查是否已有Cookie配置
if grep -q "proxy_set_header Cookie" "$NGINX_CONF"; then
echo "✅ Cookie配置已存在"
else
echo "❌ Cookie配置缺失正在添加..."
# 备份
cp "$NGINX_CONF" "${NGINX_CONF}.backup.$(date +%Y%m%d%H%M%S)"
# 添加Cookie配置
sed -i '/proxy_set_header X-Forwarded-Proto \$scheme;/a\
\
# Cookie传递配置验证码session需要\
proxy_set_header Cookie $http_cookie;\
proxy_pass_header Set-Cookie;' "$NGINX_CONF"
echo "✅ Cookie配置已添加"
fi
echo ""
# 3. 测试Nginx配置
echo "3. 测试Nginx配置..."
if nginx -t; then
echo "✅ Nginx配置测试通过"
else
echo "❌ Nginx配置测试失败"
exit 1
fi
echo ""
# 4. 重新加载Nginx
echo "4. 重新加载Nginx..."
nginx -s reload && echo "✅ Nginx已重新加载" || echo "❌ Nginx重新加载失败"
echo ""
# 5. 验证修复
echo "5. 验证验证码API..."
sleep 2
if curl -si http://localhost:40001/api/captcha 2>&1 | grep -q "Set-Cookie"; then
echo "✅ 验证码API正常返回Set-Cookie"
else
echo "⚠️ 验证码API未返回Set-Cookie可能需要检查后端"
fi
echo ""
echo "================================"
echo "✅ 修复完成!"
echo ""
echo "请清除浏览器缓存后重新测试"
SCRIPT_EOF
chmod +x fix_captcha.sh
sudo bash fix_captcha.sh
```
## 📝 检查清单
执行以下检查:
### Nginx配置
```bash
# 查看location /api配置
nginx -T 2>/dev/null | grep -A 20 "location /api"
# 必须包含:
# ✓ proxy_set_header Cookie $http_cookie;
# ✓ proxy_pass_header Set-Cookie;
```
### 后端配置
```bash
# 检查后端是否运行
curl http://localhost:40001/api/health
# 检查session依赖
cd /path/to/backend && npm list | grep session
# 必须有:
# ✓ express-session@x.x.x
# ✓ svg-captcha@x.x.x
```
### Cookie传递
```bash
# 完整测试
curl -v http://localhost:40001/api/captcha 2>&1 | grep -i "set-cookie"
# 必须看到:
# < Set-Cookie: captcha.sid=...
```
## 🆘 仍然不行?
如果以上步骤都完成了还是不行,请提供:
1. **Nginx配置内容**
```bash
nginx -T 2>/dev/null | grep -A 30 "location /api"
```
2. **后端日志**
```bash
pm2 logs backend --lines 50
```
3. **验证码API响应**
```bash
curl -vi http://localhost:40001/api/captcha
```
4. **完整的curl测试**
```bash
# 生成验证码
curl -vi https://cs.workyai.cn/api/captcha -c cookies.txt
# 查看cookie
cat cookies.txt
# 测试登录
curl -vi https://cs.workyai.cn/api/login \
-b cookies.txt \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"wrong","captcha":"1234"}'
```
## 📞 提供这些信息后我可以进一步帮助你!