MQTTvue/mqtt-vue-dashboard/server/dist/controllers/clientAuthController.js

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ClientAuthController = void 0;
const clientAuth_1 = require("../models/clientAuth");
const helpers_1 = require("../utils/helpers");
class ClientAuthController {
    static async getAllClientAuth(req, res) {
        try {
            const page = Number(req.query.page) || 1;
            const limit = Number(req.query.limit) || 20;
            const offset = (page - 1) * limit;
            const clientAuths = await clientAuth_1.ClientAuthModel.getAll(limit, offset);
            const total = await clientAuth_1.ClientAuthModel.getCount();
            res.status(200).json({
                success: true,
                data: clientAuths,
                pagination: {
                    page,
                    limit,
                    total,
                    pages: Math.ceil(total / limit)
                }
            });
        }
        catch (error) {
            console.error('获取客户端认证列表失败:', error);
            res.status(500).json({
                success: false,
                message: '获取客户端认证列表失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getClientAuthById(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            if (!id || isNaN(Number(id))) {
                res.status(400).json({
                    success: false,
                    message: '无效的ID'
                });
                return;
            }
            const clientAuth = await clientAuth_1.ClientAuthModel.getById(Number(id));
            if (!clientAuth) {
                res.status(404).json({
                    success: false,
                    message: '客户端认证信息不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                data: clientAuth
            });
        }
        catch (error) {
            console.error('获取客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '获取客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getClientAuthByUsername(req, res) {
        try {
            const { username } = req.params;
            const usernameStr = (0, helpers_1.toString)(username);
            if (!usernameStr) {
                res.status(400).json({
                    success: false,
                    message: '用户名不能为空'
                });
                return;
            }
            const clientAuth = await clientAuth_1.ClientAuthModel.getByUsername(usernameStr);
            if (!clientAuth) {
                res.status(404).json({
                    success: false,
                    message: '客户端认证信息不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                data: clientAuth
            });
        }
        catch (error) {
            console.error('根据用户名获取客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '根据用户名获取客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getClientAuthByClientId(req, res) {
        try {
            const { clientid } = req.params;
            const clientidStr = (0, helpers_1.toString)(clientid);
            if (!clientidStr) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID不能为空'
                });
                return;
            }
            const clientAuth = await clientAuth_1.ClientAuthModel.getByClientId(clientidStr);
            if (!clientAuth) {
                res.status(404).json({
                    success: false,
                    message: '客户端认证信息不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                data: clientAuth
            });
        }
        catch (error) {
            console.error('根据客户端ID获取客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '根据客户端ID获取客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async createClientAuth(req, res) {
        try {
            const { username, clientid, password, device_type, description, is_superuser, use_salt, auth_method, auth_expiry, allowed_ip_ranges, allowed_time_ranges, auth_policy_id } = req.body;
            if (!username || !clientid || !password) {
                res.status(400).json({
                    success: false,
                    message: '用户名、客户端ID和密码不能为空'
                });
                return;
            }
            const existingByUsername = await clientAuth_1.ClientAuthModel.getByUsername(username);
            if (existingByUsername) {
                res.status(400).json({
                    success: false,
                    message: '用户名已存在'
                });
                return;
            }
            const existingByClientId = await clientAuth_1.ClientAuthModel.getByClientId(clientid);
            if (existingByClientId) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID已存在'
                });
                return;
            }
            const shouldUseSalt = use_salt !== undefined ? Boolean(use_salt) : true;
            const salt = shouldUseSalt ? clientAuth_1.ClientAuthModel.generateSalt() : '';
            const passwordHash = clientAuth_1.ClientAuthModel.generatePasswordHash(password, salt, shouldUseSalt);
            const newClientAuth = await clientAuth_1.ClientAuthModel.create({
                username,
                clientid,
                password_hash: passwordHash,
                salt: salt,
                status: 'enabled',
                device_type: device_type || null,
                description: description || null,
                is_superuser: is_superuser || false,
                use_salt: shouldUseSalt,
                auth_method: auth_method || 'password',
                auth_expiry: auth_expiry ? new Date(auth_expiry) : null,
                allowed_ip_ranges: allowed_ip_ranges ? JSON.stringify(allowed_ip_ranges) : null,
                allowed_time_ranges: allowed_time_ranges ? JSON.stringify(allowed_time_ranges) : null,
                auth_policy_id: auth_policy_id || null
            });
            await clientAuth_1.ClientAuthModel.logAuthEvent(newClientAuth.clientid, newClientAuth.username, 'connect', 'success', 'Client authentication created', req.ip, undefined, auth_method, auth_policy_id);
            res.status(201).json({
                success: true,
                data: newClientAuth,
                message: '客户端认证信息创建成功'
            });
        }
        catch (error) {
            console.error('创建客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '创建客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async updateClientAuth(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const { username, clientid, password, device_type, description, status, is_superuser, use_salt, auth_method, auth_expiry, allowed_ip_ranges, allowed_time_ranges, auth_policy_id } = req.body;
            if (!id || isNaN(Number(id))) {
                res.status(400).json({
                    success: false,
                    message: '无效的ID'
                });
                return;
            }
            const existingClientAuth = await clientAuth_1.ClientAuthModel.getById(Number(id));
            if (!existingClientAuth) {
                res.status(404).json({
                    success: false,
                    message: '客户端认证信息不存在'
                });
                return;
            }
            if (username && username !== existingClientAuth.username) {
                const existingByUsername = await clientAuth_1.ClientAuthModel.getByUsername(username);
                if (existingByUsername) {
                    res.status(400).json({
                        success: false,
                        message: '用户名已存在'
                    });
                    return;
                }
            }
            if (clientid && clientid !== existingClientAuth.clientid) {
                const existingByClientId = await clientAuth_1.ClientAuthModel.getByClientId(clientid);
                if (existingByClientId) {
                    res.status(400).json({
                        success: false,
                        message: '客户端ID已存在'
                    });
                    return;
                }
            }
            const updateData = {};
            if (username !== undefined && username !== existingClientAuth.username) {
                updateData.username = username;
            }
            if (clientid !== undefined && clientid !== existingClientAuth.clientid) {
                updateData.clientid = clientid;
            }
            if (password !== undefined) {
                const shouldUseSalt = use_salt !== undefined ? Boolean(use_salt) : existingClientAuth.use_salt;
                const salt = shouldUseSalt ? clientAuth_1.ClientAuthModel.generateSalt() : '';
                const passwordHash = clientAuth_1.ClientAuthModel.generatePasswordHash(password, salt, shouldUseSalt);
                updateData.password_hash = passwordHash;
                updateData.salt = salt;
            }
            if (device_type !== undefined) {
                updateData.device_type = device_type;
            }
            if (description !== undefined) {
                updateData.description = description;
            }
            if (status !== undefined) {
                updateData.status = status;
            }
            if (is_superuser !== undefined) {
                updateData.is_superuser = is_superuser;
            }
            if (use_salt !== undefined) {
                updateData.use_salt = Boolean(use_salt);
                if (password === undefined) {
                    const shouldUseSalt = Boolean(use_salt);
                    const salt = shouldUseSalt ? clientAuth_1.ClientAuthModel.generateSalt() : '';
                    updateData.salt = salt;
                }
            }
            if (auth_method !== undefined) {
                updateData.auth_method = auth_method;
            }
            if (auth_expiry !== undefined) {
                updateData.auth_expiry = auth_expiry ? new Date(auth_expiry) : null;
            }
            if (allowed_ip_ranges !== undefined) {
                updateData.allowed_ip_ranges = allowed_ip_ranges ? JSON.stringify(allowed_ip_ranges) : null;
            }
            if (allowed_time_ranges !== undefined) {
                updateData.allowed_time_ranges = allowed_time_ranges ? JSON.stringify(allowed_time_ranges) : null;
            }
            if (auth_policy_id !== undefined) {
                updateData.auth_policy_id = auth_policy_id;
            }
            const updatedClientAuth = await clientAuth_1.ClientAuthModel.update(Number(id), updateData);
            if (!updatedClientAuth) {
                res.status(500).json({
                    success: false,
                    message: '更新客户端认证信息失败'
                });
                return;
            }
            await clientAuth_1.ClientAuthModel.logAuthEvent(updatedClientAuth.clientid, updatedClientAuth.username, 'connect', 'success', 'Client authentication updated', req.ip, undefined, updatedClientAuth.auth_method, updatedClientAuth.auth_policy_id || undefined);
            res.status(200).json({
                success: true,
                data: updatedClientAuth,
                message: '客户端认证信息更新成功'
            });
        }
        catch (error) {
            console.error('更新客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '更新客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async deleteClientAuth(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            if (!id || isNaN(Number(id))) {
                res.status(400).json({
                    success: false,
                    message: '无效的ID'
                });
                return;
            }
            const existingClientAuth = await clientAuth_1.ClientAuthModel.getById(Number(id));
            if (!existingClientAuth) {
                res.status(404).json({
                    success: false,
                    message: '客户端认证信息不存在'
                });
                return;
            }
            await clientAuth_1.ClientAuthModel.delete(Number(id));
            await clientAuth_1.ClientAuthModel.logAuthEvent(existingClientAuth.clientid, existingClientAuth.username, 'connect', 'success', 'Client authentication deleted', req.ip);
            res.status(200).json({
                success: true,
                message: '客户端认证信息删除成功'
            });
        }
        catch (error) {
            console.error('删除客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '删除客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async verifyClientAuth(req, res) {
        try {
            const { username, clientid, password } = req.body;
            if (!username || !clientid || !password) {
                res.status(400).json({
                    success: false,
                    message: '用户名、客户端ID和密码不能为空'
                });
                return;
            }
            const startTime = Date.now();
            const isValid = await clientAuth_1.ClientAuthModel.verifyClient(username, clientid, password);
            const executionTime = Date.now() - startTime;
            await clientAuth_1.ClientAuthModel.logAuthEvent(clientid, username, 'connect', isValid ? 'success' : 'failure', isValid ? undefined : 'Invalid credentials', req.ip, undefined, 'password', undefined, executionTime);
            if (isValid) {
                res.status(200).json({
                    success: true,
                    message: '客户端认证信息验证成功'
                });
            }
            else {
                res.status(401).json({
                    success: false,
                    message: '客户端认证信息验证失败'
                });
            }
        }
        catch (error) {
            console.error('验证客户端认证信息失败:', error);
            res.status(500).json({
                success: false,
                message: '验证客户端认证信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async mqttPasswordAuth(req, res) {
        try {
            const { username, clientid, password } = req.body;
            if (!username || !password) {
                res.status(200).json({
                    result: false,
                    reason: '用户名和密码不能为空'
                });
                return;
            }
            const clientAuth = await clientAuth_1.ClientAuthModel.getByUsername(username);
            if (!clientAuth) {
                res.status(200).json({
                    result: false,
                    reason: '用户不存在'
                });
                return;
            }
            if (clientAuth.status !== 'enabled') {
                res.status(200).json({
                    result: false,
                    reason: '用户已被禁用'
                });
                return;
            }
            const useSalt = clientAuth.use_salt !== undefined ? clientAuth.use_salt : true;
            const isValidPassword = clientAuth_1.ClientAuthModel.verifyPassword(password, clientAuth.salt, clientAuth.password_hash, useSalt);
            if (!isValidPassword) {
                res.status(200).json({
                    result: false,
                    reason: '密码无效'
                });
                return;
            }
            await clientAuth_1.ClientAuthModel.logAuthEvent(clientAuth.clientid, username, 'connect', 'success', '常规密码认证成功', req.ip);
            res.status(200).json({
                result: true,
                is_superuser: clientAuth.is_superuser === true,
                acl: []
            });
        }
        catch (error) {
            console.error('MQTT密码认证失败:', error);
            res.status(200).json({
                result: false,
                reason: '认证服务内部错误'
            });
        }
    }
    static async getClientAuthStats(req, res) {
        try {
            const statusStats = await clientAuth_1.ClientAuthModel.getStatusStats();
            const deviceTypeStats = await clientAuth_1.ClientAuthModel.getDeviceTypeStats();
            res.status(200).json({
                success: true,
                data: {
                    status: statusStats,
                    deviceType: deviceTypeStats
                },
                message: '获取客户端认证统计信息成功'
            });
        }
        catch (error) {
            console.error('获取客户端认证统计信息失败:', error);
            res.status(500).json({
                success: false,
                message: '获取客户端认证统计信息失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getAuthMethods(req, res) {
        try {
            const methods = await clientAuth_1.ClientAuthModel.getAuthMethods();
            res.status(200).json({
                success: true,
                data: methods
            });
        }
        catch (error) {
            console.error('获取认证方法失败:', error);
            res.status(500).json({
                success: false,
                message: '获取认证方法失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getAuthMethodById(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const method = await clientAuth_1.ClientAuthModel.getAuthMethodById(parseInt(id));
            if (!method) {
                res.status(404).json({
                    success: false,
                    message: '认证方法不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                data: method
            });
        }
        catch (error) {
            console.error('获取认证方法失败:', error);
            res.status(500).json({
                success: false,
                message: '获取认证方法失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async createAuthMethod(req, res) {
        try {
            const { method_name, method_type, config, is_active } = req.body;
            if (!method_name || !method_type || !config) {
                res.status(400).json({
                    success: false,
                    message: '方法名称、类型和配置为必填项'
                });
                return;
            }
            const existingMethod = await clientAuth_1.ClientAuthModel.getAuthMethodByName(method_name);
            if (existingMethod) {
                res.status(400).json({
                    success: false,
                    message: '认证方法名称已存在'
                });
                return;
            }
            const authMethodData = {
                method_name,
                method_type,
                config: JSON.stringify(config),
                is_active: is_active !== undefined ? is_active : true
            };
            const newMethod = await clientAuth_1.ClientAuthModel.createAuthMethod(authMethodData);
            res.status(201).json({
                success: true,
                message: '认证方法创建成功',
                data: newMethod
            });
        }
        catch (error) {
            console.error('创建认证方法失败:', error);
            res.status(500).json({
                success: false,
                message: '创建认证方法失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async updateAuthMethod(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const updateData = req.body;
            if (updateData.config) {
                updateData.config = JSON.stringify(updateData.config);
            }
            const updatedMethod = await clientAuth_1.ClientAuthModel.updateAuthMethod(parseInt(id), updateData);
            if (!updatedMethod) {
                res.status(404).json({
                    success: false,
                    message: '认证方法不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '认证方法更新成功',
                data: updatedMethod
            });
        }
        catch (error) {
            console.error('更新认证方法失败:', error);
            res.status(500).json({
                success: false,
                message: '更新认证方法失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async deleteAuthMethod(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const success = await clientAuth_1.ClientAuthModel.deleteAuthMethod(parseInt(id));
            if (!success) {
                res.status(404).json({
                    success: false,
                    message: '认证方法不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '认证方法删除成功'
            });
        }
        catch (error) {
            console.error('删除认证方法失败:', error);
            res.status(500).json({
                success: false,
                message: '删除认证方法失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getAuthPolicies(req, res) {
        try {
            const policies = await clientAuth_1.ClientAuthModel.getAuthPolicies();
            res.status(200).json({
                success: true,
                data: policies
            });
        }
        catch (error) {
            console.error('获取认证策略失败:', error);
            res.status(500).json({
                success: false,
                message: '获取认证策略失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getAuthPolicyById(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const policy = await clientAuth_1.ClientAuthModel.getAuthPolicyById(parseInt(id));
            if (!policy) {
                res.status(404).json({
                    success: false,
                    message: '认证策略不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                data: policy
            });
        }
        catch (error) {
            console.error('获取认证策略失败:', error);
            res.status(500).json({
                success: false,
                message: '获取认证策略失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async createAuthPolicy(req, res) {
        try {
            const { policy_name, priority, conditions, actions, is_active, description } = req.body;
            if (!policy_name || priority === undefined || !conditions || !actions) {
                res.status(400).json({
                    success: false,
                    message: '策略名称、优先级、条件和操作为必填项'
                });
                return;
            }
            const authPolicyData = {
                policy_name,
                priority,
                conditions: JSON.stringify(conditions),
                actions: JSON.stringify(actions),
                is_active: is_active !== undefined ? is_active : true,
                description
            };
            const newPolicy = await clientAuth_1.ClientAuthModel.createAuthPolicy(authPolicyData);
            res.status(201).json({
                success: true,
                message: '认证策略创建成功',
                data: newPolicy
            });
        }
        catch (error) {
            console.error('创建认证策略失败:', error);
            res.status(500).json({
                success: false,
                message: '创建认证策略失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async updateAuthPolicy(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const updateData = req.body;
            if (updateData.conditions) {
                updateData.conditions = JSON.stringify(updateData.conditions);
            }
            if (updateData.actions) {
                updateData.actions = JSON.stringify(updateData.actions);
            }
            const updatedPolicy = await clientAuth_1.ClientAuthModel.updateAuthPolicy(parseInt(id), updateData);
            if (!updatedPolicy) {
                res.status(404).json({
                    success: false,
                    message: '认证策略不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '认证策略更新成功',
                data: updatedPolicy
            });
        }
        catch (error) {
            console.error('更新认证策略失败:', error);
            res.status(500).json({
                success: false,
                message: '更新认证策略失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async deleteAuthPolicy(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const success = await clientAuth_1.ClientAuthModel.deleteAuthPolicy(parseInt(id));
            if (!success) {
                res.status(404).json({
                    success: false,
                    message: '认证策略不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '认证策略删除成功'
            });
        }
        catch (error) {
            console.error('删除认证策略失败:', error);
            res.status(500).json({
                success: false,
                message: '删除认证策略失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getClientTokens(req, res) {
        try {
            const clientid = (0, helpers_1.toString)(req.params.clientid);
            if (!clientid) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID为必填项'
                });
                return;
            }
            const tokens = await clientAuth_1.ClientAuthModel.getClientTokens(clientid);
            res.status(200).json({
                success: true,
                data: tokens
            });
        }
        catch (error) {
            console.error('获取客户端令牌失败:', error);
            res.status(500).json({
                success: false,
                message: '获取客户端令牌失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async createClientToken(req, res) {
        try {
            const { clientid, token_type, token_value, expires_at } = req.body;
            if (!clientid || !token_type || !token_value || !expires_at) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID、令牌类型、令牌值和过期时间为必填项'
                });
                return;
            }
            const clientTokenData = {
                clientid,
                token_type,
                token_value,
                expires_at: new Date(expires_at),
                status: 'active'
            };
            const newToken = await clientAuth_1.ClientAuthModel.createClientToken(clientTokenData);
            await clientAuth_1.ClientAuthModel.logAuthEvent(clientid, '', 'connect', 'success', 'Client token created', req.ip, undefined, token_type, undefined);
            res.status(201).json({
                success: true,
                message: '客户端令牌创建成功',
                data: newToken
            });
        }
        catch (error) {
            console.error('创建客户端令牌失败:', error);
            res.status(500).json({
                success: false,
                message: '创建客户端令牌失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async updateClientToken(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const updateData = req.body;
            if (updateData.expires_at) {
                updateData.expires_at = new Date(updateData.expires_at);
            }
            const updatedToken = await clientAuth_1.ClientAuthModel.updateClientToken(parseInt(id), updateData);
            if (!updatedToken) {
                res.status(404).json({
                    success: false,
                    message: '客户端令牌不存在'
                });
                return;
            }
            await clientAuth_1.ClientAuthModel.logAuthEvent(updatedToken.clientid, '', 'connect', 'success', 'Client token updated', req.ip, undefined, updatedToken.token_type, undefined);
            res.status(200).json({
                success: true,
                message: '客户端令牌更新成功',
                data: updatedToken
            });
        }
        catch (error) {
            console.error('更新客户端令牌失败:', error);
            res.status(500).json({
                success: false,
                message: '更新客户端令牌失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async deleteClientToken(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const tokens = await clientAuth_1.ClientAuthModel.getClientTokens('');
            const token = tokens.find(t => t.id === parseInt(id));
            if (!token) {
                res.status(404).json({
                    success: false,
                    message: '客户端令牌不存在'
                });
                return;
            }
            const success = await clientAuth_1.ClientAuthModel.deleteClientToken(parseInt(id));
            if (!success) {
                res.status(404).json({
                    success: false,
                    message: '客户端令牌不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '客户端令牌删除成功'
            });
        }
        catch (error) {
            console.error('删除客户端令牌失败:', error);
            res.status(500).json({
                success: false,
                message: '删除客户端令牌失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async getClientCertificates(req, res) {
        try {
            const clientid = (0, helpers_1.toString)(req.params.clientid);
            if (!clientid) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID为必填项'
                });
                return;
            }
            const certificates = await clientAuth_1.ClientAuthModel.getClientCertificates(clientid);
            res.status(200).json({
                success: true,
                data: certificates
            });
        }
        catch (error) {
            console.error('获取客户端证书失败:', error);
            res.status(500).json({
                success: false,
                message: '获取客户端证书失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async createClientCertificate(req, res) {
        try {
            const { clientid, certificate_pem, fingerprint, expires_at } = req.body;
            if (!clientid || !certificate_pem || !fingerprint || !expires_at) {
                res.status(400).json({
                    success: false,
                    message: '客户端ID、证书PEM、指纹和过期时间为必填项'
                });
                return;
            }
            const clientCertificateData = {
                clientid,
                certificate_pem,
                fingerprint,
                expires_at: new Date(expires_at),
                status: 'active'
            };
            const newCertificate = await clientAuth_1.ClientAuthModel.createClientCertificate(clientCertificateData);
            await clientAuth_1.ClientAuthModel.logAuthEvent(clientid, '', 'connect', 'success', 'Client certificate created', req.ip, undefined, 'certificate', undefined);
            res.status(201).json({
                success: true,
                message: '客户端证书创建成功',
                data: newCertificate
            });
        }
        catch (error) {
            console.error('创建客户端证书失败:', error);
            res.status(500).json({
                success: false,
                message: '创建客户端证书失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async updateClientCertificate(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const updateData = req.body;
            if (updateData.expires_at) {
                updateData.expires_at = new Date(updateData.expires_at);
            }
            const updatedCertificate = await clientAuth_1.ClientAuthModel.updateClientCertificate(parseInt(id), updateData);
            if (!updatedCertificate) {
                res.status(404).json({
                    success: false,
                    message: '客户端证书不存在'
                });
                return;
            }
            await clientAuth_1.ClientAuthModel.logAuthEvent(updatedCertificate.clientid, '', 'connect', 'success', 'Client certificate updated', req.ip, undefined, 'certificate', undefined);
            res.status(200).json({
                success: true,
                message: '客户端证书更新成功',
                data: updatedCertificate
            });
        }
        catch (error) {
            console.error('更新客户端证书失败:', error);
            res.status(500).json({
                success: false,
                message: '更新客户端证书失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
    static async deleteClientCertificate(req, res) {
        try {
            const id = (0, helpers_1.toString)(req.params.id);
            const certificates = await clientAuth_1.ClientAuthModel.getClientCertificates('');
            const certificate = certificates.find(c => c.id === parseInt(id));
            if (!certificate) {
                res.status(404).json({
                    success: false,
                    message: '客户端证书不存在'
                });
                return;
            }
            const success = await clientAuth_1.ClientAuthModel.deleteClientCertificate(parseInt(id));
            if (!success) {
                res.status(404).json({
                    success: false,
                    message: '客户端证书不存在'
                });
                return;
            }
            res.status(200).json({
                success: true,
                message: '客户端证书删除成功'
            });
        }
        catch (error) {
            console.error('删除客户端证书失败:', error);
            res.status(500).json({
                success: false,
                message: '删除客户端证书失败',
                error: error instanceof Error ? error.message : '未知错误'
            });
        }
    }
}
exports.ClientAuthController = ClientAuthController;
//# sourceMappingURL=clientAuthController.js.map