export const SESSION_COOKIE = "zhimingge_session"; export const SESSION_MAX_AGE_SEC = 60 * 60 * 24 * 7; export function isAuthEnabled(): boolean { return !!( process.env.AUTH_USERNAME?.trim() && process.env.AUTH_PASSWORD?.trim() && process.env.AUTH_SESSION_SECRET?.trim() ); } export function getAuthUsername(): string { const username = process.env.AUTH_USERNAME?.trim(); if (!username) { throw new Error("未配置 AUTH_USERNAME"); } return username; } export function getAuthPassword(): string { const password = process.env.AUTH_PASSWORD?.trim(); if (!password) { throw new Error("未配置 AUTH_PASSWORD"); } return password; } export function getAuthSessionSecret(): string { const secret = process.env.AUTH_SESSION_SECRET?.trim(); if (!secret) { throw new Error("未配置 AUTH_SESSION_SECRET"); } return secret; } export function verifyCredentials(username: string, password: string): boolean { if (!isAuthEnabled()) { return true; } return username === getAuthUsername() && password === getAuthPassword(); }