登录页面与组件样式调整

src/actions/auth/verify.ts

@@ -0,0 +1,69 @@
+'use server'
+// 验证验证码函数
+import {cookies} from 'next/headers'
+import crypto from 'crypto'
+import {ApiResponse, call} from '@/lib/api'
+
+
+export interface VerifyParams {
+  phone: string;
+  captcha: string; // 添加验证码字段
+}
+
+export default async function verify(props: VerifyParams): Promise<ApiResponse> {
+  try {
+    // 人机验证
+    if (!props.captcha?.length) {
+      return {
+        success: false,
+        status: 400,
+        message: '请输入验证码',
+      }
+    }
+    const valid = await verifyCaptcha(props.captcha)
+    if (!valid) {
+      return {
+        success: false,
+        status: 400,
+        message: '验证码错误或已过期',
+      }
+    }
+
+    // 请求发送短信
+    return await call('/api/auth/verify/sms', {
+      phone: props.phone,
+      purpose: 0,
+    })
+  }
+  catch (error) {
+    throw new Error('验证码验证失败', {cause: error})
+  }
+}
+
+async function verifyCaptcha(userInput: string): Promise<boolean> {
+  const cookieStore = await cookies()
+  const hash = cookieStore.get('captcha_hash')?.value
+  const salt = cookieStore.get('captcha_salt')?.value
+
+  // 如果没有找到验证码cookie，验证失败
+  if (!hash || !salt) {
+    return false
+  }
+
+  // 使用相同的方法哈希用户输入的验证码
+  const userInputHash = crypto
+    .createHmac('sha256', salt)
+    .update(userInput.toLowerCase())
+    .digest('hex')
+
+  // 比较哈希值
+  const isValid = hash === userInputHash
+
+  // 验证后删除验证码cookie，防止重复使用
+  if (isValid) {
+    cookieStore.delete('captcha_hash')
+    cookieStore.delete('captcha_salt')
+  }
+
+  return isValid
+}