chore: 將令牌檢測函數移動到 TokenManager

* 這樣才叫 TokenManager 嘛X

server/api/BaseApi.ts

@@ -3,6 +3,7 @@ import ApiManager from "./ApiManager.ts"
 import { CallMethod, ClientEvent } from './ApiDeclare.ts'
 import User from "../data/User.ts"
 import Token from "./Token.ts"
+import TokenManager from './TokenManager.ts'
 import * as SocketIo from "socket.io"
 
 export default abstract class BaseApi {
@@ -24,12 +25,7 @@ export default abstract class BaseApi {
         return false
     }
     checkToken(token: Token, deviceId: string) {
-        if (token.expired_time < Date.now()) return false
+        return TokenManager.checkToken(token, deviceId)
-        if (!token.author || !User.findById(token.author)) return false
-        if (deviceId != null)
-            if (token.device_id != deviceId)
-                return false
-        return true
     }
     registerEvent(name: CallMethod, func: EventCallbackFunction) {
         if (!name.startsWith(this.getName() + ".")) throw Error("注冊的事件應該與接口集合命名空間相匹配: " + name)

server/api/TokenManager.ts

@@ -22,7 +22,6 @@ export default class TokenManager {
         ).toString('hex')
     }
     static decode(token: string) {
-        if (token == null) throw new Error('令牌為空!')
         try {
             return JSON.parse(crypto.createDecipheriv("aes-256-gcm", normalizeKey(config.aes_key), '01234567890123456').update(
                 Buffer.from(token, 'hex')
@@ -55,4 +54,15 @@ export default class TokenManager {
 
         return this.makeAuth(user) == tk.auth
     }
+    /**
+     * 嚴格檢驗令牌: 時間, 用戶, (設備 ID)
+     */
+    static checkToken(token: Token, deviceId?: string) {
+        if (token.expired_time < Date.now()) return false
+        if (!token.author || !User.findById(token.author)) return false
+        if (deviceId != null)
+            if (token.device_id != deviceId)
+                return false
+        return true
+    }
 }