Integrate role asset studio into custom world agent flow

server-node/src/auth/authService.ts

@@ -61,6 +61,15 @@ function validateCredentials(username: string, password: string) {
   }
 }
 
+function isUniqueViolationError(error: unknown) {
+  return (
+    typeof error === 'object' &&
+    error !== null &&
+    'code' in error &&
+    (error as { code?: unknown }).code === '23505'
+  );
+}
+
 function buildMaskedPhoneDisplay(phoneNumber: string) {
   const normalizedPhone = normalizeMainlandChinaPhoneNumber(phoneNumber);
   return normalizedPhone.maskedNationalNumber;
@@ -935,13 +944,21 @@ export async function entryWithPassword(
   validateCredentials(username, password);
 
   let user = await context.userRepository.findByUsername(username);
+  let shouldVerifyExistingPassword = Boolean(user);
   if (!user) {
     const passwordHash = await hashPassword(password);
-    user = await context.userRepository.create(username, passwordHash);
-  } else {
-    const isValid = await verifyPassword(user.passwordHash, password);
-    if (!isValid) {
-      throw unauthorized('用户名或密码错误');
+    try {
+      user = await context.userRepository.create(username, passwordHash);
+      shouldVerifyExistingPassword = false;
+    } catch (error) {
+      if (!isUniqueViolationError(error)) {
+        throw error;
+      }
+      user = await context.userRepository.findByUsername(username);
+      shouldVerifyExistingPassword = true;
+      if (!user) {
+        throw error;
+      }
     }
   }
 
@@ -949,6 +966,13 @@ export async function entryWithPassword(
     throw new Error('failed to resolve user after auth entry');
   }
 
+  if (shouldVerifyExistingPassword) {
+    const isValid = await verifyPassword(user.passwordHash, password);
+    if (!isValid) {
+      throw unauthorized('用户名或密码错误');
+    }
+  }
+
   await writeAuthAuditLog(context, {
     userId: user.id,
     eventType: 'password_login',