使用TypeScript构建功能完整的待办事项MCP服务器

本教程详细讲解如何使用TypeScript构建具备身份验证、数据库持久化和计费系统的MCP服务器,涵盖从项目搭建到部署的全流程。

如何使用TypeScript构建待办事项MCP服务器 - 包含身份验证、数据库和计费功能

在本教程中,您将使用TypeScript构建一个待办事项MCP服务器。您将学习如何实现身份验证、数据持久化和计费功能,使服务器对真实用户来说更加健壮和实用。

最终,您将拥有一个正常工作的MCP服务器,能够:

  • 使用Kinde进行用户身份验证
  • 将待办数据存储在Neon Postgres数据库中
  • 强制执行计费限制并支持升级
  • 在Cursor内部将这些功能作为MCP工具公开

项目概述

为什么需要超越基础MCP服务器

真实的应用程序需要:

  • 身份验证,使每个用户拥有自己的数据和权限
  • 持久化,将数据存储在可靠的数据库中
  • 计费,以便强制执行限制并实现使用货币化

没有这些功能,MCP服务器只是一个演示。

技术栈

  • 后端: TypeScript, Express
  • 数据库: Neon PostgreSQL
  • 身份验证: Kinde
  • MCP协议: @modelcontextprotocol/sdk
  • 会话管理: express-session

项目设置

初始化项目 

1
2
3

mkdir todo-mcp-server
cd todo-mcp-server
npm init -y

安装依赖 

1
2

npm install @modelcontextprotocol/sdk @neondatabase/serverless @kinde-oss/kinde-typescript-sdk express jsonwebtoken jwks-client express-session
npm install -D typescript @types/node @types/express @types/express-session tsx

环境配置

创建.env文件:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

# Database
DATABASE_URL=postgresql://user:pass@host:port/db

# Kinde Authentication

KINDE_CLIENT_ID=your_client_id
KINDE_CLIENT_SECRET=your_client_secret

# Security
JWT_SECRET=your_secret_key

# Environment
NODE_ENV=development

数据库设置

数据库架构设计

创建src/setup-db.ts文件来设置数据库表结构:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

import { neon } from '@neondatabase/serverless';
import dotenv from 'dotenv';

dotenv.config();

const sql = neon(process.env.DATABASE_URL!);

async function setupDatabase() {
  console.log('Setting up database schema...');
  try {
    // 创建待办事项表
    await sql`
      CREATE TABLE IF NOT EXISTS todos (
        id SERIAL PRIMARY KEY,
        user_id TEXT NOT NULL,
        title TEXT NOT NULL,
        description TEXT,
        completed BOOLEAN DEFAULT FALSE,
        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
      )
    `;

    // 创建用户表
    await sql`
      CREATE TABLE IF NOT EXISTS users (
        id SERIAL PRIMARY KEY,
        user_id TEXT UNIQUE NOT NULL,
        name TEXT,
        email TEXT,
        subscription_status TEXT DEFAULT 'free' CHECK (subscription_status IN ('free', 'active', 'cancelled')),
        plan TEXT DEFAULT 'free',
        free_todos_used INTEGER DEFAULT 0,
        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
      )
    `;

    // 创建性能索引
    await sql`CREATE INDEX IF NOT EXISTS idx_todos_user_id ON todos(user_id)`;
    await sql`CREATE INDEX IF NOT EXISTS idx_todos_created_at ON todos(created_at)`;
    await sql`CREATE INDEX IF NOT EXISTS idx_users_user_id ON users(user_id)`;

    console.log('✅ Database schema created successfully!');
  } catch (error) {
    console.error('❌ Error setting up database:', error);
    process.exit(1);
  }
}

setupDatabase();

身份验证系统

Kinde配置

创建src/kinde-auth-server.ts文件处理身份验证:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157

import express from 'express';
import session from 'express-session';
import { createKindeServerClient, GrantType, SessionManager } from '@kinde-oss/kinde-typescript-sdk';
import jwt from 'jsonwebtoken';
import dotenv from 'dotenv';
import { neon } from '@neondatabase/serverless';

dotenv.config();
const app = express();
const sql = neon(process.env.DATABASE_URL!);

// 扩展会话类型
declare module 'express-session' {
  interface SessionData {
    accessToken?: string;
    idToken?: string;
    userInfo?: any;
    userName?: string;
    userEmail?: string;
  }
}

// 会话配置
app.use(session({
  secret: process.env.JWT_SECRET || 'your_jwt_secret_key',
  resave: true,
  saveUninitialized: true,
  cookie: { 
    secure: false,
    maxAge: 7 * 24 * 60 * 60 * 1000, // 7天
    httpOnly: true,
    sameSite: 'lax'
  }
}));

// 创建会话管理器
const createSessionManager = (req: any): SessionManager => ({
  getSessionItem: async (key: string) => req.session?.[key],
  setSessionItem: async (key: string, value: any) => {
    if (!req.session) req.session = {};
    req.session[key] = value;
  },
  removeSessionItem: async (key: string) => {
    if (req.session) delete req.session[key];
  },
  destroySession: async () => {
    req.session = {};
  }
});

// 创建Kinde客户端
const kindeClient = createKindeServerClient(GrantType.AUTHORIZATION_CODE, {

  clientId: process.env.KINDE_CLIENT_ID!,
  clientSecret: process.env.KINDE_CLIENT_SECRET!,
  redirectURL: 'http://localhost:3000/callback',
  logoutRedirectURL: 'http://localhost:3000',
});

// 路由定义
app.get('/', (req, res) => {
  const token = req.session?.accessToken;
  const userInfo = req.session?.userInfo;

  if (token) {
    res.send(`Logged in as ${req.session.userName}`);
  } else {
    res.send('<a href="/login">Login with Kinde</a>');
  }
});

app.get('/login', async (req, res) => {
  try {
    const sessionManager = createSessionManager(req);
    const loginUrl = await kindeClient.login(sessionManager);
    res.redirect(loginUrl.toString());
  } catch (error) {
    console.error('Login error:', error);
    res.status(500).send('Login failed');
  }
});

app.get('/callback', async (req, res) => {
  try {
    // 处理OAuth回调
    const fullUrl = `http://${req.headers.host}${req.url}`;
    const url = new URL(fullUrl);
    const code = url.searchParams.get('code');

    // 交换令牌

      method: 'POST',
      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
      body: new URLSearchParams({
        grant_type: 'authorization_code',
        client_id: process.env.KINDE_CLIENT_ID!,
        client_secret: process.env.KINDE_CLIENT_SECRET!,
        code: code!,
        redirect_uri: 'http://localhost:3000/callback',
      }),
    });

    const tokenData = await tokenResponse.json();
    
    // 存储令牌到会话
    req.session.accessToken = tokenData.access_token;
    req.session.idToken = tokenData.id_token;
    req.session.userInfo = tokenData;

    // 解码JWT并存储用户信息
    const user = JSON.parse(Buffer.from(tokenData.id_token.split('.')[1], 'base64').toString());
    const userId = user.sub;
    const userName = user.given_name || user.name || 'User';
    const userEmail = user.email || 'user@example.com';

    req.session.userName = userName;
    req.session.userEmail = userEmail;

    // 在数据库中创建或更新用户
    const existingUser = await sql`SELECT * FROM users WHERE user_id = ${userId}`;
    if (existingUser.length === 0) {
      await sql`
        INSERT INTO users (user_id, name, email, subscription_status, plan, free_todos_used)
        VALUES (${userId}, ${userName}, ${userEmail}, 'free', 'free', 0)
      `;
    } else {
      await sql`
        UPDATE users 
        SET name = ${userName}, email = ${userEmail}
        WHERE user_id = ${userId}
      `;
    }

    res.redirect('/');
  } catch (error) {
    console.error('Callback error:', error);
    res.status(500).send('Authentication failed');
  }
});

app.get('/logout', async (req, res) => {
  try {
    req.session.destroy((err) => {
      if (err) {
        console.log('Session destroy error:', err);
      }
      res.redirect('/');
    });
  } catch (error) {
    console.error('Logout error:', error);
    res.status(500).send('Logout failed');
  }
});

app.listen(3000, () => {
  console.log('Auth server running on http://localhost:3000');
});

MCP服务器实现

核心服务器结构

创建src/server.ts文件:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601

import { Server } from '@modelcontextprotocol/sdk/server/index.js';
import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
import { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';
import { neon } from '@neondatabase/serverless';
import jwt from 'jsonwebtoken';
import fs from 'fs';
import path from 'path';

const sql = neon(process.env.DATABASE_URL!);
const TOKEN_FILE = '.auth-token';

// 令牌管理函数
function getStoredToken(): string | null {
  try {
    if (fs.existsSync(TOKEN_FILE)) {
      return fs.readFileSync(TOKEN_FILE, 'utf8').trim();
    }
  } catch (error) {
    console.error('Error reading token file:', error);
  }
  return null;
}

function storeToken(token: string): void {
  try {
    fs.writeFileSync(TOKEN_FILE, token);
  } catch (error) {
    console.error('Error storing token:', error);
  }
}

function decodeJWT(token: string): any {
  try {
    return jwt.decode(token);
  } catch (error) {
    console.error('Error decoding JWT:', error);
    return null;
  }
}

// 计费状态检查
async function getKindeBillingStatus(userId: string, accessToken: string): Promise<{ plan: string; features: any; canCreate: boolean; reason?: string }> {
  try {
    const decoded = jwt.decode(accessToken) as any;
    const subscription = await sql`SELECT * FROM users WHERE user_id = ${userId}`;

    if (subscription.length === 0) {
      await sql`
        INSERT INTO users (user_id, name, email, subscription_status, plan, free_todos_used)
        VALUES (${userId}, ${decoded.given_name || decoded.name || 'User'}, ${decoded.email || 'user@example.com'}, 'free', 'free', 0)
      `;
    }

    const freeTodosUsed = subscription.length > 0 ? subscription[0].free_todos_used : 0;

    if (freeTodosUsed < 1) {
      return {
        plan: 'free',
        features: { maxTodos: 1, used: freeTodosUsed },
        canCreate: true,
        reason: `Free tier - ${1 - freeTodosUsed} todo remaining`
      };
    }

    return {
      plan: 'free',
      features: { maxTodos: 1, used: freeTodosUsed },
      canCreate: false,
      reason: 'You have used your free todo. Please upgrade your plan.'
    };
  } catch (error) {
    console.error('Error checking Kinde billing:', error);
    return {
      plan: 'free',
      features: { maxTodos: 1 },
      canCreate: false,
      reason: 'Error checking billing status'
    };
  }
}

async function canCreateTodo(userId: string, accessToken: string): Promise<boolean> {
  const billingStatus = await getKindeBillingStatus(userId, accessToken);
  return billingStatus.canCreate;
}

// 初始化MCP服务器
const server = new Server(
  {
    name: 'todo-mcp-server',
    version: '1.0.0',
  },
  {
    capabilities: {
      tools: {},
    },
  }
);

// 注册工具
server.setRequestHandler(ListToolsRequestSchema, async () => {
  return {
    tools: [
      {
        name: 'login',
        description: 'Get authentication URL for Kinde login',
        inputSchema: {
          type: 'object',
          properties: {},
        },
      },
      {
        name: 'save_token',
        description: 'Save authentication token for future requests',
        inputSchema: {
          type: 'object',
          properties: {
            token: {
              type: 'string',
              description: 'JWT token from Kinde authentication',
            },
          },
          required: ['token'],
        },
      },
      {
        name: 'list_todos',
        description: 'List all todos for the authenticated user',
        inputSchema: {
          type: 'object',
          properties: {},
        },
      },
      {
        name: 'create_todo',
        description: 'Create a new todo item',
        inputSchema: {
          type: 'object',
          properties: {
            title: {
              type: 'string',
              description: 'Title of the todo',
            },
            description: {
              type: 'string',
              description: 'Description of the todo',
            },
            completed: {
              type: 'boolean',
              description: 'Whether the todo is completed',
            },
          },
          required: ['title'],
        },
      },
      {
        name: 'update_todo',
        description: 'Update an existing todo item',
        inputSchema: {
          type: 'object',
          properties: {
            todoId: {
              type: 'number',
              description: 'ID of the todo to update',
            },
            title: {
              type: 'string',
              description: 'New title of the todo',
            },
            description: {
              type: 'string',
              description: 'New description of the todo',
            },
            completed: {
              type: 'boolean',
              description: 'New completion status',
            },
          },
          required: ['todoId'],
        },
      },
      {
        name: 'delete_todo',
        description: 'Delete a todo item',
        inputSchema: {
          type: 'object',
          properties: {
            todoId: {
              type: 'number',
              description: 'ID of the todo to delete',
            },
          },
          required: ['todoId'],
        },
      },
      {
        name: 'refresh_billing_status',
        description: 'Refresh and check current billing status',
        inputSchema: {
          type: 'object',
          properties: {},
        },
      },
      {
        name: 'logout',
        description: 'Clear authentication token and logout',
        inputSchema: {
          type: 'object',
          properties: {},
        },
      },
    ],
  };
});

// 工具处理器
server.setRequestHandler(CallToolRequestSchema, async (request) => {
  const { name, arguments: args } = request.params;

  switch (name) {
    case 'login': {
      return {
        content: [
          {
            type: 'text',
            text: `🔐 **Authentication Required**

To use this MCP server, you need to authenticate with Kinde:

1. **Open your browser** and go to: http://localhost:3000
2. **Click "Login with Kinde"** to authenticate
3. **Copy your ID Token** from the page
4. **Use the save_token tool** to store it

After authentication, you can use commands like:
- \`list todos\` - List your todos
- \`create todo\` - Create a new todo
- \`refresh billing status\` - Check your plan status`,
          },
        ],
      };
    }

    case 'save_token': {
      const { token } = args as { token: string };
      storeToken(token);
      return {
        content: [
          {
            type: 'text',
            text: '✅ Token saved successfully! You can now use commands like "list todos" and "create todo" without providing the token each time.',
          },
        ],
      };
    }

    case 'list_todos': {
      const token = getStoredToken();
      if (!token) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ No authentication token found. Please login first.',
            },
          ],
        };
      }

      const decoded = decodeJWT(token);
      if (!decoded || !decoded.sub) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Invalid token. Please login again.',
            },
          ],
        };
      }

      const todos = await sql`
        SELECT * FROM todos 
        WHERE user_id = ${decoded.sub} 
        ORDER BY created_at DESC
      `;

      if (todos.length === 0) {
        return {
          content: [
            {
              type: 'text',
              text: '📝 No todos found. Create your first todo using "create todo"!',
            },
          ],
        };
      }

      const todosList = todos.map((todo: any) => 
        `**${todo.id}.** ${todo.title}${todo.description ? ` - ${todo.description}` : ''} ${todo.completed ? '✅' : '⏳'}`
      ).join('\n');

      return {
        content: [
          {
            type: 'text',
            text: `📝 **Your Todos (${todos.length}):**\n\n${todosList}`,
          },
        ],
      };
    }

    case 'create_todo': {
      const token = getStoredToken();
      if (!token) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ No authentication token found. Please login first.',
            },
          ],
        };
      }

      const decoded = decodeJWT(token);
      if (!decoded || !decoded.sub) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Invalid token. Please login again.',
            },
          ],
        };
      }

      const { title, description, completed } = args as { 
        title: string; 
        description?: string; 
        completed?: boolean; 
      };

      // 检查计费状态
      const canCreate = await canCreateTodo(decoded.sub, token);
      if (!canCreate) {
        const billingStatus = await getKindeBillingStatus(decoded.sub, token);
        return {
          content: [
            {
              type: 'text',
              text: `🚫 **Cannot create todo**\n\n${billingStatus.reason}`,
            },
          ],
        };
      }

      const result = await sql`
        INSERT INTO todos (user_id, title, description, completed)
        VALUES (${decoded.sub}, ${title}, ${description || null}, ${completed || false})
        RETURNING *
      `;

      // 更新免费待办事项使用计数
      await sql`
        UPDATE users 
        SET free_todos_used = free_todos_used + 1 
        WHERE user_id = ${decoded.sub}
      `;

      return {
        content: [
          {
            type: 'text',
            text: JSON.stringify({
              success: true,
              todoId: result[0].id,
              message: 'Todo created successfully',
              title: result[0].title,
              description: result[0].description,
              completed: result[0].completed
            }, null, 2),
          },
        ],
      };
    }

    case 'update_todo': {
      const token = getStoredToken();
      if (!token) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ No authentication token found. Please login first.',
            },
          ],
        };
      }

      const decoded = decodeJWT(token);
      if (!decoded || !decoded.sub) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Invalid token. Please login again.',
            },
          ],
        };
      }

      const { todoId, title, description, completed } = args as { 
        todoId: number; 
        title?: string; 
        description?: string; 
        completed?: boolean; 
      };

      const result = await sql`
        UPDATE todos 
        SET 
          title = COALESCE(${title || null}, title),
          description = COALESCE(${description || null}, description),
          completed = COALESCE(${completed !== undefined ? completed : null}, completed),
          updated_at = CURRENT_TIMESTAMP
        WHERE id = ${todoId} AND user_id = ${decoded.sub}
        RETURNING *
      `;

      if (result.length === 0) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Todo not found or you do not have permission to update it.',
            },
          ],
        };
      }

      return {
        content: [
          {
            type: 'text',
            text: JSON.stringify({
              success: true,
              message: 'Todo updated successfully',
              todo: result[0]
            }, null, 2),
          },
        ],
      };
    }

    case 'delete_todo': {
      const token = getStoredToken();
      if (!token) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ No authentication token found. Please login first.',
            },
          ],
        };
      }

      const decoded = decodeJWT(token);
      if (!decoded || !decoded.sub) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Invalid token. Please login again.',
            },
          ],
        ];
      }

      const { todoId } = args as { todoId: number };

      const result = await sql`
        DELETE FROM todos 
        WHERE id = ${todoId} AND user_id = ${decoded.sub}
        RETURNING *
      `;

      if (result.length === 0) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Todo not found or you do not have permission to delete it.',
            },
          ],
        };
      }

      return {
        content: [
          {
            type: 'text',
            text: JSON.stringify({
              success: true,
              message: 'Todo deleted successfully',
              deletedTodo: result[0]
            }, null, 2),
          },
        ],
      };
    }

    case 'refresh_billing_status': {
      const token = getStoredToken();
      if (!token) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ No authentication token found. Please login first.',
            },
          ],
        };
      }

      const decoded = decodeJWT(token);
      if (!decoded || !decoded.sub) {
        return {
          content: [
            {
              type: 'text',
              text: '❌ Invalid token. Please login again.',
            },
          ],
        };
      }

      const billingStatus = await getKindeBillingStatus(decoded.sub, token);

      return {
        content: [
          {
            type: 'text',
            text: JSON.stringify({
              success: true,
              message: 'Billing status refreshed successfully!',
              kindeBilling: {
                plan: billingStatus.plan,
                features: billingStatus.features,
                canCreate: billingStatus.canCreate,
                reason: billingStatus.reason,
                lastChecked: new Date().toISOString()
              }
            }, null, 2),
          },
        ],
      };
    }

    case 'logout': {
      try {
        if (fs.existsSync(TOKEN_FILE)) {
          fs.unlinkSync(TOKEN_FILE);
        }
        return {
          content: [
            {
              type: 'text',
              text: '✅ Logged out successfully. Authentication token cleared.',
            },
          ],
        };
      } catch (error) {
        return {
          content: [
            {
              type: 'text',

            },
          ],
        };
      }
    }

    default:
      throw new Error(`Unknown tool: ${name}`);
  }
});

// 启动服务器
async function main() {
  const transport = new StdioServerTransport();
  await server.connect(transport);
  console.error('Todo MCP server running on stdio');
}

main().catch((error) => {
  console.error('Fatal error in main():', error);
  process.exit(1);
});

系统测试

启动服务 

1
2
3
4
5

# 终端1: 启动MCP服务器
npm run dev

# 终端2: 启动Kinde认证服务器
npm run auth-server

配置Cursor MCP

在Cursor中配置MCP服务器:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17

{
  "mcpServers": {
    "todo-mcp-server": {
      "command": "node",
      "args": ["dist/server.js"],
      "cwd": "/path/to/your/todo-mcp-server",
      "env": {
        "DATABASE_URL": "your-neon-connection-string",

        "KINDE_CLIENT_ID": "your-client-id",
        "KINDE_CLIENT_SECRET": "your-client-secret",
        "JWT_SECRET": "your-jwt-secret-key",
        "NODE_ENV": "development"
      }
    }
  }
}

测试流程

在Cursor聊天窗口中测试MCP命令:

  1. login - 获取认证URL
  2. save_token - 保存从Kinde获取的令牌
  3. list todos - 列出待办事项
  4. create todo - 创建新待办事项
  5. refresh billing status - 检查计费状态

系统架构 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

┌─────────────────┐    ┌──────────────────┐    ┌─────────────────┐
│   Cursor IDE    │    │   MCP Server     │    │  Kinde Auth     │
│                 │◄──►│                  │◄──►│   Server        │
│ - MCP Tools     │    │ - Todo CRUD      │    │ - OAuth Flow    │
│ - Chat Interface│    │ - Billing Check  │    │ - Token Storage │
└─────────────────┘    └──────────────────┘    └─────────────────┘
                       ┌─────────────────┐
                       │ Neon PostgreSQL │
                       │                 │
                       │ - Users Table   │
                       │ - Todos Table   │
                       │ - Billing Data  │
                       └─────────────────┘

数据流 

1
2
3
4
5
6

用户输入 
   → MCP服务器 
      → 身份验证检查
         → 计费检查
            → 数据库操作
               → 响应

错误处理和安全

身份验证安全

  • JWT验证:每个请求都验证JWT令牌
  • 用户隔离:用户只能访问自己的待办事项
  • 令牌存储:令牌本地存储,不在数据库中

数据库安全

  • SQL注入防护:使用参数化查询
  • 用户范围:所有查询都按user_id过滤
  • 权限检查:每个操作都验证用户所有权

故障排除

常见问题

  1. MCP服务器未检测到

    • 检查~/.cursor/mcp.json语法
    • 确保使用绝对路径
    • 更改配置后重启Cursor

  2. 数据库连接问题

    • 验证DATABASE_URL环境变量格式
    • 确认Neon数据库处于活动状态
    • 检查SSL模式设置

  3. Kinde认证问题

    • 在Kinde仪表板中验证重定向URL
    • 确认客户端ID和密钥正确
    • 确保认证服务器在端口3000上运行

  4. 令牌错误

    • 确认令牌为JWT格式
    • 检查令牌是否过期
    • 使用Kinde提供的ID令牌

结论

您已经构建了一个功能完整的MCP服务器,具备:

  • 身份验证 - 使用Kinde的安全登录
  • 数据持久化 - 待办事项存储在Neon中
  • 计费强制执行 - 使用限制和升级路径
  • 工具公开 - 在Cursor中可访问的MCP工具

这个基础足够灵活,可以为更高级的应用程序提供支持,同时保持核心流程简单安全。

后续步骤

  • 基于角色的访问控制(RBAC)
  • 计费层级:提供免费、专业版和企业版计划
  • 功能增强:添加搜索、标签或共享功能
  • 部署:在云平台上运行服务
comments powered by Disqus
© 2020 - 2025 qife
使用 Hugo 构建
主题 StackJimmy 设计
本站总访问量 本站访客数人次