aiotagro/aijianhua
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
028a45828357541ccf186d1abace88ab6efc6ca7
aijianhua/backend/routes/auth.js

218 lines
5.0 KiB
JavaScript
Raw Blame History

const express = require('express');
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const validator = require('validator');
const dbConnector = require('../utils/dbConnector');
const router = express.Router();
const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';
/**
* 用户注册
*/
router.post('/register', async (req, res, next) => {
try {
const { username, password, phone, email, user_type = 'farmer' } = req.body;
// 参数验证
if (!username || !password || !phone) {
return res.status(400).json({
code: 400,
message: '用户名、密码和手机号为必填项',
data: null
});
}
if (password.length < 6) {
return res.status(400).json({
code: 400,
message: '密码长度不能少于6位',
data: null
});
}
if (!validator.isMobilePhone(phone, 'zh-CN')) {
return res.status(400).json({
code: 400,
message: '手机号格式不正确',
data: null
});
}
if (email && !validator.isEmail(email)) {
return res.status(400).json({
code: 400,
message: '邮箱格式不正确',
data: null
});
}
// 检查用户是否已存在
const existingUser = await dbConnector.query(
'SELECT id FROM users WHERE username = ? OR phone = ? OR email = ?',
[username, phone, email]
);
if (existingUser.length > 0) {
return res.status(409).json({
code: 409,
message: '用户名、手机号或邮箱已存在',
data: null
});
}
// 加密密码
const hashedPassword = await bcrypt.hash(password, 12);
// 创建用户
const result = await dbConnector.query(
'INSERT INTO users (username, password_hash, phone, email, user_type) VALUES (?, ?, ?, ?, ?)',
[username, hashedPassword, phone, email, user_type]
);
// 生成JWT token
const token = jwt.sign(
{ userId: result.insertId, username, user_type },
JWT_SECRET,
{ expiresIn: '7d' }
);
res.status(201).json({
code: 201,
message: '注册成功',
data: {
user_id: result.insertId,
username,
phone,
email,
user_type,
token
}
});
} catch (error) {
next(error);
}
});
/**
* 用户登录
*/
router.post('/login', async (req, res, next) => {
try {
const { login, password } = req.body;
if (!login || !password) {
return res.status(400).json({
code: 400,
message: '登录账号和密码为必填项',
data: null
});
}
// 查询用户(支持用户名、手机号、邮箱登录)
const user = await dbConnector.query(
'SELECT * FROM users WHERE (username = ? OR phone = ? OR email = ?) AND status = 1',
[login, login, login]
);
if (user.length === 0) {
return res.status(401).json({
code: 401,
message: '用户不存在或已被禁用',
data: null
});
}
const userData = user[0];
// 验证密码
const isValidPassword = await bcrypt.compare(password, userData.password_hash);
if (!isValidPassword) {
return res.status(401).json({
code: 401,
message: '密码不正确',
data: null
});
}
// 更新最后登录时间
await dbConnector.query(
'UPDATE users SET last_login = CURRENT_TIMESTAMP WHERE id = ?',
[userData.id]
);
// 生成JWT token
const token = jwt.sign(
{ userId: userData.id, username: userData.username, user_type: userData.user_type },
JWT_SECRET,
{ expiresIn: '7d' }
);
res.json({
code: 200,
message: '登录成功',
data: {
user_id: userData.id,
username: userData.username,
phone: userData.phone,
email: userData.email,
user_type: userData.user_type,
avatar_url: userData.avatar_url,
token
}
});
} catch (error) {
next(error);
}
});
/**
* 获取当前用户信息
*/
router.get('/me', async (req, res, next) => {
try {
// 从token中获取用户ID
const token = req.headers.authorization?.replace('Bearer ', '');
if (!token) {
return res.status(401).json({
code: 401,
message: '未提供认证token',
data: null
});
}
const decoded = jwt.verify(token, JWT_SECRET);
const user = await dbConnector.query(
'SELECT id, username, phone, email, user_type, avatar_url, created_at, last_login FROM users WHERE id = ? AND status = 1',
[decoded.userId]
);
if (user.length === 0) {
return res.status(404).json({
code: 404,
message: '用户不存在',
data: null
});
}
res.json({
code: 200,
message: '获取成功',
data: user[0]
});
} catch (error) {
if (error.name === 'JsonWebTokenError') {
return res.status(401).json({
code: 401,
message: '无效的token',
data: null
});
}
next(error);
}
});
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink