aiotagro/aijianhua
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad20888cd45f882cb9e06b569613fe941da2a665
aijianhua/backend/routes/users.js

269 lines
6.0 KiB
JavaScript
Raw Blame History

const express = require('express');
const bcrypt = require('bcryptjs');
const validator = require('validator');
const dbConnector = require('../utils/dbConnector');
const { adminRequired } = require('../middlewares/auth');
const { asyncHandler } = require('../middlewares/errorHandler');
const router = express.Router();
/**
* 获取用户列表(管理员权限)
*/
router.get('/', adminRequired, asyncHandler(async (req, res) => {
const { page = 1, limit = 10, keyword, user_type } = req.query;
const offset = (page - 1) * limit;
let whereClause = 'WHERE status = 1';
let queryParams = [];
if (keyword) {
whereClause += ' AND (username LIKE ? OR phone LIKE ? OR email LIKE ?)';
const likeKeyword = `%${keyword}%`;
queryParams.push(likeKeyword, likeKeyword, likeKeyword);
}
if (user_type) {
whereClause += ' AND user_type = ?';
queryParams.push(user_type);
}
// 获取用户列表
const users = await dbConnector.query(
`SELECT id, username, phone, email, user_type, avatar_url, created_at, last_login
FROM users ${whereClause} ORDER BY created_at DESC LIMIT ? OFFSET ?`,
[...queryParams, parseInt(limit), offset]
);
// 获取总数
const totalResult = await dbConnector.query(
`SELECT COUNT(*) as total FROM users ${whereClause}`,
queryParams
);
res.json({
code: 200,
message: '获取成功',
data: {
users,
pagination: {
page: parseInt(page),
limit: parseInt(limit),
total: totalResult[0].total,
pages: Math.ceil(totalResult[0].total / limit)
}
}
});
}));
/**
* 获取用户详情
*/
router.get('/:id', asyncHandler(async (req, res) => {
const { id } = req.params;
const users = await dbConnector.query(
`SELECT id, username, phone, email, user_type, avatar_url,
real_name, created_at, last_login
FROM users WHERE id = ? AND status = 1`,
[id]
);
if (users.length === 0) {
return res.status(404).json({
code: 404,
message: '用户不存在',
data: null
});
}
res.json({
code: 200,
message: '获取成功',
data: users[0]
});
}));
/**
* 更新用户信息
*/
router.put('/:id', asyncHandler(async (req, res) => {
const { id } = req.params;
const { email, real_name, avatar_url } = req.body;
// 检查用户是否存在
const existingUser = await dbConnector.query(
'SELECT id FROM users WHERE id = ? AND status = 1',
[id]
);
if (existingUser.length === 0) {
return res.status(404).json({
code: 404,
message: '用户不存在',
data: null
});
}
// 验证邮箱格式
if (email && !validator.isEmail(email)) {
return res.status(400).json({
code: 400,
message: '邮箱格式不正确',
data: null
});
}
// 检查邮箱是否已被其他用户使用
if (email) {
const emailUser = await dbConnector.query(
'SELECT id FROM users WHERE email = ? AND id != ?',
[email, id]
);
if (emailUser.length > 0) {
return res.status(409).json({
code: 409,
message: '邮箱已被其他用户使用',
data: null
});
}
}
// 构建更新字段
const updateFields = [];
const updateValues = [];
if (email !== undefined) {
updateFields.push('email = ?');
updateValues.push(email);
}
if (real_name !== undefined) {
updateFields.push('real_name = ?');
updateValues.push(real_name);
}
if (avatar_url !== undefined) {
updateFields.push('avatar_url = ?');
updateValues.push(avatar_url);
}
if (updateFields.length === 0) {
return res.status(400).json({
code: 400,
message: '没有提供需要更新的字段',
data: null
});
}
updateFields.push('updated_at = CURRENT_TIMESTAMP');
updateValues.push(id);
await dbConnector.query(
`UPDATE users SET ${updateFields.join(', ')} WHERE id = ?`,
updateValues
);
// 获取更新后的用户信息
const updatedUser = await dbConnector.query(
'SELECT id, username, phone, email, user_type, avatar_url, real_name FROM users WHERE id = ?',
[id]
);
res.json({
code: 200,
message: '更新成功',
data: updatedUser[0]
});
}));
/**
* 修改密码
*/
router.put('/:id/password', asyncHandler(async (req, res) => {
const { id } = req.params;
const { old_password, new_password } = req.body;
if (!old_password || !new_password) {
return res.status(400).json({
code: 400,
message: '原密码和新密码为必填项',
data: null
});
}
if (new_password.length < 6) {
return res.status(400).json({
code: 400,
message: '新密码长度不能少于6位',
data: null
});
}
// 获取用户当前密码
const users = await dbConnector.query(
'SELECT password_hash FROM users WHERE id = ?',
[id]
);
if (users.length === 0) {
return res.status(404).json({
code: 404,
message: '用户不存在',
data: null
});
}
// 验证原密码
const isValidPassword = await bcrypt.compare(old_password, users[0].password_hash);
if (!isValidPassword) {
return res.status(401).json({
code: 401,
message: '原密码不正确',
data: null
});
}
// 加密新密码
const hashedPassword = await bcrypt.hash(new_password, 12);
await dbConnector.query(
'UPDATE users SET password_hash = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?',
[hashedPassword, id]
);
res.json({
code: 200,
message: '密码修改成功',
data: null
});
}));
/**
* 删除用户(软删除)
*/
router.delete('/:id', adminRequired, asyncHandler(async (req, res) => {
const { id } = req.params;
const result = await dbConnector.query(
'UPDATE users SET status = 0, updated_at = CURRENT_TIMESTAMP WHERE id = ?',
[id]
);
if (result.affectedRows === 0) {
return res.status(404).json({
code: 404,
message: '用户不存在',
data: null
});
}
res.json({
code: 200,
message: '用户删除成功',
data: null
});
}));
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink