2025-09-02 21:59:27 +08:00
|
|
|
const express = require('express')
|
|
|
|
|
const bcrypt = require('bcryptjs')
|
|
|
|
|
const Joi = require('joi')
|
|
|
|
|
const router = express.Router()
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
// 引入数据库模型
|
|
|
|
|
const { ApiUser } = require('../models')
|
|
|
|
|
const sequelize = require('sequelize')
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
// 验证模式
|
|
|
|
|
const createUserSchema = Joi.object({
|
|
|
|
|
username: Joi.string().min(2).max(50).required(),
|
|
|
|
|
email: Joi.string().email().required(),
|
|
|
|
|
phone: Joi.string().pattern(/^1[3-9]\d{9}$/).allow(''),
|
|
|
|
|
password: Joi.string().min(6).max(100).required(),
|
2025-09-05 01:18:40 +08:00
|
|
|
user_type: Joi.string().valid('client', 'supplier', 'driver', 'staff', 'admin').required(),
|
|
|
|
|
status: Joi.string().valid('active', 'inactive', 'locked').default('active')
|
2025-09-02 21:59:27 +08:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const updateUserSchema = Joi.object({
|
|
|
|
|
username: Joi.string().min(2).max(50),
|
|
|
|
|
email: Joi.string().email(),
|
|
|
|
|
phone: Joi.string().pattern(/^1[3-9]\d{9}$/).allow(''),
|
2025-09-05 01:18:40 +08:00
|
|
|
user_type: Joi.string().valid('client', 'supplier', 'driver', 'staff', 'admin'),
|
|
|
|
|
status: Joi.string().valid('active', 'inactive', 'locked')
|
2025-09-02 21:59:27 +08:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 获取用户列表
|
2025-09-05 01:18:40 +08:00
|
|
|
router.get('/', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
2025-09-05 01:18:40 +08:00
|
|
|
const { page = 1, pageSize = 20, keyword, user_type, status } = req.query
|
2025-09-02 21:59:27 +08:00
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
// 构建查询条件
|
|
|
|
|
const where = {}
|
2025-09-02 21:59:27 +08:00
|
|
|
if (keyword) {
|
2025-09-05 01:18:40 +08:00
|
|
|
where[sequelize.Op.or] = [
|
|
|
|
|
{ username: { [sequelize.Op.like]: `%${keyword}%` } },
|
|
|
|
|
{ email: { [sequelize.Op.like]: `%${keyword}%` } },
|
|
|
|
|
{ phone: { [sequelize.Op.like]: `%${keyword}%` } }
|
|
|
|
|
]
|
2025-09-02 21:59:27 +08:00
|
|
|
}
|
2025-09-05 01:18:40 +08:00
|
|
|
if (user_type) where.user_type = user_type
|
|
|
|
|
if (status) where.status = status
|
|
|
|
|
|
|
|
|
|
// 分页查询
|
|
|
|
|
const result = await ApiUser.findAndCountAll({
|
|
|
|
|
where,
|
|
|
|
|
limit: parseInt(pageSize),
|
|
|
|
|
offset: (parseInt(page) - 1) * parseInt(pageSize),
|
|
|
|
|
order: [['createdAt', 'DESC']]
|
|
|
|
|
})
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
data: {
|
2025-09-05 01:18:40 +08:00
|
|
|
items: result.rows,
|
|
|
|
|
total: result.count,
|
2025-09-02 21:59:27 +08:00
|
|
|
page: parseInt(page),
|
|
|
|
|
pageSize: parseInt(pageSize),
|
2025-09-05 01:18:40 +08:00
|
|
|
totalPages: Math.ceil(result.count / parseInt(pageSize))
|
2025-09-02 21:59:27 +08:00
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('获取用户列表失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '获取用户列表失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 获取用户详情
|
2025-09-05 01:18:40 +08:00
|
|
|
router.get('/:id', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
|
|
|
|
const { id } = req.params
|
2025-09-05 01:18:40 +08:00
|
|
|
const user = await ApiUser.findByPk(id)
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
if (!user) {
|
|
|
|
|
return res.status(404).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '用户不存在'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
data: user
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('获取用户详情失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '获取用户详情失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 创建用户
|
|
|
|
|
router.post('/', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
// 参数验证
|
|
|
|
|
const { error, value } = createUserSchema.validate(req.body)
|
|
|
|
|
if (error) {
|
|
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '参数验证失败',
|
|
|
|
|
details: error.details[0].message
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
const { username, email, phone, password, user_type, status } = value
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
// 检查用户名是否已存在
|
2025-09-05 01:18:40 +08:00
|
|
|
const existingUser = await ApiUser.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
[sequelize.Op.or]: [
|
|
|
|
|
{ username: username },
|
|
|
|
|
{ email: email },
|
|
|
|
|
{ phone: phone }
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
})
|
2025-09-02 21:59:27 +08:00
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
if (existingUser) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
2025-09-05 01:18:40 +08:00
|
|
|
message: '用户名、邮箱或手机号已存在'
|
2025-09-02 21:59:27 +08:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
// 密码加密
|
|
|
|
|
const saltRounds = 10
|
|
|
|
|
const password_hash = await bcrypt.hash(password, saltRounds)
|
|
|
|
|
|
2025-09-02 21:59:27 +08:00
|
|
|
// 创建新用户
|
2025-09-05 01:18:40 +08:00
|
|
|
const newUser = await ApiUser.create({
|
2025-09-02 21:59:27 +08:00
|
|
|
username,
|
|
|
|
|
email,
|
|
|
|
|
phone: phone || '',
|
2025-09-05 01:18:40 +08:00
|
|
|
password_hash,
|
|
|
|
|
user_type,
|
2025-09-02 21:59:27 +08:00
|
|
|
status,
|
2025-09-05 01:18:40 +08:00
|
|
|
})
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.status(201).json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: '用户创建成功',
|
|
|
|
|
data: newUser
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('创建用户失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '创建用户失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 更新用户
|
2025-09-05 01:18:40 +08:00
|
|
|
router.put('/:id', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
|
|
|
|
const { id } = req.params
|
2025-09-05 01:18:40 +08:00
|
|
|
const user = await ApiUser.findByPk(id)
|
2025-09-02 21:59:27 +08:00
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
if (!user) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(404).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '用户不存在'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 参数验证
|
|
|
|
|
const { error, value } = updateUserSchema.validate(req.body)
|
|
|
|
|
if (error) {
|
|
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '参数验证失败',
|
|
|
|
|
details: error.details[0].message
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 更新用户信息
|
2025-09-05 01:18:40 +08:00
|
|
|
await user.update(value)
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: '用户更新成功',
|
2025-09-05 01:18:40 +08:00
|
|
|
data: user
|
2025-09-02 21:59:27 +08:00
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('更新用户失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '更新用户失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 删除用户
|
2025-09-05 01:18:40 +08:00
|
|
|
router.delete('/:id', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
|
|
|
|
const { id } = req.params
|
2025-09-05 01:18:40 +08:00
|
|
|
const user = await ApiUser.findByPk(id)
|
2025-09-02 21:59:27 +08:00
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
if (!user) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(404).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '用户不存在'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
await user.destroy()
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: '用户删除成功'
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('删除用户失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '删除用户失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 批量删除用户
|
2025-09-05 01:18:40 +08:00
|
|
|
router.delete('/batch', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
|
|
|
|
const { ids } = req.body
|
|
|
|
|
|
|
|
|
|
if (!Array.isArray(ids) || ids.length === 0) {
|
|
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '请提供有效的用户ID列表'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
await ApiUser.destroy({
|
|
|
|
|
where: {
|
|
|
|
|
id: ids
|
|
|
|
|
}
|
|
|
|
|
})
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: `成功删除 ${ids.length} 个用户`
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('批量删除用户失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '批量删除用户失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 重置用户密码
|
|
|
|
|
router.put('/:id/password', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
const { id } = req.params
|
|
|
|
|
const { password } = req.body
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
const user = await ApiUser.findByPk(id)
|
|
|
|
|
if (!user) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(404).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '用户不存在'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!password || password.length < 6) {
|
|
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '密码长度不能少于6位'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
// 密码加密
|
|
|
|
|
const saltRounds = 10
|
|
|
|
|
const password_hash = await bcrypt.hash(password, saltRounds)
|
|
|
|
|
|
|
|
|
|
// 更新密码
|
|
|
|
|
await user.update({ password_hash })
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: '密码重置成功'
|
|
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('重置密码失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '重置密码失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 更新用户状态
|
2025-09-05 01:18:40 +08:00
|
|
|
router.put('/:id/status', async (req, res) => {
|
2025-09-02 21:59:27 +08:00
|
|
|
try {
|
|
|
|
|
const { id } = req.params
|
|
|
|
|
const { status } = req.body
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
const user = await ApiUser.findByPk(id)
|
|
|
|
|
if (!user) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(404).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '用户不存在'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
if (!['active', 'inactive', 'locked'].includes(status)) {
|
2025-09-02 21:59:27 +08:00
|
|
|
return res.status(400).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '无效的用户状态'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-05 01:18:40 +08:00
|
|
|
await user.update({ status })
|
2025-09-02 21:59:27 +08:00
|
|
|
|
|
|
|
|
res.json({
|
|
|
|
|
success: true,
|
|
|
|
|
message: '用户状态更新成功',
|
2025-09-05 01:18:40 +08:00
|
|
|
data: user
|
2025-09-02 21:59:27 +08:00
|
|
|
})
|
|
|
|
|
} catch (error) {
|
2025-09-05 01:18:40 +08:00
|
|
|
console.error('更新用户状态失败:', error)
|
2025-09-02 21:59:27 +08:00
|
|
|
res.status(500).json({
|
|
|
|
|
success: false,
|
|
|
|
|
message: '更新用户状态失败'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
module.exports = router
|
