admin/jurong_circle_black
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

提交

Browse Source
This commit is contained in:
sunzhuangzhuang
2025-09-10 18:10:40 +08:00
parent 8530e97ab6
commit d50290e8fe
27 changed files with 2025 additions and 3913 deletions
Download Patch File Download Diff File Expand all files Collapse all files

190
routes/auth.js
View File

@@ -5,119 +5,6 @@ const { getDB } = require('../database');
const router = express.Router();
const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';
/**
* @swagger
* tags:
* name: Authentication
* description: 用户认证API
*/
/**
* @swagger
* components:
* schemas:
* LoginCredentials:
* type: object
* required:
* - username
* - password
* properties:
* username:
* type: string
* description: 用户名或手机号
* password:
* type: string
* description: 密码
* RegisterRequest:
* type: object
* required:
* - username
* - phone
* - password
* - registrationCode
* - city
* - district_id
* - captchaId
* - captchaText
* - smsCode
* properties:
* username:
* type: string
* description: 用户名
* phone:
* type: string
* description: 手机号
* password:
* type: string
* description: 密码
* registrationCode:
* type: string
* description: 注册激活码
* city:
* type: string
* description: 城市
* district_id:
* type: string
* description: 区域ID
* captchaId:
* type: string
* description: 图形验证码ID
* captchaText:
* type: string
* description: 图形验证码文本
* smsCode:
* type: string
* description: 短信验证码
* role:
* type: string
* description: 用户角色
* default: user
*/
/**
* @swagger
* /auth/register:
* post:
* summary: 用户注册
* description: 需要提供有效的激活码才能注册
* tags: [Authentication]
* requestBody:
* required: true
* content:
* application/json:
* schema:
* $ref: '#/components/schemas/RegisterRequest'
* responses:
* 201:
* description: 用户注册成功
* content:
* application/json:
* schema:
* type: object
* properties:
* success:
* type: boolean
* message:
* type: string
* token:
* type: string
* description: JWT认证令牌
* user:
* type: object
* properties:
* id:
* type: integer
* username:
* type: string
* role:
* type: string
* 400:
* description: 请求参数错误
* 500:
* description: 服务器错误
*/
router.post('/register', async (req, res) => {
try {
const db = getDB();
@@ -129,13 +16,15 @@ router.post('/register', async (req, res) => {
password,
city,
district_id: district,
province,
inviter = '',
captchaId,
captchaText,
smsCode, // 短信验证码
role = 'user'
} = req.body;
if (!username || !phone || !password || !city || !district) {
if (!username || !phone || !password || !city || !district || !province) {
return res.status(400).json({ success: false, message: '用户名、手机号、密码、城市和区域不能为空' });
}
@@ -146,9 +35,6 @@ router.post('/register', async (req, res) => {
if (!smsCode) {
return res.status(400).json({ success: false, message: '短信验证码不能为空' });
}
// 注意:图形验证码已在前端通过 /captcha/verify 接口验证过,这里不再重复验证
// 验证短信验证码
const smsAPI = require('./sms');
const smsValid = smsAPI.verifySMSCode(phone, smsCode);
@@ -171,14 +57,7 @@ router.post('/register', async (req, res) => {
);
if (existingUsers.length > 0) {
const existingUser = existingUsers[0];
// 如果用户存在但未支付,允许重新注册(覆盖原用户信息)
if (existingUser.payment_status === 'unpaid') {
// 删除未支付的用户记录
await db.execute('DELETE FROM users WHERE id = ?', [existingUser.id]);
} else {
return res.status(400).json({ success: false, message: '用户名或手机号已存在' });
}
return res.status(400).json({ success: false, message: '用户名或手机号已存在' });
}
// 加密密码
@@ -186,16 +65,11 @@ router.post('/register', async (req, res) => {
// 创建用户(初始状态为未支付)
const [result] = await db.execute(
'INSERT INTO users (username, phone, password, role, points, audit_status, city, district_id, payment_status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, "unpaid")',
[username, phone, hashedPassword, role, 0, 'pending', city, district]
'INSERT INTO users (username, phone, password, role, points, audit_status, city, district_id, payment_status, province, inviter) VALUES (?, ?, ?, ?, ?, ?, ?, ?, "unpaid", ?, ?)',
[username, phone, hashedPassword, role, 0, 'pending', city, district, province, inviter]
);
const userId = result.insertId;
// 用户余额已在创建用户时设置为默认值0.00,无需额外操作
// 根据地区自动关联代理
const [agents] = await db.execute(
'SELECT ra.id FROM users u INNER JOIN regional_agents ra ON u.id = ra.user_id WHERE ra.region_id = ? AND ra.status = "active" ORDER BY ra.created_at ASC LIMIT 1',
@@ -237,7 +111,7 @@ router.post('/register', async (req, res) => {
});
} catch (error) {
try {
await getDB().query('ROLLBACK');
// await getDB().query('ROLLBACK');
} catch (rollbackError) {
console.error('回滚错误:', rollbackError);
}
@@ -251,55 +125,7 @@ router.post('/register', async (req, res) => {
}
});
/**
* @swagger
* /auth/login:
* post:
* summary: 用户登录
* tags: [Authentication]
* requestBody:
* required: true
* content:
* application/json:
* schema:
* $ref: '#/components/schemas/LoginCredentials'
* responses:
* 200:
* description: 登录成功
* content:
* application/json:
* schema:
* type: object
* properties:
* success:
* type: boolean
* message:
* type: string
* token:
* type: string
* description: JWT认证令牌
* user:
* type: object
* properties:
* id:
* type: integer
* username:
* type: string
* role:
* type: string
* avatar:
* type: string
* points:
* type: integer
* 400:
* description: 请求参数错误
* 401:
* description: 用户名或密码错误
* 403:
* description: 账户审核未通过
* 500:
* description: 服务器错误
*/
router.post('/login', async (req, res) => {
try {
const db = getDB();