接口更改

2025-10-10 17:30:49 +08:00
parent 83af2cefd6
commit 2aa0e9d884
10 changed files with 284 additions and 81 deletions
--- a/middleware/auth.js
+++ b/middleware/auth.js
@@ -52,14 +52,6 @@ const auth = async (req, res, next) => {
  }
 };
 // 管理员认证中间件
 const adminAuth = (req, res, next) => {
  if (req.user.role !== 'admin') {
    return res.status(403).json({ success: false, message: '需要管理员权限' });
  }
  next();
 };
 /**
 * 支付认证中间件
 * 只验证JWT令牌和用户状态，不检查支付状态
@@ -107,4 +99,4 @@ const paymentAuth = async (req, res, next) => {
  }
 };
-module.exports = { auth, adminAuth, paymentAuth, JWT_SECRET };
+module.exports = { paymentAuth, JWT_SECRET };
--- a/routes/category.js
+++ b/routes/category.js
@@ -0,0 +1,79 @@
 const express = require('express');
 const { getDB } = require('../database');
 const router = express.Router();
 // 获取商品分类列表
 router.get('/', async (req, res) => {
  try {
    const [categories] = await getDB().execute(
      'SELECT * FROM category'
    );
    res.json({
      success: true,
      data: {
        categories
      }
    });
  } catch (error) {
    console.error('获取商品分类失败:', error);
    res.status(500).json({ success: false, message: '获取商品分类失败' });
  }
 });
 router.post('/', async (req, res) => {
    try {
        const { category_name } = req.body;
        await getDB().execute(
            'INSERT INTO category (category_name) VALUES (?)',
            [category_name]
        );
        res.json({
            success: true,
            message: '商品分类创建成功'
        });
    } catch (error) {
        console.error('创建商品分类失败:', error);
        res.status(500).json({ success: false, message: '创建商品分类失败' });
    }
 })
 router.put('/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const { category_name } = req.body;
        await getDB().execute(
            'UPDATE category SET category_name = ? WHERE id = ?',
            [category_name, id]
        );
        res.json({
            success: true,
            message: '商品分类更新成功'
        });
    } catch (error) {
        console.error('更新商品分类失败:', error);
        res.status(500).json({ success: false, message: '更新商品分类失败' });
    }
 })
 // 删除商品分类
 router.delete('/:id', async (req, res) => {
  try {
    const { id } = req.params;
    await getDB().execute(
      'DELETE FROM category WHERE id = ?',
      [id]
    );
    res.json({
      success: true,
      message: '商品分类删除成功'
    });
  } catch (error) {
    console.error('删除商品分类失败:', error);
    res.status(500).json({ success: false, message: '删除商品分类失败' });
  }
 });
 module.exports = router;
--- a/routes/couponproducts.js
+++ b/routes/couponproducts.js
@@ -3,7 +3,7 @@ const router = express.Router();
 const { auth } = require('../middleware/auth');
 const { getDB } = require('../database');
-router.get('/', auth, async (req, res) => {
+router.get('/', async (req, res) => {
  try {
    const { page = 1, limit = 10 } = req.query;
    const pageNum = parseInt(page) || 1;
@@ -65,7 +65,7 @@ router.get('/', auth, async (req, res) => {
  }
 });
-router.post('/', auth, async (req, res) => {
+router.post('/', async (req, res) => {
  try {
    const db = getDB();
    const couponProduct = await db.query(
@@ -87,7 +87,7 @@ router.post('/', auth, async (req, res) => {
  }
 });
-router.delete('/:id', auth, async (req, res) => {
+router.delete('/:id', async (req, res) => {
  try {
    const db = getDB();
    const couponProduct = await db.query(
--- a/routes/orders.js
+++ b/routes/orders.js
@@ -1,6 +1,5 @@
 const express = require('express');
 const { getDB } = require('../database');
 const { auth, adminAuth } = require('../middleware/auth');
 const router = express.Router();
@@ -8,7 +7,7 @@ const router = express.Router();
 // 获取订单列表
-router.get('/', auth, async (req, res) => {
+router.get('/', async (req, res) => {
  try {
    const { page = 1, limit = 10, search = '', orderNumber = '', username = '', status = '', startDate = '', endDate = '' } = req.query;
@@ -18,7 +17,7 @@ router.get('/', auth, async (req, res) => {
    const pageNum = parseInt(page) || 1;
    const limitNum = parseInt(limit) || 10;
    const offset = (pageNum - 1) * limitNum;
-    const isAdmin = req.user.role === 'admin';
+    const isAdmin = true;
    let whereClause = 'WHERE 1=1';
    const params = [];
@@ -141,7 +140,7 @@ router.get('/', auth, async (req, res) => {
    });
-    router.post('/confirm', auth, async (req, res) => {
+    router.post('/confirm', async (req, res) => {
      const connection = await getDB().getConnection();
      try {
@@ -265,7 +264,7 @@ router.get('/', auth, async (req, res) => {
    });
-    router.get('/pre-order/:id', auth, async (req, res) => {
+    router.get('/pre-order/:id', async (req, res) => {
      try {
        const preOrderId = req.params.id;
        const userId = req.user.id;
@@ -327,7 +326,7 @@ router.get('/', auth, async (req, res) => {
 });
-router.get('/:id', auth, async (req, res) => {
+router.get('/:id', async (req, res) => {
  try {
    const { id } = req.params;
    const isAdmin = req.user.role === 'admin';
@@ -408,7 +407,7 @@ router.get('/:id', auth, async (req, res) => {
 });
 // 创建预订单
-router.post('/create-from-cart', auth, async (req, res) => {
+router.post('/create-from-cart', async (req, res) => {
  const db = getDB();
  await db.query('START TRANSACTION');
@@ -590,7 +589,7 @@ router.post('/create-from-cart', auth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.put('/:id/cancel', auth, async (req, res) => {
+router.put('/:id/cancel', async (req, res) => {
  const db = getDB();
  await db.query('START TRANSACTION');
@@ -682,7 +681,7 @@ router.put('/:id/cancel', auth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.put('/:id/confirm', auth, async (req, res) => {
+router.put('/:id/confirm', async (req, res) => {
  try {
    const orderId = req.params.id;
    const userId = req.user.id;
@@ -767,7 +766,7 @@ router.put('/:id/confirm', auth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.put('/:id/status', auth, adminAuth, async (req, res) => {
+router.put('/:id/status', async (req, res) => {
  const db = getDB();
  await db.query('START TRANSACTION');
@@ -914,7 +913,7 @@ router.put('/:id/status', auth, adminAuth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.get('/pending-payment/:id', auth, async (req, res) => {
+router.get('/pending-payment/:id', async (req, res) => {
  try {
    const preOrderId = req.params.id;
    const userId = req.user.id;
@@ -1055,7 +1054,7 @@ router.get('/pending-payment/:id', auth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.post('/confirm-payment', auth, async (req, res) => {
+router.post('/confirm-payment', async (req, res) => {
  const connection = await getDB().getConnection();
  try {
@@ -1304,7 +1303,7 @@ router.post('/confirm-payment', auth, async (req, res) => {
 *       500:
 *         description: 服务器错误
 */
-router.get('/stats', auth, adminAuth, async (req, res) => {
+router.get('/stats', async (req, res) => {
  try {
    // 总订单数
    const [totalOrders] = await getDB().execute('SELECT COUNT(*) as count FROM orders');
--- a/routes/products.js
+++ b/routes/products.js
@@ -1,6 +1,5 @@
 const express = require('express');
 const { getDB } = require('../database');
 const { auth, adminAuth } = require('../middleware/auth');
 const router = express.Router();
@@ -52,11 +51,18 @@ router.get('/', async (req, res) => {
    // 确保参数数组正确传递
    const queryParams = [...params];
    console.log('Query params:', queryParams, 'Query:', query);
    const [products] = await getDB().execute(query, queryParams);
    products.forEach(item=>{
      item.payment_methods = JSON.parse(item.payment_methods)
    })
    for(let item of products){
      // console.log("1234567",item)
      // const categoryQuery = `SELECT category_name FROM category WHERE id = ?`;
      // const [categoryResult] = await getDB().execute(categoryQuery, [parseInt(item.category)]);
      // item.category = categoryResult.category_name;
      // console.log("qwer",categoryResult)
      parseInt(item.category) === 20 ? console.log('yes') : console.log('no')
    }
    res.json({
      success: true,
      data: {
@@ -75,25 +81,6 @@ router.get('/', async (req, res) => {
  }
 });
 // 获取商品分类列表
 router.get('/categories', async (req, res) => {
  try {
    const [categories] = await getDB().execute(
      'SELECT DISTINCT category FROM products WHERE status = "active" AND category IS NOT NULL'
    );
    res.json({
      success: true,
      data: {
        categories: categories.map(item => item.category)
      }
    });
  } catch (error) {
    console.error('获取商品分类失败:', error);
    res.status(500).json({ success: false, message: '获取商品分类失败' });
  }
 });
 // 获取热销商品
 router.get('/hot', async (req, res) => {
  try {
@@ -378,7 +365,7 @@ router.get('/:id', async (req, res) => {
 });
 // 创建商品（管理员权限）
-router.post('/', auth, adminAuth, async (req, res) => {
+router.post('/', async (req, res) => {
  try {
    const { 
      name, description, price, points_price, rongdou_price = 0, stock, category, 
@@ -427,7 +414,7 @@ router.post('/', auth, adminAuth, async (req, res) => {
 });
 // 更新商品（管理员权限）
-router.put('/:id', auth, adminAuth, async (req, res) => {
+router.put('/:id', async (req, res) => {
  try {
    const productId = req.params.id;
    const { 
@@ -567,7 +554,7 @@ router.put('/:id', auth, adminAuth, async (req, res) => {
 });
 // 删除商品（管理员权限）
-router.delete('/:id', auth, adminAuth, async (req, res) => {
+router.delete('/:id', async (req, res) => {
  try {
    const { id } = req.params;
@@ -601,7 +588,7 @@ router.delete('/:id', auth, adminAuth, async (req, res) => {
 });
 // 获取商品统计信息（管理员权限）
-router.get('/stats', auth, adminAuth, async (req, res) => {
+router.get('/stats', async (req, res) => {
  try {
    // 获取商品总数
    const totalQuery = 'SELECT COUNT(*) as total FROM products';
@@ -777,7 +764,7 @@ router.get('/:id/recommended', async (req, res) => {
 });
 // 收藏商品
-router.post('/:id/favorite', auth, async (req, res) => {
+router.post('/:id/favorite', async (req, res) => {
  try {
    const productId = req.params.id;
    const userId = req.user.id;
@@ -814,7 +801,7 @@ router.post('/:id/favorite', auth, async (req, res) => {
 });
 // 取消收藏商品
-router.delete('/:id/favorite', auth, async (req, res) => {
+router.delete('/:id/favorite', async (req, res) => {
  try {
    const productId = req.params.id;
    const userId = req.user.id;
@@ -839,7 +826,7 @@ router.delete('/:id/favorite', auth, async (req, res) => {
 });
 // 获取用户收藏的商品列表
-router.get('/favorites', auth, async (req, res) => {
+router.get('/favorites', async (req, res) => {
  try {
    const userId = req.user.id;
    const page = parseInt(req.query.page) || 1;
@@ -908,7 +895,7 @@ router.get('/:id/attributes', async (req, res) => {
 });
 // 创建商品评论
-router.post('/:id/reviews', auth, async (req, res) => {
+router.post('/:id/reviews', async (req, res) => {
  try {
    const productId = req.params.id;
    const userId = req.user.id;
--- a/routes/shopbackend.js
+++ b/routes/shopbackend.js
@@ -1,9 +1,8 @@
 const express = require('express');
 const router = express.Router();
 const { auth } = require('../middleware/auth');
 const { getDB } = require('../database');
-router.get('/', auth, async (req, res) => {
+router.get('/', async (req, res) => {
  try {
    res.json({
        success: true,
@@ -17,7 +16,7 @@ router.get('/', auth, async (req, res) => {
  }
 });
-router.get('/product-details/:id', auth, async (req, res) => {
+router.get('/product-details/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const query = `
@@ -38,7 +37,7 @@ router.get('/product-details/:id', auth, async (req, res) => {
    }
 })
-router.get('/flash-products', auth, async (req, res) => {
+router.get('/flash-products', async (req, res) => {
    try {
        const { page = 1, limit = 10, search = '', category = '' } = req.query;
@@ -111,7 +110,7 @@ router.get('/flash-products', auth, async (req, res) => {
    }
 })
-router.get('/flash-product/:id', auth, async (req, res) => {
+router.get('/flash-product/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const query = `
@@ -132,7 +131,7 @@ router.get('/flash-product/:id', auth, async (req, res) => {
    }
 })
-router.delete('/flash-product/:id', auth, async (req, res) => {
+router.delete('/flash-product/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const query = `
@@ -152,7 +151,7 @@ router.delete('/flash-product/:id', auth, async (req, res) => {
    }
 })
-router.post('/flash-product', auth, async (req, res) => {
+router.post('/flash-product', async (req, res) => {
    try {
        const { start_time, end_time, flash_stock, flash_price, products_id } = req.body;
        const query = `
@@ -170,7 +169,7 @@ router.post('/flash-product', auth, async (req, res) => {
    }
 })
-router.put('/flash-product/:id', auth, async (req, res) => {
+router.put('/flash-product/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const { start_time, end_time, flash_stock, flash_price, products_id } = req.body;
@@ -198,7 +197,7 @@ router.put('/flash-product/:id', auth, async (req, res) => {
-router.get('/recommend-products', auth, async (req, res) => {
+router.get('/recommend-products', async (req, res) => {
    try {
        const { page = 1, limit = 10, search = '', category = '' } = req.query;
@@ -269,7 +268,7 @@ router.get('/recommend-products', auth, async (req, res) => {
    }
 })
-router.post('/recommend-product', auth, async (req, res) => {
+router.post('/recommend-product', async (req, res) => {
    try {
        const { products_id } = req.body;
        const query = `
@@ -287,7 +286,7 @@ router.post('/recommend-product', auth, async (req, res) => {
    }
 })
-router.delete('/recommend-product/:id', auth, async (req, res) => {
+router.delete('/recommend-product/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const query = `
@@ -308,7 +307,7 @@ router.delete('/recommend-product/:id', auth, async (req, res) => {
 })
 // 供应商
-router.get('/producer-list', auth, async (req, res) => {
+router.get('/producer-list', async (req, res) => {
    try {
        const { page = 1, limit = 10, search = '', category = '' } = req.query;
@@ -367,7 +366,7 @@ router.get('/producer-list', auth, async (req, res) => {
    }
 })
-router.post('/producer', auth, async (req, res) => {
+router.post('/producer', async (req, res) => {
    try {
        const { producer_name } = req.body;
        const query = `
@@ -385,7 +384,7 @@ router.post('/producer', auth, async (req, res) => {
    }
 })
-router.delete('/producer/:id', auth, async (req, res) => {
+router.delete('/producer/:id', async (req, res) => {
    try {
        const { id } = req.params;
        const query = `
--- a/routes/specifications.js
+++ b/routes/specifications.js
@@ -1,13 +1,12 @@
 const express = require('express');
 const router = express.Router();
 const {getDB} = require('../database');
 const {auth, adminAuth} = require('../middleware/auth');
 const {SelectBuilder} = require('../config/dbv2')
 const {db} = require("../server");
 const sql = require("../config/config");
-router.get('/names', auth, async (req, res) => {
+router.get('/names', async (req, res) => {
    try {
        const {status = 'active'} = req.query;
        const {id: created_id} = req.user;
@@ -36,7 +35,7 @@ router.get('/names', auth, async (req, res) => {
 });
-router.post('/names', auth, adminAuth, async (req, res) => {
+router.post('/names', async (req, res) => {
    const db = getDB();
    try {
        const {name, display_name, sort_order = 0} = req.body;
@@ -65,7 +64,7 @@ router.post('/names', auth, adminAuth, async (req, res) => {
 });
-router.delete('/names/:id', auth, adminAuth, async (req, res) => {
+router.delete('/names/:id', async (req, res) => {
    try {
        const {id} = req.params;
        const {id:user_id,role} = req.user
@@ -145,7 +144,7 @@ router.get('/values', async (req, res) => {
 });
-router.post('/values', auth, adminAuth, async (req, res) => {
+router.post('/values', async (req, res) => {
    try {
        const {spec_name_id, value, display_value, color_code, image_url, sort_order = 0} = req.body;
@@ -348,7 +347,7 @@ router.get('/combinations/:id', async (req, res) => {
 });
-router.delete('/combinations/:id', auth, adminAuth, async (req, res) => {
+router.delete('/combinations/:id', async (req, res) => {
    try {
        const {id} = req.params;
@@ -379,7 +378,7 @@ router.delete('/combinations/:id', auth, adminAuth, async (req, res) => {
 });
-router.put('/combinations/:id', auth, adminAuth, async (req, res) => {
+router.put('/combinations/:id', async (req, res) => {
    try {
        const {id} = req.params;
        const {
@@ -477,7 +476,7 @@ router.put('/combinations/:id', auth, adminAuth, async (req, res) => {
 });
-router.post('/combinations', auth, adminAuth, async (req, res) => {
+router.post('/combinations', async (req, res) => {
    try {
        const {
            product_id,
@@ -535,7 +534,7 @@ router.post('/combinations', auth, adminAuth, async (req, res) => {
 });
-router.post('/generate-combinations', auth, adminAuth, async (req, res) => {
+router.post('/generate-combinations', async (req, res) => {
    try {
        const {product_id, spec_name_ids, default_stock = 0} = req.body;
--- a/routes/supplier.js
+++ b/routes/supplier.js
@@ -1,7 +1,6 @@
 //供应商接口
 const express = require('express');
 const {getDB} = require('../database');
 const {auth, adminAuth} = require('../middleware/auth');
 const router = express.Router();
 const {SelectBuilder, InsertBuilder, UpdateBuilder} = require('../config/dbv2')
 const bcrypt = require('bcryptjs');
@@ -20,7 +19,7 @@ const bcrypt = require('bcryptjs');
 * phone 手机号
 *
 * */
-router.post('/add', auth, adminAuth, async (req, res) => {
+router.post('/add', async (req, res) => {
    const db = getDB();
    try {
        const {
@@ -103,7 +102,7 @@ router.post('/add', auth, adminAuth, async (req, res) => {
 * id 供应商id
 * audit_status 审核状态   'pending','approved','rejected'
 * */
-router.put('/edit', auth, adminAuth, async (req, res) => {
+router.put('/edit', async (req, res) => {
    const db = getDB();
    try {
        const {
@@ -237,7 +236,7 @@ router.get('/list', async (req, res) => {
 * 删除供应商
 * id
 * */
-router.delete('/delete', auth, adminAuth, async (req, res) => {
+router.delete('/delete', async (req, res) => {
    const db = getDB();
    try {
        const {id} = req.query;
--- a/routes/withdrawals.js
+++ b/routes/withdrawals.js
@@ -0,0 +1,143 @@
 const express = require('express');
 const { getDB } = require('../database');
 const router = express.Router();
 router.get('/', async (req, res) => {
  try {
    const { page = 1, limit = 10, search = '' } = req.query;
    // 确保参数为有效数字
    const pageNum = Math.max(1, parseInt(page) || 1);
    const limitNum = Math.max(1, Math.min(100, parseInt(limit) || 10)); // 限制最大100条
    const offset = Math.max(0, (pageNum - 1) * limitNum);
    console.log('分页参数:', { pageNum, limitNum, offset, search });
    let whereClause = 'WHERE 1=1';
    const params = [];
    if (search) {
      whereClause += ' AND name LIKE ?';
      params.push(`%${search}%`);
    }
    // 获取总数
    const countQuery = `SELECT COUNT(*) as total FROM withdrawal ${whereClause}`;
    const [countResult] = await getDB().execute(countQuery, params);
    const total = countResult[0].total;
    // 获取商品列表
    const query = `
      SELECT id, user_id, amount, status, time
      FROM withdrawal
      ${whereClause}
      ORDER BY time DESC
      LIMIT ${limitNum} OFFSET ${offset}
    `;
    // 确保参数数组正确传递
    const queryParams = [...params];
    console.log('Query params:', queryParams, 'Query:', query);
    const [withdrawals] = await getDB().execute(query, queryParams);
    res.json({
      success: true,
      data: {
        withdrawals,
        pagination: {
          page: pageNum,
          limit: limitNum,
          total,
          pages: Math.ceil(total / limitNum)
        }
      }
    });
  } catch (error) {
    console.error('获取提现列表失败:', error);
    res.status(500).json({ success: false, message: '获取提现列表失败' });
  }
 });//获取记录
 router.post('/:id/approve', async (req, res) => {
  try {
    const { id } = req.params;
    const query = `
      UPDATE withdrawal
      SET status = 'success'
      WHERE id = ?
    `;
    const queryParams = [id];
    const [result] = await getDB().execute(query, queryParams);
    if (result.affectedRows === 0) {
      return res.status(404).json({ success: false, message: '提现记录不存在' });
    }
    res.json({
      success: true,
      data: {
        id,
        status: 'success'
      }
    });
  } catch (error) {
    console.error('创建提现记录失败:', error);
    res.status(500).json({ success: false, message: '创建提现记录失败' });
  }
 });//通过记录
 router.post('/:id/reject', async (req, res) => {
  try {
    const { id } = req.params;
    const query = `
      UPDATE withdrawal
      SET status = 'canceled'
      WHERE id = ?
    `;
    const queryParams = [id];
    const [result] = await getDB().execute(query, queryParams);
    if (result.affectedRows === 0) {
      return res.status(404).json({ success: false, message: '提现记录不存在' });
    }
    res.json({
      success: true,
      data: {
        id,
        status: 'canceled'
      }
    });
  } catch (error) {
    console.error('创建提现记录失败:', error);
    res.status(500).json({ success: false, message: '创建提现记录失败' });
  }
 });//拒绝记录
 router.post('/', async (req, res) => {
  try {
    const { userId, amount } = req.body;
    if (!userId || !amount) {
      return res.status(400).json({ success: false, message: '用户ID和金额是必填项' });
    }
    const query = `
      INSERT INTO withdrawal (user_id, amount, status, time)
      VALUES (?, ?, ?, NOW())
    `;
    const queryParams = [userId, amount, 'pending'];
    const [result] = await getDB().execute(query, queryParams);
    if (result.affectedRows === 0) {
      return res.status(404).json({ success: false, message: '提现记录不存在' });
    }
    res.json({
      success: true,
      data: {
        id: result.insertId,
        user_id: userId,
        amount,
        status: 'pending'
      }
    });
  } catch (error) {
    console.error('更新提现记录失败:', error);
    res.status(500).json({ success: false, message: '更新提现记录失败' });
  }
 });
 module.exports = router;
--- a/server.js
+++ b/server.js
@@ -105,6 +105,12 @@ app.use('/specifications', require('./routes/specifications'));
 // 优惠券商品接口
 app.use('/couponproducts', require('./routes/couponproducts'));
 // 提现管理接口
 app.use('/withdrawals', require('./routes/withdrawals'));
 // 商品分类接口
 app.use('/category', require('./routes/category'));
 // 认证接口
 app.use('/auth', require('./routes/auth'));