接口调整

routes/auth.js

@@ -0,0 +1,49 @@
+const express = require('express');
+const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
+const {getDB} = require('../database');
+
+const router = express.Router();
+const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';
+
+
+// 验证token中间件
+const authenticateToken = (req, res, next) => {
+    const authHeader = req.headers['authorization'];
+    const token = authHeader && authHeader.split(' ')[1];
+
+    if (!token) {
+        return res.status(401).json({success: false, message: '访问令牌缺失'});
+    }
+
+    jwt.verify(token, JWT_SECRET, (err, user) => {
+        if (err) {
+            return res.status(403).json({success: false, message: '访问令牌无效'});
+        }
+        req.user = user;
+        next();
+    });
+};
+
+// 获取当前用户信息
+router.get('/me', authenticateToken, async (req, res) => {
+    try {
+        const db = getDB();
+        const [users] = await db.execute(
+            'SELECT id, username, role, avatar, points, created_at FROM users WHERE id = ?',
+            [req.user.userId]
+        );
+
+        if (users.length === 0) {
+            return res.status(404).json({success: false, message: '用户不存在'});
+        }
+
+        res.json({success: true, user: users[0]});
+    } catch (error) {
+        console.error('获取用户信息错误:', error);
+        res.status(500).json({success: false, message: '获取用户信息失败'});
+    }
+});
+
+module.exports = router;
+module.exports.authenticateToken = authenticateToken;