69 lines
2.4 KiB
JavaScript
69 lines
2.4 KiB
JavaScript
const express = require('express');
|
|
const { getDB } = require('../database');
|
|
|
|
const router = express.Router();
|
|
const bcrypt = require('bcryptjs');
|
|
|
|
router.put('/password', async (req, res) => {
|
|
try {
|
|
console.log(123, req.body);
|
|
const { id, oldPassword, newPassword } = req.body;
|
|
|
|
// 1. 先查询用户信息
|
|
const [users] = await getDB().execute('SELECT * FROM users WHERE id = ?', [parseInt(id)]);
|
|
if (users.length === 0) {
|
|
return res.status(404).json({ success: false, message: '用户不存在' });
|
|
}
|
|
|
|
const user = users[0];
|
|
console.log('数据库中的密码:', user.password);
|
|
|
|
// 2. 验证旧密码(使用 bcrypt 比较)
|
|
const isOldPasswordValid = await bcrypt.compare(oldPassword, user.password);
|
|
if (!isOldPasswordValid) {
|
|
return res.status(400).json({ success: false, message: '旧密码错误' });
|
|
}
|
|
|
|
// 3. 加密新密码
|
|
const hashedNewPassword = await bcrypt.hash(newPassword, 10);
|
|
|
|
// 4. 更新密码
|
|
const query = `
|
|
UPDATE users
|
|
SET password = ?
|
|
WHERE id = ?
|
|
`;
|
|
const [result] = await getDB().execute(query, [hashedNewPassword, parseInt(id)]);
|
|
|
|
if (result.affectedRows === 0) {
|
|
return res.status(500).json({ success: false, message: '密码更新失败' });
|
|
}
|
|
|
|
res.json({ success: true, message: '密码更新成功' });
|
|
} catch (error) {
|
|
console.error('更新密码失败:', error);
|
|
res.status(500).json({ success: false, message: '更新密码失败' });
|
|
}
|
|
});
|
|
|
|
router.put('/:id', async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
const { alipayQr, avatar, bankCard, idCard, phone, realName, unionpayQr, username, wechatQr } = req.body;
|
|
const query = `
|
|
UPDATE users
|
|
SET alipay_qr = ?, avatar = ?, bank_card = ?, id_card = ?, phone = ?, real_name = ?, unionpay_qr = ?, username = ?, wechat_qr = ?
|
|
WHERE id = ?
|
|
`;
|
|
const [user] = await getDB().execute(query, [alipayQr, avatar, bankCard, idCard, phone, realName, unionpayQr, username, wechatQr, parseInt(id)]);
|
|
if (user.length === 0) {
|
|
return res.status(404).json({ success: false, message: '用户不存在' });
|
|
}
|
|
res.json({ success: true, data: user[0] });
|
|
} catch (error) {
|
|
console.error('更新用户信息失败:', error);
|
|
res.status(500).json({ success: false, message: '更新用户信息失败' });
|
|
}
|
|
})
|
|
|
|
module.exports = router; |