aiotagro/niumalll
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加 IntelliJ IDEA 项目配置文件

Browse Source
This commit is contained in:
ylweng
2025-09-02 21:59:27 +08:00
parent 59cfe620fe
commit 501c218a83
56 changed files with 11886 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
backend/routes/auth.js Normal file
View File

@@ -0,0 +1,194 @@
const express = require('express')
const bcrypt = require('bcryptjs')
const jwt = require('jsonwebtoken')
const Joi = require('joi')
const router = express.Router()
// 模拟用户数据
const users = [
{
id: 1,
username: 'admin',
email: 'admin@example.com',
password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
role: 'admin',
status: 'active'
},
{
id: 2,
username: 'buyer',
email: 'buyer@example.com',
password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
role: 'buyer',
status: 'active'
},
{
id: 3,
username: 'trader',
email: 'trader@example.com',
password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
role: 'trader',
status: 'active'
}
]
// 登录参数验证
const loginSchema = Joi.object({
username: Joi.string().min(2).max(50).required(),
password: Joi.string().min(6).max(100).required()
})
// 生成JWT token
const generateToken = (user) => {
return jwt.sign(
{
id: user.id,
username: user.username,
role: user.role
},
process.env.JWT_SECRET || 'niumall-secret-key',
{ expiresIn: process.env.JWT_EXPIRES_IN || '24h' }
)
}
// 用户登录
router.post('/login', async (req, res) => {
try {
// 参数验证
const { error, value } = loginSchema.validate(req.body)
if (error) {
return res.status(400).json({
success: false,
message: '参数验证失败',
details: error.details[0].message
})
}
const { username, password } = value
// 查找用户
const user = users.find(u => u.username === username || u.email === username)
if (!user) {
return res.status(401).json({
success: false,
message: '用户名或密码错误'
})
}
// 验证密码
const isPasswordValid = await bcrypt.compare(password, user.password)
if (!isPasswordValid) {
return res.status(401).json({
success: false,
message: '用户名或密码错误'
})
}
// 检查用户状态
if (user.status !== 'active') {
return res.status(403).json({
success: false,
message: '账户已被禁用,请联系管理员'
})
}
// 生成token
const token = generateToken(user)
res.json({
success: true,
message: '登录成功',
data: {
access_token: token,
token_type: 'Bearer',
expires_in: 86400, // 24小时
user: {
id: user.id,
username: user.username,
email: user.email,
role: user.role,
status: user.status
}
}
})
} catch (error) {
console.error('登录失败:', error)
res.status(500).json({
success: false,
message: '登录失败,请稍后重试'
})
}
})
// 获取当前用户信息
router.get('/me', authenticateToken, (req, res) => {
const user = users.find(u => u.id === req.user.id)
if (!user) {
return res.status(404).json({
success: false,
message: '用户不存在'
})
}
res.json({
success: true,
data: {
user: {
id: user.id,
username: user.username,
email: user.email,
role: user.role,
status: user.status
},
permissions: getUserPermissions(user.role)
}
})
})
// 用户登出
router.post('/logout', authenticateToken, (req, res) => {
// 在实际项目中可以将token加入黑名单
res.json({
success: true,
message: '登出成功'
})
})
// JWT token验证中间件
function authenticateToken(req, res, next) {
const authHeader = req.headers['authorization']
const token = authHeader && authHeader.split(' ')[1]
if (!token) {
return res.status(401).json({
success: false,
message: '访问令牌缺失'
})
}
jwt.verify(token, process.env.JWT_SECRET || 'niumall-secret-key', (err, user) => {
if (err) {
return res.status(403).json({
success: false,
message: '访问令牌无效或已过期'
})
}
req.user = user
next()
})
}
// 获取用户权限
function getUserPermissions(role) {
const permissions = {
admin: ['*'], // 管理员拥有所有权限
buyer: ['order:read', 'order:create', 'order:update', 'supplier:read'],
trader: ['order:read', 'order:update', 'supplier:read', 'supplier:create', 'supplier:update', 'transport:read'],
supplier: ['order:read', 'quality:read', 'quality:create', 'quality:update'],
driver: ['transport:read', 'transport:update']
}
return permissions[role] || []
}
module.exports = router