添加 IntelliJ IDEA 项目配置文件

backend/.env.development

@@ -0,0 +1,61 @@
+# 应用配置
+NODE_ENV=development
+PORT=3001
+APP_NAME=活牛采购智能数字化系统
+
+# 数据库配置
+DB_HOST=129.211.213.226
+DB_PORT=9527
+DB_NAME=jiebandata
+DB_USER=root
+DB_PASSWORD=aiotAiot123!
+DB_DIALECT=mysql
+
+# Redis配置 (本地开发)
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=
+REDIS_DB=0
+
+# JWT配置
+JWT_SECRET=niumall_jwt_secret_2024_cattle_procurement_system
+JWT_EXPIRES_IN=24h
+JWT_REFRESH_EXPIRES_IN=7d
+
+# 文件上传配置
+UPLOAD_PATH=./uploads
+MAX_FILE_SIZE=50MB
+ALLOWED_FILE_TYPES=jpg,jpeg,png,gif,pdf,doc,docx,xls,xlsx,mp4,avi
+
+# 日志配置
+LOG_LEVEL=info
+LOG_FILE=./logs/app.log
+
+# 短信配置
+SMS_PROVIDER=aliyun
+SMS_ACCESS_KEY=
+SMS_SECRET_KEY=
+
+# 支付配置
+PAYMENT_PROVIDER=wechat
+WECHAT_APPID=
+WECHAT_SECRET=
+WECHAT_MERCHANT_ID=
+WECHAT_API_KEY=
+
+# WebSocket配置
+WS_PORT=3002
+
+# 监控配置
+ENABLE_MONITORING=true
+MONITORING_TOKEN=
+
+# 邮件配置
+SMTP_HOST=
+SMTP_PORT=587
+SMTP_USER=
+SMTP_PASS=
+
+# API限流配置
+RATE_LIMIT_WINDOW=15
+RATE_LIMIT_MAX_REQUESTS=100

backend/app.js

@@ -4,6 +4,8 @@ const helmet = require('helmet')
 const morgan = require('morgan')
 const rateLimit = require('express-rate-limit')
 const compression = require('compression')
+const { testConnection, syncDatabase } = require('./config/database')
+const { createInitialUsers } = require('./scripts/initData')
 require('dotenv').config()
 
 const app = express()
@@ -69,10 +71,33 @@ app.use((err, req, res, next) => {
 
 const PORT = process.env.PORT || 3000
 
-app.listen(PORT, () => {
-  console.log(`🚀 服务器启动成功`)
-  console.log(`📱 运行环境: ${process.env.NODE_ENV || 'development'}`)
-  console.log(`🌐 访问地址: http://localhost:${PORT}`)
-  console.log(`📊 健康检查: http://localhost:${PORT}/health`)
-  console.log(`📚 API文档: http://localhost:${PORT}/api/docs`)
-})
+// 启动服务器
+const startServer = async () => {
+  try {
+    // 测试数据库连接
+    const dbConnected = await testConnection();
+    if (!dbConnected) {
+      console.log('⚠️  数据库连接失败，使用模拟数据模式');
+    } else {
+      // 同步数据库模型（开发环境）
+      if (process.env.NODE_ENV === 'development') {
+        await syncDatabase({ alter: true });
+        // 创建初始用户数据
+        await createInitialUsers();
+      }
+    }
+    
+    app.listen(PORT, () => {
+      console.log(`🚀 服务器启动成功`)
+      console.log(`📱 运行环境: ${process.env.NODE_ENV || 'development'}`)
+      console.log(`🌐 访问地址: http://localhost:${PORT}`)
+      console.log(`📊 健康检查: http://localhost:${PORT}/health`)
+      console.log(`📚 API文档: http://localhost:${PORT}/api/docs`)
+    })
+  } catch (error) {
+    console.error('❌ 服务器启动失败:', error)
+    process.exit(1)
+  }
+}
+
+startServer();

backend/config/database.js

@@ -0,0 +1,55 @@
+const { Sequelize } = require('sequelize');
+require('dotenv').config();
+
+// 数据库连接配置
+const sequelize = new Sequelize({
+  host: process.env.DB_HOST || '129.211.213.226',
+  port: process.env.DB_PORT || 9527,
+  database: process.env.DB_NAME || 'jiebandata',
+  username: process.env.DB_USER || 'root',
+  password: process.env.DB_PASSWORD || 'aiotAiot123!',
+  dialect: process.env.DB_DIALECT || 'mysql',
+  logging: process.env.NODE_ENV === 'development' ? console.log : false,
+  pool: {
+    max: 5,
+    min: 0,
+    acquire: 30000,
+    idle: 10000
+  },
+  define: {
+    timestamps: true,
+    underscored: true,
+    freezeTableName: true
+  },
+  timezone: '+08:00'
+});
+
+// 测试数据库连接
+const testConnection = async () => {
+  try {
+    await sequelize.authenticate();
+    console.log('✅ 数据库连接成功');
+    return true;
+  } catch (error) {
+    console.error('❌ 数据库连接失败:', error.message);
+    return false;
+  }
+};
+
+// 同步数据库模型
+const syncDatabase = async (options = {}) => {
+  try {
+    await sequelize.sync(options);
+    console.log('✅ 数据库同步成功');
+  } catch (error) {
+    console.error('❌ 数据库同步失败:', error);
+    throw error;
+  }
+};
+
+module.exports = {
+  sequelize,
+  testConnection,
+  syncDatabase,
+  Sequelize
+};

backend/middleware/auth.js

@@ -0,0 +1,184 @@
+const jwt = require('jsonwebtoken');
+const User = require('../models/User');
+
+// JWT认证中间件
+const authenticateToken = async (req, res, next) => {
+  try {
+    const authHeader = req.headers['authorization'];
+    const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
+
+    if (!token) {
+      return res.status(401).json({
+        success: false,
+        message: '访问令牌缺失',
+        code: 'TOKEN_MISSING'
+      });
+    }
+
+    // 验证token
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    
+    // 查找用户
+    const user = await User.findByPk(decoded.userId, {
+      attributes: { exclude: ['password_hash'] }
+    });
+
+    if (!user) {
+      return res.status(401).json({
+        success: false,
+        message: '用户不存在',
+        code: 'USER_NOT_FOUND'
+      });
+    }
+
+    if (user.status !== 'active') {
+      return res.status(401).json({
+        success: false,
+        message: '用户账号已被禁用',
+        code: 'USER_DISABLED'
+      });
+    }
+
+    // 将用户信息附加到请求对象
+    req.user = user;
+    next();
+  } catch (error) {
+    if (error.name === 'JsonWebTokenError') {
+      return res.status(401).json({
+        success: false,
+        message: '无效的访问令牌',
+        code: 'INVALID_TOKEN'
+      });
+    } else if (error.name === 'TokenExpiredError') {
+      return res.status(401).json({
+        success: false,
+        message: '访问令牌已过期',
+        code: 'TOKEN_EXPIRED'
+      });
+    }
+
+    return res.status(500).json({
+      success: false,
+      message: '认证服务错误',
+      error: error.message
+    });
+  }
+};
+
+// 权限检查中间件
+const requireRole = (roles) => {
+  return (req, res, next) => {
+    if (!req.user) {
+      return res.status(401).json({
+        success: false,
+        message: '用户未认证',
+        code: 'USER_NOT_AUTHENTICATED'
+      });
+    }
+
+    const userRoles = Array.isArray(roles) ? roles : [roles];
+    
+    if (!userRoles.includes(req.user.user_type)) {
+      return res.status(403).json({
+        success: false,
+        message: '权限不足',
+        code: 'INSUFFICIENT_PERMISSIONS',
+        requiredRoles: userRoles,
+        userRole: req.user.user_type
+      });
+    }
+
+    next();
+  };
+};
+
+// 生成JWT token
+const generateToken = (user) => {
+  const payload = {
+    userId: user.id,
+    username: user.username,
+    userType: user.user_type
+  };
+
+  return {
+    accessToken: jwt.sign(payload, process.env.JWT_SECRET, {
+      expiresIn: process.env.JWT_EXPIRES_IN || '24h'
+    }),
+    refreshToken: jwt.sign(
+      { userId: user.id },
+      process.env.JWT_SECRET + '_refresh',
+      { expiresIn: process.env.JWT_REFRESH_EXPIRES_IN || '7d' }
+    )
+  };
+};
+
+// 刷新token
+const refreshToken = async (req, res, next) => {
+  try {
+    const { refreshToken } = req.body;
+    
+    if (!refreshToken) {
+      return res.status(400).json({
+        success: false,
+        message: '刷新令牌缺失'
+      });
+    }
+
+    const decoded = jwt.verify(refreshToken, process.env.JWT_SECRET + '_refresh');
+    const user = await User.findByPk(decoded.userId, {
+      attributes: { exclude: ['password_hash'] }
+    });
+
+    if (!user || user.status !== 'active') {
+      return res.status(401).json({
+        success: false,
+        message: '无效的刷新令牌'
+      });
+    }
+
+    const tokens = generateToken(user);
+    
+    res.json({
+      success: true,
+      message: '令牌刷新成功',
+      data: tokens
+    });
+  } catch (error) {
+    return res.status(401).json({
+      success: false,
+      message: '刷新令牌无效或已过期'
+    });
+  }
+};
+
+// 可选认证中间件（不强制要求登录）
+const optionalAuth = async (req, res, next) => {
+  try {
+    const authHeader = req.headers['authorization'];
+    const token = authHeader && authHeader.split(' ')[1];
+
+    if (token) {
+      const decoded = jwt.verify(token, process.env.JWT_SECRET);
+      const user = await User.findByPk(decoded.userId, {
+        attributes: { exclude: ['password_hash'] }
+      });
+      
+      if (user && user.status === 'active') {
+        req.user = user;
+      }
+    }
+    
+    next();
+  } catch (error) {
+    // 忽略错误，继续请求
+    next();
+  }
+};
+
+module.exports = {
+  authenticateToken,
+  requireRole,
+  generateToken,
+  refreshToken,
+  optionalAuth
+};

backend/models/User.js

@@ -0,0 +1,122 @@
+const { DataTypes } = require('sequelize');
+const { sequelize } = require('../config/database');
+const bcrypt = require('bcryptjs');
+
+// 用户模型
+const User = sequelize.define('User', {
+  id: {
+    type: DataTypes.BIGINT,
+    primaryKey: true,
+    autoIncrement: true
+  },
+  uuid: {
+    type: DataTypes.STRING(36),
+    allowNull: false,
+    unique: true,
+    defaultValue: DataTypes.UUIDV4
+  },
+  username: {
+    type: DataTypes.STRING(50),
+    allowNull: false,
+    unique: true,
+    validate: {
+      len: [2, 50]
+    }
+  },
+  password_hash: {
+    type: DataTypes.STRING(255),
+    allowNull: false
+  },
+  phone: {
+    type: DataTypes.STRING(20),
+    allowNull: false,
+    unique: true,
+    validate: {
+      is: /^1[3-9]\d{9}$/
+    }
+  },
+  email: {
+    type: DataTypes.STRING(100),
+    validate: {
+      isEmail: true
+    }
+  },
+  real_name: DataTypes.STRING(50),
+  avatar_url: DataTypes.STRING(255),
+  user_type: {
+    type: DataTypes.ENUM('client', 'supplier', 'driver', 'staff', 'admin'),
+    allowNull: false,
+    defaultValue: 'client'
+  },
+  status: {
+    type: DataTypes.ENUM('active', 'inactive', 'locked'),
+    defaultValue: 'active'
+  },
+  last_login_at: DataTypes.DATE,
+  login_count: {
+    type: DataTypes.INTEGER,
+    defaultValue: 0
+  }
+}, {
+  tableName: 'users',
+  timestamps: true,
+  paranoid: true, // 软删除
+  indexes: [
+    { fields: ['phone'] },
+    { fields: ['user_type'] },
+    { fields: ['status'] },
+    { fields: ['username'] }
+  ],
+  hooks: {
+    beforeCreate: async (user) => {
+      if (user.password_hash) {
+        user.password_hash = await bcrypt.hash(user.password_hash, 12);
+      }
+    },
+    beforeUpdate: async (user) => {
+      if (user.changed('password_hash')) {
+        user.password_hash = await bcrypt.hash(user.password_hash, 12);
+      }
+    }
+  }
+});
+
+// 实例方法：验证密码
+User.prototype.validatePassword = async function(password) {
+  return await bcrypt.compare(password, this.password_hash);
+};
+
+// 实例方法：更新登录信息
+User.prototype.updateLoginInfo = async function() {
+  this.last_login_at = new Date();
+  this.login_count += 1;
+  await this.save();
+};
+
+// 类方法：根据用户名或手机号查找用户
+User.findByLoginIdentifier = async function(identifier) {
+  return await this.findOne({
+    where: {
+      [sequelize.Sequelize.Op.or]: [
+        { username: identifier },
+        { phone: identifier }
+      ]
+    }
+  });
+};
+
+// 类方法：创建用户
+User.createUser = async function(userData) {
+  const { username, password, phone, email, real_name, user_type = 'client' } = userData;
+  
+  return await this.create({
+    username,
+    password_hash: password,
+    phone,
+    email,
+    real_name,
+    user_type
+  });
+};
+
+module.exports = User;

backend/package.json

@@ -2,10 +2,10 @@
   "name": "niumall-backend",
   "version": "1.0.0",
   "description": "活牛采购智能数字化系统 - 后端服务",
-  "main": "src/app.js",
+  "main": "app.js",
   "scripts": {
-    "start": "node src/app.js",
-    "dev": "nodemon src/app.js",
+    "start": "node app.js",
+    "dev": "nodemon app.js",
     "test": "jest",
     "test:watch": "jest --watch",
     "test:coverage": "jest --coverage",
@@ -31,37 +31,38 @@
   "author": "NiuMall Team",
   "license": "MIT",
   "dependencies": {
+    "axios": "^1.4.0",
+    "bcryptjs": "^2.4.3",
+    "compression": "^1.7.4",
+    "cors": "^2.8.5",
+    "dotenv": "^16.3.1",
     "express": "^4.18.2",
-    "sequelize": "^6.32.1",
+    "express-rate-limit": "^6.8.1",
+    "helmet": "^7.0.0",
+    "joi": "^17.9.2",
+    "jsonwebtoken": "^9.0.2",
+    "lodash": "^4.17.21",
+    "moment": "^2.29.4",
+    "morgan": "^1.10.1",
+    "multer": "^1.4.5-lts.1",
     "mysql2": "^3.6.0",
     "redis": "^4.6.7",
-    "jsonwebtoken": "^9.0.2",
-    "bcryptjs": "^2.4.3",
-    "joi": "^17.9.2",
-    "multer": "^1.4.5-lts.1",
-    "winston": "^3.10.0",
+    "sequelize": "^6.32.1",
     "socket.io": "^4.7.2",
-    "cors": "^2.8.5",
-    "helmet": "^7.0.0",
-    "compression": "^1.7.4",
-    "express-rate-limit": "^6.8.1",
-    "dotenv": "^16.3.1",
-    "moment": "^2.29.4",
     "uuid": "^9.0.0",
-    "lodash": "^4.17.21",
-    "axios": "^1.4.0"
+    "winston": "^3.10.0"
   },
   "devDependencies": {
-    "nodemon": "^3.0.1",
-    "jest": "^29.6.2",
-    "supertest": "^6.3.3",
     "eslint": "^8.45.0",
+    "jest": "^29.6.2",
+    "nodemon": "^3.0.1",
+    "pm2": "^5.3.0",
     "prettier": "^3.0.0",
     "sequelize-cli": "^6.6.1",
-    "pm2": "^5.3.0"
+    "supertest": "^6.3.3"
   },
   "engines": {
     "node": ">=18.0.0",
     "npm": ">=8.0.0"
   }
-}
+}

backend/routes/auth.js

@@ -1,194 +1,186 @@
-const express = require('express')
-const bcrypt = require('bcryptjs')
-const jwt = require('jsonwebtoken')
-const Joi = require('joi')
-const router = express.Router()
+const express = require('express');
+const router = express.Router();
+const Joi = require('joi');
+const User = require('../models/User');
+const { generateToken, refreshToken, authenticateToken } = require('../middleware/auth');
 
-// 模拟用户数据
-const users = [
-  {
-    id: 1,
-    username: 'admin',
-    email: 'admin@example.com',
-    password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
-    role: 'admin',
-    status: 'active'
-  },
-  {
-    id: 2,
-    username: 'buyer',
-    email: 'buyer@example.com',
-    password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
-    role: 'buyer',
-    status: 'active'
-  },
-  {
-    id: 3,
-    username: 'trader',
-    email: 'trader@example.com',
-    password: '$2a$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
-    role: 'trader',
-    status: 'active'
-  }
-]
-
-// 登录参数验证
+// 验证schema
 const loginSchema = Joi.object({
   username: Joi.string().min(2).max(50).required(),
   password: Joi.string().min(6).max(100).required()
-})
+});
 
-// 生成JWT token
-const generateToken = (user) => {
-  return jwt.sign(
-    {
-      id: user.id,
-      username: user.username,
-      role: user.role
-    },
-    process.env.JWT_SECRET || 'niumall-secret-key',
-    { expiresIn: process.env.JWT_EXPIRES_IN || '24h' }
-  )
-}
+const passwordResetRequestSchema = Joi.object({
+  phone: Joi.string().pattern(/^1[3-9]\d{9}$/).required()
+});
+
+const passwordResetConfirmSchema = Joi.object({
+  phone: Joi.string().pattern(/^1[3-9]\d{9}$/).required(),
+  resetCode: Joi.string().required(),
+  newPassword: Joi.string().min(6).max(100).required()
+});
+
+const changePasswordSchema = Joi.object({
+  oldPassword: Joi.string().required(),
+  newPassword: Joi.string().min(6).max(100).required()
+});
 
 // 用户登录
 router.post('/login', async (req, res) => {
   try {
-    // 参数验证
-    const { error, value } = loginSchema.validate(req.body)
+    const { error, value } = loginSchema.validate(req.body);
     if (error) {
       return res.status(400).json({
         success: false,
         message: '参数验证失败',
-        details: error.details[0].message
-      })
+        errors: error.details.map(detail => detail.message)
+      });
     }
 
-    const { username, password } = value
-
+    const { username, password } = value;
+    
     // 查找用户
-    const user = users.find(u => u.username === username || u.email === username)
+    const user = await User.findByLoginIdentifier(username);
+
     if (!user) {
       return res.status(401).json({
         success: false,
-        message: '用户名或密码错误'
-      })
+        message: '用户名或密码错误',
+        code: 'INVALID_CREDENTIALS'
+      });
     }
 
     // 验证密码
-    const isPasswordValid = await bcrypt.compare(password, user.password)
-    if (!isPasswordValid) {
+    const isValidPassword = await user.validatePassword(password);
+    if (!isValidPassword) {
       return res.status(401).json({
         success: false,
-        message: '用户名或密码错误'
-      })
+        message: '用户名或密码错误',
+        code: 'INVALID_CREDENTIALS'
+      });
     }
 
-    // 检查用户状态
     if (user.status !== 'active') {
-      return res.status(403).json({
+      return res.status(401).json({
         success: false,
-        message: '账户已被禁用，请联系管理员'
-      })
+        message: '账号已被禁用，请联系管理员',
+        code: 'ACCOUNT_DISABLED'
+      });
     }
 
-    // 生成token
-    const token = generateToken(user)
+    // 更新登录信息
+    await user.updateLoginInfo();
 
+    // 生成JWT token
+    const tokens = generateToken(user);
+    
     res.json({
       success: true,
       message: '登录成功',
       data: {
-        access_token: token,
-        token_type: 'Bearer',
-        expires_in: 86400, // 24小时
+        ...tokens,
         user: {
           id: user.id,
+          uuid: user.uuid,
           username: user.username,
+          phone: user.phone,
           email: user.email,
-          role: user.role,
-          status: user.status
+          real_name: user.real_name,
+          avatar_url: user.avatar_url,
+          user_type: user.user_type,
+          status: user.status,
+          last_login_at: user.last_login_at,
+          login_count: user.login_count
         }
       }
-    })
+    });
   } catch (error) {
-    console.error('登录失败:', error)
+    console.error('登录错误:', error);
     res.status(500).json({
       success: false,
-      message: '登录失败，请稍后重试'
-    })
+      message: '登录失败',
+      error: error.message
+    });
   }
-})
+});
 
-// 获取当前用户信息
-router.get('/me', authenticateToken, (req, res) => {
-  const user = users.find(u => u.id === req.user.id)
-  if (!user) {
-    return res.status(404).json({
+// 获取用户信息
+router.get('/me', authenticateToken, async (req, res) => {
+  try {
+    // req.user 已经通过中间件注入
+    res.json({
+      success: true,
+      data: {
+        id: req.user.id,
+        uuid: req.user.uuid,
+        username: req.user.username,
+        phone: req.user.phone,
+        email: req.user.email,
+        real_name: req.user.real_name,
+        avatar_url: req.user.avatar_url,
+        user_type: req.user.user_type,
+        status: req.user.status,
+        last_login_at: req.user.last_login_at,
+        login_count: req.user.login_count,
+        created_at: req.user.created_at,
+        updated_at: req.user.updated_at
+      }
+    });
+  } catch (error) {
+    console.error('获取用户信息错误:', error);
+    res.status(500).json({
       success: false,
-      message: '用户不存在'
-    })
+      message: '获取用户信息失败',
+      error: error.message
+    });
   }
-
-  res.json({
-    success: true,
-    data: {
-      user: {
-        id: user.id,
-        username: user.username,
-        email: user.email,
-        role: user.role,
-        status: user.status
-      },
-      permissions: getUserPermissions(user.role)
-    }
-  })
-})
+});
 
 // 用户登出
-router.post('/logout', authenticateToken, (req, res) => {
-  // 在实际项目中，可以将token加入黑名单
-  res.json({
-    success: true,
-    message: '登出成功'
-  })
-})
-
-// JWT token验证中间件
-function authenticateToken(req, res, next) {
-  const authHeader = req.headers['authorization']
-  const token = authHeader && authHeader.split(' ')[1]
-
-  if (!token) {
-    return res.status(401).json({
+router.post('/logout', authenticateToken, async (req, res) => {
+  try {
+    // TODO: 实际项目中可以将token加入黑名单或Redis
+    res.json({
+      success: true,
+      message: '退出登录成功'
+    });
+  } catch (error) {
+    console.error('退出登录错误:', error);
+    res.status(500).json({
       success: false,
-      message: '访问令牌缺失'
-    })
+      message: '退出登录失败',
+      error: error.message
+    });
   }
+});
 
-  jwt.verify(token, process.env.JWT_SECRET || 'niumall-secret-key', (err, user) => {
-    if (err) {
-      return res.status(403).json({
-        success: false,
-        message: '访问令牌无效或已过期'
-      })
-    }
-    req.user = user
-    next()
-  })
-}
+// 刷新token
+router.post('/refresh', refreshToken);
 
-// 获取用户权限
-function getUserPermissions(role) {
-  const permissions = {
-    admin: ['*'], // 管理员拥有所有权限
-    buyer: ['order:read', 'order:create', 'order:update', 'supplier:read'],
-    trader: ['order:read', 'order:update', 'supplier:read', 'supplier:create', 'supplier:update', 'transport:read'],
-    supplier: ['order:read', 'quality:read', 'quality:create', 'quality:update'],
-    driver: ['transport:read', 'transport:update']
+// 验证token有效性
+router.post('/verify', authenticateToken, (req, res) => {
+  try {
+    // 如果通过认证中间件，说明token有效
+    res.json({
+      success: true,
+      message: 'Token有效',
+      data: {
+        valid: true,
+        user: {
+          id: req.user.id,
+          username: req.user.username,
+          user_type: req.user.user_type
+        }
+      }
+    });
+  } catch (error) {
+    console.error('Token验证错误:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Token验证失败',
+      error: error.message
+    });
   }
-  
-  return permissions[role] || []
-}
+});
 
-module.exports = router
+module.exports = router;

backend/scripts/initData.js

@@ -0,0 +1,78 @@
+const User = require('../models/User');
+
+// 创建初始用户数据
+const createInitialUsers = async () => {
+  try {
+    // 检查是否已存在用户
+    const existingAdmin = await User.findOne({ where: { username: 'admin' } });
+    if (existingAdmin) {
+      console.log('✅ 初始用户已存在，跳过创建');
+      return;
+    }
+
+    // 创建管理员用户
+    const adminUser = await User.createUser({
+      username: 'admin',
+      password: 'admin123',
+      phone: '13800138000',
+      email: 'admin@niumall.com',
+      real_name: '系统管理员',
+      user_type: 'admin'
+    });
+
+    // 创建采购人用户
+    const buyerUser = await User.createUser({
+      username: 'buyer',
+      password: 'buyer123',
+      phone: '13800138001',
+      email: 'buyer@niumall.com',
+      real_name: '采购经理',
+      user_type: 'client'
+    });
+
+    // 创建贸易商用户
+    const traderUser = await User.createUser({
+      username: 'trader',
+      password: 'trader123',
+      phone: '13800138002',
+      email: 'trader@niumall.com',
+      real_name: '贸易商经理',
+      user_type: 'staff'
+    });
+
+    // 创建供应商用户
+    const supplierUser = await User.createUser({
+      username: 'supplier',
+      password: 'supplier123',
+      phone: '13800138003',
+      email: 'supplier@niumall.com',
+      real_name: '供应商代表',
+      user_type: 'supplier'
+    });
+
+    // 创建司机用户
+    const driverUser = await User.createUser({
+      username: 'driver',
+      password: 'driver123',
+      phone: '13800138004',
+      email: 'driver@niumall.com',
+      real_name: '运输司机',
+      user_type: 'driver'
+    });
+
+    console.log('✅ 初始用户创建成功');
+    console.log('👤 用户账号信息:');
+    console.log('   管理员: admin / admin123');
+    console.log('   采购人: buyer / buyer123');
+    console.log('   贸易商: trader / trader123');
+    console.log('   供应商: supplier / supplier123');
+    console.log('   司机: driver / driver123');
+
+  } catch (error) {
+    console.error('❌ 创建初始用户失败:', error);
+  }
+};
+
+module.exports = {
+  createInitialUsers
+};