nxxmdata/bank-backend/routes/users.js

const express = require('express');
const { body } = require('express-validator');
const { authMiddleware, adminMiddleware, managerMiddleware } = require('../middleware/auth');
const router = express.Router();
const userController = require('../controllers/userController');

/**
 * @swagger
 * tags:
 *   name: Users
 *   description: 用户管理
 */

/**
 * @swagger
 * components:
 *   schemas:
 *     User:
 *       type: object
 *       required:
 *         - username
 *         - email
 *         - password
 *         - real_name
 *         - id_card
 *       properties:
 *         id:
 *           type: integer
 *           description: 用户ID
 *         username:
 *           type: string
 *           description: 用户名
 *         email:
 *           type: string
 *           format: email
 *           description: 邮箱地址
 *         real_name:
 *           type: string
 *           description: 真实姓名
 *         id_card:
 *           type: string
 *           description: 身份证号
 *         phone:
 *           type: string
 *           description: 手机号
 *         status:
 *           type: string
 *           enum: [active, inactive, suspended, locked]
 *           description: 用户状态
 */

/**
 * @swagger
 * /api/users/register:
 *   post:
 *     summary: 用户注册
 *     tags: [Users]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - email
 *               - password
 *               - real_name
 *               - id_card
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名
 *               email:
 *                 type: string
 *                 format: email
 *                 description: 邮箱地址
 *               password:
 *                 type: string
 *                 description: 密码
 *               real_name:
 *                 type: string
 *                 description: 真实姓名
 *               id_card:
 *                 type: string
 *                 description: 身份证号
 *               phone:
 *                 type: string
 *                 description: 手机号
 *     responses:
 *       201:
 *         description: 注册成功
 *       400:
 *         description: 输入数据验证失败
 *       500:
 *         description: 服务器内部错误
 */
router.post('/register', 
  [
    body('username').notEmpty().isLength({ min: 3, max: 50 }),
    body('email').isEmail(),
    body('password').isLength({ min: 6 }),
    body('real_name').notEmpty(),
    body('id_card').matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
    body('phone').optional().matches(/^1[3-9]\d{9}$/)
  ],
  userController.register
);

/**
 * @swagger
 * /api/users/login:
 *   post:
 *     summary: 用户登录
 *     tags: [Users]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名
 *               password:
 *                 type: string
 *                 description: 密码
 *     responses:
 *       200:
 *         description: 登录成功
 *       401:
 *         description: 用户名或密码错误
 *       500:
 *         description: 服务器内部错误
 */
router.post('/login', userController.login);

/**
 * @swagger
 * /api/users/profile:
 *   get:
 *     summary: 获取用户信息
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: 获取成功
 *       401:
 *         description: 未授权
 *       404:
 *         description: 用户不存在
 */
router.get('/profile', authMiddleware, userController.getProfile);

/**
 * @swagger
 * /api/users/profile:
 *   put:
 *     summary: 更新用户信息
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             properties:
 *               phone:
 *                 type: string
 *                 description: 手机号
 *               real_name:
 *                 type: string
 *                 description: 真实姓名
 *               avatar:
 *                 type: string
 *                 description: 头像URL
 *     responses:
 *       200:
 *         description: 更新成功
 *       400:
 *         description: 输入数据验证失败
 *       401:
 *         description: 未授权
 */
router.put('/profile', 
  authMiddleware,
  [
    body('phone').optional().matches(/^1[3-9]\d{9}$/),
    body('real_name').optional().notEmpty()
  ],
  userController.updateProfile
);

/**
 * @swagger
 * /api/users/change-password:
 *   put:
 *     summary: 修改密码
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - old_password
 *               - new_password
 *             properties:
 *               old_password:
 *                 type: string
 *                 description: 原密码
 *               new_password:
 *                 type: string
 *                 description: 新密码
 *     responses:
 *       200:
 *         description: 修改成功
 *       400:
 *         description: 原密码错误
 *       401:
 *         description: 未授权
 */
router.put('/change-password',
  authMiddleware,
  [
    body('old_password').notEmpty(),
    body('new_password').isLength({ min: 6 })
  ],
  userController.changePassword
);

/**
 * @swagger
 * /api/users:
 *   get:
 *     summary: 获取用户列表（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: query
 *         name: page
 *         schema:
 *           type: integer
 *           default: 1
 *         description: 页码
 *       - in: query
 *         name: limit
 *         schema:
 *           type: integer
 *           default: 10
 *         description: 每页数量
 *       - in: query
 *         name: search
 *         schema:
 *           type: string
 *         description: 搜索关键词
 *     responses:
 *       200:
 *         description: 获取成功
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 */
router.get('/', 
  authMiddleware, 
  adminMiddleware, 
  userController.getUsers
);

/**
 * @swagger
 * /api/users/{userId}/status:
 *   put:
 *     summary: 更新用户状态（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *         description: 用户ID
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - status
 *             properties:
 *               status:
 *                 type: string
 *                 enum: [active, inactive, suspended, locked]
 *                 description: 用户状态
 *     responses:
 *       200:
 *         description: 更新成功
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 *       404:
 *         description: 用户不存在
 */
router.put('/:userId/status',
  authMiddleware,
  adminMiddleware,
  [
    body('status').isIn(['active', 'inactive', 'suspended', 'locked'])
  ],
  userController.updateUserStatus
);

/**
 * @swagger
 * /api/users/{userId}/accounts:
 *   get:
 *     summary: 获取用户账户列表
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *         description: 用户ID
 *     responses:
 *       200:
 *         description: 获取成功
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 */
router.get('/:userId/accounts',
  authMiddleware,
  userController.getUserAccounts
);

// 新增的管理员路由
/**
 * @swagger
 * /api/users:
 *   post:
 *     summary: 创建用户（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - email
 *               - password
 *               - real_name
 *               - id_card
 *             properties:
 *               username:
 *                 type: string
 *               email:
 *                 type: string
 *               password:
 *                 type: string
 *               real_name:
 *                 type: string
 *               id_card:
 *                 type: string
 *               phone:
 *                 type: string
 *               role_id:
 *                 type: integer
 *     responses:
 *       201:
 *         description: 创建成功
 *       400:
 *         description: 请求参数错误
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 */
router.post('/', 
  authMiddleware,
  adminMiddleware,
  [
    body('username').notEmpty().isLength({ min: 3, max: 50 }),
    body('email').isEmail(),
    body('password').isLength({ min: 6 }),
    body('real_name').notEmpty(),
    body('id_card').matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
    body('phone').optional().matches(/^1[3-9]\d{9}$/)
  ],
  userController.createUser
);

/**
 * @swagger
 * /api/users/{userId}:
 *   get:
 *     summary: 获取用户详情
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *     responses:
 *       200:
 *         description: 获取成功
 *       401:
 *         description: 未授权
 *       404:
 *         description: 用户不存在
 */
router.get('/:userId',
  authMiddleware,
  userController.getUserById
);

/**
 * @swagger
 * /api/users/{userId}:
 *   put:
 *     summary: 更新用户信息（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             properties:
 *               username:
 *                 type: string
 *               email:
 *                 type: string
 *               real_name:
 *                 type: string
 *               id_card:
 *                 type: string
 *               phone:
 *                 type: string
 *               role_id:
 *                 type: integer
 *               status:
 *                 type: string
 *     responses:
 *       200:
 *         description: 更新成功
 *       400:
 *         description: 请求参数错误
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 *       404:
 *         description: 用户不存在
 */
router.put('/:userId',
  authMiddleware,
  adminMiddleware,
  [
    body('username').optional().isLength({ min: 3, max: 50 }),
    body('email').optional().isEmail(),
    body('real_name').optional().notEmpty(),
    body('id_card').optional().matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
    body('phone').optional().matches(/^1[3-9]\d{9}$/)
  ],
  userController.updateUser
);

/**
 * @swagger
 * /api/users/{userId}:
 *   delete:
 *     summary: 删除用户（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *     responses:
 *       200:
 *         description: 删除成功
 *       400:
 *         description: 不能删除自己的账户
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 *       404:
 *         description: 用户不存在
 */
router.delete('/:userId',
  authMiddleware,
  adminMiddleware,
  userController.deleteUser
);

/**
 * @swagger
 * /api/users/{userId}/reset-password:
 *   post:
 *     summary: 重置用户密码（管理员）
 *     tags: [Users]
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: userId
 *         required: true
 *         schema:
 *           type: integer
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - newPassword
 *             properties:
 *               newPassword:
 *                 type: string
 *     responses:
 *       200:
 *         description: 重置成功
 *       400:
 *         description: 请求参数错误
 *       401:
 *         description: 未授权
 *       403:
 *         description: 权限不足
 *       404:
 *         description: 用户不存在
 */
router.post('/:userId/reset-password',
  authMiddleware,
  adminMiddleware,
  [
    body('newPassword').isLength({ min: 6 })
  ],
  userController.resetPassword
);

module.exports = router;