aiotagro/nxxmdata
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改保险后端代码,政府前端代码

Browse Source
This commit is contained in:
dengyuxin
2025-09-22 17:56:30 +08:00
parent 3143c3ad0b
commit 02a25515a9
206 changed files with 35119 additions and 43073 deletions
Download Patch File Download Diff File Expand all files Collapse all files

274
bank-backend/routes/users.js
View File

@@ -1,11 +1,6 @@
const express = require('express');
const { verifyToken, requireRole, requireLevel } = require('../middleware/auth');
const {
validatePhone,
validatePassword,
validateIdCard,
handleValidationErrors
} = require('../middleware/security');
const { body } = require('express-validator');
const { authMiddleware, adminMiddleware, managerMiddleware } = require('../middleware/auth');
const router = express.Router();
const userController = require('../controllers/userController');
@@ -101,9 +96,14 @@ const userController = require('../controllers/userController');
* description: 服务器内部错误
*/
router.post('/register',
validatePassword,
validateIdCard,
validatePhone,
[
body('username').notEmpty().isLength({ min: 3, max: 50 }),
body('email').isEmail(),
body('password').isLength({ min: 6 }),
body('real_name').notEmpty(),
body('id_card').matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
body('phone').optional().matches(/^1[3-9]\d{9}$/)
],
userController.register
);
@@ -155,7 +155,7 @@ router.post('/login', userController.login);
* 404:
* description: 用户不存在
*/
router.get('/profile', verifyToken, userController.getProfile);
router.get('/profile', authMiddleware, userController.getProfile);
/**
* @swagger
@@ -190,8 +190,11 @@ router.get('/profile', verifyToken, userController.getProfile);
* description: 未授权
*/
router.put('/profile',
verifyToken,
validatePhone,
authMiddleware,
[
body('phone').optional().matches(/^1[3-9]\d{9}$/),
body('real_name').optional().notEmpty()
],
userController.updateProfile
);
@@ -228,8 +231,11 @@ router.put('/profile',
* description: 未授权
*/
router.put('/change-password',
verifyToken,
validatePassword,
authMiddleware,
[
body('old_password').notEmpty(),
body('new_password').isLength({ min: 6 })
],
userController.changePassword
);
@@ -268,8 +274,8 @@ router.put('/change-password',
* description: 权限不足
*/
router.get('/',
verifyToken,
requireRole('admin'),
authMiddleware,
adminMiddleware,
userController.getUsers
);
@@ -312,8 +318,11 @@ router.get('/',
* description: 用户不存在
*/
router.put('/:userId/status',
verifyToken,
requireRole('admin'),
authMiddleware,
adminMiddleware,
[
body('status').isIn(['active', 'inactive', 'suspended', 'locked'])
],
userController.updateUserStatus
);
@@ -341,8 +350,233 @@ router.put('/:userId/status',
* description: 权限不足
*/
router.get('/:userId/accounts',
verifyToken,
authMiddleware,
userController.getUserAccounts
);
// 新增的管理员路由
/**
* @swagger
* /api/users:
* post:
* summary: 创建用户(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - username
* - email
* - password
* - real_name
* - id_card
* properties:
* username:
* type: string
* email:
* type: string
* password:
* type: string
* real_name:
* type: string
* id_card:
* type: string
* phone:
* type: string
* role_id:
* type: integer
* responses:
* 201:
* description: 创建成功
* 400:
* description: 请求参数错误
* 401:
* description: 未授权
* 403:
* description: 权限不足
*/
router.post('/',
authMiddleware,
adminMiddleware,
[
body('username').notEmpty().isLength({ min: 3, max: 50 }),
body('email').isEmail(),
body('password').isLength({ min: 6 }),
body('real_name').notEmpty(),
body('id_card').matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
body('phone').optional().matches(/^1[3-9]\d{9}$/)
],
userController.createUser
);
/**
* @swagger
* /api/users/{userId}:
* get:
* summary: 获取用户详情
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* responses:
* 200:
* description: 获取成功
* 401:
* description: 未授权
* 404:
* description: 用户不存在
*/
router.get('/:userId',
authMiddleware,
userController.getUserById
);
/**
* @swagger
* /api/users/{userId}:
* put:
* summary: 更新用户信息(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* properties:
* username:
* type: string
* email:
* type: string
* real_name:
* type: string
* id_card:
* type: string
* phone:
* type: string
* role_id:
* type: integer
* status:
* type: string
* responses:
* 200:
* description: 更新成功
* 400:
* description: 请求参数错误
* 401:
* description: 未授权
* 403:
* description: 权限不足
* 404:
* description: 用户不存在
*/
router.put('/:userId',
authMiddleware,
adminMiddleware,
[
body('username').optional().isLength({ min: 3, max: 50 }),
body('email').optional().isEmail(),
body('real_name').optional().notEmpty(),
body('id_card').optional().matches(/^[1-9]\d{5}(18|19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$/),
body('phone').optional().matches(/^1[3-9]\d{9}$/)
],
userController.updateUser
);
/**
* @swagger
* /api/users/{userId}:
* delete:
* summary: 删除用户(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* responses:
* 200:
* description: 删除成功
* 400:
* description: 不能删除自己的账户
* 401:
* description: 未授权
* 403:
* description: 权限不足
* 404:
* description: 用户不存在
*/
router.delete('/:userId',
authMiddleware,
adminMiddleware,
userController.deleteUser
);
/**
* @swagger
* /api/users/{userId}/reset-password:
* post:
* summary: 重置用户密码(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - newPassword
* properties:
* newPassword:
* type: string
* responses:
* 200:
* description: 重置成功
* 400:
* description: 请求参数错误
* 401:
* description: 未授权
* 403:
* description: 权限不足
* 404:
* description: 用户不存在
*/
router.post('/:userId/reset-password',
authMiddleware,
adminMiddleware,
[
body('newPassword').isLength({ min: 6 })
],
userController.resetPassword
);
module.exports = router;