添加后端接口修改前端及小程序

2025-09-29 17:58:42 +08:00
parent 488cbe4056
commit 4af8368097
50 changed files with 4558 additions and 333 deletions
--- a/government-backend/controllers/authController.js
+++ b/government-backend/controllers/authController.js
@@ -2,6 +2,8 @@ const jwt = require('jsonwebtoken');
 const User = require('../models/User');
 const AdminStaff = require('../models/AdminStaff');
 const bcrypt = require('bcryptjs');
+const jwtModule = require('jsonwebtoken');
+const tokenBlacklist = require('../utils/tokenBlacklist');

 // JWT配置
 const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key-change-in-production';
@@ -40,7 +42,7 @@ exports.login = async (req, res) => {
      last_login: new Date()
    });
    
-    const token = jwt.sign({
+    const token = jwtModule.sign({
      id: user.id,
      username: user.username,
      role: user.role
@@ -74,17 +76,18 @@ exports.getUserInfo = async (req, res) => {
    }

    try {
-      const decoded = jwt.verify(token, JWT_SECRET);
+      // 先检查token是否在黑名单中
+      if (tokenBlacklist.isBlacklisted(token)) {
+        return res.status(401).json({
+          code: 401,
+          message: '认证令牌已失效（已退出登录）'
+        });
+      }
+      
+      const decoded = jwtModule.verify(token, JWT_SECRET);
      
      // 从数据库获取用户信息
-      const user = await User.findByPk(decoded.id, {
-        include: [
-          {
-            model: AdminStaff,
-            as: 'staffInfo'
-          }
-        ]
-      });
+      const user = await User.findByPk(decoded.id);
      
      if (!user || user.status !== 'active') {
        return res.status(401).json({
@@ -150,7 +153,7 @@ exports.getUserInfo = async (req, res) => {
 };

 // 根据角色获取权限
-exports.getPermissionsByRole = (role) => {
+function getPermissionsByRole(role) {
  const basePermissions = ['dashboard'];
  
  switch (role) {
@@ -165,4 +168,44 @@ exports.getPermissionsByRole = (role) => {
    default:
      return basePermissions;
  }
+};
+
+// 退出登录
+exports.logout = async (req, res) => {
+  try {
+    // 从请求头中获取token
+    const token = req.headers.authorization?.replace('Bearer ', '');
+    
+    if (token) {
+      try {
+        // 解码token获取过期时间
+        const decoded = jwtModule.decode(token);
+        if (decoded && decoded.exp) {
+          // 计算token剩余有效期（毫秒）
+          const currentTime = Math.floor(Date.now() / 1000);
+          const expiresIn = (decoded.exp - currentTime) * 1000;
+          
+          if (expiresIn > 0) {
+            // 将token添加到黑名单
+            tokenBlacklist.addToBlacklist(token, expiresIn);
+            console.log(`用户退出登录，token已添加到黑名单: ${token.substring(0, 20)}...`);
+          }
+        }
+      } catch (decodeError) {
+        console.warn('解码token失败:', decodeError);
+      }
+    }
+    
+    return res.json({
+      code: 200,
+      message: '退出登录成功'
+    });
+  } catch (err) {
+    console.error('退出登录错误:', err);
+    res.status(500).json({
+      code: 500,
+      message: '服务器错误',
+      error: err.message
+    });
+  }
 };