aiotagro/nxxmdata
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e4287b83fef4b09a1fdf3b2c2114ba91791eced2
nxxmdata/bank-backend/routes/users.js
dengyuxin e4287b83fe 更新政府端和银行端
2025-09-17 18:04:28 +08:00

348 lines
8.0 KiB
JavaScript
Raw Blame History

const express = require('express');
const { verifyToken, requireRole, requireLevel } = require('../middleware/auth');
const {
validatePhone,
validatePassword,
validateIdCard,
handleValidationErrors
} = require('../middleware/security');
const router = express.Router();
const userController = require('../controllers/userController');
/**
* @swagger
* tags:
* name: Users
* description: 用户管理
*/
/**
* @swagger
* components:
* schemas:
* User:
* type: object
* required:
* - username
* - email
* - password
* - real_name
* - id_card
* properties:
* id:
* type: integer
* description: 用户ID
* username:
* type: string
* description: 用户名
* email:
* type: string
* format: email
* description: 邮箱地址
* real_name:
* type: string
* description: 真实姓名
* id_card:
* type: string
* description: 身份证号
* phone:
* type: string
* description: 手机号
* status:
* type: string
* enum: [active, inactive, suspended, locked]
* description: 用户状态
*/
/**
* @swagger
* /api/users/register:
* post:
* summary: 用户注册
* tags: [Users]
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - username
* - email
* - password
* - real_name
* - id_card
* properties:
* username:
* type: string
* description: 用户名
* email:
* type: string
* format: email
* description: 邮箱地址
* password:
* type: string
* description: 密码
* real_name:
* type: string
* description: 真实姓名
* id_card:
* type: string
* description: 身份证号
* phone:
* type: string
* description: 手机号
* responses:
* 201:
* description: 注册成功
* 400:
* description: 输入数据验证失败
* 500:
* description: 服务器内部错误
*/
router.post('/register',
validatePassword,
validateIdCard,
validatePhone,
userController.register
);
/**
* @swagger
* /api/users/login:
* post:
* summary: 用户登录
* tags: [Users]
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - username
* - password
* properties:
* username:
* type: string
* description: 用户名
* password:
* type: string
* description: 密码
* responses:
* 200:
* description: 登录成功
* 401:
* description: 用户名或密码错误
* 500:
* description: 服务器内部错误
*/
router.post('/login', userController.login);
/**
* @swagger
* /api/users/profile:
* get:
* summary: 获取用户信息
* tags: [Users]
* security:
* - bearerAuth: []
* responses:
* 200:
* description: 获取成功
* 401:
* description: 未授权
* 404:
* description: 用户不存在
*/
router.get('/profile', verifyToken, userController.getProfile);
/**
* @swagger
* /api/users/profile:
* put:
* summary: 更新用户信息
* tags: [Users]
* security:
* - bearerAuth: []
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* properties:
* phone:
* type: string
* description: 手机号
* real_name:
* type: string
* description: 真实姓名
* avatar:
* type: string
* description: 头像URL
* responses:
* 200:
* description: 更新成功
* 400:
* description: 输入数据验证失败
* 401:
* description: 未授权
*/
router.put('/profile',
verifyToken,
validatePhone,
userController.updateProfile
);
/**
* @swagger
* /api/users/change-password:
* put:
* summary: 修改密码
* tags: [Users]
* security:
* - bearerAuth: []
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - old_password
* - new_password
* properties:
* old_password:
* type: string
* description: 原密码
* new_password:
* type: string
* description: 新密码
* responses:
* 200:
* description: 修改成功
* 400:
* description: 原密码错误
* 401:
* description: 未授权
*/
router.put('/change-password',
verifyToken,
validatePassword,
userController.changePassword
);
/**
* @swagger
* /api/users:
* get:
* summary: 获取用户列表(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: query
* name: page
* schema:
* type: integer
* default: 1
* description: 页码
* - in: query
* name: limit
* schema:
* type: integer
* default: 10
* description: 每页数量
* - in: query
* name: search
* schema:
* type: string
* description: 搜索关键词
* responses:
* 200:
* description: 获取成功
* 401:
* description: 未授权
* 403:
* description: 权限不足
*/
router.get('/',
verifyToken,
requireRole('admin'),
userController.getUsers
);
/**
* @swagger
* /api/users/{userId}/status:
* put:
* summary: 更新用户状态(管理员)
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* description: 用户ID
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required:
* - status
* properties:
* status:
* type: string
* enum: [active, inactive, suspended, locked]
* description: 用户状态
* responses:
* 200:
* description: 更新成功
* 401:
* description: 未授权
* 403:
* description: 权限不足
* 404:
* description: 用户不存在
*/
router.put('/:userId/status',
verifyToken,
requireRole('admin'),
userController.updateUserStatus
);
/**
* @swagger
* /api/users/{userId}/accounts:
* get:
* summary: 获取用户账户列表
* tags: [Users]
* security:
* - bearerAuth: []
* parameters:
* - in: path
* name: userId
* required: true
* schema:
* type: integer
* description: 用户ID
* responses:
* 200:
* description: 获取成功
* 401:
* description: 未授权
* 403:
* description: 权限不足
*/
router.get('/:userId/accounts',
verifyToken,
userController.getUserAccounts
);
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink