admin/services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a7a2d10a95e4d6ee3bbe0a0372afdec6b7b49093
services/controllers/users.js
T

506 lines
10 KiB
JavaScript
Raw Normal View History

Initial commit: upload services folder
2026-05-23 14:15:45 +08:00
const { query } = require('../config/database')
const crypto = require('crypto')
function md5(str) {
return crypto.createHash('md5').update(str).digest('hex')
}
function generateToken() {
return crypto.randomBytes(32).toString('hex')
}
// 用户登录(支持双重身份)
async function login(ctx) {
const { phone, password, loginType } = ctx.request.body
if (!phone || !password) {
ctx.body = {
code: 400,
message: '请输入手机号和密码'
}
return
}
const users = await query('SELECT * FROM users WHERE phone = ?', [phone])
if (users.length === 0) {
ctx.body = {
code: 401,
message: '用户不存在'
}
return
}
const user = users[0]
if (user.status === 0) {
ctx.body = {
code: 401,
message: '账号已被禁用'
}
return
}
if (user.password !== md5(password)) {
ctx.body = {
code: 401,
message: '密码错误'
}
return
}
// 店员登录需要验证角色
if (loginType === 'staff' && user.role !== 1) {
ctx.body = {
code: 401,
message: '该账号不是店员账号'
}
return
}
const token = generateToken()
const userInfo = {
id: user.id,
phone: user.phone,
name: user.name,
avatar: user.avatar,
points: user.points,
role: user.role,
token
}
ctx.body = {
code: 200,
data: userInfo
}
}
// 用户注册(普通用户)
async function register(ctx) {
const { phone, password, name } = ctx.request.body
if (!phone || !password || !name) {
ctx.body = {
code: 400,
message: '请填写完整信息'
}
return
}
const existing = await query('SELECT * FROM users WHERE phone = ?', [phone])
if (existing.length > 0) {
ctx.body = {
code: 400,
message: '该手机号已注册'
}
return
}
const result = await query(
'INSERT INTO users (phone, password, name, avatar, points, role) VALUES (?, ?, ?, ?, ?, ?)',
[phone, md5(password), name, '', 0, 0]
)
ctx.body = {
code: 200,
message: '注册成功',
data: {
id: result.insertId,
phone,
name,
avatar: '',
points: 0,
role: 0
}
}
}
// 店员注册(由店员帮助用户注册或店员自己注册)
async function registerStaff(ctx) {
const { phone, name } = ctx.request.body
if (!phone || !name) {
ctx.body = {
code: 400,
message: '请填写手机号和姓名'
}
return
}
const existing = await query('SELECT * FROM users WHERE phone = ?', [phone])
if (existing.length > 0) {
ctx.body = {
code: 400,
message: '该手机号已注册'
}
return
}
// 默认密码 123456
const defaultPassword = '123456'
const result = await query(
'INSERT INTO users (phone, password, name, avatar, points, role) VALUES (?, ?, ?, ?, ?, ?)',
[phone, md5(defaultPassword), name, '', 0, 1]
)
ctx.body = {
code: 200,
message: '店员注册成功,默认密码为123456',
data: {
id: result.insertId,
phone,
name,
avatar: '',
points: 0,
role: 1
}
}
}
// 店员帮助用户注册
async function registerByStaff(ctx) {
const { phone, name } = ctx.request.body
if (!phone || !name) {
ctx.body = {
code: 400,
message: '请填写手机号和姓名'
}
return
}
const existing = await query('SELECT * FROM users WHERE phone = ?', [phone])
if (existing.length > 0) {
ctx.body = {
code: 400,
message: '该手机号已注册'
}
return
}
// 默认密码 123456
const defaultPassword = '123456'
const result = await query(
'INSERT INTO users (phone, password, name, avatar, points, role) VALUES (?, ?, ?, ?, ?, ?)',
[phone, md5(defaultPassword), name, '', 0, 0]
)
ctx.body = {
code: 200,
message: '用户注册成功,默认密码为123456',
data: {
id: result.insertId,
phone,
name,
avatar: '',
points: 0,
role: 0
}
}
}
// 获取用户信息
async function getUserInfo(ctx) {
const userId = parseInt(ctx.query.id)
if (!userId) {
// 返回默认用户信息
ctx.body = {
code: 200,
data: {
id: 1,
phone: '13800138000',
name: '张三',
avatar: '',
points: 1000,
role: 0
}
}
return
}
const users = await query('SELECT * FROM users WHERE id = ? AND status = 1', [userId])
if (users.length > 0) {
const user = users[0]
ctx.body = {
code: 200,
data: {
id: user.id,
phone: user.phone,
name: user.name,
avatar: user.avatar,
points: user.points,
role: user.role
}
}
} else {
ctx.body = {
code: 404,
message: '用户不存在'
}
}
}
// 获取用户列表
async function getUsers(ctx) {
let sql = 'SELECT id, phone, name, points, role, status, created_at FROM users WHERE status = 1'
const params = []
if (ctx.query.role !== undefined) {
sql += ' AND role = ?'
params.push(parseInt(ctx.query.role))
}
if (ctx.query.keyword) {
sql += ' AND (phone LIKE ? OR name LIKE ?)'
params.push(`%${ctx.query.keyword}%`, `%${ctx.query.keyword}%`)
}
sql += ' ORDER BY created_at DESC'
const users = await query(sql, params)
ctx.body = {
code: 200,
data: users
}
}
// 更新用户信息
async function updateUser(ctx) {
const userId = parseInt(ctx.params.id)
const { name, avatar, points, status } = ctx.request.body
const updateFields = []
const updateParams = []
if (name !== undefined) {
updateFields.push('name = ?')
updateParams.push(name)
}
if (avatar !== undefined) {
updateFields.push('avatar = ?')
updateParams.push(avatar)
}
if (points !== undefined) {
updateFields.push('points = ?')
updateParams.push(parseInt(points))
}
if (status !== undefined) {
updateFields.push('status = ?')
updateParams.push(parseInt(status))
}
if (updateFields.length === 0) {
ctx.body = {
code: 400,
message: '没有需要更新的字段'
}
return
}
updateParams.push(userId)
const result = await query(`UPDATE users SET ${updateFields.join(', ')} WHERE id = ?`, updateParams)
if (result.affectedRows > 0) {
ctx.body = {
code: 200,
message: '更新成功'
}
} else {
ctx.body = {
code: 404,
message: '用户不存在'
}
}
}
// 删除用户
async function deleteUser(ctx) {
const userId = parseInt(ctx.params.id)
const result = await query('UPDATE users SET status = 0 WHERE id = ?', [userId])
if (result.affectedRows > 0) {
ctx.body = {
code: 200,
message: '禁用成功'
}
} else {
ctx.body = {
code: 404,
message: '用户不存在'
}
}
}
// 修改密码
async function changePassword(ctx) {
const { phone, oldPassword, newPassword } = ctx.request.body
if (!phone || !oldPassword || !newPassword) {
ctx.body = {
code: 400,
message: '请填写完整信息'
}
return
}
const users = await query('SELECT * FROM users WHERE phone = ? AND status = 1', [phone])
if (users.length === 0) {
ctx.body = {
code: 404,
message: '用户不存在'
}
return
}
const user = users[0]
if (user.password !== md5(oldPassword)) {
ctx.body = {
code: 400,
message: '原密码错误'
}
return
}
await query('UPDATE users SET password = ? WHERE id = ?', [md5(newPassword), user.id])
ctx.body = {
code: 200,
message: '密码修改成功'
}
}
// 重置密码(店员操作)
async function resetPassword(ctx) {
const { userId } = ctx.request.body
if (!userId) {
ctx.body = {
code: 400,
message: '请指定用户ID'
}
return
}
const defaultPassword = '123456'
const result = await query('UPDATE users SET password = ? WHERE id = ?', [md5(defaultPassword), userId])
if (result.affectedRows > 0) {
ctx.body = {
code: 200,
message: '密码已重置为123456'
}
} else {
ctx.body = {
code: 404,
message: '用户不存在'
}
}
}
// 调整积分
async function addPoints(ctx) {
const { userId, points, description } = ctx.request.body
if (!userId || points === undefined) {
ctx.body = {
code: 400,
message: '请指定用户ID和积分变动值'
}
return
}
const pointsInt = parseInt(points)
if (isNaN(pointsInt)) {
ctx.body = {
code: 400,
message: '积分值无效'
}
return
}
// 检查用户是否存在
const users = await query('SELECT * FROM users WHERE id = ? AND status = 1', [userId])
if (users.length === 0) {
ctx.body = {
code: 404,
message: '用户不存在'
}
return
}
const user = users[0]
const newPoints = Math.max(0, user.points + pointsInt)
// 更新用户积分
await query('UPDATE users SET points = ? WHERE id = ?', [newPoints, userId])
// 记录积分变动日志
await query(
'INSERT INTO points_logs (user_id, type, amount, description) VALUES (?, ?, ?, ?)',
[userId, pointsInt >= 0 ? 'earn' : 'spend', Math.abs(pointsInt), description || '管理员调整积分']
)
ctx.body = {
code: 200,
message: '积分调整成功',
data: {
userId,
oldPoints: user.points,
newPoints,
change: pointsInt
}
}
}
// 获取积分记录
async function getPointsLogs(ctx) {
const userId = parseInt(ctx.query.userId)
if (!userId) {
ctx.body = {
code: 400,
message: '请指定用户ID'
}
return
}
const logs = await query(
'SELECT * FROM points_logs WHERE user_id = ? ORDER BY created_at DESC',
[userId]
)
ctx.body = {
code: 200,
data: logs
}
}
module.exports = {
login,
register,
registerStaff,
registerByStaff,
getUserInfo,
getUsers,
updateUser,
deleteUser,
changePassword,
resetPassword,
addPoints,
getPointsLogs
}
Reference in New Issue Copy Permalink