const Router = require('@koa/router');
const router = new Router({ prefix: '/api/user' });
const util = require('../utils/util');
const userService = require('../service/user.service');
const projectService = require('../service/projects.service');
const projectUserService = require('../service/project.user.service');
const pageRoleService = require('../service/pagesRole.service');
const pageService = require('../service/pages.service');
const menuService = require('../service/menu.service');
const publishService = require('../service/publish.service');
const roleService = require('../service/roles.service');
const imgcloudService = require('../service/imgcloud.service');
const md5 = require('md5.js');
const nodemailer = require('nodemailer');
const config = require('../config');
const request = require('../utils/request');
const { Keyv } = require('keyv');
const keyv = new Keyv();
/**
* 用户登录
*/
router.post('/login', async (ctx) => {
const { userName, userPwd, openId } = ctx.request.body;
if (!userName || !userPwd) {
util.fail(ctx, '用户名或密码不能为空');
return;
}
const pwd = new md5().update(userPwd).digest('hex');
const res = await userService.findUser(userName, pwd, openId || userName);
if (!res) {
util.fail(ctx, '用户名或密码错误');
return;
}
if (!res.openId && openId) {
const cacheUser = await keyv.get(openId);
if (cacheUser) {
await userService.bindOpenId({ ...cacheUser, id: res.id });
}
}
const token = util.createToken({ userName, userId: res.id, nickName: res.nickName });
userService.updateUserInfo(res.id);
util.success(ctx, {
userId: res.id,
userName,
token,
});
});
/**
* 微信授权登录
*/
router.post('/wechat', async (ctx) => {
const { code } = ctx.request.body;
if (!code) {
util.fail(ctx, 'code不能为空');
return;
}
const response = await request.get(
`https://api.weixin.qq.com/sns/oauth2/access_token?appid=${config.WECHAT_APP_ID}&secret=${config.WECHAT_APP_SECRET}&code=${code}&grant_type=authorization_code`,
{},
);
const { access_token, openid, unionid, errcode } = JSON.parse(response.data);
if (errcode) {
util.success(ctx, '');
return;
}
const wxUser = await userService.findUser(openid, openid, openid);
if (wxUser) {
userService.updateUserInfo(wxUser.id);
const token = util.createToken({ userName: wxUser.userName, userId: wxUser.id, nickName: wxUser.nickName });
util.success(ctx, {
userId: wxUser.id,
userName: wxUser.userName,
token,
});
return;
}
const res1 = await request.get(`https://api.weixin.qq.com/sns/userinfo?access_token=${access_token}&openid=${openid}`);
const { nickname, headimgurl } = JSON.parse(res1.data);
await keyv.set(
openid,
{
openid,
unionid,
nickname,
headimgurl,
},
3 * 60 * 1000,
);
util.success(ctx, {
openId: openid,
});
});
/**
* 获取用户信息
*/
router.get('/info', async (ctx) => {
const { userId } = util.decodeToken(ctx);
const res = await userService.profile(userId);
util.success(ctx, res);
});
/**
* 获取个人信息
*/
router.get('/profile', async (ctx) => {
const { userId } = util.decodeToken(ctx);
const res = await userService.profile(userId);
util.success(ctx, res);
});
/**
* 用户搜索
*/
router.post('/search', async (ctx) => {
const { keyword } = ctx.request.body;
if (!keyword) {
util.fail(ctx, '关键字不能为空');
return;
}
const res = await userService.search(keyword);
if (!res) {
util.fail(ctx, '当前用户名不存在');
return;
}
util.success(ctx, res);
});
/**
* 用户信息更新
*/
router.post('/update/profile', async (ctx) => {
const { nickName, avatar } = ctx.request.body;
if (!nickName && !avatar) {
util.fail(ctx, '参数异常,请重新提交');
return;
}
const { userId } = util.decodeToken(ctx);
await userService.updateUserInfo(userId, nickName, avatar);
util.success(ctx, '更新成功');
});
/**
* 用户注册 - 发送验证码
*/
router.post('/sendEmail', async (ctx) => {
try {
const { email } = ctx.request.body;
if (!email || !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
util.fail(ctx, '邮箱不能为空或格式错误');
return;
}
const val = await keyv.get(email);
if (val) {
util.fail(ctx, '验证码已发送,请查收');
return;
}
let transporter = nodemailer.createTransport({
host: config.EMAIL_HOST,
port: config.EMAIL_PORT,
auth: {
user: config.EMAIL_USER, // 你的Gmail地址
pass: config.EMAIL_PASSWORD, // 你的Gmail密码或应用专用密码
},
});
const random = Math.random().toString().slice(2, 7).replace(/^(0)+/, '1');
let mailOptions = {
from: `"Marsview" <${config.EMAIL_USER}>`, // 发送者地址
to: email, // 接收者列表
subject: 'Marsview账号注册', // 主题行
text: '验证码发送', // 纯文字正文
html: `当前验证码为:<b>${random}</b>,3分钟内有效。<br/><br/>感谢您体验 Marsview 搭建平台,线上平台不保证数据的稳定性,建议有条件用户,切换到 Marsview 私有化部署服务,您在使用过程中遇到任何问题均联系我。<br/><br/>邮 箱:marsview@163.com<br/>微 信:17611021717`, // HTML正文
};
await transporter.sendMail(mailOptions);
await keyv.set(email, random, 3 * 60 * 1000);
util.success(ctx, '发送成功');
} catch (error) {
util.fail(ctx, error.message);
}
});
/**
* 用户注册
*/
router.post('/regist', async (ctx) => {
const { userName, code, userPwd } = ctx.request.body;
if (!userName || !userPwd) {
util.fail(ctx, '用户名或密码不能为空');
return;
}
if (!code) {
util.fail(ctx, '邮箱验证码不能为空');
return;
}
const val = await keyv.get(userName);
if (!val) {
util.fail(ctx, '验证码已过期');
return;
}
if (val != code) {
util.fail(ctx, '验证码错误');
return;
}
const user = await userService.search(userName);
if (user) {
util.fail(ctx, '当前用户已存在');
return;
}
const nickName = userName.split('@')[0];
const pwd = new md5().update(userPwd).digest('hex');
const res = await userService.create(nickName, userName, pwd);
if (res.affectedRows == 1) {
// 生成用户token
const token = util.createToken({ userName, userId: res.insertId });
util.success(ctx, {
userId: res.id,
userName,
token,
});
} else {
util.fail(ctx, '注册失败,请重试');
}
});
/**
* 忘记密码 - 生成链接
*/
router.post('/password/forget', async (ctx) => {
const { userEmail } = ctx.request.body;
if (!userEmail) {
util.fail(ctx, '邮箱不能为空');
return;
}
const user = await userService.search(userEmail);
if (!user) {
util.fail(ctx, '当前用户不存在');
return;
}
// 生成验证码,保存在redis中,用来验证链接有效期
const random = Math.random().toString().slice(2, 7);
await keyv.set(userEmail, random, 5 * 60 * 1000);
// 生成加密后token
const token = util.createToken({ userEmail });
// 发送邮件
let transporter = nodemailer.createTransport({
host: config.EMAIL_HOST,
port: config.EMAIL_PORT,
auth: {
user: config.EMAIL_USER, // 你的Gmail地址
pass: config.EMAIL_PASSWORD, // 你的Gmail密码或应用专用密码
},
});
let mailOptions = {
from: `"Marsview" <${config.EMAIL_USER}>`, // 发送者地址
to: userEmail, // 接收者列表
subject: 'Marsview密码找回', // 主题行
text: '验证码发送', // 纯文字正文
html: `Hello,${userEmail}! <br/> 我们收到了你重置密码的申请,请点击下方按链接行重置,<a href="https://www.marsview.com.cn/password-reset?resetToken=${token}">重置密码</a> <br/> 链接 3分钟内有效,请尽快操作,如不是你发起的请求,请忽略。`, // HTML正文
};
await transporter.sendMail(mailOptions);
util.success(ctx, '发送成功');
});
/**
* 忘记密码 - 获取账号
*/
router.post('/password/getUserByToken', async (ctx) => {
const { resetToken } = ctx.request.query;
const { userEmail } = util.decodeResetToken(resetToken);
const val = await keyv.get(userEmail);
if (!val) {
util.fail(ctx, '链接已失效,请重新操作');
return;
}
util.success(ctx, userEmail);
});
/**
* 忘记密码 - 重置密码
*/
router.post('/password/reset', async (ctx) => {
const { resetToken, userPwd } = ctx.request.body;
if (!resetToken) {
util.fail(ctx, '重置Token不能为空');
return;
}
if (!userPwd) {
util.fail(ctx, '重置密码不能为空');
return;
}
const { userEmail } = util.decodeResetToken(resetToken);
if (!userEmail) {
util.fail(ctx, 'Token 识别错误,请重新操作');
return;
}
const val = await keyv.get(userEmail);
if (!val) {
util.fail(ctx, '链接已失效,请重新操作');
return;
}
const pwd = new md5().update(userPwd).digest('hex');
await userService.resetPwd(userEmail, pwd);
await keyv.delete(userEmail);
util.success(ctx, '更新成功');
});
/**
* 密码修改
*/
router.post('/password/update', async (ctx) => {
const { oldPwd, userPwd, confirmPwd } = ctx.request.body;
if (!oldPwd || !userPwd || !confirmPwd) {
util.fail(ctx, '密码不能为空');
return;
}
if (userPwd !== confirmPwd) {
util.fail(ctx, '两次密码不一致');
return;
}
const { userName } = util.decodeToken(ctx);
try {
const res = await userService.verifyOldPwd(userName, oldPwd);
if (res) {
const pwd = new md5().update(userPwd).digest('hex');
await userService.resetPwd(userName, pwd);
util.success(ctx, '密码更改成功');
} else {
util.fail(ctx, '原密码输入错误');
}
} catch (error) {
util.fail(ctx, error.message);
}
});
/**
* 用户注销
*/
router.post('/logout', async (ctx) => {
const { userId, userName } = util.decodeToken(ctx);
if (userId == 50) {
util.fail(ctx, '管理员账号不支持注销');
return;
}
// 删除用户所有项目
await projectService.deleteAllProject(userId, userName);
// 删除用户所有关联
await projectUserService.deleteAllProjectUser(userId);
// 删除用户所有页面角色
await pageRoleService.deleteAllPageRole(userId);
// 删除用户所有页面
await pageService.deleteAllPage(userId, userName);
// 删除用户所有菜单
await menuService.deleteAllMenu(userId);
// 删除用户所有发布
await publishService.deleteAllPublish(userId);
// 删除用户所有角色
await roleService.deleteAllRole(userId);
// 删除用户
await userService.deleteUser(userId, userName);
// 删除用户图片
await imgcloudService.deleteAllImg(userId);
util.success(ctx, '注销成功');
});
/**
* 查询子用户列表
*/
router.get('/subUser/list', async (ctx) => {
const { userId } = util.decodeToken(ctx);
const { pageNum, pageSize, keyword } = ctx.request.query;
const { total } = await userService.getSubUsersCount(userId, keyword);
if (total == 0) {
return util.success(ctx, {
list: [],
total: 0,
pageSize: +pageSize || 12,
pageNum: +pageNum || 1,
});
}
const list = await userService.getSubUsersList(userId, pageNum || 1, pageSize || 12, keyword);
util.success(ctx, {
list,
total,
pageSize: +pageSize,
pageNum: +pageNum,
});
});
// 创建子用户
router.post('/subUser/create', async (ctx) => {
const { userName, userPwd } = ctx.request.body;
if (!userName || !userPwd) {
util.fail(ctx, '用户名或密码不能为空');
return;
}
const { userId } = util.decodeToken(ctx);
const user = await userService.search(userName);
if (user) {
util.fail(ctx, '当前用户已存在');
return;
}
const nickName = userName.split('@')[0];
const pwd = new md5().update(userPwd).digest('hex');
const res = await userService.create(nickName, userName, pwd, userId);
if (res.affectedRows == 1) {
util.success(ctx, '注册成功');
} else {
util.fail(ctx, '注册失败,请重试');
}
});
// 删除子用户
router.post('/subUser/delete', async (ctx) => {
const { id } = ctx.request.body;
if (!id) {
util.fail(ctx, '用户ID不能为空');
return;
}
const { userId } = util.decodeToken(ctx);
const res = await userService.deleteSubUser(id, userId);
if (res.affectedRows == 1) {
util.success(ctx, '删除成功');
} else {
util.fail(ctx, '删除失败,请重试');
}
});
module.exports = router;