41 lines
1.4 KiB
TypeScript
41 lines
1.4 KiB
TypeScript
import express from "express";
|
|
import u from "@/utils";
|
|
import { success, error } from "@/lib/responseFormat";
|
|
import { validateFields } from "@/middleware/middleware";
|
|
import { z } from "zod";
|
|
import { createAuthToken, getTokenKey, publicUser } from "@/lib/auth";
|
|
import { hashPassword, isHashedPassword, verifyPassword } from "@/lib/password";
|
|
const router = express.Router();
|
|
|
|
// 登录
|
|
export default router.post(
|
|
"/",
|
|
validateFields({
|
|
username: z.string(),
|
|
password: z.string(),
|
|
}),
|
|
async (req, res) => {
|
|
const username = String(req.body.username || "").trim();
|
|
const password = String(req.body.password || "");
|
|
|
|
const data = await u.db("o_user").where("name", "=", username).orWhere("phone", username).first();
|
|
if (!data) return res.status(400).send(error("登录失败"));
|
|
|
|
const validPassword = await verifyPassword(password, data.password);
|
|
if (validPassword) {
|
|
const tokenKey = await getTokenKey();
|
|
if (!tokenKey) return res.status(400).send(error("未找到tokenKey"));
|
|
|
|
if (!isHashedPassword(data.password)) {
|
|
await u.db("o_user").where("id", data.id).update({ password: await hashPassword(password) });
|
|
}
|
|
|
|
const user = publicUser(data);
|
|
const token = createAuthToken(user, tokenKey);
|
|
return res.status(200).send(success({ token: "Bearer " + token, ...user }, "登录成功"));
|
|
} else {
|
|
return res.status(400).send(error("用户名或密码错误"));
|
|
}
|
|
},
|
|
);
|