xuyiping
/
kpt-pasture


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287
							import * as mysql from "mysql2"
import secret from "../../config"
import * as jwt from "jsonwebtoken"
import { createHash } from "crypto"
import Logger from "../../loaders/logger"
import { Request, Response } from "express"
import { createMathExpr } from "svg-captcha"
import getFormatDate from "../../utils/date"
import { connection } from "../../utils/initMysql"
export interface dataModel {
  length: number
}

// 保存验证码
let generateVerify: number

/**
 * @typedef Error
 * @property {string} code.required
 */

/**
 * @typedef Response
 * @property {[integer]} code
 */

/**
 * @typedef Login
 * @property {string} username.required - 用户名 - eg: admin
 * @property {string} password.required - 密码 - eg: 123456
 * @property {integer} verify.required - 验证码
 */

/**
 * 登录
 * @route POST /login
 * @param {Login.model} point.body.required - the new point
 * @produces application/json application/xml
 * @consumes application/json application/xml
 * @summary 登录
 * @group 用户登录、注册相关
 * @returns {Response.model} 200 
 * @returns {Array.<Login>} Login
 * @headers {integer} 200.X-Rate-Limit 
 * @headers {string} 200.X-Expires-After 
 * @security JWT
 */

const login = async (req: Request, res: Response) => {
  const { username, password, verify } = req.body
  if (generateVerify !== verify) return res.json({
    code: -1,
    info: "请输入正确的验证码"
  })
  let sql: string = 'select * from users where username=' + "'" + username + "'"
  connection.query(sql, async function (err, data: dataModel) {
    if (data.length == 0) {
      await res.json({
        code: -1,
        info: "账号尚未被注册"
      })
    } else {
      if (createHash('md5').update(password).digest('hex') == data[0].password) {
        const accessToken = jwt.sign({
          accountId: data[0].id
        }, secret.jwtSecret, { expiresIn: 3600 })
        await res.json({
          code: 0,
          info: "登录成功",
          accessToken
        })
      } else {
        await res.json({
          code: -1,
          info: "密码错误"
        })
      }
    }
  })
}

/**
 * @typedef Register
 * @property {string} username.required - 用户名 - eg: admin
 * @property {string} password.required - 密码 - eg: 123456
 * @property {integer} verify.required - 验证码
 */

/**
* 注册
* @route POST /register
* @param {Register.model} point.body.required - the new point
* @produces application/json application/xml
* @consumes application/json application/xml
* @summary 注册
* @group 用户登录、注册相关
* @returns {Response.model} 200
* @returns {Array.<Register>} Register
* @headers {integer} 200.X-Rate-Limit
* @headers {string} 200.X-Expires-After
* @security JWT
*/

const register = async (req: Request, res: Response) => {
  const { username, password, verify } = req.body
  if (generateVerify !== verify) return res.json({
    code: -1,
    info: "请输入正确的验证码"
  })
  if (password.length < 6) return res.json({
    code: -1,
    info: "密码长度不能小于6位"
  })
  let sql: string = 'select * from users where username=' + "'" + username + "'"
  connection.query(sql, async (err, data: dataModel) => {
    if (data.length > 0) {
      await res.json({
        code: -1,
        info: "账号已被注册"
      })
    } else {
      let time = await getFormatDate()
      let sql: string = 'insert into users (username,password,time) value(' + "'" + username + "'" + ',' + "'" + createHash('md5').update(password).digest('hex') +
        "'" + ',' + "'" + time + "'" + ')'
      connection.query(sql, async function (err) {
        if (err) {
          Logger.error(err)
        } else {
          await res.json({
            code: 0,
            info: "账号注册成功"
          })
        }
      })
    }
  })
}

/**
 * 列表更新
 * @route GET /updateList
 * @summary 列表更新
 * @group 用户管理相关
 * @returns {object} 200 
 * @security JWT
 */

const updateList = async (req: Request, res: Response) => {
  res.json({ code: 1, msg: "成功" })
}

/**
 * 列表删除
 * @route GET /deleteList
 * @summary 列表删除
 * @group 用户管理相关
 * @returns {object} 200 
 * @security JWT
 */

const deleteList = async (req: Request, res: Response) => {
  res.json({ code: 1, msg: "成功" })
}

/**
 * @typedef SearchPage
 * @property {integer} page.required - 第几页 - eg: 1
 * @property {integer} size.required - 数据量（条）- eg: 5
 */

/**
* 分页查询
* @route POST /searchPage
* @param {SearchPage.model} point.body.required - the new point
* @produces application/json application/xml
* @consumes application/json application/xml
* @summary 分页查询
* @group 用户管理相关
* @returns {Response.model} 200
* @returns {Array.<SearchPage>} SearchPage
* @headers {integer} 200.X-Rate-Limit
* @headers {string} 200.X-Expires-After
* @security JWT
*/

const searchPage = async (req: Request, res: Response) => {
  const { page, size } = req.body
  let payload = null
  try {
    const authorizationHeader = req.get("Authorization")
    const accessToken = authorizationHeader.substr("Bearer ".length)
    payload = jwt.verify(accessToken, secret.jwtSecret)
  } catch (error) {
    return res.status(401).end()
  }
  let sql = 'select * from users limit ' + size + ' offset ' + size * (page - 1)
  connection.query(sql, async function (err, data) {
    if (err) {
      Logger.error(err)
    } else {
      await res.json({
        code: 0,
        info: data
      })
    }
  })
}

/**
 * @typedef SearchVague
 * @property {string} username.required - 用户名  - eg: admin
 */

/**
* 模糊查询（根据用户名）
* @route POST /searchVague
* @param {SearchVague.model} point.body.required - the new point
* @produces application/json application/xml
* @consumes application/json application/xml
* @summary 模糊查询
* @group 用户管理相关
* @returns {Response.model} 200
* @returns {Array.<SearchVague>} SearchVague
* @headers {integer} 200.X-Rate-Limit
* @headers {string} 200.X-Expires-After
* @security JWT
*/

const searchVague = async (req: Request, res: Response) => {
  const { username } = req.body
  let payload = null
  try {
    const authorizationHeader = req.get("Authorization")
    const accessToken = authorizationHeader.substr("Bearer ".length)
    payload = jwt.verify(accessToken, secret.jwtSecret)
  } catch (error) {
    return res.status(401).end()
  }
  if (username === "" || username === null) return res.json({
    code: -1,
    info: "搜索信息不能为空"
  })
  let sql = 'select * from users'
  sql += " WHERE username LIKE " + mysql.escape("%" + username + "%")
  connection.query(sql, function (err, data) {
    connection.query(sql, async function (err) {
      if (err) {
        Logger.error(err)
      } else {
        await res.json({
          code: 0,
          info: data
        })
      }
    })
  })
}

/**
 * 图形验证码
 * @route GET /captcha
 * @summary 图形验证码
 * @group captcha - 图形验证码
 * @returns {object} 200 
 * @security JWT
 */

const captcha = async (req: Request, res: Response) => {
  const create = createMathExpr({
    mathMin: 1,
    mathMax: 4,
    mathOperator: "+"
  })
  generateVerify = Number(create.text)
  res.type('svg') // 响应的类型
  res.json({ code: 1, msg: create.text, svg: create.data })
}

export {
  login,
  register,
  updateList,
  deleteList,
  searchPage,
  searchVague,
  captcha,
}