yapi/server/controllers/user.js

225 lines
7.0 KiB
JavaScript
Raw Normal View History

2017-07-05 17:59:53 +08:00
import userModel from '../models/user.js'
import yapi from '../yapi.js'
2017-07-06 18:25:53 +08:00
import baseController from './base.js'
2017-07-10 11:11:35 +08:00
import mongoose from 'mongoose'
2017-07-05 17:59:53 +08:00
2017-07-10 20:51:04 +08:00
const jwt = require('jsonwebtoken');
2017-07-07 12:04:14 +08:00
2017-07-06 18:25:53 +08:00
class userController extends baseController{
2017-07-06 20:55:02 +08:00
constructor(ctx){
super(ctx)
2017-07-06 18:25:53 +08:00
}
2017-07-10 11:11:35 +08:00
/**
2017-07-11 18:22:20 +08:00
* 用户登录接口
2017-07-10 11:11:35 +08:00
* @interface /user/login
* @method POST
* @category user
* @foldnumber 10
2017-07-11 18:22:20 +08:00
* @param {String} email email名称不能为空
2017-07-10 11:11:35 +08:00
* @param {String} password 密码不能为空
* @returns {Object}
* @example ./api/user/login.json
*/
2017-07-06 18:25:53 +08:00
async login(ctx){ //登录
2017-07-11 12:12:43 +08:00
let userInst = yapi.getInst(userModel); //创建user实体
let email = ctx.request.body.email;
2017-07-10 11:11:35 +08:00
let password = ctx.request.body.password;
2017-07-11 12:12:43 +08:00
if(!email){
2017-07-11 16:50:17 +08:00
return ctx.body = yapi.commons.resReturn(null,400,'email不能为空');
2017-07-05 17:59:53 +08:00
}
2017-07-10 20:51:04 +08:00
if(!password){
return ctx.body = yapi.commons.resReturn(null,400,'密码不能为空');
}
2017-07-11 12:12:43 +08:00
let result = await userInst.findByEmail(email);
if(!result){
return ctx.body = yapi.commons.resReturn(null,404,'该用户不存在');
}else if(yapi.commons.generatePassword(password, result.passsalt) === result.password){
let token = jwt.sign({uid: result._id},result.passsalt,{expiresIn: '7 days'});
ctx.cookies.set('_yapi_token', token, {
2017-07-11 16:50:17 +08:00
expires: yapi.commons.expireDate(7),
httpOnly: true
2017-07-11 12:12:43 +08:00
})
ctx.cookies.set('_yapi_uid', result._id, {
2017-07-11 16:50:17 +08:00
expires: yapi.commons.expireDate(7),
httpOnly: true
2017-07-11 12:12:43 +08:00
})
2017-07-11 18:22:20 +08:00
return ctx.body = yapi.commons.resReturn({
uid: result._id,
email: result.email,
add_time: result.add_time,
up_time: result.up_time
}, 0, 'logout success...');
2017-07-06 18:25:53 +08:00
}else{
2017-07-11 12:12:43 +08:00
return ctx.body = yapi.commons.resReturn(null, 405, '密码错误');
2017-07-05 17:59:53 +08:00
}
2017-07-06 18:25:53 +08:00
}
2017-07-06 20:55:02 +08:00
2017-07-11 18:22:20 +08:00
/**
* 退出登录接口
* @interface /user/logout
* @method GET
* @category user
* @foldnumber 10
* @returns {Object}
* @example ./api/user/logout.json
*/
2017-07-11 16:50:17 +08:00
async logout(ctx){
ctx.cookies.set('_yapi_token', null);
ctx.cookies.set('_yapi_uid', null);
ctx.body = yapi.commons.resReturn('ok');
}
2017-07-06 20:55:02 +08:00
2017-07-11 18:22:20 +08:00
/**
* 用户注册接口
* @interface /user/reg
* @method POST
* @category user
* @foldnumber 10
* @param {String} email email名称不能为空
* @param {String} password 密码不能为空
* @param {String} [username] 用户名
* @returns {Object}
* @example ./api/user/login.json
*/
2017-07-06 18:25:53 +08:00
async reg(ctx){ //注册
var userInst = yapi.getInst(userModel);
let params = ctx.request.body; //获取请求的参数,检查是否存在用户名和密码
2017-07-10 20:51:04 +08:00
if(!params.email){
return ctx.body = yapi.commons.resReturn(null,400,'邮箱不能为空');
}
2017-07-11 12:12:43 +08:00
if(!params.password){
return ctx.body = yapi.commons.resReturn(null,400,'密码不能为空');
2017-07-10 20:51:04 +08:00
}
2017-07-11 12:12:43 +08:00
2017-07-10 20:51:04 +08:00
var checkRepeat = await userInst.checkRepeat(params.email);//然后检查是否已经存在该用户
if(checkRepeat>0){
2017-07-11 12:12:43 +08:00
return ctx.body = yapi.commons.resReturn(null,401,'该email已经注册');
2017-07-10 20:51:04 +08:00
}
2017-07-11 12:12:43 +08:00
let passsalt = yapi.commons.randStr();
2017-07-05 17:59:53 +08:00
let data = {
2017-07-06 18:25:53 +08:00
username: params.username,
2017-07-11 12:12:43 +08:00
password: yapi.commons.generatePassword(params.password, passsalt),//加密
2017-07-06 18:25:53 +08:00
email: params.email,
2017-07-11 12:12:43 +08:00
passsalt: passsalt,
2017-07-11 16:50:17 +08:00
role: 'member',
2017-07-05 17:59:53 +08:00
add_time: yapi.commons.time(),
up_time: yapi.commons.time()
}
try{
2017-07-06 18:25:53 +08:00
let user = await userInst.save(data);
2017-07-11 18:22:20 +08:00
ctx.body = yapi.commons.resReturn({
uid: user._id,
email: user.email,
add_time: user.add_time,
up_time: user.up_time,
role: 'member',
});
2017-07-11 16:50:17 +08:00
yapi.commons.sendMail({
to: params.email,
contents: `欢迎注册,您的账号 ${params.email} 已经注册成功`
})
2017-07-05 17:59:53 +08:00
}catch(e){
2017-07-06 20:55:02 +08:00
ctx.body = yapi.commons.resReturn(null, 401, e.message);
2017-07-05 17:59:53 +08:00
}
2017-07-06 18:25:53 +08:00
}
2017-07-11 18:22:20 +08:00
/**
* 获取用户列表
* @interface /user/list
* @method GET
* @category user
* @foldnumber 10
* @returns {Object}
* @example
*/
async list(ctx){
if(this.getRole() !== 'admin'){
return ctx.body = yapi.commons.resReturn(null, 402, 'Without permission.');
}
2017-07-06 18:25:53 +08:00
var userInst = yapi.getInst(userModel);
2017-07-05 17:59:53 +08:00
try{
2017-07-06 18:25:53 +08:00
let user = await userInst.list();
2017-07-05 17:59:53 +08:00
return ctx.body = yapi.commons.resReturn(user);
}catch(e){
return ctx.body = yapi.commons.resReturn(null,402,e.message);
}
2017-07-06 18:25:53 +08:00
}
2017-07-11 18:22:20 +08:00
/**
2017-07-12 12:22:10 +08:00
* 根据用户个人信息
* @interface /user/find
2017-07-11 18:22:20 +08:00
* @method GET
* @param id 用户uid
* @category user
* @foldnumber 10
* @returns {Object}
* @example
*/
2017-07-07 12:04:14 +08:00
async findById(ctx){ //根据id获取用户信息
2017-07-11 16:50:17 +08:00
try{
2017-07-06 18:25:53 +08:00
var userInst = yapi.getInst(userModel);
let id = ctx.request.body.id;
2017-07-11 16:50:17 +08:00
if(this.getUid() != id){
return ctx.body = yapi.commons.resReturn(null, 402, 'Without permission.');
}
2017-07-07 12:04:14 +08:00
let result = await userInst.findById(id);
2017-07-06 18:25:53 +08:00
return ctx.body = yapi.commons.resReturn(result);
}catch(e){
return ctx.body = yapi.commons.resReturn(null,402,e.message);
}
}
2017-07-11 18:22:20 +08:00
/**
2017-07-12 12:22:10 +08:00
* 删除用户,只有admin用户才有此权限
2017-07-11 18:22:20 +08:00
* @interface /user/del
* @method POST
* @param id 用户uid
* @category user
* @foldnumber 10
* @returns {Object}
* @example
*/
2017-07-06 18:25:53 +08:00
async del(ctx){ //根据id删除一个用户
2017-07-05 17:59:53 +08:00
try{
2017-07-11 16:50:17 +08:00
if(this.getRole() !== 'admin'){
return ctx.body = yapi.commons.resReturn(null, 402, 'Without permission.');
}
2017-07-06 18:25:53 +08:00
var userInst = yapi.getInst(userModel);
let id = ctx.request.body.id;
let result = await userInst.del(id);
2017-07-05 17:59:53 +08:00
ctx.body = yapi.commons.resReturn(result);
}catch(e){
ctx.body = yapi.commons.resReturn(null,402,e.message);
}
2017-07-06 18:25:53 +08:00
}
2017-07-11 18:22:20 +08:00
2017-07-06 18:25:53 +08:00
async update(ctx){ //更新用户信息
2017-07-05 17:59:53 +08:00
try{
2017-07-06 18:25:53 +08:00
var userInst = yapi.getInst(userModel);
2017-07-11 16:50:17 +08:00
let id = this.getUid();
2017-07-05 17:59:53 +08:00
let data ={};
2017-07-06 18:25:53 +08:00
ctx.request.body.username && (data.username = ctx.request.body.username)
ctx.request.body.email && (data.email = ctx.request.body.email)
let result = await userInst.update(id,data);
2017-07-05 17:59:53 +08:00
ctx.body = yapi.commons.resReturn(result);
}catch(e){
ctx.body = yapi.commons.resReturn(null,402,e.message);
}
}
2017-07-06 18:25:53 +08:00
}
module.exports = userController