cursor done.

2025-11-11 14:36:09 +08:00
parent 7a5fb889c5
commit 9b1eb6cafd
27 changed files with 4748 additions and 552 deletions
--- a/server/routes/auth.js
+++ b/server/routes/auth.js
@@ -0,0 +1,86 @@
+const express = require('express');
+const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
+const { db } = require('../database');
+const { JWT_SECRET } = require('../config');
+const { authenticateToken } = require('../middleware/auth');
+
+const router = express.Router();
+
+router.post('/register', async (req, res) => {
+  try {
+    const { username, password } = req.body;
+
+    if (!username || !password) {
+      return res.status(400).json({ success: false, error: '用户名和密码不能为空' });
+    }
+
+    if (username.length < 3) {
+      return res.status(400).json({ success: false, error: '用户名至少需要3个字符' });
+    }
+
+    if (password.length < 6) {
+      return res.status(400).json({ success: false, error: '密码至少需要6个字符' });
+    }
+
+    const passwordHash = await bcrypt.hash(password, 10);
+
+    db.run(
+      'INSERT INTO users (username, password_hash) VALUES (?, ?)',
+      [username, passwordHash],
+      function (err) {
+        if (err) {
+          if (err.message.includes('UNIQUE constraint failed')) {
+            return res.status(400).json({ success: false, error: '用户名已存在' });
+          }
+          return res.status(500).json({ success: false, error: '注册失败' });
+        }
+
+        const token = jwt.sign({ userId: this.lastID, username }, JWT_SECRET, { expiresIn: '7d' });
+        res.json({ success: true, token, userId: this.lastID, username });
+      }
+    );
+  } catch (error) {
+    res.status(500).json({ success: false, error: error.message });
+  }
+});
+
+router.post('/login', (req, res) => {
+  try {
+    const { username, password } = req.body;
+
+    if (!username || !password) {
+      return res.status(400).json({ success: false, error: '用户名和密码不能为空' });
+    }
+
+    db.get(
+      'SELECT * FROM users WHERE username = ?',
+      [username],
+      async (err, user) => {
+        if (err) {
+          return res.status(500).json({ success: false, error: '登录失败' });
+        }
+
+        if (!user) {
+          return res.status(401).json({ success: false, error: '用户名或密码错误' });
+        }
+
+        const validPassword = await bcrypt.compare(password, user.password_hash);
+        if (!validPassword) {
+          return res.status(401).json({ success: false, error: '用户名或密码错误' });
+        }
+
+        const token = jwt.sign({ userId: user.id, username: user.username }, JWT_SECRET, { expiresIn: '7d' });
+        res.json({ success: true, token, userId: user.id, username: user.username });
+      }
+    );
+  } catch (error) {
+    res.status(500).json({ success: false, error: error.message });
+  }
+});
+
+router.get('/me', authenticateToken, (req, res) => {
+  res.json({ success: true, userId: req.user.userId, username: req.user.username });
+});
+
+module.exports = router;