feat: user org and fix bugs

src/routes/user/me.ts

@@ -0,0 +1,124 @@
+import { app } from '@/app.ts';
+import { Org } from '@/models/org.ts';
+import { User } from '@/models/user.ts';
+import { CustomError } from '@abearxiong/router';
+
+app
+  .route({
+    path: 'user',
+    key: 'me',
+    middleware: ['auth'],
+  })
+  .define(async (ctx) => {
+    const state = ctx.state?.tokenUser || {};
+    const { id } = state;
+    const user = await User.findByPk(id);
+    if (!user) {
+      throw new CustomError(500, 'user not found');
+    }
+    ctx.body = await user.getInfo();
+  })
+  .addTo(app);
+app
+  .route({
+    path: 'user',
+    key: 'login',
+  })
+  .define(async (ctx) => {
+    const { username, email, password } = ctx.query;
+    if (!username && !email) {
+      throw new CustomError(400, 'username or email is required');
+    }
+    let user: User | null = null;
+    if (username) {
+      user = await User.findOne({ where: { username } });
+    }
+    if (!user && email) {
+      user = await User.findOne({ where: { email } });
+    }
+    if (!user) {
+      throw new CustomError(500, 'Login Failed');
+    }
+    if (!user.checkPassword(password)) {
+      throw new CustomError(500, 'Password error');
+    }
+    const token = await user.createToken();
+    ctx.body = token;
+  })
+  .addTo(app);
+
+app
+  .route('user', 'auth')
+  .define(async (ctx) => {
+    const { checkToken: token } = ctx.query;
+    try {
+      const result = await User.verifyToken(token);
+      ctx.body = result || {};
+    } catch (e) {
+      throw new CustomError(401, 'Token InValid ');
+    }
+  })
+  .addTo(app);
+
+app
+  .route('user', 'updateSelf', {
+    middleware: ['auth'],
+  })
+  .define(async (ctx) => {
+    const { username, password, description } = ctx.query;
+    const state = ctx.state?.tokenUser || {};
+    const { id } = state;
+    const user = await User.findByPk(id);
+    if (!user) {
+      throw new CustomError(500, 'user not found');
+    }
+    if (username) {
+      user.username = username;
+    }
+    if (password) {
+      user.createPassword(password);
+    }
+    if (description) {
+      user.description = description;
+    }
+    await user.save();
+    ctx.body = await user.getInfo();
+  })
+  .addTo(app);
+app
+  .route({
+    path: 'user',
+    key: 'switchOrg',
+    middleware: ['auth'],
+  })
+  .define(async (ctx) => {
+    const tokenUser = ctx.state.tokenUser;
+    const { username, type = 'org' } = ctx.query.data || {};
+    if (!username && type === 'org') {
+      throw new CustomError('username is required');
+    }
+    let me: User;
+    if (tokenUser.uid) {
+      me = await User.findByPk(tokenUser.uid);
+    } else {
+      me = await User.findByPk(tokenUser.id);
+    }
+    if (type === 'user') {
+      const token = await me.createToken();
+      ctx.body = token;
+      return;
+    }
+    const orgUser = await User.findOne({ where: { username } });
+    if (!orgUser) {
+      throw new CustomError('org not found');
+    }
+    const user = await Org.findOne({ where: { username } });
+    const users = user.users;
+    const index = users.findIndex((u) => u.uid === me.id);
+    if (index === -1) {
+      throw new CustomError('Permission denied');
+    }
+    const token = await orgUser.createToken(me.id);
+    ctx.body = token;
+  })
+  .addTo(app);