import { app } from '@/app.ts'; import { Org } from '@/models/org.ts'; import { User } from '@/models/user.ts'; app .route({ path: 'user', key: 'me', middleware: ['auth'], isDebug: true, }) .define(async (ctx) => { const tokenUser = ctx.state?.tokenUser || {}; const { id } = tokenUser; const user = await User.findByPk(id, { logging: false, }); if (!user) { ctx.throw(500, 'user not found'); } user.setTokenUser(tokenUser); ctx.body = await user.getInfo(); }) .addTo(app); app .route({ path: 'user', key: 'login', }) .define(async (ctx) => { const { username, email, password } = ctx.query; if (!username && !email) { ctx.throw(400, 'username or email is required'); } let user: User | null = null; if (username) { user = await User.findOne({ where: { username }, logging: false }); } if (!user && email) { user = await User.findOne({ where: { email } }); } console.log('user logiin', ctx.query) console.log('user logiin', user) console.log('users', (await User.findAll()).map(u => u.username)) if (!user) { ctx.throw(500, 'Login Failed'); } if (!user.checkPassword(password)) { ctx.throw(500, 'Password error'); } const token = await user.createToken(); ctx.body = token; }) .addTo(app); app .route('user', 'auth') .define(async (ctx) => { const { checkToken: token } = ctx.query; try { const result = await User.verifyToken(token); ctx.body = result || {}; } catch (e) { ctx.throw(401, 'Token InValid '); } }) .addTo(app); app .route('user', 'updateSelf', { middleware: ['auth'], }) .define(async (ctx) => { const { username, password, description, avatar, email } = ctx.query.data || {}; const tokenUser = ctx.state?.tokenUser || {}; const { id } = tokenUser; const user = await User.findByPk(id); if (!user) { ctx.throw(500, 'user not found'); } user.setTokenUser(tokenUser); if (username) { user.username = username; } if (password) { user.createPassword(password); } if (description) { user.description = description; } if (avatar) { user.avatar = avatar; } if (email) { user.email = email; } await user.save(); ctx.body = await user.getInfo(); }) .addTo(app); app .route({ path: 'user', key: 'switchOrg', middleware: ['auth'], }) .define(async (ctx) => { const tokenUser = ctx.state.tokenUser; const { username, type = 'org' } = ctx.query.data || {}; if (!username && type === 'org') { ctx.throw('username is required'); } if (tokenUser.username === username) { // 自己刷新自己的token const user = await User.findByPk(tokenUser.id); if (!user) { ctx.throw('user not found'); } if (user.type === 'user') { const token = await user.createToken(); ctx.body = token; return; } else if (user.type === 'org' && tokenUser.uid) { const token = await user.createToken(tokenUser.uid); ctx.body = token; return; } } let me: User; if (tokenUser.uid) { me = await User.findByPk(tokenUser.uid); } else { me = await User.findByPk(tokenUser.id); // 真实用户 } if (!me || me.type === 'org') { console.log('switch Error ', me.username, me.type); ctx.throw('Permission denied'); } if (type === 'user') { const token = await me.createToken(); ctx.body = token; return; } const orgUser = await User.findOne({ where: { username } }); if (!orgUser) { ctx.throw('org user not found'); } const user = await Org.findOne({ where: { username } }); const users = user.users; const index = users.findIndex((u) => u.uid === me.id); if (index === -1) { ctx.throw('Permission denied'); } const token = await orgUser.createToken(me.id); ctx.body = token; }) .addTo(app);