f339513be8
- UI设计: 文件列表页 Draw.io 设计稿 - 架构: 数据库设计文档 - 后端: 用户认证接口实现 (login/register) 待完成: - 前端 Electron 主进程开发 - 文件管理 API 开发 - 测试用例编写
87 lines
2.6 KiB
JavaScript
87 lines
2.6 KiB
JavaScript
const express = require('express');
|
|
const bcrypt = require('bcrypt');
|
|
const jwt = require('jsonwebtoken');
|
|
const db = require('../db');
|
|
|
|
const router = express.Router();
|
|
const JWT_SECRET = process.env.JWT_SECRET || 'clouddisk-secret-key';
|
|
|
|
// Register
|
|
router.post('/register', async (req, res) => {
|
|
try {
|
|
const { username, password, email } = req.body;
|
|
|
|
// Check if user exists
|
|
const existingUser = db.query('SELECT id FROM users WHERE username = ?', [username]);
|
|
if (existingUser.length > 0) {
|
|
return res.status(400).json({ error: 'Username already exists' });
|
|
}
|
|
|
|
// Hash password
|
|
const passwordHash = await bcrypt.hash(password, 10);
|
|
|
|
// Create user
|
|
const result = db.run(
|
|
'INSERT INTO users (username, password_hash, email, storage_limit) VALUES (?, ?, ?, ?)',
|
|
[username, passwordHash, email, 10 * 1024 * 1024 * 1024] // 10GB
|
|
);
|
|
|
|
const token = jwt.sign({ userId: result.lastInsertRowid }, JWT_SECRET);
|
|
res.json({ token, userId: result.lastInsertRowid });
|
|
} catch (error) {
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Login
|
|
router.post('/login', async (req, res) => {
|
|
try {
|
|
const { username, password } = req.body;
|
|
|
|
const user = db.query('SELECT * FROM users WHERE username = ?', [username]);
|
|
if (user.length === 0) {
|
|
return res.status(401).json({ error: 'Invalid credentials' });
|
|
}
|
|
|
|
const validPassword = await bcrypt.compare(password, user[0].password_hash);
|
|
if (!validPassword) {
|
|
return res.status(401).json({ error: 'Invalid credentials' });
|
|
}
|
|
|
|
const token = jwt.sign({ userId: user[0].id }, JWT_SECRET);
|
|
res.json({
|
|
token,
|
|
user: {
|
|
id: user[0].id,
|
|
username: user[0].username,
|
|
email: user[0].email,
|
|
storageUsed: user[0].storage_used,
|
|
storageLimit: user[0].storage_limit
|
|
}
|
|
});
|
|
} catch (error) {
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Get current user
|
|
router.get('/me', (req, res) => {
|
|
const token = req.headers.authorization?.replace('Bearer ', '');
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'No token provided' });
|
|
}
|
|
|
|
try {
|
|
const decoded = jwt.verify(token, JWT_SECRET);
|
|
const user = db.query('SELECT id, username, email, storage_used, storage_limit FROM users WHERE id = ?', [decoded.userId]);
|
|
if (user.length === 0) {
|
|
return res.status(404).json({ error: 'User not found' });
|
|
}
|
|
res.json({ user: user[0] });
|
|
} catch (error) {
|
|
res.status(401).json({ error: 'Invalid token' });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|