refactor: migrate entire project to TypeScript

routes/auth.ts

@@ -0,0 +1,144 @@
+import express, { Request, Response } from 'express';
+import jwt from 'jsonwebtoken';
+import bcrypt from 'bcryptjs';
+import db from '../utils/database';
+import { authenticateToken } from '../middleware/auth';
+import { User, LoginRequest, ChangePasswordRequest } from '../types';
+
+const router = express.Router();
+
+router.post('/login', async (req: Request<{}, {}, LoginRequest>, res: Response): Promise<void> => {
+  try {
+    const { username, password } = req.body;
+
+    if (!username || !password) {
+      res.status(400).json({ error: '用户名和密码不能为空' });
+      return;
+    }
+
+    const user = await db.get<User>('SELECT * FROM users WHERE username = ?', [username]);
+
+    if (!user) {
+      res.status(401).json({ error: '用户名或密码错误' });
+      return;
+    }
+
+    const isValidPassword = await bcrypt.compare(password, user.password);
+
+    if (!isValidPassword) {
+      res.status(401).json({ error: '用户名或密码错误' });
+      return;
+    }
+
+    const token = jwt.sign(
+      { userId: user.id, username: user.username, role: user.role },
+      process.env.JWT_SECRET!,
+      { expiresIn: '24h' }
+    );
+
+    res.json({
+      accessToken: token,
+      user: {
+        id: user.id,
+        username: user.username,
+        name: user.name,
+        email: user.email,
+        role: user.role
+      }
+    });
+  } catch (error) {
+    console.error('登录错误:', error);
+    res.status(500).json({ error: '服务器内部错误' });
+  }
+});
+
+router.get('/profile', authenticateToken, async (req: Request, res: Response): Promise<void> => {
+  try {
+    const user = await db.get<User>(
+      'SELECT id, username, name, email, role, created_at FROM users WHERE id = ?',
+      [req.user!.id]
+    );
+    
+    if (!user) {
+      res.status(404).json({ error: '用户不存在' });
+      return;
+    }
+
+    res.json(user);
+  } catch (error) {
+    console.error('获取用户信息错误:', error);
+    res.status(500).json({ error: '服务器内部错误' });
+  }
+});
+
+router.post('/change-password', authenticateToken, async (req: Request<{}, {}, ChangePasswordRequest>, res: Response): Promise<void> => {
+  try {
+    const { currentPassword, newPassword } = req.body;
+
+    if (!currentPassword || !newPassword) {
+      res.status(400).json({ error: '当前密码和新密码不能为空' });
+      return;
+    }
+
+    if (newPassword.length < 6) {
+      res.status(400).json({ error: '新密码长度至少为6位' });
+      return;
+    }
+
+    const user = await db.get<Pick<User, 'password'>>('SELECT password FROM users WHERE id = ?', [req.user!.id]);
+
+    if (!user) {
+      res.status(404).json({ error: '用户不存在' });
+      return;
+    }
+
+    const isValidPassword = await bcrypt.compare(currentPassword, user.password);
+
+    if (!isValidPassword) {
+      res.status(401).json({ error: '当前密码错误' });
+      return;
+    }
+
+    const hashedPassword = await bcrypt.hash(newPassword, 10);
+
+    await db.run('UPDATE users SET password = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?', [hashedPassword, req.user!.id]);
+
+    res.json({ message: '密码修改成功' });
+  } catch (error) {
+    console.error('修改密码错误:', error);
+    res.status(500).json({ error: '服务器内部错误' });
+  }
+});
+
+router.put('/profile', authenticateToken, async (req: Request, res: Response): Promise<void> => {
+  try {
+    const { name, email } = req.body;
+
+    if (!name) {
+      res.status(400).json({ error: '姓名不能为空' });
+      return;
+    }
+
+    if (email && !email.match(/^[^\s@]+@[^\s@]+\.[^\s@]+$/)) {
+      res.status(400).json({ error: '邮箱格式不正确' });
+      return;
+    }
+
+    await db.run(
+      'UPDATE users SET name = ?, email = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?',
+      [name, email, req.user!.id]
+    );
+
+    const updatedUser = await db.get<User>(
+      'SELECT id, username, name, email, role, created_at FROM users WHERE id = ?',
+      [req.user!.id]
+    );
+
+    res.json(updatedUser);
+  } catch (error) {
+    console.error('更新用户资料错误:', error);
+    res.status(500).json({ error: '服务器内部错误' });
+  }
+});
+
+export default router;