-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsever.js
127 lines (116 loc) · 3.92 KB
/
sever.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
require('dotenv').config();
const express = require('express');
const mongoose = require('mongoose');
const bodyParser = require('body-parser');
const session = require('express-session');
const cors = require('cors');
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const User = require('./models/User');
const Obituary = require('./models/Obituary');
const Order = require('./models/Order');
const app = express();
// 中间件
app.use(bodyParser.json());
app.use(cors());
app.use(session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: true,
cookie: { secure: false }
}));
// 连接到 MongoDB
mongoose.connect(process.env.MONGO_URI, {
useNewUrlParser: true,
useUnifiedTopology: true
}).then(() => console.log('MongoDB connected'))
.catch(err => console.log(err));
// 用户注册
app.post('/api/users/register', async (req, res) => {
const { username, password } = req.body;
try {
const existingUser = await User.findOne({ username });
if (existingUser) {
return res.status(400).send({ message: '用户名已存在' });
}
const hashedPassword = await bcrypt.hash(password, 10);
const user = new User({ username, password: hashedPassword });
await user.save();
res.status(201).send({ message: '注册成功' });
} catch (error) {
res.status(500).send({ message: '注册失败', error });
}
});
// 用户登录
app.post('/api/users/login', async (req, res) => {
const { username, password } = req.body;
try {
const user = await User.findOne({ username });
if (user && await bcrypt.compare(password, user.password)) {
const token = jwt.sign({ userId: user._id }, process.env.JWT_SECRET, { expiresIn: '1h' });
res.status(200).send({ token });
} else {
res.status(401).send({ message: '登录失败' });
}
} catch (error) {
res.status(500).send({ message: '获取讣闻过程中发生错误', error });
}
});
// 更新讣闻
app.put('/api/obituaries/:id', async (req, res) => {
const { token, ...updates } = req.body;
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
const obituary = await Obituary.findOneAndUpdate(
{ _id: req.params.id, createdBy: decoded.userId },
updates,
{ new: true }
);
if (obituary) {
res.status(200).json(obituary);
} else {
res.status(403).send({ message: '无权限修改该讣闻' });
}
} catch (error) {
res.status(401).send({ message: '无效的令牌', error });
}
});
// 删除讣闻
app.delete('/api/obituaries/:id', async (req, res) => {
const { token } = req.body;
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
const result = await Obituary.deleteOne({ _id: req.params.id, createdBy: decoded.userId });
if (result.deletedCount > 0) {
res.status(200).send({ message: '讣闻已删除' });
} else {
res.status(403).send({ message: '无权限删除该讣闻' });
}
} catch (error) {
res.status(401).send({ message: '无效的令牌', error });
}
});
// 提交订单
app.post('/api/orders', async (req, res) => {
const order = new Order(req.body);
try {
await order.save();
res.status(201).send({ message: '订单已提交' });
} catch (error) {
res.status(400).send({ message: '订单提交失败', error });
}
});
// 获取订单
app.get('/api/orders', async (req, res) => {
try {
const orders = await Order.find();
res.status(200).json(orders);
} catch (error) {
res.status(500).send({ message: '无法获取订单', error });
}
});
// 启动服务器
const PORT = process.env.PORT || 3000;
app.listen(PORT, () => {
console.log(`Server is running on port ${PORT}`);
});