const asyncHandler = require('express-async-handler'); const User = require('../models/User'); const { generateToken } = require('../config/auth'); const logger = require('../utils/logger'); // @desc 用户注册 // @route POST /api/auth/register // @access Public const registerUser = asyncHandler(async (req, res) => { const { username, password } = req.body; // 检查用户是否已存在 const userExists = await User.findOne({ username }); if (userExists) { res.status(400); throw new Error('用户已存在'); } // 创建用户 const user = await User.create({ username, password, }); if (user) { res.status(201).json({ _id: user._id, username: user.username, isAdmin: user.isAdmin, token: generateToken(user._id), }); } else { res.status(400); throw new Error('无效的用户数据'); } }); // @desc 用户登录 // @route POST /api/auth/login // @access Public const loginUser = asyncHandler(async (req, res) => { const { username, password } = req.body; logger.info(`登录尝试: ${username}`); // 查找用户 const user = await User.findOne({ username }); if (!user) { logger.warn(`用户不存在: ${username}`); res.status(401); throw new Error('用户名或密码错误'); } // 检查密码 const isMatch = await user.matchPassword(password); logger.info(`密码匹配结果: ${isMatch}`); if (isMatch) { const token = generateToken(user._id); logger.info(`登录成功: ${username}`); res.json({ _id: user._id, username: user.username, isAdmin: user.isAdmin, token: token, }); } else { logger.warn(`密码不匹配: ${username}`); res.status(401); throw new Error('用户名或密码错误'); } }); // @desc 获取当前用户资料 // @route GET /api/auth/profile // @access Private const getUserProfile = asyncHandler(async (req, res) => { const user = await User.findById(req.user._id).select('-password'); if (user) { res.json({ _id: user._id, username: user.username, isAdmin: user.isAdmin, }); } else { res.status(404); throw new Error('用户未找到'); } }); module.exports = { registerUser, loginUser, getUserProfile, };