update password

client/src/pages/api/user/account/loginByPassword.ts

@@ -0,0 +1,48 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { connectToDatabase } from '@/service/mongo';
+import { User } from '@/service/models/user';
+import { setCookie } from '@/service/utils/tools';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    const { username, password } = req.body;
+
+    if (!username || !password) {
+      throw new Error('缺少参数');
+    }
+
+    await connectToDatabase();
+
+    // 检测用户是否存在
+    const authUser = await User.findOne({
+      username
+    });
+    if (!authUser) {
+      throw new Error('用户未注册');
+    }
+
+    const user = await User.findOne({
+      username,
+      password
+    });
+
+    if (!user) {
+      throw new Error('密码错误');
+    }
+
+    setCookie(res, user._id);
+
+    jsonRes(res, {
+      data: {
+        user
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/loginout.ts

@@ -0,0 +1,16 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { clearCookie } from '@/service/utils/tools';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    clearCookie(res);
+    jsonRes(res);
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/register.ts

@@ -0,0 +1,72 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { User } from '@/service/models/user';
+import { AuthCode } from '@/service/models/authCode';
+import { connectToDatabase } from '@/service/mongo';
+import { setCookie } from '@/service/utils/tools';
+import { UserAuthTypeEnum } from '@/constants/common';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    const { username, code, password, inviterId } = req.body;
+
+    if (!username || !code || !password) {
+      throw new Error('缺少参数');
+    }
+
+    await connectToDatabase();
+
+    // 验证码校验
+    const authCode = await AuthCode.findOne({
+      username,
+      code,
+      type: UserAuthTypeEnum.register,
+      expiredTime: { $gte: Date.now() }
+    });
+
+    if (!authCode) {
+      throw new Error('验证码错误');
+    }
+
+    // 重名校验
+    const authRepeat = await User.findOne({
+      username
+    });
+
+    if (authRepeat) {
+      throw new Error('该用户已被注册');
+    }
+
+    const response = await User.create({
+      username,
+      password,
+      inviterId: inviterId ? inviterId : undefined
+    });
+
+    // 根据 id 获取用户信息
+    const user = await User.findById(response._id);
+
+    if (!user) {
+      throw new Error('获取用户信息异常');
+    }
+
+    // 删除验证码记录
+    await AuthCode.deleteMany({
+      username
+    });
+
+    setCookie(res, user._id);
+
+    jsonRes(res, {
+      data: {
+        user
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/tokenLogin.ts

@@ -0,0 +1,30 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { connectToDatabase } from '@/service/mongo';
+import { User } from '@/service/models/user';
+import { authUser } from '@/service/utils/auth';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    const { userId } = await authUser({ req, authToken: true });
+
+    await connectToDatabase();
+
+    // 根据 id 获取用户信息
+    const user = await User.findById(userId);
+
+    if (!user) {
+      throw new Error('账号异常');
+    }
+
+    jsonRes(res, {
+      data: user
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/update.ts

@@ -0,0 +1,34 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { User } from '@/service/models/user';
+import { connectToDatabase } from '@/service/mongo';
+import { authUser } from '@/service/utils/auth';
+import { UserUpdateParams } from '@/types/user';
+
+/* 更新一些基本信息 */
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    const { avatar } = req.body as UserUpdateParams;
+
+    const { userId } = await authUser({ req, authToken: true });
+
+    await connectToDatabase();
+    // 更新对应的记录
+    await User.updateOne(
+      {
+        _id: userId
+      },
+      {
+        ...(avatar && { avatar })
+      }
+    );
+
+    jsonRes(res);
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/updatePasswordByCode.ts

@@ -0,0 +1,64 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { User } from '@/service/models/user';
+import { AuthCode } from '@/service/models/authCode';
+import { connectToDatabase } from '@/service/mongo';
+import { UserAuthTypeEnum } from '@/constants/common';
+import { setCookie } from '@/service/utils/tools';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    const { username, code, password } = req.body;
+
+    if (!username || !code || !password) {
+      throw new Error('缺少参数');
+    }
+
+    await connectToDatabase();
+
+    // 验证码校验
+    const authCode = await AuthCode.findOne({
+      username,
+      code,
+      type: UserAuthTypeEnum.findPassword,
+      expiredTime: { $gte: Date.now() }
+    });
+
+    if (!authCode) {
+      throw new Error('验证码错误');
+    }
+
+    // 更新对应的记录
+    await User.updateOne(
+      {
+        username
+      },
+      {
+        password
+      }
+    );
+
+    // 根据 username 获取用户信息
+    const user = await User.findOne({
+      username
+    });
+
+    if (!user) {
+      throw new Error('获取用户信息异常');
+    }
+
+    setCookie(res, user._id);
+
+    jsonRes(res, {
+      data: {
+        user
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}

client/src/pages/api/user/account/updatePasswordByOld.ts

@@ -0,0 +1,49 @@
+// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { jsonRes } from '@/service/response';
+import { User } from '@/service/models/user';
+import { AuthCode } from '@/service/models/authCode';
+import { connectToDatabase } from '@/service/mongo';
+import { UserAuthTypeEnum } from '@/constants/common';
+import { setCookie } from '@/service/utils/tools';
+import { authUser } from '@/service/utils/auth';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
+  try {
+    const { oldPsw, newPsw } = req.body as { oldPsw: string; newPsw: string };
+
+    if (!oldPsw || !newPsw) {
+      throw new Error('Params is missing');
+    }
+
+    await connectToDatabase();
+
+    const { userId } = await authUser({ req, authToken: true });
+
+    // auth old password
+    const user = await User.findOne({
+      _id: userId,
+      password: oldPsw
+    });
+
+    if (!user) {
+      throw new Error('user.Old password is error');
+    }
+
+    // 更新对应的记录
+    await User.findByIdAndUpdate(userId, {
+      password: newPsw
+    });
+
+    jsonRes(res, {
+      data: {
+        user
+      }
+    });
+  } catch (err) {
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}