剧场模式
首页后端TypeScriptTypeScript + Express + MongoDB 基于角色的权限控制原理与实战

基于角色的权限控制原理与实战 #4 后台用户登录(四更)

求知小风 · 元婴发布于新课程
0

src/routes/index.ts

import express, { Router } from "express";
import usersRouter from "./users";
import postsRouter from "./posts";
import adminRouter from "./admin";

const router: Router = express.Router();

router.use("/users", usersRouter);
router.use("/posts", postsRouter);

router.use("/admin", adminRouter);

export default router;

src/routes/admin/index.ts

import express, { Router } from "express";
import usersRouter from "./users";

const router: Router = express.Router();

router.use("/users", usersRouter);

export default router;

src/routes/admin/users.ts

import express, { Router } from "express";
import * as usersController from "../../controllers/admin/users";

const router: Router = express.Router();

router.post("/login", usersController.postLogin);

export default router;

src/utils/admin/validator.ts

import { isEmpty } from "validator";
import { IAdminDocument } from "../../models/Admin";

export interface InputError extends Partial<IAdminDocument> {
  general?: string;
}

export const validateInput = (
  username: IAdminDocument["username"],
  password: IAdminDocument["password"]
) => {
  let errors: InputError = {};

  if (isEmpty(username.trim())) {
    errors.username = "Username must not be empty";
  }

  if (isEmpty(password.trim())) {
    errors.password = "Password must not be empty";
  }

  return { errors, valid: Object.keys(errors).length < 1 };
};

src/controllers/admin/users.ts

import { Request, Response } from "express";

import { InputError, validateInput } from "../../utils/admin/validator";
import HttpException from "../../exceptions/HttpException";
import { UNPROCESSABLE_ENTITY } from "http-status-codes";

import bcrypt from "bcryptjs";
import Admin from "../../models/Admin";

import { wrapAsync } from "../../helpers/wrap-async";

const throwValidateError = (errors: InputError) => {
  throw new HttpException(UNPROCESSABLE_ENTITY, "Admin input error", errors);
};

/**
 * Login Admin
 *
 * @Method POST
 * @URL /api/admin/users/login
 *
 */
export const postLogin = wrapAsync(
  async (req: Request, res: Response): Promise<void> => {
    const { username, password } = req.body;

    const { errors, valid } = validateInput(username, password);

    if (!valid) {
      return throwValidateError(errors);
    }

    const admin = await Admin.findOne({ username });

    if (!admin) {
      errors.general = "Admin not found";
      return throwValidateError(errors);
    }

    const match = await bcrypt.compare(password, admin.password);

    if (!match) {
      errors.general = "Wrong credentials";
      return throwValidateError(errors);
    }

    const token = admin.generateToken();

    res.json({
      success: true,
      data: {
        id: admin.id,
        token
      }
    });
  }
);
0 条回复
暂无回复~~
官方服务号
随机课程
Nodejs + Express + MongoDB 基础篇

Nodejs + Express + MongoDB 基础篇

17 个视频1 小时 36 分钟初级

Pro¥ 99.00¥ 79.20

Nodejs已完结

学员(38)
一只快乐的码农 · 大乘宏 · 道祖志涛 · 真仙爱优美 · 元婴WeChain · 真仙米斯特张 · 真仙hjc · 元婴[微信红包]恭喜发财,大吉大利 · 道祖萎鳴咸一 · 太乙Pip · 太乙Flash52 · 太乙lRockets · 道祖
最新动态
一只快乐的码农 · 大乘学习到了10:44
宏 · 道祖学习到了0:00
志涛 · 真仙学习到了0:40
爱优美 · 元婴学习到了0:00
WeChain · 真仙学习到了10:44
统计信息
    学员: 17786
    视频数量: 1049
    帖子数量: 427

© 汕尾市求知科技有限公司 | 粤ICP备19038915号 | 关注我们 | 在线学员:115

Top