auth.js 964 B

1234567891011121314151617181920212223242526272829303132333435
  1. // controllers/auth.js
  2. const jwt = require('jsonwebtoken');
  3. const db = require('../config/db');
  4. const { successResponse, errorResponse } = require('../utils/apiResponse');
  5. class AuthController {
  6. static async login(req, res) {
  7. try {
  8. const { username, password } = req.body;
  9. // 实际项目中应该使用 bcrypt 比较密码哈希
  10. const [users] = await db.query(
  11. 'SELECT * FROM users WHERE username = ? AND password_hash = ?',
  12. [username, password]
  13. );
  14. if (users.length === 0) {
  15. return errorResponse(res, 'Invalid credentials', 401);
  16. }
  17. const user = users[0];
  18. const token = jwt.sign(
  19. { id: user.id, username: user.username, role: user.role },
  20. process.env.JWT_SECRET,
  21. { expiresIn: '1h' }
  22. );
  23. successResponse(res, { token, user });
  24. } catch (err) {
  25. errorResponse(res, err);
  26. }
  27. }
  28. }
  29. module.exports = AuthController;