| 1234567891011121314151617181920212223242526272829303132333435 |
- // controllers/auth.js
- const jwt = require('jsonwebtoken');
- const db = require('../config/db');
- const { successResponse, errorResponse } = require('../utils/apiResponse');
- class AuthController {
- static async login(req, res) {
- try {
- const { username, password } = req.body;
-
- // 实际项目中应该使用 bcrypt 比较密码哈希
- const [users] = await db.query(
- 'SELECT * FROM users WHERE username = ? AND password_hash = ?',
- [username, password]
- );
-
- if (users.length === 0) {
- return errorResponse(res, 'Invalid credentials', 401);
- }
-
- const user = users[0];
- const token = jwt.sign(
- { id: user.id, username: user.username, role: user.role },
- process.env.JWT_SECRET,
- { expiresIn: '1h' }
- );
-
- successResponse(res, { token, user });
- } catch (err) {
- errorResponse(res, err);
- }
- }
- }
- module.exports = AuthController;
|
