一、本节纪要
- 新增了一个rolesSchema,作为角色的存储结构。
- 新增了关联rolesId与rolesSchema的数据相关联
- 新增了一个中间件hasLimit,控制【非管理员身份】不能进行删除用户的操作
- 删除用户的操作有做修改
- 添加了错误捕捉机制
代码演示
rolesSchema.js
const mongoose = require('mongoose');
const { Schema, model } = mongoose;
const rolesSchema = new Schema({
__v: { type: String, select: false },
roleName: { type: String, required: true },
date: { type: Date, default: Date.now } // 注册时间
})
module.exports = model('Roles', rolesSchema)
usersSchema.js
const mongoose = require('mongoose');
const { Schema, model } = mongoose;
const usersSchema = new Schema({
__v: { type: String, select: false },
name: { type: String, required: true },
email: { type: String, default: '' },
password: { type: String, required: true, select: false },
date: { type: Date, default: Date.now }, // 注册时间
rolesId: [{
type: Schema.Types.ObjectId,
ref: 'Roles'
}]
})
module.exports = model('Users', usersSchema)
usersControllers.js
const Users = require('../models/usersSchema.js')
const jwt = require('jsonwebtoken');
const { secretKey } = require('../utils/Keys')
// 获取用户列表
const getUserList = async ctx => {
ctx.body = await Users.find();
}
// 获取某一个用户
const getUser = async ctx => {
console.log(ctx.params.id)
const user = await Users.findById(ctx.params.id);
if (!user) {
ctx.throw(404, '用户不存在')
}
ctx.body = user
}
// 新增一个用户
const createUser = async ctx => {
let { name } = ctx.request.body;
const user = await Users.findOne({ name }).populate('rolesId');
if (user) {
ctx.throw(405, '已存在该用户!!!')
} else {
ctx.body = await new Users(ctx.request.body).save();
}
}
// 修改一个用户
const updateUser = async ctx => {
let { id } = ctx.params
const user = await Users.findByIdAndUpdate(id, ctx.request.body);
if (!user) { ctx.throw(412, '用户不存在!!!') }
ctx.status = 200
ctx.body = { msg: '修改成功' }
}
// 删除一个用户
const deleteUser = async ctx => {
try {
const user = await Users.findByIdAndDelete({ _id: ctx.params.id })
ctx.body = user
} catch (error) {
ctx.throw(404, '用户不存在!!!');
}
}
// 登录接口
const login = async ctx => {
const user = await Users.findOne(ctx.request.body).populate('rolesId');
if (!user) { ctx.throw(401, '用户名或者密码输入错误!!!') }
const { name, email, rolesId } = user
console.log(name, email);
const token = jwt.sign({ name, email, rolesId }, secretKey, { expiresIn: '1h' });
ctx.body = { msg: '登录成功!!!', token }
}
module.exports = {
getUserList,
getUser,
createUser,
updateUser,
deleteUser,
login
}
rolesControllers.js
const Roles = require('../models/rolesSchema');
// 获取角色列表
const getRolesList = async ctx => {
const roles = await Roles.find();
ctx.body = roles;
}
// 新增一个角色
const createRole = async ctx => {
let { roleName } = ctx.request.body
const role = await Roles.findOne({ roleName });
console.log(typeof role)
if (role) {
ctx.throw(405, '角色已存在!!!')
}
const Role = await new Roles(ctx.request.body).save();
ctx.body = Role
}
// 修改一个角色
const updateRole = async ctx => {
}
// 删除一个角色
const deleteRole = async ctx => {
}
module.exports = {
getRolesList,
createRole,
updateRole,
deleteRole
}
routers/roles.js
const Router = require('koa-router');
const router = new Router({ prefix: '/roles' });
const {
getRolesList,
createRole,
updateRole,
deleteRole
} = require('../controllers/rolesControllers.js');
router.get('/', getRolesList)
router.post('/', createRole)
router.patch('/:id', updateRole)
router.delete('/:id', deleteRole)
module.exports = router.routes();
routers/users.js
16行删除接口新增了中间件
const Router = require('koa-router');
const router = new Router({ prefix: '/users' });
const {
getUserList,
getUser,
createUser,
updateUser,
deleteUser,
login } = require('../controllers/usersControllers.js')
const { auth, hasLimit } = require('../middleware/usersMiddleware')
router.get('/', auth, getUserList);
router.get('/:id', auth, getUser);
router.post('/', createUser);
router.put('/:id', auth, updateUser);
router.delete('/:id', auth, hasLimit, deleteUser);
router.post('/login', login);
module.exports = router.routes();
usersMiddleware.js
const jwt = require('jsonwebtoken');
const { secretKey } = require('../utils/Keys');
const auth = async (ctx, next) => {
const { authorization = '' } = ctx.request.header;
const token = authorization.replace('Bearer ', '');
try {
const user = jwt.verify(token, secretKey);
ctx.state.user = user
} catch {
ctx.throw(401, '没有权限!!!')
}
await next()
}
const hasLimit = async (ctx, next) => {
const { rolesId: roleIdList } = ctx.state.user
let flag = roleIdList.some(item => {
return item.roleName === '管理员'
});
flag ? await next() : ctx.throw(401, '没有删除权限!!!')
}
module.exports = {
auth,
hasLimit
}
错误捕捉
app.js
npm install koa-json-error -S
const error = require('koa-json-error')
// 放在所有中间件的最前面
app.use(error({
postFormat: (e, { stack, ...rest }) => process.env.NODE_ENV === 'production' ? rest : { stack, ...rest }
}));
app.use(koaBody());
router.use(usersRouter);
router.use(rolesRouter)
app.use(router.routes()).use(router.allowedMethods());