login-server/userinfo.js at master · EVEModX/login-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
/**
 * Created by byr on 2016/12/5.
 */
/*
 * 用户信息处理模块
 * */
"use strict";
const express = require("express");
const data = require("./datasource");
const config = require("./config");
const debug = require('debug')('userinfo');
const _ = require("lodash");
let router = express.Router();
const mysql=require("mysql");
let db = mysql.createConnection(config.mysql);
const TABLE_NAME = "userinfo"; //数据表名
/*
 * 表结构
 * CREATE TABLE userinfo(
 *   id INTEGER NOT NULL PRIMARY KEY ON CONFLICT REPLACE,
 *   data TEXT
 * )
 * */

function getUserinfo_mysql(userid) {
    return new Promise((resolve, reject) => {
        db.query("SELECT * FROM " + TABLE_NAME + " WHERE id= ?", [userid], function (err, row) {
            if (err) reject({status: 500, msg: "Error in database"});
            row=row[0];
            if (row === undefined) reject({status: 404});
            try {
                row = JSON.parse(row.data);
            } catch (e) {
                if (e instanceof SyntaxError)
                    reject({status: 500, msg: "database corrupt"});
            }
            resolve(row);
        });
    });
}
/*
 * 获取用户信息
 * 表单:
 *   :param userid int 所请求的用户ID（默认为自己）
 *   :param info_req string 所请求的信息 (e.g. "{email:'',username:''}")
 * */
function getUserinfo(req, resp) {
    let p = new Promise((resolve, reject) => {
        let uid = req.body.userid || (req.user!==undefined?req.user.getID():undefined),
            info_req = req.body.info_req;
        if (!_.isNumber(uid) || !_.isFinite(uid))
            reject({status: 400, msg: "missing uid"});
        try {
            info_req = JSON.parse(info_req);
        } catch (e) {
            if (e instanceof SyntaxError)
                reject({status: 400, msg: "missing info_req"});
        }
        resolve({uid: uid, info_req: info_req});
    });
    p.then(data => getUserinfo_mysql(data.uid)
        .then(row => {
            resp.status(200);
            let result = {};
            for (let key in data.info_req) {
                if (data.info_req.hasOwnProperty(key))
                    result[key] = row[key];
            }
            resp.json(result);
            resp.end();
        })
    ).catch(function (err) {
        debug(err);
        resp.status(err.status || 500);
        resp.write(err.msg || "unknown error");
        resp.end();
    });
}
function setUserinfo_mysql(userid, userinfo) {
    return new Promise((resolve, reject) => {
        db.query("INSERT INTO " + TABLE_NAME + " (id,data) VALUES(?,?)", [userid, userinfo], function (err) {
            if (err) reject({status: 500, msg: "database error"});
            else resolve();
        });
    });
}
/*设置用户信息
 * 表单：
 *   :param token string 授权token (默认转为req.user)
 *   :param info_req string 设置的信息 json编码
 *   :param [userid] int 要设置的用户ID 默认为req.user的ID
 * */
function setUserinfo(req, resp) {
    let p = new Promise((resolve, reject) => {
        let uid = req.body.userid,
            info = req.body.info_req;
        if (!uid) uid = req.user.data.userid;
        if (!_.isNumber(uid) || !_.isFinite(uid))
            reject({status: 400, msg: "missing uid"});
        try {
            JSON.parse(info);
        } catch (e) {
            if (e instanceof SyntaxError)
                reject({status: 400, msg: "missing info_req"});
            else
                reject({status: 500, msg:"unknown error"});
        }
        resolve({uid: uid, info: info});
    });
    p.then(data => setUserinfo_mysql(data.uid, data.info)
        .then(() => {
            resp.status(200);
            resp.end();
            debug('setUserinfo 200');
        }).catch((err)=>{
            resp.status(err.status||500);
            resp.write(err.msg || "unknown err at setUserinfo");
            resp.end();
        })
    ).catch((err)=>{
        resp.status(err.status || 500);
        resp.write(err.msg || "unknown error at setUserinfo");
        resp.end();
    });
}
function authorziation(req, resp, next) {
    if (req.path === '/setinfo') {
        if (req.user.getID() === 0 || !req.body.userid || req.user.data.userid === req.body.userid) {
            debug("auth next");
            next();
        } else {
            debug("auth 403");
            resp.status(403).end();
        }
    }
    else {
        debug("auth next");
        next();
    }
}
router.use(authorziation);
router.post('/getinfo', getUserinfo);
router.post('/setinfo', setUserinfo);
module.exports = router;