feat: add backend server

server/controller/stability.js

@@ -0,0 +1,99 @@
+import express from 'express'
+import { requireAuth, requireAdmin } from './user.js'
+import Stability from '../model/stability.js'
+
+const router = express.Router()
+
+// 列出所有稳定性实验
+router.get('/', requireAuth, async (req, res) => {
+    try {
+        const stabilities = await Stability.find().populate(['checks.checker', 'creater'])
+        res.json(stabilities)
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 列出未完成的稳定性实验
+router.get('/unend', requireAuth, async (req, res) => {
+    try {
+        const statilities = await Stability.find({ ended: false }).populate(['checks.checker', 'creater'])
+        res.json(statilities)
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 创建稳定性实验
+router.post('/', requireAuth, async (req, res) => {
+    if (!req.body.batch) {
+        return res.status(400).json({ message: '缺少必要字段' })
+    }
+
+    try {
+        const stability = await Stability.create({
+            creater: req.user.id,
+            ...req.body,
+        })
+        if (stability) {
+            res.json(stability)
+        } else {
+            res.status(400).json({ message: '资源创建失败' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 删除稳定性实验
+router.delete('/:id', requireAuth, requireAdmin, async (req, res) => {
+    try {
+        const stability = await Stability.findByIdAndDelete(req.params.id)
+        if (stability) {
+            res.json({ message: '删除成功' })
+        } else {
+            res.status(404).json({ message: '删除失败' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 对 指定的稳定性实验进行check
+// id：稳定性实验id
+// checkid：检查点id
+router.post('/check/:id/:checkid', requireAuth, async (req, res) => {
+    try {
+        const stability = await Stability.findById(req.params.id)
+        if (!stability) {
+            return res.status(404).json({ message: `未找到id为${req.params.id}的记录` })
+        }
+        stability.checks.forEach((check) => {
+            if (check._id == req.params.checkid) {
+                check.checked = true
+                check.checker = req.user.id
+            }
+        })
+        stability.ended = stability.checks.every((check) => check.checked)
+        await stability.save()
+        res.json(stability)
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 更新稳定性实验
+router.patch('/:id', requireAuth, async (req, res) => {
+    try {
+        const stability = await Stability.findByIdAndUpdate(req.params.id, req.body, { returnDocument: 'after' })
+        if (stability) {
+            res.json(stability)
+        } else {
+            res.status(404).json({ message: `未找到id为${req.params.id}的记录` })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+export { router as stabilityRouter }

server/controller/standard.js

@@ -0,0 +1,65 @@
+import express from 'express'
+import Standard from '../model/standard.js'
+import { requireAuth, requireAdmin } from './user.js'
+
+const router = express.Router()
+
+// 获取对照品
+router.get('/', requireAuth, async (req, res) => {
+    try {
+        const standard = await Standard.find()
+        res.json(standard)
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 创建对照品
+router.post('/', requireAuth, async (req, res) => {
+    if (!req.body.batch) {
+        return res.status(400).json({ message: '缺少必要字段' })
+    }
+
+    try {
+        const standard = await Standard.create({ ...req.body })
+        if (standard) {
+            res.json(standard)
+        } else {
+            res.status(400).json({ message: '资源创建失败' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 删除对照品
+router.delete('/:id', requireAuth, requireAdmin, async (req, res) => {
+    try {
+        const standard = await Standard.findByIdAndDelete(req.params.id)
+        if (standard) {
+            res.json({ message: '删除成功' })
+        } else {
+            res.status(404).json({ message: '删除成功' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '服务器错误', error: error.message })
+    }
+})
+
+// 更新对照品
+router.patch('/:id', requireAuth, async (req, res) => {
+    try {
+        console.log(req.params.id, req.body)
+        const standard = await Standard.findByIdAndUpdate(req.params.id, req.body, {
+            returnDocument: 'after',
+        })
+        res.json(standard)
+    } catch (error) {
+        res.status(500).json({
+            message: '服务器错误',
+            error: error.message,
+        })
+    }
+})
+
+export { router as standardRouter }

server/controller/user.js

@@ -0,0 +1,103 @@
+import express from 'express'
+import jwt from 'jsonwebtoken'
+import User from '../model/user.js'
+
+const router = express.Router()
+
+// 获取所有用户
+router.get('/', requireAuth, requireAdmin, async (req, res) => {
+    try {
+        const users = await User.find().select('-password')
+        res.json(users)
+    } catch (error) {
+        res.status(500).json({ message: '获取用户信息时发生错误', error: error.message })
+    }
+})
+
+// 创建新用户
+router.post('/', requireAuth, requireAdmin, async (req, res) => {
+    try {
+        const { username, nickname, password } = req.body
+        const user = await User.create({
+            username,
+            nickname,
+            password,
+            role: 'user',
+        })
+        res.status(201).json(user)
+    } catch (error) {
+        res.status(400).json({ message: '创建用户时发生错误', error: error.message })
+    }
+})
+
+// 删除用户
+router.delete('/:id', requireAuth, requireAdmin, async (req, res) => {
+    try {
+        if (req.user._id.toString() === req.params.id) {
+            return res.status(400).json({ message: '不能删除你自己' })
+        }
+        const user = await User.findByIdAndDelete(req.params.id)
+        if (user) {
+            res.json({ message: '已删除用户' })
+        } else {
+            res.status(404).json({ message: '该用户不存在' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '删除用户时发生错误', error: error.message })
+    }
+})
+
+// 用户登录
+router.post('/login', async (req, res) => {
+    try {
+        const { username, password } = req.body
+        const user = await User.findOne({ username })
+        if (user && (await user.comparePassword(password))) {
+            const token = jwt.sign({ id: user._id, username: user.username }, process.env.JWT_SECRET, {
+                expiresIn: '24h',
+            })
+            res.json({ token, user })
+        } else {
+            res.status(401).json({ message: '用户名或密码错误' })
+        }
+    } catch (error) {
+        res.status(500).json({ message: '登录过程中发生错误', error: error.message })
+    }
+})
+
+/**
+ * 验证用户身份，拒绝未认证的请求
+ */
+async function requireAuth(req, res, next) {
+    const authHeader = req.headers['authorization']
+    if (!authHeader) {
+        return res.status(401).json({ message: '未提供身份验证信息' })
+    }
+
+    const token = authHeader.split(' ').pop()
+    if (!token) {
+        return res.status(401).json({ message: '提供了错误的身份验证信息' })
+    }
+
+    jwt.verify(token, process.env.JWT_SECRET, async (err, decoded) => {
+        if (err) {
+            return res.status(401).json({ message: '身份验证失败' })
+        }
+        // 从数据库获取完整的用户信息
+        req.user = await User.findById(decoded.id)
+        next()
+    })
+}
+
+/**
+ * 检查用户是否具有管理员权限，调用前必须先调用requireAuth中间件验证用户身份
+ */
+async function requireAdmin(req, res, next) {
+    if (req.user && req.user.role === 'admin') {
+        next()
+    } else {
+        res.status(403).json({ message: '需要管理员权限' })
+    }
+}
+
+export { router as userRouter, requireAuth, requireAdmin }