feat: refactor authentication logic for admin and user login, improve error handling
This commit is contained in:
@ -1,55 +1,14 @@
|
||||
import { defineEventHandler, readBody, createError } from 'h3';
|
||||
import { db, rooms, reservations } from '~/server/db';
|
||||
import { eq, gt, and, sql } from 'drizzle-orm';
|
||||
import { bookRoomLogic } from './book/_logic';
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const body = await readBody(event);
|
||||
const { customerId, roomId, checkInTime, stayDays } = body;
|
||||
|
||||
if (!customerId || !roomId || !checkInTime || !stayDays) {
|
||||
return createError({ statusCode: 400, statusMessage: '请填写完整信息' });
|
||||
}
|
||||
|
||||
try {
|
||||
const result = await db.transaction(async (tx) => {
|
||||
// 1. Check for availability and get the room
|
||||
const room = await tx.query.rooms.findFirst({
|
||||
where: and(eq(rooms.id, roomId), gt(rooms.availableCount, 0)),
|
||||
columns: {
|
||||
id: true,
|
||||
}
|
||||
});
|
||||
|
||||
if (!room) {
|
||||
// By throwing an error, we automatically roll back the transaction
|
||||
throw new Error('Room not available');
|
||||
}
|
||||
|
||||
// 2. Decrement available count
|
||||
await tx.update(rooms)
|
||||
.set({ availableCount: sql`${rooms.availableCount} - 1` })
|
||||
.where(eq(rooms.id, roomId));
|
||||
|
||||
// 3. Create reservation
|
||||
const newReservation = await tx.insert(reservations).values({
|
||||
customerId: parseInt(customerId, 10),
|
||||
roomId: parseInt(roomId, 10),
|
||||
checkInTime: new Date(checkInTime),
|
||||
stayDays: parseInt(stayDays, 10),
|
||||
}).returning({ id: reservations.id });
|
||||
|
||||
return newReservation[0];
|
||||
});
|
||||
|
||||
return {
|
||||
message: '预订成功!',
|
||||
reservationId: result.id,
|
||||
};
|
||||
const body = await readBody(event);
|
||||
return await bookRoomLogic(body);
|
||||
} catch (error: any) {
|
||||
if (error.message === 'Room not available') {
|
||||
return createError({ statusCode: 409, statusMessage: '该房间已无可预订数量' });
|
||||
}
|
||||
console.error('Booking error:', error);
|
||||
return createError({ statusCode: 500, statusMessage: '预订失败,请稍后重试' });
|
||||
throw createError({
|
||||
statusCode: error.statusCode || 500,
|
||||
statusMessage: error.message,
|
||||
});
|
||||
}
|
||||
});
|
||||
@ -1,23 +1,15 @@
|
||||
import { defineEventHandler, readBody, setResponseStatus, useRuntimeConfig } from 'h3';
|
||||
import { defineEventHandler, readBody, createError, useRuntimeConfig } from 'h3';
|
||||
import { adminLoginLogic } from './admin/_logic';
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const body = await readBody(event);
|
||||
const { password } = body;
|
||||
const config = useRuntimeConfig(event);
|
||||
|
||||
if (!password) {
|
||||
setResponseStatus(event, 400);
|
||||
return { message: '请填写密码' };
|
||||
const { adminPassword } = useRuntimeConfig();
|
||||
try {
|
||||
const body = await readBody(event);
|
||||
return await adminLoginLogic(body, adminPassword);
|
||||
} catch (error: any) {
|
||||
throw createError({
|
||||
statusCode: error.statusCode || 500,
|
||||
statusMessage: error.message,
|
||||
});
|
||||
}
|
||||
|
||||
const adminPassword = config.adminPassword;
|
||||
|
||||
if (!adminPassword || password !== adminPassword) {
|
||||
setResponseStatus(event, 401);
|
||||
return { message: '密码错误' };
|
||||
}
|
||||
|
||||
return {
|
||||
message: '管理员登录成功!',
|
||||
};
|
||||
});
|
||||
@ -1,42 +1,14 @@
|
||||
import { defineEventHandler, readBody, setResponseStatus } from 'h3';
|
||||
import { db, customers } from '~/server/db';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { defineEventHandler, readBody, createError } from 'h3';
|
||||
import { userLoginLogic } from './user/_logic';
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const body = await readBody(event);
|
||||
const { contact, password } = body;
|
||||
|
||||
if (!contact || !password) {
|
||||
setResponseStatus(event, 400);
|
||||
return { message: '请填写手机号和密码' };
|
||||
}
|
||||
|
||||
try {
|
||||
const user = await db.query.customers.findFirst({
|
||||
where: eq(customers.contact, contact),
|
||||
const body = await readBody(event);
|
||||
return await userLoginLogic(body);
|
||||
} catch (error: any) {
|
||||
throw createError({
|
||||
statusCode: error.statusCode || 500,
|
||||
statusMessage: error.message,
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
setResponseStatus(event, 401);
|
||||
return { message: '手机号或密码错误' };
|
||||
}
|
||||
|
||||
const isPasswordValid = bcrypt.compareSync(password, user.password);
|
||||
|
||||
if (!isPasswordValid) {
|
||||
setResponseStatus(event, 401);
|
||||
return { message: '手机号或密码错误' };
|
||||
}
|
||||
|
||||
return {
|
||||
message: '登录成功!',
|
||||
customerId: user.id,
|
||||
};
|
||||
|
||||
} catch (error) {
|
||||
console.error('Login error:', error);
|
||||
setResponseStatus(event, 500);
|
||||
return { message: '登录失败,请稍后重试' };
|
||||
}
|
||||
});
|
||||
Reference in New Issue
Block a user