feat: refactor authentication logic for admin and user login, improve error handling

2025-06-18 16:59:36 +08:00
parent 0ca2d51669
commit ad78f713a3
5 changed files with 35 additions and 8219 deletions
--- a/package.json
+++ b/package.json
@ -7,19 +7,22 @@
    "dev": "nuxt dev",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
-    "postinstall": "nuxt prepare"
+    "postinstall": "nuxt prepare",
    "test": "vitest"
  },
  "dependencies": {
    "@libsql/client": "^0.15.9",
    "bcryptjs": "^3.0.2",
-    "drizzle-orm": "^0.44.2",
+    "drizzle-orm": "^0.30.0",
    "nuxt": "^3.17.5",
-    "vue": "^3.5.16",
+    "vue": "^3.4.0",
-    "vue-router": "^4.5.1"
+    "vue-router": "^4.3.0"
  },
  "devDependencies": {
-    "@nuxtjs/tailwindcss": "7.0.0-beta.0",
+    "@nuxtjs/tailwindcss": "^6.14.0",
    "@types/bcryptjs": "^3.0.0",
-    "drizzle-kit": "^0.31.1"
+    "drizzle-kit": "^0.31.1",
    "happy-dom": "^18.0.1",
    "vitest": "^0.33.0"
  }
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/server/api/book.post.ts
+++ b/server/api/book.post.ts
@ -1,55 +1,14 @@
 import { defineEventHandler, readBody, createError } from 'h3';
-import { db, rooms, reservations } from '~/server/db';
+import { bookRoomLogic } from './book/_logic';
 import { eq, gt, and, sql } from 'drizzle-orm';
 export default defineEventHandler(async (event) => {
  const body = await readBody(event);
  const { customerId, roomId, checkInTime, stayDays } = body;
  if (!customerId || !roomId || !checkInTime || !stayDays) {
    return createError({ statusCode: 400, statusMessage: '请填写完整信息' });
  }
  try {
-    const result = await db.transaction(async (tx) => {
+    const body = await readBody(event);
-      // 1. Check for availability and get the room
+    return await bookRoomLogic(body);
      const room = await tx.query.rooms.findFirst({
        where: and(eq(rooms.id, roomId), gt(rooms.availableCount, 0)),
        columns: {
          id: true,
        }
      });
      if (!room) {
        // By throwing an error, we automatically roll back the transaction
        throw new Error('Room not available');
      }
      // 2. Decrement available count
      await tx.update(rooms)
        .set({ availableCount: sql`${rooms.availableCount} - 1` })
        .where(eq(rooms.id, roomId));
      // 3. Create reservation
      const newReservation = await tx.insert(reservations).values({
        customerId: parseInt(customerId, 10),
        roomId: parseInt(roomId, 10),
        checkInTime: new Date(checkInTime),
        stayDays: parseInt(stayDays, 10),
      }).returning({ id: reservations.id });
      return newReservation[0];
    });
    return {
      message: '预订成功！',
      reservationId: result.id,
    };
  } catch (error: any) {
-    if (error.message === 'Room not available') {
+    throw createError({
-      return createError({ statusCode: 409, statusMessage: '该房间已无可预订数量' });
+      statusCode: error.statusCode || 500,
-    }
+      statusMessage: error.message,
-    console.error('Booking error:', error);
+    });
    return createError({ statusCode: 500, statusMessage: '预订失败，请稍后重试' });
  }
 }); 
--- a/server/api/login/admin.post.ts
+++ b/server/api/login/admin.post.ts
@ -1,23 +1,15 @@
-import { defineEventHandler, readBody, setResponseStatus, useRuntimeConfig } from 'h3';
+import { defineEventHandler, readBody, createError, useRuntimeConfig } from 'h3';
 import { adminLoginLogic } from './admin/_logic';
 export default defineEventHandler(async (event) => {
-  const body = await readBody(event);
+  const { adminPassword } = useRuntimeConfig();
-  const { password } = body;
+  try {
-  const config = useRuntimeConfig(event);
+    const body = await readBody(event);
-
+    return await adminLoginLogic(body, adminPassword);
-  if (!password) {
+  } catch (error: any) {
-    setResponseStatus(event, 400);
+    throw createError({
-    return { message: '请填写密码' };
+      statusCode: error.statusCode || 500,
      statusMessage: error.message,
    });
  }
  const adminPassword = config.adminPassword;
  if (!adminPassword || password !== adminPassword) {
    setResponseStatus(event, 401);
    return { message: '密码错误' };
  }
  return {
    message: '管理员登录成功！',
  };
 }); 
--- a/server/api/login/user.post.ts
+++ b/server/api/login/user.post.ts
@ -1,42 +1,14 @@
-import { defineEventHandler, readBody, setResponseStatus } from 'h3';
+import { defineEventHandler, readBody, createError } from 'h3';
-import { db, customers } from '~/server/db';
+import { userLoginLogic } from './user/_logic';
 import { eq } from 'drizzle-orm';
 import bcrypt from 'bcryptjs';
 export default defineEventHandler(async (event) => {
  const body = await readBody(event);
  const { contact, password } = body;
  if (!contact || !password) {
    setResponseStatus(event, 400);
    return { message: '请填写手机号和密码' };
  }
  try {
-    const user = await db.query.customers.findFirst({
+    const body = await readBody(event);
-      where: eq(customers.contact, contact),
+    return await userLoginLogic(body);
  } catch (error: any) {
    throw createError({
      statusCode: error.statusCode || 500,
      statusMessage: error.message,
    });
    if (!user) {
      setResponseStatus(event, 401);
      return { message: '手机号或密码错误' };
    }
    const isPasswordValid = bcrypt.compareSync(password, user.password);
    if (!isPasswordValid) {
      setResponseStatus(event, 401);
      return { message: '手机号或密码错误' };
    }
    return {
      message: '登录成功！',
      customerId: user.id,
    };
  } catch (error) {
    console.error('Login error:', error);
    setResponseStatus(event, 500);
    return { message: '登录失败，请稍后重试' };
  }
 });