fix: remove global auth from public user endpoints (stats, schemes, limits, favorited-count)
This commit is contained in:
@@ -5,12 +5,167 @@ import { prisma } from '../utils/prisma';
|
||||
|
||||
const router = Router();
|
||||
|
||||
// 所有路由都需要认证
|
||||
router.use(authMiddleware);
|
||||
// ============================================
|
||||
// 获取用户统计 (公开)
|
||||
// ============================================
|
||||
router.get('/stats/:userId', async (req: Request, res: Response) => {
|
||||
try {
|
||||
const { userId } = req.params;
|
||||
|
||||
const user = await prisma.user.findUnique({
|
||||
where: { id: userId },
|
||||
select: {
|
||||
schemesCount: true,
|
||||
favoritesCount: true,
|
||||
isVip: true,
|
||||
vipExpireAt: true,
|
||||
createdAt: true,
|
||||
},
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: '用户不存在',
|
||||
});
|
||||
}
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: {
|
||||
schemesCount: user.schemesCount,
|
||||
favoritesCount: user.favoritesCount,
|
||||
isVip: user.isVip,
|
||||
vipExpireAt: user.vipExpireAt,
|
||||
memberSince: user.createdAt,
|
||||
},
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Get user stats error:', error);
|
||||
res.status(500).json({ success: false, message: '获取失败' });
|
||||
}
|
||||
});
|
||||
|
||||
// ============================================
|
||||
// 更新用户名
|
||||
// 获取用户方案列表 (公开)
|
||||
// ============================================
|
||||
router.get('/schemes/:userId', async (req: Request, res: Response) => {
|
||||
try {
|
||||
const { userId } = req.params;
|
||||
const { type = 'schemes', page = 1, limit = 20 } = req.query;
|
||||
|
||||
const skip = (Number(page) - 1) * Number(limit);
|
||||
|
||||
let schemes;
|
||||
if (type === 'aob') {
|
||||
schemes = await prisma.schemeAob.findMany({
|
||||
where: { userId, status: 'PUBLISHED' },
|
||||
orderBy: { createdAt: 'desc' },
|
||||
skip,
|
||||
take: Number(limit),
|
||||
select: {
|
||||
id: true, title: true, weaponName: true, category: true,
|
||||
viewsCount: true, downloadsCount: true, likesCount: true, createdAt: true,
|
||||
},
|
||||
});
|
||||
} else {
|
||||
schemes = await prisma.scheme.findMany({
|
||||
where: { userId, status: 'PUBLISHED' },
|
||||
orderBy: { createdAt: 'desc' },
|
||||
skip,
|
||||
take: Number(limit),
|
||||
select: {
|
||||
id: true, title: true, weaponName: true, category: true,
|
||||
viewsCount: true, downloadsCount: true, likesCount: true, createdAt: true,
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: schemes,
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Get user schemes error:', error);
|
||||
res.status(500).json({ success: false, message: '获取失败' });
|
||||
}
|
||||
});
|
||||
|
||||
// ============================================
|
||||
// 获取用户被收藏次数 (公开)
|
||||
// ============================================
|
||||
router.get('/favorited-count/:userId', async (req: Request, res: Response) => {
|
||||
try {
|
||||
const { userId } = req.params;
|
||||
|
||||
const user = await prisma.user.findUnique({
|
||||
where: { id: userId },
|
||||
select: { favoritesCount: true },
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: '用户不存在',
|
||||
});
|
||||
}
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
favoritedCount: user.favoritesCount,
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Get favorited count error:', error);
|
||||
res.status(500).json({ success: false, message: '获取失败' });
|
||||
}
|
||||
});
|
||||
|
||||
// ============================================
|
||||
// 获取用户功能限制信息 (公开)
|
||||
// ============================================
|
||||
router.get('/limits/:userId', async (req: Request, res: Response) => {
|
||||
try {
|
||||
const { userId } = req.params;
|
||||
|
||||
const user = await prisma.user.findUnique({
|
||||
where: { id: userId },
|
||||
select: { id: true, isVip: true, vipExpireAt: true },
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return res.status(404).json({ success: false, message: '用户不存在' });
|
||||
}
|
||||
|
||||
const now = new Date();
|
||||
const isVipActive = user.isVip && user.vipExpireAt && user.vipExpireAt > now;
|
||||
|
||||
const limits = isVipActive
|
||||
? {
|
||||
maxDailyUses: 500,
|
||||
dailyUsesLeft: 500,
|
||||
maxFavorites: 1000,
|
||||
maxSchemes: 200,
|
||||
canUploadIcc: true,
|
||||
}
|
||||
: {
|
||||
maxDailyUses: 50,
|
||||
dailyUsesLeft: 50,
|
||||
maxFavorites: 100,
|
||||
maxSchemes: 50,
|
||||
canUploadIcc: false,
|
||||
};
|
||||
|
||||
res.json({ success: true, ...limits });
|
||||
} catch (error) {
|
||||
console.error('Get user limits error:', error);
|
||||
res.status(500).json({ success: false, message: '获取失败' });
|
||||
}
|
||||
});
|
||||
|
||||
// ============================================
|
||||
// 以下路由需要认证
|
||||
// ============================================
|
||||
router.use(authMiddleware);
|
||||
const updateUsernameSchema = z.object({
|
||||
userId: z.string().uuid(),
|
||||
username: z.string().min(3).max(50),
|
||||
|
||||
Reference in New Issue
Block a user