const express = require("express"); const router = express.Router(); const { executeQuery } = require("../config/database"); const crypto = require("crypto"); // 获取用户列表(user_info:name, create_time) router.get("/users", async (req, res) => { try { const auth = req.headers["authorization"] || ""; const token = auth.startsWith("Bearer ") ? auth.slice(7) : null; if (!token) { return res.status(401).json({ error: "未登录或缺少token" }); } const meRows = await executeQuery(`SELECT name, is_admin FROM user_info WHERE token = ? LIMIT 1`, [token]); if (!meRows || meRows.length === 0) { return res.status(401).json({ error: "无效的用户token" }); } const me = meRows[0]; let sql = ""; let params = []; if (Number(me.is_admin) === 1) { sql = `SELECT name, create_time FROM user_info ORDER BY create_time DESC`; params = []; } else { sql = `SELECT name, create_time FROM user_info WHERE name = ? ORDER BY create_time DESC`; params = [me.name]; } const rows = await executeQuery(sql, params); res.json({ users: rows, me }); } catch (error) { console.error("Error fetching users:", error); res.status(500).json({ error: "Internal server error" }); } }); // 新增:获取用户 tokens 列表(tools_token:user, token) router.get("/tokens", async (req, res) => { try { const auth = req.headers["authorization"] || ""; const token = auth.startsWith("Bearer ") ? auth.slice(7) : null; if (!token) { return res.status(401).json({ error: "未登录或缺少token" }); } const meRows = await executeQuery(`SELECT name, is_admin FROM user_info WHERE token = ? LIMIT 1`, [token]); if (!meRows || meRows.length === 0) { return res.status(401).json({ error: "无效的用户token" }); } const me = meRows[0]; let sql = ""; let params = []; if (Number(me.is_admin) === 1) { sql = `SELECT user, token FROM tools_token ORDER BY id DESC`; params = []; } else { sql = `SELECT user, token FROM tools_token WHERE user = ? ORDER BY id DESC`; params = [me.name]; } const rows = await executeQuery(sql, params); res.json({ tokens: rows, me }); } catch (error) { console.error("Error fetching tokens:", error); res.status(500).json({ error: "Internal server error" }); } }); // 获取工具列表(tools_library:tools_id, tools_name, tools_function_name, status) router.get("/tools", async (req, res) => { try { const sql = ` SELECT tools_id, tools_name, tools_function_name,tools_full_name, mcp_tools_name, status FROM tools_library ORDER BY create_time DESC `; const rows = await executeQuery(sql, []); res.json({ tools: rows }); } catch (error) { console.error("Error fetching tools:", error); res.status(500).json({ error: "Internal server error" }); } }); // 根据token获取已设置的工具集 router.get("/token-tools/:token", async (req, res) => { try { const { token } = req.params; if (!token) { return res.status(400).json({ error: "缺少token参数" }); } const sql = ` SELECT tools_id FROM tools_token_set WHERE token = ? ORDER BY create_time DESC `; const rows = await executeQuery(sql, [token]); const toolsIds = rows.map((row) => row.tools_id); res.json({ tools_ids: toolsIds }); } catch (error) { console.error("Error fetching token tools:", error); res.status(500).json({ error: "Internal server error" }); } }); // 保存用户的工具集:根据 user_name 查找启用的 token,然后把所选 tools_id 批量插入 tools_token_set router.post("/save", async (req, res) => { try { const { user_name, tools_ids, token: payloadToken } = req.body; if (!user_name || !Array.isArray(tools_ids)) { return res.status(400).json({ error: "参数错误:需要 user_name 和 tools_ids 数组" }); } // 优先使用请求体中的 token;若未提供则回退为该用户最新启用的 token let token = payloadToken; if (!token) { const tokenRows = await executeQuery( `SELECT token FROM tools_token WHERE user = ? AND status = 'enable' ORDER BY id DESC LIMIT 1`, [user_name] ); if (!tokenRows || tokenRows.length === 0) { return res.status(404).json({ error: "未找到启用的用户token" }); } token = tokenRows[0].token; } // 覆盖保存:先清空当前 token 下的旧设置 await executeQuery(`DELETE FROM tools_token_set WHERE token = ?`, [token]); // 若本次没有选择工具,则直接返回成功(代表清空) if (!tools_ids || tools_ids.length === 0) { return res.json({ success: true, message: "已清空工具设置", token, count: 0 }); } // 批量插入所选工具 for (const tools_id of tools_ids) { await executeQuery( `INSERT INTO tools_token_set (token, tools_id, create_time) VALUES (?, ?, NOW())`, [token, tools_id] ); } res.json({ success: true, message: "保存成功", token, count: tools_ids.length }); } catch (error) { console.error("Error saving tools token set:", error); res.status(500).json({ error: "Internal server error" }); } }); // 新增用户:name, password, is_admin,并生成 token = MD5(name+password) 大写32位 router.post("/add-user", async (req, res) => { try { const { name, password, is_admin } = req.body; if (!name || !password || typeof is_admin === "undefined") { return res.status(400).json({ error: "缺少必要参数:name、password、is_admin" }); } const raw = `${name}${password}`; const md5 = crypto.createHash("md5").update(raw).digest("hex").toUpperCase(); // 检查是否已存在同名用户 const existRows = await executeQuery(`SELECT id FROM user_info WHERE name = ? LIMIT 1`, [name]); if (existRows && existRows.length > 0) { return res.status(409).json({ error: "用户名已存在" }); } const insertSql = ` INSERT INTO user_info (status, name, is_admin, password, token, create_time) VALUES ('enable', ?, ?, ?, ?, NOW()) `; await executeQuery(insertSql, [name, Number(is_admin) ? 1 : 0, password, md5]); res.json({ success: true, token: md5 }); } catch (error) { console.error("Error adding user:", error); res.status(500).json({ error: "Internal server error" }); } }); module.exports = router;