xuyue/teaching-design
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add admin password reset

Browse Source
This commit is contained in:
yuetsh
2026-06-16 06:40:55 -06:00
parent 502afffa02
commit 979a70439b
8 changed files with 168 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/routes/admin.ts
View File

@@ -1,9 +1,11 @@
import type { Database } from 'bun:sqlite'
import { Hono } from 'hono'
import { hashPassword } from '../auth'
import { createUser, deleteUser, listUsers } from '../db'
import { createUser, deleteRefreshTokensForUser, deleteUser, findUserById, listUsers, updateUserPasswordHash } from '../db'
import { bearerAuth, type AuthVariables } from '../middleware/bearerAuth'
const RESET_PASSWORD = '123456'
export function createAdminRouter(db: Database, jwtSecret: string) {
const app = new Hono<{ Variables: AuthVariables }>()
@@ -39,6 +41,18 @@ export function createAdminRouter(db: Database, jwtSecret: string) {
return c.json({ id: user.id, username: user.username, role: user.role, createdAt: user.createdAt })
})
app.post('/users/:id/reset-password', async (c) => {
const targetId = c.req.param('id')
if (!findUserById(db, targetId)) {
return c.json({ error: '用户不存在' }, 404)
}
const passwordHash = await hashPassword(RESET_PASSWORD)
updateUserPasswordHash(db, targetId, passwordHash)
deleteRefreshTokensForUser(db, targetId)
return c.json({ ok: true })
})
app.delete('/users/:id', (c) => {
const targetId = c.req.param('id')
if (targetId === c.get('userId')) {