65 lines
1.8 KiB
JavaScript
65 lines
1.8 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const db = require('../utils/db');
|
|
const auth = require('../middleware/auth');
|
|
const checkPermission = require('../middleware/checkPermission');
|
|
const { broadcastNewMessage } = require('../websocket');
|
|
|
|
// 提交留言
|
|
router.post('/', async (req, res) => {
|
|
try {
|
|
const { name, email, message } = req.body;
|
|
|
|
const [result] = await db.query(
|
|
'INSERT INTO messages (name, email, content) VALUES (?, ?, ?)',
|
|
[name, email, message]
|
|
);
|
|
|
|
// 获取新插入的消息详情
|
|
const [newMessage] = await db.query(
|
|
'SELECT * FROM messages WHERE id = ?',
|
|
[result.insertId]
|
|
);
|
|
|
|
// 广播新消息通知
|
|
broadcastNewMessage(newMessage[0]);
|
|
|
|
res.status(201).json({ message: '留言提交成功' });
|
|
} catch (error) {
|
|
res.status(500).json({ message: error.message });
|
|
}
|
|
});
|
|
|
|
// 获取留言列表(需要管理员权限)
|
|
router.get('/', auth, checkPermission('message:manage'), async (req, res) => {
|
|
try {
|
|
const [messages] = await db.query(`
|
|
SELECT m.*, a.username as reader_name
|
|
FROM messages m
|
|
LEFT JOIN admins a ON m.read_by = a.id
|
|
ORDER BY m.created_at DESC
|
|
`);
|
|
res.json(messages);
|
|
} catch (error) {
|
|
res.status(500).json({ message: error.message });
|
|
}
|
|
});
|
|
|
|
// 标记留言为已读
|
|
router.put('/:id/read', auth, checkPermission('message:manage'), async (req, res) => {
|
|
try {
|
|
await db.query(
|
|
`UPDATE messages
|
|
SET status = 'read',
|
|
read_by = ?,
|
|
read_at = CURRENT_TIMESTAMP
|
|
WHERE id = ?`,
|
|
[req.admin.id, req.params.id]
|
|
);
|
|
res.json({ message: '标记成功' });
|
|
} catch (error) {
|
|
res.status(500).json({ message: error.message });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|