请给我建议如何优化自定义模块中存在的代码。
下面是我可以看到和建议的模块代码。
var employee = {
all: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
// database query.
con.query("select * from employees limit 50", function (err, employees) {
if (err) throw err;
// console.log("Result: " + employees);
res.status(200).json(employees);
});
}
});
},
create: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
// validation array send in response.
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(422).json({
errors: errors.array()
});
}
// random employee number.
let employee_no = Math.floor(Math.random() * Math.floor(9000));
// simple insert query.
let sql = "INSERT INTO employees(emp_no, first_name, last_name, gender, birth_date, hire_date) VALUES('" + employee_no + "','" + req.body.first_name + "','" + req.body.last_name + "','" + req.body.gender + "','" + req.body.birth_date + "','" + req.body.hire_date + "')";
con.query(sql, function (err, result) {
if (err) throw err;
console.log('Record inserted Successfully!');
});
// send response with last inserted employee id.
res.status(200).send({
message: "Successfully added employee!",
last_employee_no: employee_no
});
}
});
},
delete: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
if (!req.body.employee_no) {
res.status(400).send({
message: "employee_no is required."
});
} else if (isNaN(req.body.employee_no)) {
res.status(400).send({
message: "employee_no must be a integer."
});
} else {
let employee_no = req.body.employee_no;
// delete record.
con.query("DELETE FROM employees where emp_no = '" + employee_no + "'")
res.status(200).send({
message: "Successfully deleted employee",
deleted_employee_no: employee_no
});
}
}
});
},
update: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
if (!req.body.employee_no) {
res.status(400).send({
message: "employee_no is required."
});
} else if (isNaN(req.body.employee_no)) {
res.status(400).send({
message: "employee_no must be a number."
})
} else if (!req.body.first_name) {
res.status(400).send({
message: "first_name is required."
});
} else if (!req.body.last_name) {
res.status(400).send({
message: "last_name is required."
});
} else if (!req.body.hire_date) {
res.status(400).send({
message: "hire_date is required."
});
} else if (!req.body.birth_date) {
res.status(400).send({
message: "birth_date is required."
});
} else if (!req.body.gender) {
res.status(400).send({
message: "gender is required."
});
} else {
let employee_no = req.body.employee_no;
let first_name = req.body.first_name;
let last_name = req.body.last_name;
let gender = req.body.gender;
let hire_date = req.body.hire_date;
let birth_date = req.body.birth_date;
let sql = "UPDATE employees set first_name = '" + first_name + "' , last_name = '" + last_name + "', gender = '" + gender + "', hire_date = '" + hire_date + "', birth_date = '" + birth_date + "' WHERE emp_no = '" + employee_no + "'";
console.log('the query ' + sql);
con.query(sql, function (err) {
if (err) throw err;
})
res.status(200).send({
message: "Successfuly updated employee record.",
updated_employee_no: employee_no
});
}
}
});
}
};
module.exports = employee;
在每个函数中,我需要添加 jwt.verify 进行验证?或者有没有其他方法可以做到这一点?
关于 Db 查询 我们像我一样在节点表达式中编写查询? 或者有没有其他正确的方法可以做到这一点?
此代码不可维护。 您应该为数据库查询创建存储库,它将返回每个部分所需的数据。对于自动搜索,您应该在进入员工控制器之前在 Express 中创建中间件来处理它。您不应该每次都重复这些检查行。
这是存储库的示例:区域存储库
对于控制器:用户控制器
身份验证和其他中间件:中间件
请保持简单,每个部分分开。也许我的代码有点混乱。我希望它会有所帮助
您可以创建一个验证中间件以在每个请求之前运行。这将节省您的代码重复。
像这样:
此代码未经测试*
//set verification middleware
function verifyJwt(req,res,nex) {
jwt.verify(req.token, 'novaturesol', (err) => {
err ? res.locals.verified = false : res.locals.verified = true;
next();
})
}
// use before routes
app.use(verifyJwt)
// check in your modulee functions
var employee = {
all: function (req, res) {
if (res.locals.varified) {
// database query.
con.query("select * from employees limit 50", function (err, employees) {
if (err) throw err;
// console.log("Result: " + employees);
res.status(200).json(employees);
});
}
},...
}