请给我有关如何优化自定义模块中存在的代码的建议。
下面是您可以看到和建议的我的模块代码。
var employee = {
all: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
// database query.
con.query("select * from employees limit 50", function (err, employees) {
if (err) throw err;
// console.log("Result: " + employees);
res.status(200).json(employees);
});
}
});
},
create: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
// validation array send in response.
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(422).json({
errors: errors.array()
});
}
// random employee number.
let employee_no = Math.floor(Math.random() * Math.floor(9000));
// simple insert query.
let sql = "INSERT INTO employees(emp_no, first_name, last_name, gender, birth_date, hire_date) VALUES('" + employee_no + "','" + req.body.first_name + "','" + req.body.last_name + "','" + req.body.gender + "','" + req.body.birth_date + "','" + req.body.hire_date + "')";
con.query(sql, function (err, result) {
if (err) throw err;
console.log('Record inserted Successfully!');
});
// send response with last inserted employee id.
res.status(200).send({
message: "Successfully added employee!",
last_employee_no: employee_no
});
}
});
},
delete: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
if (!req.body.employee_no) {
res.status(400).send({
message: "employee_no is required."
});
} else if (isNaN(req.body.employee_no)) {
res.status(400).send({
message: "employee_no must be a integer."
});
} else {
let employee_no = req.body.employee_no;
// delete record.
con.query("DELETE FROM employees where emp_no = '" + employee_no + "'")
res.status(200).send({
message: "Successfully deleted employee",
deleted_employee_no: employee_no
});
}
}
});
},
update: function (req, res) {
jwt.verify(req.token, 'novaturesol', (err) => {
if (err) {
res.status(400).send("Forbidden or tokken is expired!");
} else {
if (!req.body.employee_no) {
res.status(400).send({
message: "employee_no is required."
});
} else if (isNaN(req.body.employee_no)) {
res.status(400).send({
message: "employee_no must be a number."
})
} else if (!req.body.first_name) {
res.status(400).send({
message: "first_name is required."
});
} else if (!req.body.last_name) {
res.status(400).send({
message: "last_name is required."
});
} else if (!req.body.hire_date) {
res.status(400).send({
message: "hire_date is required."
});
} else if (!req.body.birth_date) {
res.status(400).send({
message: "birth_date is required."
});
} else if (!req.body.gender) {
res.status(400).send({
message: "gender is required."
});
} else {
let employee_no = req.body.employee_no;
let first_name = req.body.first_name;
let last_name = req.body.last_name;
let gender = req.body.gender;
let hire_date = req.body.hire_date;
let birth_date = req.body.birth_date;
let sql = "UPDATE employees set first_name = '" + first_name + "' , last_name = '" + last_name + "', gender = '" + gender + "', hire_date = '" + hire_date + "', birth_date = '" + birth_date + "' WHERE emp_no = '" + employee_no + "'";
console.log('the query ' + sql);
con.query(sql, function (err) {
if (err) throw err;
})
res.status(200).send({
message: "Successfuly updated employee record.",
updated_employee_no: employee_no
});
}
}
});
}
};
module.exports = employee;
在每个函数中,我需要添加jwt.verify进行验证? 还是有其他替代方法?
关于Db查询我们像以前一样在节点表示中编写查询吗?还是有其他适当的方法可以做到这一点?
答案 0 :(得分:2)
此代码不可维护。您应该为数据库查询创建存储库,该存储库将返回每个部分所需的数据。并且为了进行身份验证,您应该在进入员工控制器之前以快递方式创建中间件来处理该中间件。您不应每次都重复这些检查行。
这是存储库的样本: areaRepository
对于控制器: userController
身份验证和其他中间件: middlewares
请保持简洁,每个部分分开。也许我的代码有些混乱。希望对您有帮助
答案 1 :(得分:0)
您可以创建一个验证中间件以在每个请求之前运行。 这样可以节省代码重复。
此代码未经测试*
//set verification middleware
function verifyJwt(req,res,nex) {
jwt.verify(req.token, 'novaturesol', (err) => {
err ? res.locals.verified = false : res.locals.verified = true;
next();
})
}
// use before routes
app.use(verifyJwt)
// check in your modulee functions
var employee = {
all: function (req, res) {
if (res.locals.varified) {
// database query.
con.query("select * from employees limit 50", function (err, employees) {
if (err) throw err;
// console.log("Result: " + employees);
res.status(200).json(employees);
});
}
},...
}