fix(server): 修复一个tsoa的问题，见issue

https://github.com/lukeautry/tsoa/issues/1090

packages/server/package.json

@@ -4,7 +4,7 @@
   "description": "",
   "main": "index.js",
   "scripts": {
-    "build": "tsoa spec-and-routes && tsc && tsc-alias",
+    "build": "tsoa -c tsoaConfig.json spec-and-routes && tsc && tsc-alias",
     "serve": "node ./build/index.js",
     "start": "nodemon"
   },
@@ -19,7 +19,7 @@
     "nocache": "^4.0.0",
     "sequelize": "^6.37.7",
     "sqlite3": "^5.1.7",
-    "tsoa": "^5.0.0",
+    "tsoa": "^6.6.0",
     "swagger-ui-express": "^5.0.0"
   },
   "devDependencies": {

packages/server/src/controllers/GroupController.ts

@@ -0,0 +1,68 @@
+import {Controller, Get, Route, Response, Tags, Request, Security} from 'tsoa';
+import {ApiError, ApiResponse} from '../types/api';
+import type {Request as ExpressRequest} from 'express';
+import axios from "axios";
+import type {UserInfo} from "../types/user";
+
+export const getGroupUsers = async (groupId: number, token: string): Promise<UserInfo[]> => {
+  try {
+    const response = await axios.post<ApiResponse<UserInfo[]>>(
+      "https://egret.byteawake.com/api/group/members",
+      {groupId},
+      {
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+        timeout: 10000, // 10 second timeout
+      }
+    );
+
+    if (response.data.code !== 200) {
+      throw new Error(`Failed to get group users: ${response.data.message}`);
+    }
+
+    return response.data.data ?? [];
+  } catch (error: any) {
+    if (error.response) {
+      // API returned error response
+      throw new Error(`Failed to get user information: ${error.response.status} ${error.response.statusText}`);
+    } else if (error.request) {
+      // Request was sent but no response received
+      throw new Error("Failed to get user information: timeout or network error");
+    } else {
+      // Other errors
+      throw new Error(`Failed to get user information: ${error.message}`);
+    }
+  }
+};
+
+@Route('api/group')
+@Tags('Chat Group')
+export class GroupController extends Controller {
+  /**
+   * 获取当前聊天群组的全部用户信息
+   * @summary 获取当前聊天群组的全部用户信息
+   * @description 获取当前聊天群组的全部用户信息
+   */
+  @Get('/users')
+  @Security("jwt")
+  @Response<ApiResponse<UserInfo[]>>(200, 'Success')
+  @Response<ApiResponse<null>>(400, 'Bad Request')
+  @Response<ApiResponse<null>>(401, 'Unauthorized')
+  public async getGroupUsers(@Request() req: ExpressRequest): Promise<ApiResponse<UserInfo[]>> {
+    const user = req.user;
+    const groupId = req.headers.groupid;
+
+    if (!groupId) {
+      throw new ApiError(400, 'groupId is required in headers');
+    }
+
+    const users = await getGroupUsers(Number(groupId), user.token);
+
+    return {
+      code: 200,
+      message: 'success',
+      data: users,
+    };
+  }
+}

packages/server/src/controllers/TestController.ts

@@ -1,5 +1,5 @@
 import { Controller, Get, Route, Response, Tags } from 'tsoa';
-import { ApiResponse } from '../types/api';
+import type { ApiResponse } from '../types/api';
 
 @Route('api')
 @Tags('Test')
@@ -13,6 +13,7 @@ export class TestController extends Controller {
   @Response<ApiResponse>(200, 'Success')
   public async getTest(): Promise<ApiResponse> {
     return {
+      code: 200,
       message: 'success',
       data: null,
     };

packages/server/src/controllers/UserController.ts

@@ -0,0 +1,26 @@
+import {Controller, Get, Route, Response, Tags, Middlewares, Request, Security} from 'tsoa';
+import type { ApiResponse } from '../types/api';
+import type { Request as ExpressRequest } from 'express';
+import type {UserInfo} from "../types/user";
+
+
+@Route('api/user')
+@Tags('User')
+export class UserController extends Controller {
+  /**
+   * 获取当前用户的信息
+   * @summary 获取当前用户的信息
+   * @description 获取当前用户的信息
+   */
+  @Get('/info')
+  @Security('jwt')
+  @Response<ApiResponse<UserInfo>>(200, 'Success')
+  @Response(401, 'Unauthorized')
+  public async getUserGroupInfo(@Request() req: ExpressRequest): Promise<ApiResponse<UserInfo>> {
+    return {
+      code: 200,
+      message: 'success',
+      data: req.user
+    };
+  }
+}

packages/server/src/controllers/UserGroupController.ts

@@ -1,30 +0,0 @@
-import { Controller, Get, Route, Response, Tags, Middlewares, Request } from 'tsoa';
-import { ApiResponse, UserGroupInfo } from '../types/api';
-import { userInfoMiddleware, groupInfoMiddleware } from '../middleware/auth';
-import type { Request as ExpressRequest } from 'express';
-
-@Route('api')
-@Tags('User Group')
-export class UserGroupController extends Controller {
-  /**
-   * 获取用户群组信息
-   * @summary 获取用户群组信息
-   * @description 获取当前用户的个人信息和所在群组的所有用户信息
-   */
-  @Get('/user-group/info')
-  @Middlewares([userInfoMiddleware, groupInfoMiddleware])
-  @Response<ApiResponse<UserGroupInfo>>(200, 'Success')
-  @Response(401, 'Unauthorized')
-  public async getUserGroupInfo(@Request() req: ExpressRequest): Promise<ApiResponse<UserGroupInfo>> {
-    const userInfo = req.userInfo;
-    const groupInfo = req.groupInfo;
-
-    return {
-      message: 'success',
-      data: {
-        user: userInfo || null,
-        group: groupInfo || null
-      }
-    };
-  }
-}

packages/server/src/index.ts

@@ -8,8 +8,9 @@ import path from "path";
 dotenv.config({ path: path.resolve(__dirname, "../../../.env") });
 
 import "./database";
-import { sequelize } from "@/database/instance";
-import { RegisterTsoaRoutes } from "./middleware/tsoa.middleware";
+import { sequelize } from "./database/instance";
+import {errorHandler} from "./middleware/errorHandler";
+import { RegisterRoutes } from "./routes/routes"; // tsoa 生成的
 
 const port = process.env.PORT || 3005;
 
@@ -19,11 +20,12 @@ app.use(nocache());
 app.use(cors());
 app.use(express.json({ limit: "100mb" }));
 app.use(compression());
-
 app.use(express.static(path.resolve(__dirname, "client")));
 
 // Register tsoa routes
-RegisterTsoaRoutes(app);
+RegisterRoutes(app);
+
+app.use(errorHandler);
 
 
 const host = "0.0.0.0";

packages/server/src/middleware/auth.ts

@@ -1,27 +1,25 @@
-import {Request, Response, NextFunction} from "express";
+import {Request} from "express";
 import axios from "axios";
+import {ApiError, ApiResponse} from "../types/api";
+import type {UserInfo} from "../types/user";
 
-export type UserInfo = {
-  userId: number;
-  nickname: string;
-  avatarUrl: string;
-  gender: 'MALE' | 'FEMALE' | 'UNKNOWN';
-  nimToken: string; // NetEase Cloud Communication token
-  nimAccountId: string; // NetEase Cloud Communication account ID
-  createdAt: string;
-  updatedAt: string;
-}
+export async function expressAuthentication(
+  request: Request,
+  securityName: string,
+  scopes?: string[]
+): Promise<any> {
+  if (securityName === "jwt") {
+    const authHeader = request.headers.authorization;
+    const token = extractTokenFromHeader(authHeader);
 
-declare global {
-  namespace Express {
-    interface Request {
-      userInfo?: UserInfo | null;
-      groupInfo?: {
-        groupId: number;
-        users: UserInfo[];
-      } | null;
+    if (!token) {
+     throw new ApiError(401, "Unauthorized");
     }
+
+    // 返回的对象会挂到 request.user 上
+    return await getUserInfoByToken(token);
   }
+  throw new ApiError(401, "Unsupported security scheme");
 }
 
 /**
@@ -43,9 +41,9 @@ export const extractTokenFromHeader = (authHeader: string | undefined): string |
 /**
  * Get user information by token
  */
-export const getUserInfoByToken = async (token: string): Promise<any> => {
+export const getUserInfoByToken = async (token: string): Promise<UserInfo> => {
   try {
-    const response = await axios.post(
+    const response = await axios.post<ApiResponse<Omit<UserInfo, 'token'>>>(
       "https://egret.byteawake.com/api/user/info",
       {}, // 请求体数据，这里为空对象
       {
@@ -56,74 +54,11 @@ export const getUserInfoByToken = async (token: string): Promise<any> => {
       }
     );
 
-    return response.data;
-  } catch (error: any) {
-    if (error.response) {
-      // API returned error response
-      throw new Error(`Failed to get user information: ${error.response.status} ${error.response.statusText}`);
-    } else if (error.request) {
-      // Request was sent but no response received
-      throw new Error("Failed to get user information: timeout or network error");
-    } else {
-      // Other errors
-      throw new Error(`Failed to get user information: ${error.message}`);
-    }
-  }
-};
-
-/**
- * User information middleware
- * Automatically extract token from request header and get user information, store result in req.userInfo
- */
-export const userInfoMiddleware = async (
-  req: Request,
-  res: Response,
-  next: NextFunction
-): Promise<void> => {
-  try {
-    const authHeader = req.headers.authorization;
-    const token = extractTokenFromHeader(authHeader);
-
-    if (!token) {
-      res.status(401).json({
-        error: "No valid access token provided",
-        message: "Missing Bearer token in Authorization header",
-      });
-      return;
+    if (response.data.code !== 200 || !response.data.data) {
+      throw new Error(`Failed to get user information: ${response.data.message}`);
     }
 
-    // Get user information
-    const userInfoRes = await getUserInfoByToken(token);
-    req.userInfo = userInfoRes.code === 200 ? userInfoRes.data : null;
-
-    next();
-  } catch (error: any) {
-    res.status(401).json({
-      error: "User authentication failed",
-      message: error.message,
-    });
-  }
-};
-
-//////// group
-
-/**
- * Get group users
- */
-export const getGroupUsers = async (groupId: number, token: string): Promise<any> => {
-  try {
-    const response = await axios.post<UserInfo[]>(
-      "https://egret.byteawake.com/api/group/members",
-      {groupId},
-      {
-        headers: {
-          Authorization: `Bearer ${token}`,
-        },
-        timeout: 10000, // 10 second timeout
-      }
-    );
-
-    return response.data;
+    return {...response.data.data, token};
   } catch (error: any) {
     if (error.response) {
       // API returned error response
@@ -139,40 +74,4 @@ export const getGroupUsers = async (groupId: number, token: string): Promise<any
 };
 
 
-/**
- * group information middleware
- */
-export const groupInfoMiddleware = async (
-  req: Request,
-  res: Response,
-  next: NextFunction
-): Promise<void> => {
-  try {
-    const authHeader = req.headers.authorization;
-    const token = extractTokenFromHeader(authHeader);
-    const groupId = req.headers.groupid;
-
-    if (token && groupId) {
-      try {
-        const usersRes = await getGroupUsers(Number(groupId), token);
-        const users: UserInfo[] = usersRes.code === 200 ? usersRes.data : [];
-        req.groupInfo = {
-          groupId: Number(groupId),
-          users,
-        }
-      } catch (error) {
-        // If getting user information fails, do not block the request from continuing, but do not set userInfo
-        console.warn("Failed to get group user information:", error);
-      }
-    }
-
-    next();
-  } catch (error: any) {
-    res.status(400).json({
-      error: "Get Group Users failed",
-      message: error.message,
-    });
-  }
-};
-
 

packages/server/src/middleware/errorHandler.ts

@@ -0,0 +1,17 @@
+import {Request, Response, NextFunction} from "express";
+import {ApiError} from "../types/api";
+
+export function errorHandler(err: any, req: Request, res: Response, next: NextFunction) {
+  console.error(err);
+
+  if (err instanceof ApiError) {
+    return res.status(err.status).json({code: err.status, message: err.message, data: null});
+  }
+
+  // tsoa 内部生成的验证错误
+  if (err.status && err.status >= 400) {
+    return res.status(err.status).json({ message: err.message });
+  }
+
+  res.status(500).json({ message: 'Internal Server Error' });
+}

packages/server/src/types/api.ts

@@ -1,14 +1,14 @@
-import { UserInfo } from '../middleware/auth';
-
 export interface ApiResponse<T = any> {
+  code: number;
   message: string;
   data: T | null;
 }
 
-export interface UserGroupInfo {
-  user: UserInfo | null;
-  group: {
-    groupId: number;
-    users: UserInfo[];
-  } | null;
-}
+export class ApiError extends Error {
+  status: number;
+  constructor(status: number, message: string) {
+    super(message);
+    this.status = status;
+    Object.setPrototypeOf(this, ApiError.prototype);
+  }
+}

packages/server/src/types/express.ts

@@ -0,0 +1,9 @@
+import {UserInfo} from "./user";
+
+declare global {
+  namespace Express {
+    interface Request {
+      user: UserInfo;
+    }
+  }
+}

packages/server/src/types/user.ts

@@ -0,0 +1,11 @@
+export interface UserInfo {
+  userId: number;
+  nickname: string;
+  avatarUrl: string;
+  gender: 'MALE' | 'FEMALE' | 'UNKNOWN';
+  nimToken: string; // NetEase Cloud Communication token
+  nimAccountId: string; // NetEase Cloud Communication account ID
+  createdAt: string;
+  updatedAt: string;
+  token: string; // Authentication token
+}

packages/server/tsconfig.json

@@ -6,9 +6,6 @@
     "module": "node16",
     "moduleResolution": "node16",
     "baseUrl": ".",
-    "paths": {
-      "@/*": ["src/*"]
-    },
     "outDir": "./build",
     "experimentalDecorators": true,
     "emitDecoratorMetadata": true,

packages/server/tsoaConfig.json

@@ -1,7 +1,7 @@
 {
   "entryFile": "src/index.ts",
   "noImplicitAdditionalProperties": "throw-on-extras",
-  "controllerPathGlobs": ["src/controllers/**/*Controller.ts"],
+  "controllerPathGlobs": ["src/controllers/**/*Controller.ts", "src/types/**/*.ts"],
   "spec": {
     "outputDirectory": "build",
     "specVersion": 3,
@@ -13,6 +13,7 @@
     "host": "localhost:3005"
   },
   "routes": {
-    "routesDir": "src/routes"
+    "routesDir": "src/routes",
+    "authenticationModule": "src/middleware/auth.ts"
   }
 }