feat: 添加微信授权登录和修改昵称功能

server/app/routers/user.py

@@ -6,10 +6,13 @@ from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy import select, update, func, text, delete
 from typing import Optional
 from pydantic import BaseModel
+import httpx
 
 from app.database import get_db
 from app.models.user import User, UserProgress, UserEnding, PlayRecord
 from app.models.story import Story
+from app.config import get_settings
+from app.utils.jwt_utils import create_token, get_current_user_id, get_optional_user_id
 
 router = APIRouter()
 
@@ -59,9 +62,28 @@ class PlayRecordRequest(BaseModel):
 @router.post("/login")
 async def login(request: LoginRequest, db: AsyncSession = Depends(get_db)):
     """微信登录"""
-    # 实际部署时需要调用微信API获取openid
-    # 这里简化处理：用code作为openid
-    openid = request.code
+    settings = get_settings()
+    
+    # 调用微信API获取openid
+    if settings.wx_appid and settings.wx_secret:
+        try:
+            url = f"https://api.weixin.qq.com/sns/jscode2session?appid={settings.wx_appid}&secret={settings.wx_secret}&js_code={request.code}&grant_type=authorization_code"
+            async with httpx.AsyncClient() as client:
+                resp = await client.get(url, timeout=10.0)
+                data = resp.json()
+                
+                if "errcode" in data and data["errcode"] != 0:
+                    # 微信API返回错误，使用code作为openid（开发模式）
+                    print(f"[Login] 微信API错误: {data}")
+                    openid = request.code
+                else:
+                    openid = data.get("openid", request.code)
+        except Exception as e:
+            print(f"[Login] 调用微信API失败: {e}")
+            openid = request.code
+    else:
+        # 未配置微信密钥，开发模式：用code作为openid
+        openid = request.code
     
     # 查找或创建用户
     result = await db.execute(select(User).where(User.openid == openid))
@@ -79,6 +101,55 @@ async def login(request: LoginRequest, db: AsyncSession = Depends(get_db)):
         await db.commit()
         await db.refresh(user)
     
+    # 生成 JWT Token
+    token = create_token(user.id, user.openid)
+    
+    return {
+        "code": 0,
+        "data": {
+            "userId": user.id,
+            "openid": user.openid,
+            "nickname": user.nickname,
+            "avatarUrl": user.avatar_url,
+            "gender": user.gender,
+            "total_play_count": user.total_play_count,
+            "total_endings": user.total_endings,
+            "token": token
+        }
+    }
+
+
+@router.post("/refresh-token")
+async def refresh_token(user_id: int = Depends(get_current_user_id), db: AsyncSession = Depends(get_db)):
+    """刷新 Token"""
+    # 查找用户
+    result = await db.execute(select(User).where(User.id == user_id))
+    user = result.scalar_one_or_none()
+    
+    if not user:
+        raise HTTPException(status_code=404, detail="用户不存在")
+    
+    # 生成新 Token
+    new_token = create_token(user.id, user.openid)
+    
+    return {
+        "code": 0,
+        "data": {
+            "token": new_token,
+            "userId": user.id
+        }
+    }
+
+
+@router.get("/me")
+async def get_current_user(user_id: int = Depends(get_current_user_id), db: AsyncSession = Depends(get_db)):
+    """获取当前用户信息（通过 Token 验证）"""
+    result = await db.execute(select(User).where(User.id == user_id))
+    user = result.scalar_one_or_none()
+    
+    if not user:
+        raise HTTPException(status_code=404, detail="用户不存在")
+    
     return {
         "code": 0,
         "data": {