✨ feat(users): 优化用户响应数据处理

- 创建UserResponseSchema并移除密码字段，增强数据安全性
- 使用parseWithAwait工具进行响应数据验证和转换
- 更新用户列表接口响应格式，统一使用UserListResponse处理
- 优化参数错误提示，返回具体的Zod验证错误信息

src/server/api/users/[id]/get.ts

@@ -5,7 +5,8 @@ import { authMiddleware } from '@/server/middleware/auth.middleware';
 import { ErrorSchema } from '@/server/utils/errorHandler';
 import { AppDataSource } from '@/server/data-source';
 import { AuthContext } from '@/server/types/context';
-import { UserSchema } from '@/server/modules/users/user.schema';
+import { UserResponseSchema } from '@/server/modules/users/user.schema';
+import { parseWithAwait } from '@/server/utils/parseWithAwait';
 
 const userService = new UserService(AppDataSource);
 
@@ -27,7 +28,7 @@ const routeDef = createRoute({
   responses: {
     200: {
       description: '成功获取用户详情',
-      content: { 'application/json': { schema: UserSchema } }
+      content: { 'application/json': { schema: UserResponseSchema } }
     },
     404: {
       description: '用户不存在',
@@ -47,7 +48,7 @@ const app = new OpenAPIHono<AuthContext>().openapi(routeDef, async (c) => {
     if (!user) {
       return c.json({ code: 404, message: '用户不存在' }, 404);
     }
-    return c.json(user, 200);
+    return c.json(await parseWithAwait(UserResponseSchema, user), 200);
   } catch (error) {
     return c.json({
       code: 500,

src/server/api/users/get.ts

@@ -5,7 +5,7 @@ import { authMiddleware } from '../../middleware/auth.middleware';
 import { ErrorSchema } from '../../utils/errorHandler';
 import { AppDataSource } from '../../data-source';
 import { AuthContext } from '../../types/context';
-import { UserListResponse, UserSchema } from '../../modules/users/user.schema';
+import { UserListResponse } from '../../modules/users/user.schema';
 import { parseWithAwait } from '@/server/utils/parseWithAwait';
 
 const userService = new UserService(AppDataSource);
@@ -69,17 +69,25 @@ const app = new OpenAPIHono<AuthContext>().openapi(listUsersRoute, async (c) =>
       keyword
     });
     
-    return c.json({
-      data: await parseWithAwait(z.array(UserSchema), users),
+    // return c.json({
+    //   data: await parseWithAwait(z.array(UserSchema), users),
+    //   pagination: {
+    //     total,
+    //     current: page,
+    //     pageSize
+    //   }
+    // }, 200);
+    return c.json(await parseWithAwait(UserListResponse, {
+      data: users,
       pagination: {
         total,
         current: page,
         pageSize
       }
-    }, 200);
+    }),200)
   } catch (error) {
     if (error instanceof z.ZodError) {
-      return c.json({ code: 400, message: '参数错误' }, 400);
+      return c.json({ code: 400, message: error.message }, 400);
     }
     return c.json({
       code: 500,

src/server/modules/users/user.schema.ts

@@ -154,7 +154,7 @@ export const UpdateUserDto = z.object({
 
 // 用户列表响应 schema
 export const UserListResponse = z.object({
-  data: z.array(UserSchema),
+  data: z.array(UserSchema.omit({ password: true })),
   pagination: z.object({
     total: z.number().openapi({
       example: 100,
@@ -170,6 +170,8 @@ export const UserListResponse = z.object({
     })
   })
 });
+// 单个用户查询响应 schema
+export const UserResponseSchema = UserSchema.omit({password:true})
 
 // 类型导出
 export type User = z.infer<typeof UserSchema>;