feat：简单添加管理员后台功能

src/business/admin/admin.controller.ts

@@ -0,0 +1,75 @@
+/**
+ * 管理员控制器
+ * 
+ * API端点：
+ * - POST /admin/auth/login                管理员登录
+ * - GET  /admin/users                     用户列表（需要管理员Token）
+ * - GET  /admin/users/:id                 用户详情（需要管理员Token）
+ * - POST /admin/users/:id/reset-password  重置指定用户密码（需要管理员Token）
+ * 
+ * @author jianuo
+ * @version 1.0.0
+ * @since 2025-12-19
+ */
+
+import { Body, Controller, Get, HttpCode, HttpStatus, Param, ParseIntPipe, Post, Query, UseGuards, ValidationPipe, UsePipes } from '@nestjs/common';
+import { ApiBearerAuth, ApiBody, ApiOperation, ApiParam, ApiQuery, ApiResponse, ApiTags } from '@nestjs/swagger';
+import { AdminGuard } from '../../core/guards/admin.guard';
+import { AdminService } from './admin.service';
+import { AdminLoginDto, AdminResetPasswordDto } from '../../dto/admin.dto';
+import { AdminLoginResponseDto, AdminUsersResponseDto, AdminCommonResponseDto, AdminUserResponseDto } from '../../dto/admin_response.dto';
+
+@ApiTags('admin')
+@Controller('admin')
+export class AdminController {
+  constructor(private readonly adminService: AdminService) {}
+
+  @ApiOperation({ summary: '管理员登录', description: '仅允许 role=9 的账户登录后台' })
+  @ApiBody({ type: AdminLoginDto })
+  @ApiResponse({ status: 200, description: '登录成功', type: AdminLoginResponseDto })
+  @Post('auth/login')
+  @HttpCode(HttpStatus.OK)
+  @UsePipes(new ValidationPipe({ transform: true }))
+  async login(@Body() dto: AdminLoginDto) {
+    return await this.adminService.login(dto.identifier, dto.password);
+  }
+
+  @ApiBearerAuth('JWT-auth')
+  @ApiOperation({ summary: '获取用户列表', description: '后台用户管理：分页获取用户列表' })
+  @ApiQuery({ name: 'limit', required: false, description: '返回数量（默认100）' })
+  @ApiQuery({ name: 'offset', required: false, description: '偏移量（默认0）' })
+  @ApiResponse({ status: 200, description: '获取成功', type: AdminUsersResponseDto })
+  @UseGuards(AdminGuard)
+  @Get('users')
+  async listUsers(
+    @Query('limit') limit?: string,
+    @Query('offset') offset?: string,
+  ) {
+    const parsedLimit = limit ? Number(limit) : 100;
+    const parsedOffset = offset ? Number(offset) : 0;
+    return await this.adminService.listUsers(parsedLimit, parsedOffset);
+  }
+
+  @ApiBearerAuth('JWT-auth')
+  @ApiOperation({ summary: '获取用户详情' })
+  @ApiParam({ name: 'id', description: '用户ID' })
+  @ApiResponse({ status: 200, description: '获取成功', type: AdminUserResponseDto })
+  @UseGuards(AdminGuard)
+  @Get('users/:id')
+  async getUser(@Param('id') id: string) {
+    return await this.adminService.getUser(BigInt(id));
+  }
+
+  @ApiBearerAuth('JWT-auth')
+  @ApiOperation({ summary: '重置用户密码', description: '管理员直接为用户设置新密码（需满足密码强度规则）' })
+  @ApiParam({ name: 'id', description: '用户ID' })
+  @ApiBody({ type: AdminResetPasswordDto })
+  @ApiResponse({ status: 200, description: '重置成功', type: AdminCommonResponseDto })
+  @UseGuards(AdminGuard)
+  @Post('users/:id/reset-password')
+  @HttpCode(HttpStatus.OK)
+  @UsePipes(new ValidationPipe({ transform: true }))
+  async resetPassword(@Param('id') id: string, @Body() dto: AdminResetPasswordDto) {
+    return await this.adminService.resetPassword(BigInt(id), dto.new_password);
+  }
+}