整合資料庫、完成登入註冊忘記密碼功能

2025-09-09 12:00:22 +08:00
parent af88c0f037
commit 32b19e9a0f
85 changed files with 11672 additions and 2350 deletions
--- a/app/admin/scoring-form-test/page.tsx
+++ b/app/admin/scoring-form-test/page.tsx
@@ -0,0 +1,195 @@
+"use client"
+
+import { useState } from "react"
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card"
+import { Button } from "@/components/ui/button"
+import { Label } from "@/components/ui/label"
+import { Textarea } from "@/components/ui/textarea"
+import { Dialog, DialogContent, DialogDescription, DialogHeader, DialogTitle } from "@/components/ui/dialog"
+import { CheckCircle, Edit, Loader2 } from "lucide-react"
+
+export default function ScoringFormTestPage() {
+  const [showScoringForm, setShowScoringForm] = useState(false)
+  const [manualScoring, setManualScoring] = useState({
+    judgeId: "judge1", 
+    participantId: "app1", 
+    scores: {
+      "創新性": 0,
+      "技術性": 0,
+      "實用性": 0,
+      "展示效果": 0,
+      "影響力": 0
+    }, 
+    comments: ""
+  })
+  const [isLoading, setIsLoading] = useState(false)
+
+  const scoringRules = [
+    { name: "創新性", description: "技術創新程度和獨特性", weight: 25 },
+    { name: "技術性", description: "技術實現的複雜度和穩定性", weight: 20 },
+    { name: "實用性", description: "實際應用價值和用戶體驗", weight: 25 },
+    { name: "展示效果", description: "演示效果和表達能力", weight: 15 },
+    { name: "影響力", description: "對行業和社會的潛在影響", weight: 15 }
+  ]
+
+  const calculateTotalScore = (scores: Record<string, number>): number => {
+    let totalScore = 0
+    let totalWeight = 0
+    
+    scoringRules.forEach(rule => {
+      const score = scores[rule.name] || 0
+      const weight = rule.weight || 1
+      totalScore += score * weight
+      totalWeight += weight
+    })
+    
+    return totalWeight > 0 ? Math.round(totalScore / totalWeight) : 0
+  }
+
+  const handleSubmitScore = async () => {
+    setIsLoading(true)
+    // 模擬提交
+    setTimeout(() => {
+      setIsLoading(false)
+      setShowScoringForm(false)
+    }, 2000)
+  }
+
+  return (
+    <div className="container mx-auto py-6">
+      <div className="mb-6">
+        <h1 className="text-3xl font-bold">評分表單測試</h1>
+        <p className="text-gray-600">測試完整的評分表單功能</p>
+      </div>
+
+      <Card>
+        <CardHeader>
+          <CardTitle>評分表單演示</CardTitle>
+          <CardDescription>點擊按鈕查看完整的評分表單</CardDescription>
+        </CardHeader>
+        <CardContent>
+          <Button onClick={() => setShowScoringForm(true)} size="lg">
+            <Edit className="w-5 h-5 mr-2" />
+            開啟評分表單
+          </Button>
+        </CardContent>
+      </Card>
+
+      <Dialog open={showScoringForm} onOpenChange={setShowScoringForm}>
+        <DialogContent className="max-w-4xl max-h-[90vh] overflow-y-auto">
+          <DialogHeader>
+            <DialogTitle className="flex items-center space-x-2">
+              <Edit className="w-5 h-5" />
+              <span>評分表單</span>
+            </DialogTitle>
+            <DialogDescription>
+              為參賽者進行評分，請根據各項指標進行評分
+            </DialogDescription>
+          </DialogHeader>
+
+          <div className="space-y-6">
+            {/* 評分項目 */}
+            <div className="space-y-4">
+              <h3 className="text-lg font-semibold">評分項目</h3>
+              {scoringRules.map((rule, index) => (
+                <div key={index} className="space-y-4 p-6 border rounded-lg bg-white shadow-sm">
+                  <div className="flex justify-between items-start">
+                    <div className="flex-1">
+                      <Label className="text-lg font-semibold text-gray-900">{rule.name}</Label>
+                      <p className="text-sm text-gray-600 mt-2 leading-relaxed">{rule.description}</p>
+                      <p className="text-xs text-purple-600 mt-2 font-medium">權重：{rule.weight}%</p>
+                    </div>
+                    <div className="text-right ml-4">
+                      <span className="text-2xl font-bold text-blue-600">
+                        {manualScoring.scores[rule.name] || 0} / 10
+                      </span>
+                    </div>
+                  </div>
+                  
+                  {/* 評分按鈕 */}
+                  <div className="flex flex-wrap gap-3">
+                    {Array.from({ length: 10 }, (_, i) => i + 1).map((score) => (
+                      <button
+                        key={score}
+                        type="button"
+                        onClick={() => setManualScoring({
+                          ...manualScoring,
+                          scores: { ...manualScoring.scores, [rule.name]: score }
+                        })}
+                        className={`w-12 h-12 rounded-lg border-2 font-semibold text-lg transition-all duration-200 ${
+                          (manualScoring.scores[rule.name] || 0) === score
+                            ? 'bg-blue-600 text-white border-blue-600 shadow-lg scale-105'
+                            : 'bg-white text-gray-700 border-gray-300 hover:border-blue-400 hover:bg-blue-50 hover:scale-105'
+                        }`}
+                      >
+                        {score}
+                      </button>
+                    ))}
+                  </div>
+                </div>
+              ))}
+            </div>
+
+            {/* 總分顯示 */}
+            <div className="p-6 bg-gradient-to-r from-blue-50 to-purple-50 rounded-lg border-2 border-blue-200">
+              <div className="flex justify-between items-center">
+                <div>
+                  <span className="text-xl font-bold text-gray-900">總分</span>
+                  <p className="text-sm text-gray-600 mt-1">根據權重計算的綜合評分</p>
+                </div>
+                <div className="flex items-center space-x-3">
+                  <span className="text-4xl font-bold text-blue-600">
+                    {calculateTotalScore(manualScoring.scores)}
+                  </span>
+                  <span className="text-xl text-gray-500 font-medium">/ 10</span>
+                </div>
+              </div>
+            </div>
+
+            {/* 評審意見 */}
+            <div className="space-y-3">
+              <Label className="text-lg font-semibold">評審意見 *</Label>
+              <Textarea
+                placeholder="請詳細填寫評審意見、優點分析、改進建議等..."
+                value={manualScoring.comments}
+                onChange={(e) => setManualScoring({ ...manualScoring, comments: e.target.value })}
+                rows={6}
+                className="min-h-[120px] resize-none"
+              />
+              <p className="text-xs text-gray-500">請提供具體的評審意見，包括項目的優點、不足之處和改進建議</p>
+            </div>
+          </div>
+
+          <div className="flex justify-end space-x-4 pt-6 border-t border-gray-200">
+            <Button 
+              variant="outline" 
+              size="lg"
+              onClick={() => setShowScoringForm(false)}
+              className="px-8"
+            >
+              取消
+            </Button>
+            <Button 
+              onClick={handleSubmitScore}
+              disabled={isLoading}
+              size="lg"
+              className="px-8 bg-blue-600 hover:bg-blue-700"
+            >
+              {isLoading ? (
+                <>
+                  <Loader2 className="w-5 h-5 mr-2 animate-spin" />
+                  提交中...
+                </>
+              ) : (
+                <>
+                  <CheckCircle className="w-5 h-5 mr-2" />
+                  提交評分
+                </>
+              )}
+            </Button>
+          </div>
+        </DialogContent>
+      </Dialog>
+    </div>
+  )
+} 
--- a/app/admin/scoring-test/page.tsx
+++ b/app/admin/scoring-test/page.tsx
@@ -0,0 +1,13 @@
+import { ScoringManagement } from "@/components/admin/scoring-management"
+
+export default function ScoringTestPage() {
+  return (
+    <div className="container mx-auto py-6">
+      <div className="mb-6">
+        <h1 className="text-3xl font-bold">評分管理測試</h1>
+        <p className="text-gray-600">測試動態評分項目功能</p>
+      </div>
+      <ScoringManagement />
+    </div>
+  )
+} 
--- a/app/api/admin/users/[id]/route.ts
+++ b/app/api/admin/users/[id]/route.ts
@@ -0,0 +1,103 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()
+
+export async function GET(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const user = await userService.findById(params.id)
+    
+    if (!user) {
+      return NextResponse.json(
+        { error: '用戶不存在' },
+        { status: 404 }
+      )
+    }
+
+    // 獲取用戶統計
+    const stats = await userService.getUserStatistics(params.id)
+
+    return NextResponse.json({
+      success: true,
+      data: {
+        user,
+        stats
+      }
+    })
+
+  } catch (error) {
+    console.error('獲取用戶詳情錯誤:', error)
+    return NextResponse.json(
+      { error: '獲取用戶詳情時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function PUT(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const updates = await request.json()
+    
+    // 移除不允許更新的欄位
+    delete updates.id
+    delete updates.created_at
+    delete updates.password_hash
+
+    const updatedUser = await userService.update(params.id, updates)
+    
+    if (!updatedUser) {
+      return NextResponse.json(
+        { error: '用戶不存在或更新失敗' },
+        { status: 404 }
+      )
+    }
+
+    return NextResponse.json({
+      success: true,
+      message: '用戶資料已更新',
+      data: updatedUser
+    })
+
+  } catch (error) {
+    console.error('更新用戶錯誤:', error)
+    return NextResponse.json(
+      { error: '更新用戶時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function DELETE(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    // 軟刪除：將 is_active 設為 false
+    const result = await userService.update(params.id, { is_active: false })
+    
+    if (!result) {
+      return NextResponse.json(
+        { error: '用戶不存在或刪除失敗' },
+        { status: 404 }
+      )
+    }
+
+    return NextResponse.json({
+      success: true,
+      message: '用戶已刪除'
+    })
+
+  } catch (error) {
+    console.error('刪除用戶錯誤:', error)
+    return NextResponse.json(
+      { error: '刪除用戶時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/api/admin/users/route.ts
+++ b/app/api/admin/users/route.ts
@@ -0,0 +1,134 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url)
+    const page = parseInt(searchParams.get('page') || '1')
+    const limit = parseInt(searchParams.get('limit') || '10')
+    const search = searchParams.get('search') || ''
+    const department = searchParams.get('department') || ''
+    const role = searchParams.get('role') || ''
+    const status = searchParams.get('status') || ''
+
+    // 構建查詢條件
+    let whereConditions = ['is_active = TRUE']
+    let params: any[] = []
+
+    if (search) {
+      whereConditions.push('(name LIKE ? OR email LIKE ?)')
+      params.push(`%${search}%`, `%${search}%`)
+    }
+
+    if (department && department !== 'all') {
+      whereConditions.push('department = ?')
+      params.push(department)
+    }
+
+    if (role && role !== 'all') {
+      whereConditions.push('role = ?')
+      params.push(role)
+    }
+
+    if (status && status !== 'all') {
+      if (status === 'active') {
+        whereConditions.push('last_login IS NOT NULL AND last_login >= DATE_SUB(NOW(), INTERVAL 30 DAY)')
+      } else if (status === 'inactive') {
+        whereConditions.push('last_login IS NULL OR last_login < DATE_SUB(NOW(), INTERVAL 30 DAY)')
+      }
+    }
+
+    const whereClause = whereConditions.length > 0 ? `WHERE ${whereConditions.join(' AND ')}` : ''
+
+    // 使用 UserService 的方法
+    const { users, total } = await userService.findAll({
+      search,
+      department,
+      role,
+      status,
+      page,
+      limit
+    })
+
+    const stats = await userService.getUserStats()
+
+    return NextResponse.json({
+      success: true,
+      data: {
+        users,
+        pagination: {
+          page,
+          limit,
+          total,
+          totalPages: Math.ceil(total / limit)
+        },
+        stats: {
+          totalUsers: stats?.total_users || 0,
+          activeUsers: stats?.active_users || 0,
+          adminCount: stats?.admin_count || 0,
+          developerCount: stats?.developer_count || 0,
+          inactiveUsers: stats?.inactive_users || 0,
+          newThisMonth: stats?.new_this_month || 0
+        }
+      }
+    })
+
+  } catch (error) {
+    console.error('獲取用戶列表錯誤:', error)
+    return NextResponse.json(
+      { error: '獲取用戶列表時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email, role } = await request.json()
+
+    if (!email || !role) {
+      return NextResponse.json(
+        { error: '請提供電子郵件和角色' },
+        { status: 400 }
+      )
+    }
+
+    // 檢查郵箱是否已存在
+    const existingUser = await userService.findByEmail(email)
+    if (existingUser) {
+      return NextResponse.json(
+        { error: '該電子郵件地址已被使用' },
+        { status: 400 }
+      )
+    }
+
+    // 生成邀請 token
+    const { v4: uuidv4 } = require('uuid')
+    const invitationToken = uuidv4()
+
+    // 創建邀請記錄（這裡可以存儲到邀請表或臨時表）
+    // 暫時返回邀請連結
+    const baseUrl = process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+    const invitationLink = `${baseUrl}/register?token=${invitationToken}&email=${encodeURIComponent(email)}&role=${encodeURIComponent(role)}`
+
+    return NextResponse.json({
+      success: true,
+      message: '用戶邀請已創建',
+      data: {
+        invitationLink,
+        token: invitationToken,
+        email,
+        role
+      }
+    })
+
+  } catch (error) {
+    console.error('創建用戶邀請錯誤:', error)
+    return NextResponse.json(
+      { error: '創建用戶邀請時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/api/auth/forgot-password/route.ts
+++ b/app/api/auth/forgot-password/route.ts
@@ -0,0 +1,52 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { UserService } from '@/lib/services/database-service'
+import { PasswordResetService } from '@/lib/services/password-reset-service'
+import { v4 as uuidv4 } from 'uuid'
+
+const userService = new UserService()
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email } = await request.json()
+
+    if (!email) {
+      return NextResponse.json(
+        { error: '請提供電子郵件地址' },
+        { status: 400 }
+      )
+    }
+
+    // 檢查用戶是否存在
+    const user = await userService.findByEmail(email)
+    if (!user) {
+      return NextResponse.json(
+        { error: '該電子郵件地址不存在於我們的系統中' },
+        { status: 404 }
+      )
+    }
+
+    // 撤銷用戶現有的重設 tokens
+    await PasswordResetService.revokeUserTokens(user.id)
+
+    // 創建新的重設 token
+    const resetToken = await PasswordResetService.createResetToken(user.id)
+
+    // 生成一次性註冊連結
+    const baseUrl = process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+    const resetUrl = `${baseUrl}/register?token=${resetToken.token}&email=${encodeURIComponent(user.email)}&mode=reset&name=${encodeURIComponent(user.name)}&department=${encodeURIComponent(user.department)}&role=${encodeURIComponent(user.role)}`
+
+    return NextResponse.json({
+      success: true,
+      message: '已生成密碼重設連結',
+      resetUrl: resetUrl,
+      expiresAt: resetToken.expires_at
+    })
+
+  } catch (error) {
+    console.error('忘記密碼錯誤:', error)
+    return NextResponse.json(
+      { error: '處理請求時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/api/auth/login/route.ts
+++ b/app/api/auth/login/route.ts
@@ -1,115 +1,53 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { db } from '@/lib/database';
-import { generateToken, validatePassword, comparePassword } from '@/lib/auth';
-import { logger } from '@/lib/logger';
+import { NextRequest, NextResponse } from 'next/server'
+import bcrypt from 'bcryptjs'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()

 export async function POST(request: NextRequest) {
-  const startTime = Date.now();
-  
  try {
-    const body = await request.json();
-    const { email, password } = body;
+    const { email, password } = await request.json()

-    // 驗證輸入
    if (!email || !password) {
      return NextResponse.json(
        { error: '請提供電子郵件和密碼' },
        { status: 400 }
-      );
+      )
    }

-    // 驗證密碼格式
-    const passwordValidation = await validatePassword(password);
-    if (!passwordValidation.isValid) {
-      return NextResponse.json(
-        { error: '密碼格式不正確', details: passwordValidation.errors },
-        { status: 400 }
-      );
-    }
-
-    // 查詢用戶
-    const user = await db.queryOne<{
-      id: string;
-      name: string;
-      email: string;
-      password_hash: string;
-      avatar?: string;
-      department: string;
-      role: 'user' | 'developer' | 'admin';
-      join_date: string;
-      total_likes: number;
-      total_views: number;
-      created_at: string;
-      updated_at: string;
-    }>(
-      'SELECT * FROM users WHERE email = ?',
-      [email]
-    );
-
+    // 查找用戶
+    const user = await userService.findByEmail(email)
    if (!user) {
-      logger.logAuth('login', email, false, request.ip || 'unknown');
      return NextResponse.json(
-        { error: '電子郵件或密碼不正確' },
+        { error: '用戶不存在' },
        { status: 401 }
-      );
+      )
    }

    // 驗證密碼
-    const isPasswordValid = await comparePassword(password, user.password_hash);
-    if (!isPasswordValid) {
-      logger.logAuth('login', email, false, request.ip || 'unknown');
+    const isValidPassword = await bcrypt.compare(password, user.password_hash)
+    if (!isValidPassword) {
      return NextResponse.json(
-        { error: '電子郵件或密碼不正確' },
+        { error: '密碼錯誤' },
        { status: 401 }
-      );
+      )
    }

-    // 生成 JWT Token
-    const token = generateToken({
-      id: user.id,
-      email: user.email,
-      role: user.role
-    });
-
    // 更新最後登入時間
-    await db.update(
-      'users',
-      { updated_at: new Date().toISOString().slice(0, 19).replace('T', ' ') },
-      { id: user.id }
-    );
-
-    // 記錄成功登入
-    logger.logAuth('login', email, true, request.ip || 'unknown');
-
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/login', 200, duration, user.id);
+    await userService.updateLastLogin(user.id)

+    // 返回用戶信息（不包含密碼）
+    const { password_hash, ...userWithoutPassword } = user
    return NextResponse.json({
-      message: '登入成功',
-      user: {
-        id: user.id,
-        name: user.name,
-        email: user.email,
-        avatar: user.avatar,
-        department: user.department,
-        role: user.role,
-        joinDate: user.join_date,
-        totalLikes: user.total_likes,
-        totalViews: user.total_views
-      },
-      token,
-      expiresIn: process.env.JWT_EXPIRES_IN || '7d'
-    });
+      success: true,
+      user: userWithoutPassword
+    })

  } catch (error) {
-    logger.logError(error as Error, 'Login API');
-    
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/login', 500, duration);
-
+    console.error('登入錯誤:', error)
    return NextResponse.json(
-      { error: '內部伺服器錯誤' },
+      { error: '登入過程中發生錯誤' },
      { status: 500 }
-    );
+    )
  }
-} 
+}
--- a/app/api/auth/profile/route.ts
+++ b/app/api/auth/profile/route.ts
@@ -0,0 +1,83 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url)
+    const userId = searchParams.get('userId')
+
+    if (!userId) {
+      return NextResponse.json(
+        { error: '缺少用戶ID' },
+        { status: 400 }
+      )
+    }
+
+    const user = await userService.findById(userId)
+    if (!user) {
+      return NextResponse.json(
+        { error: '用戶不存在' },
+        { status: 404 }
+      )
+    }
+
+    // 返回用戶信息（不包含密碼）
+    const { password_hash, ...userWithoutPassword } = user
+    return NextResponse.json({
+      success: true,
+      user: userWithoutPassword
+    })
+
+  } catch (error) {
+    console.error('獲取用戶資料錯誤:', error)
+    return NextResponse.json(
+      { error: '獲取用戶資料時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function PUT(request: NextRequest) {
+  try {
+    const { userId, ...updateData } = await request.json()
+
+    if (!userId) {
+      return NextResponse.json(
+        { error: '缺少用戶ID' },
+        { status: 400 }
+      )
+    }
+
+    // 如果更新密碼，需要加密
+    if (updateData.password) {
+      const bcrypt = require('bcryptjs')
+      const saltRounds = 12
+      updateData.password_hash = await bcrypt.hash(updateData.password, saltRounds)
+      delete updateData.password
+    }
+
+    const updatedUser = await userService.update(userId, updateData)
+    if (!updatedUser) {
+      return NextResponse.json(
+        { error: '用戶不存在' },
+        { status: 404 }
+      )
+    }
+
+    // 返回更新後的用戶信息（不包含密碼）
+    const { password_hash, ...userWithoutPassword } = updatedUser
+    return NextResponse.json({
+      success: true,
+      user: userWithoutPassword
+    })
+
+  } catch (error) {
+    console.error('更新用戶資料錯誤:', error)
+    return NextResponse.json(
+      { error: '更新用戶資料時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/api/auth/register/route.ts
+++ b/app/api/auth/register/route.ts
@@ -1,113 +1,69 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { db, generateId } from '@/lib/database';
-import { validateUserData, validatePassword, hashPassword } from '@/lib/auth';
-import { logger } from '@/lib/logger';
+import { NextRequest, NextResponse } from 'next/server'
+import bcrypt from 'bcryptjs'
+import { v4 as uuidv4 } from 'uuid'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()

 export async function POST(request: NextRequest) {
-  const startTime = Date.now();
-  
  try {
-    console.log('開始處理註冊請求...');
-    
-    const body = await request.json();
-    console.log('請求體:', body);
-    
-    const { name, email, password, department, role = 'user' } = body;
+    const { name, email, password, department, role = 'user' } = await request.json()

-    // 驗證用戶資料
-    console.log('驗證用戶資料...');
-    const userValidation = validateUserData({ name, email, department, role });
-    if (!userValidation.isValid) {
-      console.log('用戶資料驗證失敗:', userValidation.errors);
+    if (!name || !email || !password || !department) {
      return NextResponse.json(
-        { error: '用戶資料驗證失敗', details: userValidation.errors },
+        { error: '請填寫所有必填欄位' },
        { status: 400 }
-      );
+      )
    }

-    // 驗證密碼
-    console.log('驗證密碼...');
-    const passwordValidation = await validatePassword(password);
-    if (!passwordValidation.isValid) {
-      console.log('密碼驗證失敗:', passwordValidation.errors);
+    if (password.length < 6) {
      return NextResponse.json(
-        { error: '密碼格式不正確', details: passwordValidation.errors },
+        { error: '密碼長度至少需要 6 個字符' },
        { status: 400 }
-      );
+      )
    }

-    // 檢查電子郵件是否已存在
-    console.log('檢查電子郵件是否已存在...');
-    const existingUser = await db.queryOne(
-      'SELECT id FROM users WHERE email = ?',
-      [email]
-    );
-
+    // 檢查用戶是否已存在
+    const existingUser = await userService.findByEmail(email)
    if (existingUser) {
-      console.log('電子郵件已存在');
      return NextResponse.json(
-        { error: '此電子郵件地址已被註冊' },
+        { error: '該電子郵件已被註冊' },
        { status: 409 }
-      );
+      )
    }

    // 加密密碼
-    console.log('加密密碼...');
-    const passwordHash = await hashPassword(password);
-    console.log('密碼加密完成');
+    const saltRounds = 12
+    const password_hash = await bcrypt.hash(password, saltRounds)

-    // 準備用戶資料
-    console.log('準備用戶資料...');
-    const userId = generateId();
-    const userData = {
-      id: userId,
-      name: name.trim(),
-      email: email.toLowerCase().trim(),
-      password_hash: passwordHash,
-      department: department.trim(),
-      role,
+    // 創建新用戶
+    const newUser = {
+      id: uuidv4(),
+      name,
+      email,
+      password_hash,
+      department,
+      role: role as 'user' | 'developer' | 'admin',
      join_date: new Date().toISOString().split('T')[0],
      total_likes: 0,
      total_views: 0,
-      created_at: new Date().toISOString().slice(0, 19).replace('T', ' '),
-      updated_at: new Date().toISOString().slice(0, 19).replace('T', ' ')
-    };
+      is_active: true
+    }

-    console.log('插入用戶資料...');
-    // 插入用戶資料
-    await db.insert('users', userData);
-    console.log('用戶資料插入成功');
-
-    // 記錄註冊成功
-    logger.logAuth('register', email, true, 'unknown');
-
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/register', 201, duration, userId);
+    const createdUser = await userService.create(newUser)

+    // 返回用戶信息（不包含密碼）
+    const { password_hash: _, ...userWithoutPassword } = createdUser
    return NextResponse.json({
-      message: '註冊成功',
-      user: {
-        id: userData.id,
-        name: userData.name,
-        email: userData.email,
-        department: userData.department,
-        role: userData.role,
-        joinDate: userData.join_date,
-        totalLikes: userData.total_likes,
-        totalViews: userData.total_views
-      }
-    }, { status: 201 });
+      success: true,
+      user: userWithoutPassword
+    })

  } catch (error) {
-    console.error('註冊 API 錯誤:', error);
-    logger.logError(error as Error, 'Register API');
-    
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/register', 500, duration);
-
+    console.error('註冊錯誤:', error)
    return NextResponse.json(
-      { error: '內部伺服器錯誤', details: error instanceof Error ? error.message : 'Unknown error' },
+      { error: '註冊過程中發生錯誤' },
      { status: 500 }
-    );
+    )
  }
-} 
+}
--- a/app/api/auth/reset-password/route.ts
+++ b/app/api/auth/reset-password/route.ts
@@ -0,0 +1,81 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { PasswordResetService } from '@/lib/services/password-reset-service'
+
+export async function POST(request: NextRequest) {
+  try {
+    const { token, password } = await request.json()
+
+    if (!token || !password) {
+      return NextResponse.json(
+        { error: '請提供重設 token 和新密碼' },
+        { status: 400 }
+      )
+    }
+
+    if (password.length < 6) {
+      return NextResponse.json(
+        { error: '密碼長度至少需要 6 個字符' },
+        { status: 400 }
+      )
+    }
+
+    // 驗證並使用重設 token
+    const success = await PasswordResetService.useResetToken(token, password)
+
+    if (success) {
+      return NextResponse.json({
+        success: true,
+        message: '密碼重設成功，請使用新密碼登入'
+      })
+    } else {
+      return NextResponse.json(
+        { error: '無效或已過期的重設 token' },
+        { status: 400 }
+      )
+    }
+
+  } catch (error) {
+    console.error('密碼重設錯誤:', error)
+    return NextResponse.json(
+      { error: error.message || '重設密碼時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url)
+    const token = searchParams.get('token')
+
+    if (!token) {
+      return NextResponse.json(
+        { error: '缺少重設 token' },
+        { status: 400 }
+      )
+    }
+
+    // 驗證 token 是否有效
+    const tokenInfo = await PasswordResetService.validateResetToken(token)
+
+    if (tokenInfo) {
+      return NextResponse.json({
+        success: true,
+        valid: true,
+        message: 'Token 有效，可以重設密碼'
+      })
+    } else {
+      return NextResponse.json(
+        { error: '無效或已過期的重設 token' },
+        { status: 400 }
+      )
+    }
+
+  } catch (error) {
+    console.error('驗證 token 錯誤:', error)
+    return NextResponse.json(
+      { error: '驗證 token 時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/competition/page.tsx
+++ b/app/competition/page.tsx
@@ -135,7 +135,7 @@ export default function CompetitionPage() {
  const filteredAwards = getFilteredAwards()

  return (
-    <div className="min-h-screen bg-gradient-to-br from-slate-50 via-white to-blue-50 flex flex-col">
+    <div className="min-h-screen bg-gradient-to-br from-slate-50 via-white to-blue-50">
      {/* Header */}
      <header className="bg-white/80 backdrop-blur-sm border-b border-gray-200 sticky top-0 z-50">
        <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
@@ -165,9 +165,9 @@ export default function CompetitionPage() {
            </div>
          </div>
        </div>
-              </header>
+      </header>

-        <div className="flex-1 max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
+      <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
        {/* Hero Section */}
        <div className="text-center mb-12">
          <h2 className="text-4xl font-bold text-gray-900 mb-4">AI 創新競賽</h2>
--- a/app/judge-scoring/page.tsx
+++ b/app/judge-scoring/page.tsx
@@ -11,7 +11,7 @@ import { Progress } from "@/components/ui/progress"
 import { Avatar, AvatarFallback } from "@/components/ui/avatar"
 import { Dialog, DialogContent, DialogDescription, DialogHeader, DialogTitle } from "@/components/ui/dialog"
 import { Textarea } from "@/components/ui/textarea"
-import { AlertTriangle, CheckCircle, User, Trophy, LogIn, Loader2 } from "lucide-react"
+import { AlertTriangle, CheckCircle, User, Trophy, LogIn, Loader2, Eye, EyeOff, Lock } from "lucide-react"

 interface Judge {
  id: string
@@ -41,6 +41,7 @@ export default function JudgeScoringPage() {
  const [isSubmitting, setIsSubmitting] = useState(false)
  const [error, setError] = useState("")
  const [success, setSuccess] = useState("")
+  const [showAccessCode, setShowAccessCode] = useState(false)

  // Judge data - empty for production
  const mockJudges: Judge[] = []
@@ -145,13 +146,24 @@ export default function JudgeScoringPage() {

            <div className="space-y-2">
              <Label htmlFor="accessCode">存取碼</Label>
-              <Input
-                id="accessCode"
-                type="password"
-                placeholder="請輸入存取碼"
-                value={accessCode}
-                onChange={(e) => setAccessCode(e.target.value)}
-              />
+              <div className="relative">
+                <Lock className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
+                <Input
+                  id="accessCode"
+                  type={showAccessCode ? "text" : "password"}
+                  placeholder="請輸入存取碼"
+                  value={accessCode}
+                  onChange={(e) => setAccessCode(e.target.value)}
+                  className="pl-10 pr-10"
+                />
+                <button
+                  type="button"
+                  onClick={() => setShowAccessCode(!showAccessCode)}
+                  className="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600"
+                >
+                  {showAccessCode ? <EyeOff className="w-4 h-4" /> : <Eye className="w-4 h-4" />}
+                </button>
+              </div>
            </div>

            <Button 
--- a/app/page.tsx
+++ b/app/page.tsx
@@ -344,7 +344,7 @@ export default function AIShowcasePlatform() {
  const filteredAwards = getFilteredAwards()

  return (
-    <div className="min-h-screen bg-gradient-to-br from-slate-50 via-white to-blue-50 flex flex-col">
+    <div className="min-h-screen bg-gradient-to-br from-slate-50 via-white to-blue-50">
      {/* Header */}
      <header className="bg-white/80 backdrop-blur-sm border-b border-gray-200 sticky top-0 z-50">
        <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
@@ -401,9 +401,9 @@ export default function AIShowcasePlatform() {
            </div>
          </div>
        </div>
-              </header>
+      </header>

-        <div className="flex-1 max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
+      <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
        {showCompetition ? (
          // Competition Content
          <>
@@ -999,7 +999,7 @@ export default function AIShowcasePlatform() {
      </div>

      {/* Footer */}
-      <footer className="bg-white border-t border-gray-200 mt-auto">
+      <footer className="bg-white border-t border-gray-200 mt-16">
        <div className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
          <div className="flex flex-col md:flex-row justify-between items-center">
            <div className="text-sm text-gray-500 mb-4 md:mb-0">
--- a/app/register/page.tsx
+++ b/app/register/page.tsx
@@ -13,7 +13,7 @@ import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@
 import { Badge } from "@/components/ui/badge"
 import { Alert, AlertDescription } from "@/components/ui/alert"
 import { Separator } from "@/components/ui/separator"
-import { Brain, User, Mail, Building, Lock, Loader2, CheckCircle, AlertTriangle, Shield, Code } from "lucide-react"
+import { Brain, User, Mail, Building, Lock, Loader2, CheckCircle, AlertTriangle, Shield, Code, Eye, EyeOff } from "lucide-react"

 export default function RegisterPage() {
  const router = useRouter()
@@ -30,66 +30,38 @@ export default function RegisterPage() {
  const [error, setError] = useState("")
  const [success, setSuccess] = useState("")
  const [isSubmitting, setIsSubmitting] = useState(false)
+  const [showPassword, setShowPassword] = useState(false)
+  const [showConfirmPassword, setShowConfirmPassword] = useState(false)

  // 從 URL 參數獲取邀請資訊
  const invitationToken = searchParams.get("token")
  const invitedEmail = searchParams.get("email")
  const invitedRole = searchParams.get("role") || "user"
+  const mode = searchParams.get("mode") // "reset" 表示密碼重設模式
+  const invitedName = searchParams.get("name")
+  const invitedDepartment = searchParams.get("department")
  const isInvitedUser = !!(invitationToken && invitedEmail)
+  const isResetMode = mode === "reset"
+  
+  // 在重設模式下，使用從資料庫獲取的正確角色
+  const displayRole = isResetMode ? invitedRole : invitedRole

  useEffect(() => {
    if (isInvitedUser) {
      setFormData((prev) => ({
        ...prev,
        email: decodeURIComponent(invitedEmail),
+        name: isResetMode && invitedName ? decodeURIComponent(invitedName) : prev.name,
+        department: isResetMode && invitedDepartment ? decodeURIComponent(invitedDepartment) : prev.department,
      }))
    }
-  }, [isInvitedUser, invitedEmail])
+  }, [isInvitedUser, invitedEmail, isResetMode, invitedName, invitedDepartment])

  const handleInputChange = (field: string, value: string) => {
    setFormData((prev) => ({ ...prev, [field]: value }))
    setError("")
  }

-  const getRoleText = (role: string) => {
-    switch (role) {
-      case "admin":
-        return "管理員"
-      case "developer":
-        return "開發者"
-      case "user":
-        return "一般用戶"
-      default:
-        return role
-    }
-  }
-
-  const getRoleIcon = (role: string) => {
-    switch (role) {
-      case "admin":
-        return <Shield className="w-4 h-4 text-purple-600" />
-      case "developer":
-        return <Code className="w-4 h-4 text-green-600" />
-      case "user":
-        return <User className="w-4 h-4 text-blue-600" />
-      default:
-        return <User className="w-4 h-4 text-blue-600" />
-    }
-  }
-
-  const getRoleColor = (role: string) => {
-    switch (role) {
-      case "admin":
-        return "bg-purple-100 text-purple-800 border-purple-200"
-      case "developer":
-        return "bg-green-100 text-green-800 border-green-200"
-      case "user":
-        return "bg-blue-100 text-blue-800 border-blue-200"
-      default:
-        return "bg-gray-100 text-gray-800 border-gray-200"
-    }
-  }
-
  const getRoleDescription = (role: string) => {
    switch (role) {
      case "admin":
@@ -128,23 +100,49 @@ export default function RegisterPage() {
    }

    try {
-      const success = await register({
-        name: formData.name,
-        email: formData.email,
-        password: formData.password,
-        department: formData.department,
-      })
+      if (isResetMode) {
+        // 密碼重設模式
+        const response = await fetch('/api/auth/reset-password', {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+          },
+          body: JSON.stringify({
+            token: invitationToken,
+            password: formData.password
+          }),
+        })

-      if (success) {
-        setSuccess("註冊成功！正在跳轉...")
-        setTimeout(() => {
-          router.push("/")
-        }, 2000)
+        const data = await response.json()
+
+        if (data.success) {
+          setSuccess("密碼重設成功！正在跳轉...")
+          setTimeout(() => {
+            router.push("/")
+          }, 2000)
+        } else {
+          setError(data.error || "密碼重設失敗")
+        }
      } else {
-        setError("註冊失敗，請檢查資料或聯繫管理員")
+        // 正常註冊模式
+        const success = await register({
+          name: formData.name,
+          email: formData.email,
+          password: formData.password,
+          department: formData.department,
+        })
+
+        if (success) {
+          setSuccess("註冊成功！正在跳轉...")
+          setTimeout(() => {
+            router.push("/")
+          }, 2000)
+        } else {
+          setError("註冊失敗，請檢查資料或聯繫管理員")
+        }
      }
    } catch (err) {
-      setError("註冊過程中發生錯誤，請稍後再試")
+      setError(isResetMode ? "密碼重設過程中發生錯誤，請稍後再試" : "註冊過程中發生錯誤，請稍後再試")
    }

    setIsSubmitting(false)
@@ -158,8 +156,12 @@ export default function RegisterPage() {
            <div className="w-16 h-16 bg-green-100 rounded-full flex items-center justify-center mx-auto mb-4">
              <CheckCircle className="w-8 h-8 text-green-600" />
            </div>
-            <h3 className="text-xl font-semibold text-gray-900 mb-2">註冊成功！</h3>
-            <p className="text-gray-600 mb-4">歡迎加入強茂集團 AI 展示平台</p>
+            <h3 className="text-xl font-semibold text-gray-900 mb-2">
+              {isResetMode ? "密碼重設成功！" : "註冊成功！"}
+            </h3>
+            <p className="text-gray-600 mb-4">
+              {isResetMode ? "您的密碼已成功重設" : "歡迎加入強茂集團 AI 展示平台"}
+            </p>
            <p className="text-sm text-gray-500">正在跳轉到首頁...</p>
          </CardContent>
        </Card>
@@ -180,7 +182,12 @@ export default function RegisterPage() {
              <h1 className="text-2xl font-bold text-gray-900">強茂集團 AI 展示平台</h1>
            </div>
          </div>
-          {isInvitedUser ? (
+          {isResetMode ? (
+            <div>
+              <h2 className="text-xl font-semibold text-gray-900 mb-2">重設密碼</h2>
+              <p className="text-gray-600">請設定您的新密碼</p>
+            </div>
+          ) : isInvitedUser ? (
            <div>
              <h2 className="text-xl font-semibold text-gray-900 mb-2">完成註冊</h2>
              <p className="text-gray-600">您已受邀加入平台，請完成以下資訊</p>
@@ -195,9 +202,14 @@ export default function RegisterPage() {

        <Card>
          <CardHeader>
-            <CardTitle>註冊資訊</CardTitle>
+            <CardTitle>{isResetMode ? "密碼重設" : "註冊資訊"}</CardTitle>
            <CardDescription>
-              {isInvitedUser ? "請填寫您的個人資訊完成註冊" : "請填寫以下資訊建立您的帳戶"}
+              {isResetMode 
+                ? "請設定您的新密碼" 
+                : isInvitedUser 
+                  ? "請填寫您的個人資訊完成註冊" 
+                  : "請填寫以下資訊建立您的帳戶"
+              }
            </CardDescription>
          </CardHeader>
          <CardContent>
@@ -215,16 +227,21 @@ export default function RegisterPage() {
                          <span className="text-sm font-medium text-blue-900">{invitedEmail}</span>
                        </div>
                        <div className="flex items-center justify-between">
-                          <span className="text-sm text-blue-700">預設角色：</span>
-                          <Badge variant="outline" className={getRoleColor(invitedRole)}>
-                            <div className="flex items-center space-x-1">
-                              {getRoleIcon(invitedRole)}
-                              <span>{getRoleText(invitedRole)}</span>
-                            </div>
+                          <span className="text-sm text-blue-700">角色：</span>
+                          <Badge variant="secondary" className="text-xs">
+                            {displayRole === "admin" && (
+                              <><Shield className="w-3 h-3 mr-1" />管理員</>
+                            )}
+                            {displayRole === "developer" && (
+                              <><Code className="w-3 h-3 mr-1" />開發者</>
+                            )}
+                            {displayRole === "user" && (
+                              <><User className="w-3 h-3 mr-1" />一般用戶</>
+                            )}
                          </Badge>
                        </div>
-                        <div className="mt-3 pt-3 border-t border-blue-200">
-                          <p className="text-xs text-blue-600">{getRoleDescription(invitedRole)}</p>
+                        <div className="text-xs text-blue-600 mt-2">
+                          {getRoleDescription(displayRole)}
                        </div>
                      </div>
                    </div>
@@ -233,7 +250,6 @@ export default function RegisterPage() {
              </div>
            )}

-            {/* Error/Success Messages */}
            {error && (
              <Alert variant="destructive" className="mb-4">
                <AlertTriangle className="h-4 w-4" />
@@ -242,21 +258,23 @@ export default function RegisterPage() {
            )}

            <form onSubmit={handleSubmit} className="space-y-4">
-              <div className="space-y-2">
-                <Label htmlFor="name">姓名 *</Label>
-                <div className="relative">
-                  <User className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
-                  <Input
-                    id="name"
-                    type="text"
-                    value={formData.name}
-                    onChange={(e) => handleInputChange("name", e.target.value)}
-                    placeholder="請輸入您的姓名"
-                    className="pl-10"
-                    disabled={isSubmitting}
-                  />
+              {!isResetMode && (
+                <div className="space-y-2">
+                  <Label htmlFor="name">姓名 *</Label>
+                  <div className="relative">
+                    <User className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
+                    <Input
+                      id="name"
+                      type="text"
+                      value={formData.name}
+                      onChange={(e) => handleInputChange("name", e.target.value)}
+                      placeholder="請輸入您的姓名"
+                      className="pl-10"
+                      disabled={isSubmitting}
+                    />
+                  </div>
                </div>
-              </div>
+              )}

              <div className="space-y-2">
                <Label htmlFor="email">電子郵件 *</Label>
@@ -269,36 +287,41 @@ export default function RegisterPage() {
                    onChange={(e) => handleInputChange("email", e.target.value)}
                    placeholder="請輸入電子郵件"
                    className="pl-10"
-                    disabled={isSubmitting || isInvitedUser}
-                    readOnly={isInvitedUser}
+                    disabled={isSubmitting || isInvitedUser || isResetMode}
+                    readOnly={isInvitedUser || isResetMode}
                  />
                </div>
-                {isInvitedUser && <p className="text-xs text-gray-500">此電子郵件由邀請連結自動填入</p>}
+                {(isInvitedUser || isResetMode) && <p className="text-xs text-gray-500">此電子郵件由連結自動填入</p>}
              </div>

-              <div className="space-y-2">
-                <Label htmlFor="department">部門 *</Label>
-                <div className="relative">
-                  <Building className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4 z-10" />
-                  <Select
-                    value={formData.department}
-                    onValueChange={(value) => handleInputChange("department", value)}
-                    disabled={isSubmitting}
-                  >
-                    <SelectTrigger className="pl-10">
-                      <SelectValue placeholder="請選擇您的部門" />
-                    </SelectTrigger>
-                    <SelectContent>
-                      <SelectItem value="HQBU">HQBU</SelectItem>
-                      <SelectItem value="ITBU">ITBU</SelectItem>
-                      <SelectItem value="MBU1">MBU1</SelectItem>
-                      <SelectItem value="SBU">SBU</SelectItem>
-                    </SelectContent>
-                  </Select>
+              {!isResetMode && (
+                <div className="space-y-2">
+                  <Label htmlFor="department">部門 *</Label>
+                  <div className="relative">
+                    <Building className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4 z-10" />
+                    <Select
+                      value={formData.department}
+                      onValueChange={(value) => handleInputChange("department", value)}
+                      disabled={isSubmitting}
+                    >
+                      <SelectTrigger className="pl-10">
+                        <SelectValue placeholder="請選擇您的部門" />
+                      </SelectTrigger>
+                      <SelectContent>
+                        <SelectItem value="HQBU">HQBU</SelectItem>
+                        <SelectItem value="ITBU">ITBU</SelectItem>
+                        <SelectItem value="RDBU">RDBU</SelectItem>
+                        <SelectItem value="MDBU">MDBU</SelectItem>
+                        <SelectItem value="PGBU">PGBU</SelectItem>
+                        <SelectItem value="SGBU">SGBU</SelectItem>
+                        <SelectItem value="TGBU">TGBU</SelectItem>
+                        <SelectItem value="WGBU">WGBU</SelectItem>
+                        <SelectItem value="Other">其他</SelectItem>
+                      </SelectContent>
+                    </Select>
+                  </div>
                </div>
-              </div>
-
-              <Separator />
+              )}

              <div className="space-y-2">
                <Label htmlFor="password">密碼 *</Label>
@@ -306,14 +329,27 @@ export default function RegisterPage() {
                  <Lock className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
                  <Input
                    id="password"
-                    type="password"
+                    type={showPassword ? "text" : "password"}
                    value={formData.password}
                    onChange={(e) => handleInputChange("password", e.target.value)}
-                    placeholder="請輸入密碼（至少 6 個字符）"
-                    className="pl-10"
+                    placeholder={isResetMode ? "請輸入新密碼" : "請輸入密碼"}
+                    className="pl-10 pr-10"
                    disabled={isSubmitting}
                  />
+                  <button
+                    type="button"
+                    onClick={() => setShowPassword(!showPassword)}
+                    className="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600"
+                    disabled={isSubmitting}
+                  >
+                    {showPassword ? (
+                      <EyeOff className="w-4 h-4" />
+                    ) : (
+                      <Eye className="w-4 h-4" />
+                    )}
+                  </button>
                </div>
+                <p className="text-xs text-gray-500">密碼長度至少需要 6 個字符</p>
              </div>

              <div className="space-y-2">
@@ -322,13 +358,25 @@ export default function RegisterPage() {
                  <Lock className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
                  <Input
                    id="confirmPassword"
-                    type="password"
+                    type={showConfirmPassword ? "text" : "password"}
                    value={formData.confirmPassword}
                    onChange={(e) => handleInputChange("confirmPassword", e.target.value)}
                    placeholder="請再次輸入密碼"
-                    className="pl-10"
+                    className="pl-10 pr-10"
                    disabled={isSubmitting}
                  />
+                  <button
+                    type="button"
+                    onClick={() => setShowConfirmPassword(!showConfirmPassword)}
+                    className="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600"
+                    disabled={isSubmitting}
+                  >
+                    {showConfirmPassword ? (
+                      <EyeOff className="w-4 h-4" />
+                    ) : (
+                      <Eye className="w-4 h-4" />
+                    )}
+                  </button>
                </div>
              </div>

@@ -340,10 +388,10 @@ export default function RegisterPage() {
                {isSubmitting || isLoading ? (
                  <>
                    <Loader2 className="w-4 h-4 mr-2 animate-spin" />
-                    註冊中...
+                    {isResetMode ? "重設中..." : "註冊中..."}
                  </>
                ) : (
-                  "完成註冊"
+                  isResetMode ? "重設密碼" : "完成註冊"
                )}
              </Button>
            </form>
@@ -364,7 +412,7 @@ export default function RegisterPage() {
        </Card>

        {/* Role Information */}
-        {!isInvitedUser && (
+        {!isInvitedUser && !isResetMode && (
          <Card className="mt-6">
            <CardHeader>
              <CardTitle className="text-lg">角色說明</CardTitle>
@@ -394,15 +442,10 @@ export default function RegisterPage() {
                  </div>
                </div>
              </div>
-              <div className="bg-gray-50 p-3 rounded-lg">
-                <p className="text-xs text-gray-600">
-                  <strong>注意：</strong>新註冊用戶預設為一般用戶角色。如需其他角色權限，請聯繫管理員進行調整。
-                </p>
-              </div>
            </CardContent>
          </Card>
        )}
      </div>
    </div>
  )
-}
+}
--- a/app/reset-password/page.tsx
+++ b/app/reset-password/page.tsx
@@ -0,0 +1,239 @@
+"use client"
+
+import { useState, useEffect } from "react"
+import { useRouter, useSearchParams } from "next/navigation"
+import { Button } from "@/components/ui/button"
+import { Input } from "@/components/ui/input"
+import { Label } from "@/components/ui/label"
+import { Alert, AlertDescription } from "@/components/ui/alert"
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card"
+import { CheckCircle, AlertTriangle, Lock, Eye, EyeOff } from "lucide-react"
+
+export default function ResetPasswordPage() {
+  const router = useRouter()
+  const searchParams = useSearchParams()
+  const token = searchParams.get('token')
+
+  const [password, setPassword] = useState("")
+  const [confirmPassword, setConfirmPassword] = useState("")
+  const [showPassword, setShowPassword] = useState(false)
+  const [showConfirmPassword, setShowConfirmPassword] = useState(false)
+  const [isLoading, setIsLoading] = useState(false)
+  const [isValidating, setIsValidating] = useState(true)
+  const [isValidToken, setIsValidToken] = useState(false)
+  const [isSuccess, setIsSuccess] = useState(false)
+  const [error, setError] = useState("")
+
+  // 驗證 token 是否有效
+  useEffect(() => {
+    if (!token) {
+      setError("缺少重設 token")
+      setIsValidating(false)
+      return
+    }
+
+    const validateToken = async () => {
+      try {
+        const response = await fetch(`/api/auth/reset-password?token=${token}`)
+        const data = await response.json()
+
+        if (data.success && data.valid) {
+          setIsValidToken(true)
+        } else {
+          setError(data.error || "無效或已過期的重設 token")
+        }
+      } catch (err) {
+        setError("驗證 token 時發生錯誤")
+      } finally {
+        setIsValidating(false)
+      }
+    }
+
+    validateToken()
+  }, [token])
+
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault()
+    setError("")
+
+    if (!password || !confirmPassword) {
+      setError("請填寫所有欄位")
+      return
+    }
+
+    if (password.length < 6) {
+      setError("密碼長度至少需要 6 個字符")
+      return
+    }
+
+    if (password !== confirmPassword) {
+      setError("密碼確認不一致")
+      return
+    }
+
+    setIsLoading(true)
+
+    try {
+      const response = await fetch('/api/auth/reset-password', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+          token,
+          password
+        }),
+      })
+
+      const data = await response.json()
+
+      if (data.success) {
+        setIsSuccess(true)
+        setTimeout(() => {
+          router.push('/')
+        }, 3000)
+      } else {
+        setError(data.error || "重設密碼失敗")
+      }
+    } catch (err) {
+      setError("重設密碼時發生錯誤")
+    } finally {
+      setIsLoading(false)
+    }
+  }
+
+  if (isValidating) {
+    return (
+      <div className="min-h-screen flex items-center justify-center bg-gray-50">
+        <Card className="w-full max-w-md">
+          <CardContent className="pt-6">
+            <div className="text-center">
+              <div className="animate-spin rounded-full h-8 w-8 border-b-2 border-blue-600 mx-auto mb-4"></div>
+              <p className="text-gray-600">驗證重設連結中...</p>
+            </div>
+          </CardContent>
+        </Card>
+      </div>
+    )
+  }
+
+  if (!isValidToken) {
+    return (
+      <div className="min-h-screen flex items-center justify-center bg-gray-50">
+        <Card className="w-full max-w-md">
+          <CardHeader>
+            <CardTitle className="text-center text-red-600">重設連結無效</CardTitle>
+            <CardDescription className="text-center">
+              此重設連結已過期或無效
+            </CardDescription>
+          </CardHeader>
+          <CardContent>
+            <Alert variant="destructive">
+              <AlertTriangle className="h-4 w-4" />
+              <AlertDescription>{error}</AlertDescription>
+            </Alert>
+            <div className="mt-4 text-center">
+              <Button onClick={() => router.push('/')} variant="outline">
+                返回首頁
+              </Button>
+            </div>
+          </CardContent>
+        </Card>
+      </div>
+    )
+  }
+
+  if (isSuccess) {
+    return (
+      <div className="min-h-screen flex items-center justify-center bg-gray-50">
+        <Card className="w-full max-w-md">
+          <CardContent className="pt-6">
+            <div className="text-center">
+              <CheckCircle className="h-16 w-16 text-green-600 mx-auto mb-4" />
+              <h2 className="text-2xl font-bold text-green-600 mb-2">密碼重設成功！</h2>
+              <p className="text-gray-600 mb-4">
+                您的密碼已成功重設，3 秒後將自動跳轉到首頁
+              </p>
+              <Button onClick={() => router.push('/')} className="w-full">
+                立即前往首頁
+              </Button>
+            </div>
+          </CardContent>
+        </Card>
+      </div>
+    )
+  }
+
+  return (
+    <div className="min-h-screen flex items-center justify-center bg-gray-50">
+      <Card className="w-full max-w-md">
+        <CardHeader>
+          <CardTitle className="text-center">重設密碼</CardTitle>
+          <CardDescription className="text-center">
+            請輸入您的新密碼
+          </CardDescription>
+        </CardHeader>
+        <CardContent>
+          <form onSubmit={handleSubmit} className="space-y-4">
+            <div className="space-y-2">
+              <Label htmlFor="password">新密碼</Label>
+              <div className="relative">
+                <Lock className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
+                <Input
+                  id="password"
+                  type={showPassword ? "text" : "password"}
+                  placeholder="請輸入新密碼"
+                  value={password}
+                  onChange={(e) => setPassword(e.target.value)}
+                  className="pl-10 pr-10"
+                  required
+                />
+                <button
+                  type="button"
+                  onClick={() => setShowPassword(!showPassword)}
+                  className="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600"
+                >
+                  {showPassword ? <EyeOff className="w-4 h-4" /> : <Eye className="w-4 h-4" />}
+                </button>
+              </div>
+            </div>
+
+            <div className="space-y-2">
+              <Label htmlFor="confirmPassword">確認密碼</Label>
+              <div className="relative">
+                <Lock className="absolute left-3 top-1/2 transform -translate-y-1/2 text-gray-400 w-4 h-4" />
+                <Input
+                  id="confirmPassword"
+                  type={showConfirmPassword ? "text" : "password"}
+                  placeholder="請再次輸入新密碼"
+                  value={confirmPassword}
+                  onChange={(e) => setConfirmPassword(e.target.value)}
+                  className="pl-10 pr-10"
+                  required
+                />
+                <button
+                  type="button"
+                  onClick={() => setShowConfirmPassword(!showConfirmPassword)}
+                  className="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600"
+                >
+                  {showConfirmPassword ? <EyeOff className="w-4 h-4" /> : <Eye className="w-4 h-4" />}
+                </button>
+              </div>
+            </div>
+
+            {error && (
+              <Alert variant="destructive">
+                <AlertTriangle className="h-4 w-4" />
+                <AlertDescription>{error}</AlertDescription>
+              </Alert>
+            )}
+
+            <Button type="submit" className="w-full" disabled={isLoading}>
+              {isLoading ? "重設中..." : "重設密碼"}
+            </Button>
+          </form>
+        </CardContent>
+      </Card>
+    </div>
+  )
+}