整合資料庫、完成登入註冊忘記密碼功能

2025-09-09 12:00:22 +08:00
parent af88c0f037
commit 32b19e9a0f
85 changed files with 11672 additions and 2350 deletions
--- a/app/api/auth/forgot-password/route.ts
+++ b/app/api/auth/forgot-password/route.ts
@@ -0,0 +1,52 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { UserService } from '@/lib/services/database-service'
+import { PasswordResetService } from '@/lib/services/password-reset-service'
+import { v4 as uuidv4 } from 'uuid'
+
+const userService = new UserService()
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email } = await request.json()
+
+    if (!email) {
+      return NextResponse.json(
+        { error: '請提供電子郵件地址' },
+        { status: 400 }
+      )
+    }
+
+    // 檢查用戶是否存在
+    const user = await userService.findByEmail(email)
+    if (!user) {
+      return NextResponse.json(
+        { error: '該電子郵件地址不存在於我們的系統中' },
+        { status: 404 }
+      )
+    }
+
+    // 撤銷用戶現有的重設 tokens
+    await PasswordResetService.revokeUserTokens(user.id)
+
+    // 創建新的重設 token
+    const resetToken = await PasswordResetService.createResetToken(user.id)
+
+    // 生成一次性註冊連結
+    const baseUrl = process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+    const resetUrl = `${baseUrl}/register?token=${resetToken.token}&email=${encodeURIComponent(user.email)}&mode=reset&name=${encodeURIComponent(user.name)}&department=${encodeURIComponent(user.department)}&role=${encodeURIComponent(user.role)}`
+
+    return NextResponse.json({
+      success: true,
+      message: '已生成密碼重設連結',
+      resetUrl: resetUrl,
+      expiresAt: resetToken.expires_at
+    })
+
+  } catch (error) {
+    console.error('忘記密碼錯誤:', error)
+    return NextResponse.json(
+      { error: '處理請求時發生錯誤' },
+      { status: 500 }
+    )
+  }
+}