整合資料庫、完成登入註冊忘記密碼功能

app/api/auth/login/route.ts

@@ -1,115 +1,53 @@
-import { NextRequest, NextResponse } from 'next/server';
-import { db } from '@/lib/database';
-import { generateToken, validatePassword, comparePassword } from '@/lib/auth';
-import { logger } from '@/lib/logger';
+import { NextRequest, NextResponse } from 'next/server'
+import bcrypt from 'bcryptjs'
+import { UserService } from '@/lib/services/database-service'
+
+const userService = new UserService()
 
 export async function POST(request: NextRequest) {
-  const startTime = Date.now();
-  
   try {
-    const body = await request.json();
-    const { email, password } = body;
+    const { email, password } = await request.json()
 
-    // 驗證輸入
     if (!email || !password) {
       return NextResponse.json(
         { error: '請提供電子郵件和密碼' },
         { status: 400 }
-      );
+      )
     }
 
-    // 驗證密碼格式
-    const passwordValidation = await validatePassword(password);
-    if (!passwordValidation.isValid) {
-      return NextResponse.json(
-        { error: '密碼格式不正確', details: passwordValidation.errors },
-        { status: 400 }
-      );
-    }
-
-    // 查詢用戶
-    const user = await db.queryOne<{
-      id: string;
-      name: string;
-      email: string;
-      password_hash: string;
-      avatar?: string;
-      department: string;
-      role: 'user' | 'developer' | 'admin';
-      join_date: string;
-      total_likes: number;
-      total_views: number;
-      created_at: string;
-      updated_at: string;
-    }>(
-      'SELECT * FROM users WHERE email = ?',
-      [email]
-    );
-
+    // 查找用戶
+    const user = await userService.findByEmail(email)
     if (!user) {
-      logger.logAuth('login', email, false, request.ip || 'unknown');
       return NextResponse.json(
-        { error: '電子郵件或密碼不正確' },
+        { error: '用戶不存在' },
         { status: 401 }
-      );
+      )
     }
 
     // 驗證密碼
-    const isPasswordValid = await comparePassword(password, user.password_hash);
-    if (!isPasswordValid) {
-      logger.logAuth('login', email, false, request.ip || 'unknown');
+    const isValidPassword = await bcrypt.compare(password, user.password_hash)
+    if (!isValidPassword) {
       return NextResponse.json(
-        { error: '電子郵件或密碼不正確' },
+        { error: '密碼錯誤' },
         { status: 401 }
-      );
+      )
     }
 
-    // 生成 JWT Token
-    const token = generateToken({
-      id: user.id,
-      email: user.email,
-      role: user.role
-    });
-
     // 更新最後登入時間
-    await db.update(
-      'users',
-      { updated_at: new Date().toISOString().slice(0, 19).replace('T', ' ') },
-      { id: user.id }
-    );
-
-    // 記錄成功登入
-    logger.logAuth('login', email, true, request.ip || 'unknown');
-
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/login', 200, duration, user.id);
+    await userService.updateLastLogin(user.id)
 
+    // 返回用戶信息（不包含密碼）
+    const { password_hash, ...userWithoutPassword } = user
     return NextResponse.json({
-      message: '登入成功',
-      user: {
-        id: user.id,
-        name: user.name,
-        email: user.email,
-        avatar: user.avatar,
-        department: user.department,
-        role: user.role,
-        joinDate: user.join_date,
-        totalLikes: user.total_likes,
-        totalViews: user.total_views
-      },
-      token,
-      expiresIn: process.env.JWT_EXPIRES_IN || '7d'
-    });
+      success: true,
+      user: userWithoutPassword
+    })
 
   } catch (error) {
-    logger.logError(error as Error, 'Login API');
-    
-    const duration = Date.now() - startTime;
-    logger.logRequest('POST', '/api/auth/login', 500, duration);
-
+    console.error('登入錯誤:', error)
     return NextResponse.json(
-      { error: '內部伺服器錯誤' },
+      { error: '登入過程中發生錯誤' },
       { status: 500 }
-    );
+    )
   }
-} 
+}