新增資料庫、用戶註冊、登入的功能

app/api/auth/reset-password/confirm/route.ts

@@ -0,0 +1,19 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { db } from '@/lib/database';
+import { hashPassword } from '@/lib/auth';
+import { codeMap } from '../request/route';
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email, code, newPassword } = await request.json();
+    if (!email || !code || !newPassword) return NextResponse.json({ error: '缺少參數' }, { status: 400 });
+    const validCode = codeMap.get(email);
+    if (!validCode || validCode !== code) return NextResponse.json({ error: '驗證碼錯誤' }, { status: 400 });
+    const passwordHash = await hashPassword(newPassword);
+    await db.update('users', { password_hash: passwordHash }, { email });
+    codeMap.delete(email);
+    return NextResponse.json({ message: '密碼重設成功' });
+  } catch (error) {
+    return NextResponse.json({ error: '內部伺服器錯誤', details: error instanceof Error ? error.message : 'Unknown error' }, { status: 500 });
+  }
+}

app/api/auth/reset-password/request/route.ts

@@ -0,0 +1,20 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { db } from '@/lib/database';
+
+const codeMap = new Map();
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email } = await request.json();
+    if (!email) return NextResponse.json({ error: '請提供 email' }, { status: 400 });
+    const user = await db.queryOne('SELECT id FROM users WHERE email = ?', [email]);
+    if (!user) return NextResponse.json({ error: '用戶不存在' }, { status: 404 });
+    const code = Math.floor(100000 + Math.random() * 900000).toString();
+    codeMap.set(email, code);
+    // 實際應發送 email，這裡直接回傳
+    return NextResponse.json({ message: '驗證碼已產生', code });
+  } catch (error) {
+    return NextResponse.json({ error: '內部伺服器錯誤', details: error instanceof Error ? error.message : 'Unknown error' }, { status: 500 });
+  }
+}
+export { codeMap };