ai-showcase-platform/scripts/test-forgot-password.js

const bcrypt = require('bcryptjs');
const mysql = require('mysql2/promise');

// 資料庫配置
const dbConfig = {
  host: process.env.DB_HOST || 'mysql.theaken.com',
  port: parseInt(process.env.DB_PORT || '33306'),
  user: process.env.DB_USER || 'AI_Platform',
  password: process.env.DB_PASSWORD || 'Aa123456',
  database: process.env.DB_NAME || 'db_AI_Platform',
  charset: 'utf8mb4',
  timezone: '+08:00'
};

async function testForgotPassword() {
  console.log('🧪 測試忘記密碼功能...\n');

  try {
    const connection = await mysql.createConnection(dbConfig);
    console.log('✅ 資料庫連接成功');

    // 1. 創建密碼重設表（如果不存在）
    console.log('1. 創建密碼重設表...');
    const createTableSQL = `
      CREATE TABLE IF NOT EXISTS password_reset_tokens (
        id VARCHAR(36) PRIMARY KEY,
        user_id VARCHAR(36) NOT NULL,
        token VARCHAR(255) NOT NULL UNIQUE,
        expires_at TIMESTAMP NOT NULL,
        used_at TIMESTAMP NULL,
        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
        
        INDEX idx_user_id (user_id),
        INDEX idx_token (token),
        INDEX idx_expires_at (expires_at),
        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
    `;

    await connection.execute(createTableSQL);
    console.log('✅ 密碼重設表創建成功');

    // 2. 測試 API 端點
    console.log('\n2. 測試忘記密碼 API...');
    try {
      const response = await fetch('http://localhost:3000/api/auth/forgot-password', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({
          email: 'admin@ai-platform.com'
        })
      });

      if (response.ok) {
        const data = await response.json();
        console.log('✅ 忘記密碼 API 測試成功:', data);
      } else {
        const errorData = await response.text();
        console.log('❌ 忘記密碼 API 測試失敗:', response.status, errorData);
      }
    } catch (error) {
      console.log('❌ API 測試錯誤:', error.message);
    }

    // 3. 測試密碼重設 API
    console.log('\n3. 測試密碼重設 API...');
    try {
      // 先創建一個測試 token
      const testToken = 'test-token-' + Date.now();
      const expiresAt = new Date(Date.now() + 60 * 60 * 1000); // 1 小時後過期
      
      // 獲取測試用戶 ID
      const [users] = await connection.execute('SELECT id FROM users WHERE email = ?', ['admin@ai-platform.com']);
      if (users.length > 0) {
        const userId = users[0].id;
        
        // 插入測試 token
        await connection.execute(`
          INSERT INTO password_reset_tokens (id, user_id, token, expires_at)
          VALUES (UUID(), ?, ?, ?)
        `, [userId, testToken, expiresAt]);

        // 測試重設密碼
        const response = await fetch('http://localhost:3000/api/auth/reset-password', {
          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
          body: JSON.stringify({
            token: testToken,
            password: 'newpassword123'
          })
        });

        if (response.ok) {
          const data = await response.json();
          console.log('✅ 密碼重設 API 測試成功:', data);
        } else {
          const errorData = await response.text();
          console.log('❌ 密碼重設 API 測試失敗:', response.status, errorData);
        }
      }
    } catch (error) {
      console.log('❌ 密碼重設 API 測試錯誤:', error.message);
    }

    // 4. 檢查資料庫狀態
    console.log('\n4. 檢查資料庫狀態...');
    const [tokens] = await connection.execute(`
      SELECT COUNT(*) as count FROM password_reset_tokens
    `);
    console.log('密碼重設 tokens 數量:', tokens[0].count);

    await connection.end();
    console.log('\n🎉 忘記密碼功能測試完成！');

  } catch (error) {
    console.error('❌ 測試過程中發生錯誤:', error);
  }
}

testForgotPassword();