實作註冊、登入功能

2025-09-28 23:34:32 +08:00
parent 36eb088983
commit 9b224fa7e1
17 changed files with 4468 additions and 57 deletions
--- a/app/api/auth/login/route.ts
+++ b/app/api/auth/login/route.ts
@@ -0,0 +1,60 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { verifyUserPassword } from '@/lib/database/models/user'
+import { initializeDatabase } from '@/lib/database/init'
+import { generateToken, generateRefreshToken } from '@/lib/utils/jwt'
+
+export async function POST(request: NextRequest) {
+  try {
+    // 確保資料庫已初始化
+    await initializeDatabase()
+    
+    const { email, password } = await request.json()
+    
+    if (!email || !password) {
+      return NextResponse.json(
+        { error: '請提供電子郵件和密碼' },
+        { status: 400 }
+      )
+    }
+    
+    // 驗證用戶密碼
+    const user = await verifyUserPassword(email, password)
+    
+    if (!user) {
+      return NextResponse.json(
+        { error: '帳號或密碼錯誤' },
+        { status: 401 }
+      )
+    }
+    
+    // 生成 JWT tokens
+    const tokenPayload = {
+      userId: user.id,
+      email: user.email,
+      role: user.role,
+      name: user.name
+    }
+    
+    const accessToken = generateToken(tokenPayload)
+    const refreshToken = generateRefreshToken(tokenPayload)
+    
+    // 移除密碼並返回用戶資料
+    const { password: _, ...userWithoutPassword } = user
+    
+    return NextResponse.json({
+      success: true,
+      user: {
+        ...userWithoutPassword,
+        createdAt: user.created_at,
+      },
+      accessToken,
+      refreshToken
+    })
+  } catch (error) {
+    console.error('登入錯誤:', error)
+    return NextResponse.json(
+      { error: '登入失敗，請稍後再試' },
+      { status: 500 }
+    )
+  }
+}
--- a/app/api/auth/register/route.ts
+++ b/app/api/auth/register/route.ts
@@ -0,0 +1,68 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { createUser, isEmailExists } from '@/lib/database/models/user'
+import { initializeDatabase } from '@/lib/database/init'
+
+export async function POST(request: NextRequest) {
+  try {
+    // 確保資料庫已初始化
+    await initializeDatabase()
+    
+    const { name, email, password, department, role } = await request.json()
+    
+    if (!name || !email || !password || !department) {
+      return NextResponse.json(
+        { error: '請填寫所有必填欄位' },
+        { status: 400 }
+      )
+    }
+    
+    if (password.length < 6) {
+      return NextResponse.json(
+        { error: '密碼長度至少需要6個字元' },
+        { status: 400 }
+      )
+    }
+    
+    // 檢查電子郵件是否已存在
+    const emailExists = await isEmailExists(email)
+    if (emailExists) {
+      return NextResponse.json(
+        { error: '該電子郵件已被使用' },
+        { status: 409 }
+      )
+    }
+    
+    // 建立新用戶
+    const newUser = await createUser({
+      name,
+      email,
+      password, // 在實際應用中應該加密
+      department,
+      role: role || 'user'
+    })
+    
+    if (!newUser) {
+      return NextResponse.json(
+        { error: '註冊失敗，請稍後再試' },
+        { status: 500 }
+      )
+    }
+    
+    // 移除密碼並返回用戶資料
+    const { password: _, ...userWithoutPassword } = newUser
+    
+    return NextResponse.json({
+      success: true,
+      user: {
+        ...userWithoutPassword,
+        createdAt: newUser.created_at,
+      }
+    })
+  } catch (error) {
+    console.error('註冊錯誤:', error)
+    return NextResponse.json(
+      { error: '註冊失敗，請稍後再試' },
+      { status: 500 }
+    )
+  }
+}