實作用戶管理介面

2025-09-29 18:08:14 +08:00
parent b45cad81bf
commit 9e61eef288
6 changed files with 945 additions and 72 deletions
--- a/app/api/admin/users/route.ts
+++ b/app/api/admin/users/route.ts
@@ -0,0 +1,202 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { getAllUsers, createUser, updateUser, deleteUser } from '@/lib/database/models/user'
+import { hashPassword } from '@/lib/utils/password'
+
+// 獲取所有用戶
+export async function GET() {
+  try {
+    const users = await getAllUsers()
+    
+    // 移除密碼欄位
+    const usersWithoutPassword = users.map(user => {
+      const { password, ...userWithoutPassword } = user
+      return userWithoutPassword
+    })
+
+    return NextResponse.json({
+      success: true,
+      data: usersWithoutPassword
+    })
+
+  } catch (error) {
+    console.error('獲取用戶列表失敗:', error)
+    return NextResponse.json(
+      {
+        success: false,
+        error: '伺服器錯誤',
+        details: error instanceof Error ? error.message : '未知錯誤'
+      },
+      { status: 500 }
+    )
+  }
+}
+
+// 創建新用戶
+export async function POST(request: NextRequest) {
+  try {
+    const body = await request.json()
+    const { name, email, password, department, role } = body
+
+    // 驗證必要欄位
+    if (!name || !email || !password || !department) {
+      return NextResponse.json(
+        { success: false, error: '請填寫所有必填欄位' },
+        { status: 400 }
+      )
+    }
+
+    // 驗證電子郵件格式
+    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
+    if (!emailRegex.test(email)) {
+      return NextResponse.json(
+        { success: false, error: '電子郵件格式不正確' },
+        { status: 400 }
+      )
+    }
+
+    // 驗證密碼長度
+    if (password.length < 6) {
+      return NextResponse.json(
+        { success: false, error: '密碼長度至少需要6個字元' },
+        { status: 400 }
+      )
+    }
+
+    // 加密密碼
+    const hashedPassword = await hashPassword(password)
+
+    // 創建用戶
+    const userData = {
+      name,
+      email,
+      password: hashedPassword,
+      department,
+      role: role || 'user'
+    }
+
+    const newUser = await createUser(userData)
+    if (!newUser) {
+      return NextResponse.json(
+        { success: false, error: '創建用戶失敗' },
+        { status: 500 }
+      )
+    }
+
+    // 返回用戶資料（不包含密碼）
+    const { password: _, ...userWithoutPassword } = newUser
+
+    return NextResponse.json({
+      success: true,
+      data: userWithoutPassword
+    })
+
+  } catch (error) {
+    console.error('創建用戶失敗:', error)
+    return NextResponse.json(
+      {
+        success: false,
+        error: '伺服器錯誤',
+        details: error instanceof Error ? error.message : '未知錯誤'
+      },
+      { status: 500 }
+    )
+  }
+}
+
+// 更新用戶
+export async function PUT(request: NextRequest) {
+  try {
+    const body = await request.json()
+    const { id, name, email, department, role } = body
+
+    // 驗證必要欄位
+    if (!id) {
+      return NextResponse.json(
+        { success: false, error: '缺少用戶ID' },
+        { status: 400 }
+      )
+    }
+
+    // 準備更新資料
+    const updateData: any = {}
+    if (name !== undefined) updateData.name = name
+    if (email !== undefined) updateData.email = email
+    if (department !== undefined) updateData.department = department
+    if (role !== undefined) updateData.role = role
+
+    // 檢查是否有資料需要更新
+    if (Object.keys(updateData).length === 0) {
+      return NextResponse.json(
+        { success: false, error: '沒有資料需要更新' },
+        { status: 400 }
+      )
+    }
+
+    // 更新用戶
+    const updatedUser = await updateUser(id, updateData)
+    if (!updatedUser) {
+      return NextResponse.json(
+        { success: false, error: '更新用戶失敗' },
+        { status: 500 }
+      )
+    }
+
+    // 返回更新後的用戶資料（不包含密碼）
+    const { password: _, ...userWithoutPassword } = updatedUser
+
+    return NextResponse.json({
+      success: true,
+      data: userWithoutPassword
+    })
+
+  } catch (error) {
+    console.error('更新用戶失敗:', error)
+    return NextResponse.json(
+      {
+        success: false,
+        error: '伺服器錯誤',
+        details: error instanceof Error ? error.message : '未知錯誤'
+      },
+      { status: 500 }
+    )
+  }
+}
+
+// 刪除用戶
+export async function DELETE(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url)
+    const userId = searchParams.get('id')
+
+    if (!userId) {
+      return NextResponse.json(
+        { success: false, error: '缺少用戶ID' },
+        { status: 400 }
+      )
+    }
+
+    const success = await deleteUser(userId)
+    if (!success) {
+      return NextResponse.json(
+        { success: false, error: '刪除用戶失敗' },
+        { status: 500 }
+      )
+    }
+
+    return NextResponse.json({
+      success: true,
+      message: '用戶已成功刪除'
+    })
+
+  } catch (error) {
+    console.error('刪除用戶失敗:', error)
+    return NextResponse.json(
+      {
+        success: false,
+        error: '伺服器錯誤',
+        details: error instanceof Error ? error.message : '未知錯誤'
+      },
+      { status: 500 }
+    )
+  }
+}