fnvtk/soul-yongping
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3ccf331e121acf1e7384f842f00d749e24d1231b
soul-yongping/app/api/db/users/route.ts

275 lines
8.1 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/**
* 用户管理API
* 提供用户的CRUD操作
*/
import { NextRequest, NextResponse } from 'next/server'
import { query } from '@/lib/db'
import { hashPassword } from '@/lib/password'
// 生成用户ID
function generateUserId(): string {
return 'user_' + Date.now().toString(36) + Math.random().toString(36).substr(2, 9)
}
// 生成推荐码
function generateReferralCode(seed: string): string {
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
const hash = seed.split('').reduce((acc, char) => acc + char.charCodeAt(0), 0)
let code = 'SOUL'
for (let i = 0; i < 4; i++) {
code += chars.charAt((hash + i * 7) % chars.length)
}
return code
}
/**
* GET - 获取用户列表
*/
export async function GET(request: NextRequest) {
const { searchParams } = new URL(request.url)
const id = searchParams.get('id')
const phone = searchParams.get('phone')
const openId = searchParams.get('openId')
try {
const omitPassword = (u: any) => {
if (!u) return u
const { password: _, ...rest } = u
return rest
}
// 获取单个用户(不返回 password
if (id) {
const users = await query('SELECT * FROM users WHERE id = ?', [id]) as any[]
if (users.length > 0) {
return NextResponse.json({ success: true, user: omitPassword(users[0]) })
}
return NextResponse.json({ success: false, error: '用户不存在' }, { status: 404 })
}
// 通过手机号查询
if (phone) {
const users = await query('SELECT * FROM users WHERE phone = ?', [phone]) as any[]
if (users.length > 0) {
return NextResponse.json({ success: true, user: omitPassword(users[0]) })
}
return NextResponse.json({ success: false, error: '用户不存在' }, { status: 404 })
}
// 通过openId查询
if (openId) {
const users = await query('SELECT * FROM users WHERE open_id = ?', [openId]) as any[]
if (users.length > 0) {
return NextResponse.json({ success: true, user: omitPassword(users[0]) })
}
return NextResponse.json({ success: false, error: '用户不存在' }, { status: 404 })
}
// 获取所有用户
const users = await query(`
SELECT
id, open_id, nickname, phone, wechat_id, avatar,
referral_code, has_full_book, is_admin,
earnings, pending_earnings, referral_count,
match_count_today, last_match_date,
created_at, updated_at
FROM users
ORDER BY created_at DESC
LIMIT 500
`) as any[]
return NextResponse.json({
success: true,
users,
total: users.length
})
} catch (error) {
console.error('[Users API] GET错误:', error)
return NextResponse.json({
success: false,
error: '获取用户失败: ' + (error as Error).message
}, { status: 500 })
}
}
/**
* POST - 创建用户(注册)
*/
export async function POST(request: NextRequest) {
try {
const body = await request.json()
const { openId, phone, nickname, password, wechatId, avatar, referredBy, is_admin } = body
// 密码确保非空字符串才存储bcrypt 哈希)
const rawPassword = typeof password === 'string' ? password.trim() : ''
const passwordToStore = rawPassword.length >= 6 ? hashPassword(rawPassword) : null
// 检查openId或手机号是否已存在
if (openId) {
const existing = await query('SELECT id FROM users WHERE open_id = ?', [openId]) as any[]
if (existing.length > 0) {
const users = await query('SELECT * FROM users WHERE open_id = ?', [openId]) as any[]
const u = users[0]
const { password: _p2, ...userSafe } = u || {}
return NextResponse.json({ success: true, user: userSafe, isNew: false })
}
}
if (phone) {
const existing = await query('SELECT id FROM users WHERE phone = ?', [phone]) as any[]
if (existing.length > 0) {
return NextResponse.json({ success: false, error: '该手机号已注册' }, { status: 400 })
}
}
// 生成用户ID和推荐码
const userId = generateUserId()
const referralCode = generateReferralCode(openId || phone || userId)
// 创建用户(注意:不再使用 referred_by 字段)
await query(`
INSERT INTO users (
id, open_id, phone, nickname, password, wechat_id, avatar,
referral_code, has_full_book, is_admin,
earnings, pending_earnings, referral_count
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, FALSE, ?, 0, 0, 0)
`, [
userId,
openId || null,
phone || null,
nickname || '用户' + userId.slice(-4),
passwordToStore,
wechatId || null,
avatar || null,
referralCode,
is_admin || false
])
// 返回新用户(不返回 password
const users = await query('SELECT * FROM users WHERE id = ?', [userId]) as any[]
const u = users[0]
const { password: _p, ...userSafe } = u || {}
return NextResponse.json({
success: true,
user: userSafe,
isNew: true,
message: '用户创建成功'
})
} catch (error) {
console.error('[Users API] POST错误:', error)
return NextResponse.json({
success: false,
error: '创建用户失败: ' + (error as Error).message
}, { status: 500 })
}
}
/**
* PUT - 更新用户
*/
export async function PUT(request: NextRequest) {
try {
const body = await request.json()
const { id, nickname, phone, wechatId, avatar, password, has_full_book, is_admin, purchasedSections, earnings, pending_earnings } = body
if (!id) {
return NextResponse.json({ success: false, error: '用户ID不能为空' }, { status: 400 })
}
// 构建更新字段
const updates: string[] = []
const values: any[] = []
if (nickname !== undefined) {
updates.push('nickname = ?')
values.push(nickname)
}
if (phone !== undefined) {
updates.push('phone = ?')
values.push(phone)
}
if (wechatId !== undefined) {
updates.push('wechat_id = ?')
values.push(wechatId)
}
if (avatar !== undefined) {
updates.push('avatar = ?')
values.push(avatar)
}
if (password !== undefined) {
updates.push('password = ?')
values.push(password === '' || password == null ? null : hashPassword(String(password).trim()))
}
if (has_full_book !== undefined) {
updates.push('has_full_book = ?')
values.push(has_full_book)
}
if (is_admin !== undefined) {
updates.push('is_admin = ?')
values.push(is_admin)
}
if (purchasedSections !== undefined) {
updates.push('purchased_sections = ?')
values.push(JSON.stringify(purchasedSections))
}
if (earnings !== undefined) {
updates.push('earnings = ?')
values.push(earnings)
}
if (pending_earnings !== undefined) {
updates.push('pending_earnings = ?')
values.push(pending_earnings)
}
if (updates.length === 0) {
return NextResponse.json({ success: false, error: '没有需要更新的字段' }, { status: 400 })
}
values.push(id)
await query(`UPDATE users SET ${updates.join(', ')}, updated_at = NOW() WHERE id = ?`, values)
return NextResponse.json({
success: true,
message: '用户更新成功'
})
} catch (error) {
console.error('[Users API] PUT错误:', error)
return NextResponse.json({
success: false,
error: '更新用户失败: ' + (error as Error).message
}, { status: 500 })
}
}
/**
* DELETE - 删除用户
*/
export async function DELETE(request: NextRequest) {
const { searchParams } = new URL(request.url)
const id = searchParams.get('id')
if (!id) {
return NextResponse.json({ success: false, error: '用户ID不能为空' }, { status: 400 })
}
try {
await query('DELETE FROM users WHERE id = ?', [id])
return NextResponse.json({
success: true,
message: '用户删除成功'
})
} catch (error) {
console.error('[Users API] DELETE错误:', error)
return NextResponse.json({
success: false,
error: '删除用户失败: ' + (error as Error).message
}, { status: 500 })
}
}
Reference in New Issue View Git Blame Copy Permalink