feat: 我的页整合扫一扫/设置与提现、all-chapters去重、内容上传API、文档与后台登录

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-20 18:50:16 +08:00
parent 09fb67d2af
commit 0e4baa4b7f
27 changed files with 1526 additions and 347 deletions
--- a/app/api/auth/login/route.ts
+++ b/app/api/auth/login/route.ts
@@ -0,0 +1,72 @@
+/**
+ * Web 端登录：手机号 + 密码
+ * POST { phone, password } -> 校验后返回用户信息（不含密码）
+ */
+
+import { NextRequest, NextResponse } from 'next/server'
+import { query } from '@/lib/db'
+import { verifyPassword } from '@/lib/password'
+
+function mapRowToUser(r: any) {
+  return {
+    id: r.id,
+    phone: r.phone || '',
+    nickname: r.nickname || '',
+    isAdmin: !!r.is_admin,
+    purchasedSections: Array.isArray(r.purchased_sections)
+      ? r.purchased_sections
+      : (r.purchased_sections ? JSON.parse(String(r.purchased_sections)) : []) || [],
+    hasFullBook: !!r.has_full_book,
+    referralCode: r.referral_code || '',
+    earnings: parseFloat(String(r.earnings || 0)),
+    pendingEarnings: parseFloat(String(r.pending_earnings || 0)),
+    withdrawnEarnings: parseFloat(String(r.withdrawn_earnings || 0)),
+    referralCount: Number(r.referral_count) || 0,
+    createdAt: r.created_at || '',
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const body = await request.json()
+    const { phone, password } = body
+
+    if (!phone || !password) {
+      return NextResponse.json(
+        { success: false, error: '请输入手机号和密码' },
+        { status: 400 }
+      )
+    }
+
+    const rows = await query(
+      'SELECT id, phone, nickname, password, is_admin, has_full_book, referral_code, earnings, pending_earnings, withdrawn_earnings, referral_count, purchased_sections, created_at FROM users WHERE phone = ?',
+      [String(phone).trim()]
+    ) as any[]
+
+    if (!rows || rows.length === 0) {
+      return NextResponse.json(
+        { success: false, error: '用户不存在或密码错误' },
+        { status: 401 }
+      )
+    }
+
+    const row = rows[0]
+    const storedPassword = row.password == null ? '' : String(row.password)
+
+    if (!verifyPassword(String(password), storedPassword)) {
+      return NextResponse.json(
+        { success: false, error: '密码错误' },
+        { status: 401 }
+      )
+    }
+
+    const user = mapRowToUser(row)
+    return NextResponse.json({ success: true, user })
+  } catch (e) {
+    console.error('[Auth Login] error:', e)
+    return NextResponse.json(
+      { success: false, error: '登录失败' },
+      { status: 500 }
+    )
+  }
+}