73 lines
2.2 KiB
TypeScript
73 lines
2.2 KiB
TypeScript
/**
|
|
* Web 端登录:手机号 + 密码
|
|
* POST { phone, password } -> 校验后返回用户信息(不含密码)
|
|
*/
|
|
|
|
import { NextRequest, NextResponse } from 'next/server'
|
|
import { query } from '@/lib/db'
|
|
import { verifyPassword } from '@/lib/password'
|
|
|
|
function mapRowToUser(r: any) {
|
|
return {
|
|
id: r.id,
|
|
phone: r.phone || '',
|
|
nickname: r.nickname || '',
|
|
isAdmin: !!r.is_admin,
|
|
purchasedSections: Array.isArray(r.purchased_sections)
|
|
? r.purchased_sections
|
|
: (r.purchased_sections ? JSON.parse(String(r.purchased_sections)) : []) || [],
|
|
hasFullBook: !!r.has_full_book,
|
|
referralCode: r.referral_code || '',
|
|
earnings: parseFloat(String(r.earnings || 0)),
|
|
pendingEarnings: parseFloat(String(r.pending_earnings || 0)),
|
|
withdrawnEarnings: parseFloat(String(r.withdrawn_earnings || 0)),
|
|
referralCount: Number(r.referral_count) || 0,
|
|
createdAt: r.created_at || '',
|
|
}
|
|
}
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const body = await request.json()
|
|
const { phone, password } = body
|
|
|
|
if (!phone || !password) {
|
|
return NextResponse.json(
|
|
{ success: false, error: '请输入手机号和密码' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
const rows = await query(
|
|
'SELECT id, phone, nickname, password, is_admin, has_full_book, referral_code, earnings, pending_earnings, withdrawn_earnings, referral_count, purchased_sections, created_at FROM users WHERE phone = ?',
|
|
[String(phone).trim()]
|
|
) as any[]
|
|
|
|
if (!rows || rows.length === 0) {
|
|
return NextResponse.json(
|
|
{ success: false, error: '用户不存在或密码错误' },
|
|
{ status: 401 }
|
|
)
|
|
}
|
|
|
|
const row = rows[0]
|
|
const storedPassword = row.password == null ? '' : String(row.password)
|
|
|
|
if (!verifyPassword(String(password), storedPassword)) {
|
|
return NextResponse.json(
|
|
{ success: false, error: '密码错误' },
|
|
{ status: 401 }
|
|
)
|
|
}
|
|
|
|
const user = mapRowToUser(row)
|
|
return NextResponse.json({ success: true, user })
|
|
} catch (e) {
|
|
console.error('[Auth Login] error:', e)
|
|
return NextResponse.json(
|
|
{ success: false, error: '登录失败' },
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|