feat: 用户名密码登录注册系统

- 新增 /api/auth/register 和 /api/auth/login 接口，使用 bcryptjs 哈希密码 - User 模型改为 username + passwordHash，id 自动生成 cuid - 新增 AuthModal 组件（登录/注册双标签页），替换旧的 ProfileSetupModal - 重写 /profile 页面：支持修改用户名、密码、头像、绑定邮箱、退出登录 - /api/user PUT 支持密码修改（需验证当前密码）和用户名唯一性校验 - 游客模式保留，右上角显示"登录"按钮；登录后显示头像和用户名 - 全局 nickname -> username 重命名（types、SwipeDeck、RoomManageModal、buildRoomStatus） - 新增 logout() 清除登录态并重新生成游客 UUID
2026-02-25 00:21:03 +08:00
parent a28f4405e9
commit 04c7b547aa
24 changed files with 1613 additions and 134 deletions
@@ -0,0 +1,27 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+import bcrypt from "bcryptjs";
+
+export async function POST(req: NextRequest) {
+  const { username, password } = await req.json();
+
+  if (!username || !password) {
+    return NextResponse.json({ error: "请输入用户名和密码" }, { status: 400 });
+  }
+
+  const user = await prisma.user.findUnique({ where: { username: username.trim() } });
+  if (!user) {
+    return NextResponse.json({ error: "用户名或密码错误" }, { status: 401 });
+  }
+
+  const valid = await bcrypt.compare(password, user.passwordHash);
+  if (!valid) {
+    return NextResponse.json({ error: "用户名或密码错误" }, { status: 401 });
+  }
+
+  return NextResponse.json({
+    id: user.id,
+    username: user.username,
+    avatar: user.avatar,
+  });
+}
@@ -0,0 +1,41 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+import bcrypt from "bcryptjs";
+
+export async function POST(req: NextRequest) {
+  const { username, password, avatar } = await req.json();
+
+  if (!username || !password) {
+    return NextResponse.json({ error: "用户名和密码为必填项" }, { status: 400 });
+  }
+
+  const trimmedUsername = username.trim();
+  if (trimmedUsername.length < 2 || trimmedUsername.length > 16) {
+    return NextResponse.json({ error: "用户名需要 2-16 个字符" }, { status: 400 });
+  }
+
+  if (password.length < 6) {
+    return NextResponse.json({ error: "密码至少 6 个字符" }, { status: 400 });
+  }
+
+  const existing = await prisma.user.findUnique({ where: { username: trimmedUsername } });
+  if (existing) {
+    return NextResponse.json({ error: "用户名已被注册" }, { status: 409 });
+  }
+
+  const passwordHash = await bcrypt.hash(password, 10);
+
+  const user = await prisma.user.create({
+    data: {
+      username: trimmedUsername,
+      passwordHash,
+      avatar: avatar || "🐱",
+    },
+  });
+
+  return NextResponse.json({
+    id: user.id,
+    username: user.username,
+    avatar: user.avatar,
+  });
+}
@@ -0,0 +1,72 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+
+export async function GET(req: NextRequest) {
+  const userId = req.nextUrl.searchParams.get("userId");
+  if (!userId) {
+    return NextResponse.json([]);
+  }
+
+  const favorites = await prisma.favorite.findMany({
+    where: { userId },
+    orderBy: { createdAt: "desc" },
+    take: 50,
+  });
+
+  return NextResponse.json(
+    favorites.map((f) => ({
+      id: f.id,
+      restaurantData: JSON.parse(f.restaurantData),
+      createdAt: f.createdAt.toISOString(),
+    })),
+  );
+}
+
+export async function POST(req: NextRequest) {
+  const { userId, restaurant } = await req.json();
+
+  if (!userId || !restaurant) {
+    return NextResponse.json({ error: "缺少必要字段" }, { status: 400 });
+  }
+
+  const user = await prisma.user.findUnique({ where: { id: userId } });
+  if (!user) {
+    return NextResponse.json({ error: "请先设置个人资料" }, { status: 404 });
+  }
+
+  const existing = await prisma.favorite.findFirst({
+    where: {
+      userId,
+      restaurantData: { contains: `"id":"${restaurant.id}"` },
+    },
+  });
+
+  if (existing) {
+    return NextResponse.json({ id: existing.id, alreadyExists: true });
+  }
+
+  const fav = await prisma.favorite.create({
+    data: {
+      userId,
+      restaurantData: JSON.stringify(restaurant),
+    },
+  });
+
+  return NextResponse.json({ id: fav.id });
+}
+
+export async function DELETE(req: NextRequest) {
+  const { userId, favoriteId } = await req.json();
+
+  if (!userId || !favoriteId) {
+    return NextResponse.json({ error: "缺少必要字段" }, { status: 400 });
+  }
+
+  const fav = await prisma.favorite.findUnique({ where: { id: favoriteId } });
+  if (!fav || fav.userId !== userId) {
+    return NextResponse.json({ error: "收藏不存在" }, { status: 404 });
+  }
+
+  await prisma.favorite.delete({ where: { id: favoriteId } });
+  return NextResponse.json({ ok: true });
+}
@@ -0,0 +1,76 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+
+const MAX_HISTORY = 50;
+
+export async function GET(req: NextRequest) {
+  const userId = req.nextUrl.searchParams.get("userId");
+  if (!userId) {
+    return NextResponse.json([]);
+  }
+
+  const decisions = await prisma.decision.findMany({
+    where: { userId },
+    orderBy: { createdAt: "desc" },
+    take: MAX_HISTORY,
+  });
+
+  return NextResponse.json(
+    decisions.map((d) => ({
+      id: d.id,
+      roomId: d.roomId,
+      restaurantName: d.restaurantName,
+      restaurantData: JSON.parse(d.restaurantData),
+      matchType: d.matchType,
+      participants: d.participants,
+      createdAt: d.createdAt.toISOString(),
+    })),
+  );
+}
+
+export async function POST(req: NextRequest) {
+  const { userId, roomId, restaurant, matchType, participants } =
+    await req.json();
+
+  if (!userId || !roomId || !restaurant || !matchType) {
+    return NextResponse.json({ error: "缺少必要字段" }, { status: 400 });
+  }
+
+  const user = await prisma.user.findUnique({ where: { id: userId } });
+  if (!user) {
+    return NextResponse.json({ error: "用户未注册" }, { status: 404 });
+  }
+
+  const existing = await prisma.decision.findFirst({
+    where: { userId, roomId },
+  });
+  if (existing) {
+    return NextResponse.json({ id: existing.id, alreadyExists: true });
+  }
+
+  const decision = await prisma.decision.create({
+    data: {
+      userId,
+      roomId,
+      restaurantName: restaurant.name,
+      restaurantData: JSON.stringify(restaurant),
+      matchType,
+      participants: participants ?? 1,
+    },
+  });
+
+  const count = await prisma.decision.count({ where: { userId } });
+  if (count > MAX_HISTORY) {
+    const oldest = await prisma.decision.findMany({
+      where: { userId },
+      orderBy: { createdAt: "asc" },
+      take: count - MAX_HISTORY,
+      select: { id: true },
+    });
+    await prisma.decision.deleteMany({
+      where: { id: { in: oldest.map((d) => d.id) } },
+    });
+  }
+
+  return NextResponse.json({ id: decision.id });
+}
@@ -0,0 +1,96 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+import bcrypt from "bcryptjs";
+
+export async function GET(req: NextRequest) {
+  const userId = req.nextUrl.searchParams.get("id");
+  if (!userId) {
+    return NextResponse.json(null);
+  }
+
+  const user = await prisma.user.findUnique({ where: { id: userId } });
+  if (!user) {
+    return NextResponse.json(null);
+  }
+
+  return NextResponse.json({
+    id: user.id,
+    username: user.username,
+    avatar: user.avatar,
+    email: user.email,
+    preferences: JSON.parse(user.preferences),
+    createdAt: user.createdAt.toISOString(),
+  });
+}
+
+export async function PUT(req: NextRequest) {
+  const body = await req.json();
+  const { userId } = body;
+
+  if (!userId) {
+    return NextResponse.json({ error: "缺少用户 ID" }, { status: 400 });
+  }
+
+  const existing = await prisma.user.findUnique({ where: { id: userId } });
+  if (!existing) {
+    return NextResponse.json({ error: "用户不存在" }, { status: 404 });
+  }
+
+  const updateData: Record<string, unknown> = {};
+
+  if (body.username !== undefined) {
+    const trimmed = body.username.trim();
+    if (trimmed.length < 2 || trimmed.length > 16) {
+      return NextResponse.json({ error: "用户名需要 2-16 个字符" }, { status: 400 });
+    }
+    if (trimmed !== existing.username) {
+      const taken = await prisma.user.findUnique({ where: { username: trimmed } });
+      if (taken) {
+        return NextResponse.json({ error: "用户名已被占用" }, { status: 409 });
+      }
+    }
+    updateData.username = trimmed;
+  }
+
+  if (body.newPassword !== undefined) {
+    if (!body.currentPassword) {
+      return NextResponse.json({ error: "请输入当前密码" }, { status: 400 });
+    }
+    const valid = await bcrypt.compare(body.currentPassword, existing.passwordHash);
+    if (!valid) {
+      return NextResponse.json({ error: "当前密码错误" }, { status: 403 });
+    }
+    if (body.newPassword.length < 6) {
+      return NextResponse.json({ error: "新密码至少 6 个字符" }, { status: 400 });
+    }
+    updateData.passwordHash = await bcrypt.hash(body.newPassword, 10);
+  }
+
+  if (body.avatar !== undefined) {
+    updateData.avatar = body.avatar;
+  }
+
+  if (body.email !== undefined) {
+    if (body.email && !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(body.email)) {
+      return NextResponse.json({ error: "邮箱格式不正确" }, { status: 400 });
+    }
+    updateData.email = body.email || null;
+  }
+
+  if (body.preferences !== undefined) {
+    updateData.preferences = JSON.stringify(body.preferences);
+  }
+
+  const user = await prisma.user.update({
+    where: { id: userId },
+    data: updateData,
+  });
+
+  return NextResponse.json({
+    id: user.id,
+    username: user.username,
+    avatar: user.avatar,
+    email: user.email,
+    preferences: JSON.parse(user.preferences),
+  });
+}