feat: 城中村租房平台 - 租客浏览、房东发布房源、图片上传

2026-03-22 10:15:31 +08:00
parent f03cf328dd
commit ce9dfae7c5
15 changed files with 1682 additions and 87 deletions
--- a/app/api/auth/login/route.ts
+++ b/app/api/auth/login/route.ts
@@ -0,0 +1,66 @@
+import { NextRequest, NextResponse } from 'next/server';
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+
+const USERS_FILE = path.join(process.cwd(), 'data/users.json');
+
+interface User {
+  id: string;
+  username: string;
+  passwordHash: string;
+  token: string;
+  createdAt: string;
+}
+
+async function readUsers(): Promise<User[]> {
+  try {
+    const data = await fs.readFile(USERS_FILE, 'utf-8');
+    return JSON.parse(data);
+  } catch {
+    return [];
+  }
+}
+
+function hashPassword(password: string): string {
+  return crypto.createHash('sha256').update(password).digest('hex');
+}
+
+function generateToken(): string {
+  return crypto.randomBytes(32).toString('hex');
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const { username, password } = await request.json();
+    
+    if (!username || !password) {
+      return NextResponse.json({ error: '用户名和密码不能为空' }, { status: 400 });
+    }
+    
+    const users = await readUsers();
+    const user = users.find(u => u.username === username);
+    
+    if (!user || user.passwordHash !== hashPassword(password)) {
+      return NextResponse.json({ error: '用户名或密码错误' }, { status: 401 });
+    }
+    
+    const newToken = generateToken();
+    user.token = newToken;
+    await fs.writeFile(USERS_FILE, JSON.stringify(users, null, 2));
+    
+    const response = NextResponse.json({ success: true, username: user.username });
+    response.cookies.set('auth_token', newToken, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      maxAge: 60 * 60 * 24 * 7,
+      path: '/'
+    });
+    
+    return response;
+  } catch (error) {
+    console.error('Login error:', error);
+    return NextResponse.json({ error: '登录失败' }, { status: 500 });
+  }
+}
--- a/app/api/auth/me/route.ts
+++ b/app/api/auth/me/route.ts
@@ -0,0 +1,48 @@
+import { NextRequest, NextResponse } from 'next/server';
+import fs from 'fs/promises';
+import path from 'path';
+
+const USERS_FILE = path.join(process.cwd(), 'data/users.json');
+
+interface User {
+  id: string;
+  username: string;
+  token: string;
+}
+
+async function readUsers(): Promise<User[]> {
+  try {
+    const data = await fs.readFile(USERS_FILE, 'utf-8');
+    return JSON.parse(data);
+  } catch {
+    return [];
+  }
+}
+
+export async function GET(request: NextRequest) {
+  try {
+    const token = request.cookies.get('auth_token')?.value;
+    
+    if (!token) {
+      return NextResponse.json({ user: null });
+    }
+    
+    const users = await readUsers();
+    const user = users.find(u => u.token === token);
+    
+    if (!user) {
+      return NextResponse.json({ user: null });
+    }
+    
+    return NextResponse.json({ user: { username: user.username } });
+  } catch (error) {
+    console.error('Get user error:', error);
+    return NextResponse.json({ user: null });
+  }
+}
+
+export async function DELETE(request: NextRequest) {
+  const response = NextResponse.json({ success: true });
+  response.cookies.delete('auth_token');
+  return response;
+}
--- a/app/api/auth/register/route.ts
+++ b/app/api/auth/register/route.ts
@@ -0,0 +1,82 @@
+import { NextRequest, NextResponse } from 'next/server';
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+
+const DATA_DIR = path.join(process.cwd(), 'data');
+const USERS_FILE = path.join(DATA_DIR, 'users.json');
+
+interface User {
+  id: string;
+  username: string;
+  passwordHash: string;
+  token: string;
+  createdAt: string;
+}
+
+async function readUsers(): Promise<User[]> {
+  try {
+    const data = await fs.readFile(USERS_FILE, 'utf-8');
+    return JSON.parse(data);
+  } catch {
+    return [];
+  }
+}
+
+async function writeUsers(users: User[]): Promise<void> {
+  await fs.writeFile(USERS_FILE, JSON.stringify(users, null, 2));
+}
+
+function hashPassword(password: string): string {
+  return crypto.createHash('sha256').update(password).digest('hex');
+}
+
+function generateToken(): string {
+  return crypto.randomBytes(32).toString('hex');
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const { username, password } = await request.json();
+    
+    if (!username || !password) {
+      return NextResponse.json({ error: '用户名和密码不能为空' }, { status: 400 });
+    }
+    
+    if (username.length < 3 || password.length < 6) {
+      return NextResponse.json({ error: '用户名至少3位，密码至少6位' }, { status: 400 });
+    }
+    
+    const users = await readUsers();
+    
+    if (users.find(u => u.username === username)) {
+      return NextResponse.json({ error: '用户名已存在' }, { status: 400 });
+    }
+    
+    const token = generateToken();
+    const newUser: User = {
+      id: crypto.randomUUID(),
+      username,
+      passwordHash: hashPassword(password),
+      token,
+      createdAt: new Date().toISOString()
+    };
+    
+    users.push(newUser);
+    await writeUsers(users);
+    
+    const response = NextResponse.json({ success: true, username });
+    response.cookies.set('auth_token', token, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      maxAge: 60 * 60 * 24 * 7,
+      path: '/'
+    });
+    
+    return response;
+  } catch (error) {
+    console.error('Register error:', error);
+    return NextResponse.json({ error: '注册失败' }, { status: 500 });
+  }
+}