feat: 切换为MariaDB数据库存储
This commit is contained in:
Cuishibing
@@ -1,26 +1,6 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import fs from 'fs/promises';
|
||||
import path from 'path';
|
||||
import crypto from 'crypto';
|
||||
|
||||
const USERS_FILE = path.join(process.cwd(), 'data/users.json');
|
||||
|
||||
interface User {
|
||||
id: string;
|
||||
username: string;
|
||||
passwordHash: string;
|
||||
token: string;
|
||||
createdAt: string;
|
||||
}
|
||||
|
||||
async function readUsers(): Promise<User[]> {
|
||||
try {
|
||||
const data = await fs.readFile(USERS_FILE, 'utf-8');
|
||||
return JSON.parse(data);
|
||||
} catch {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
import pool from '@/lib/db';
|
||||
|
||||
function hashPassword(password: string): string {
|
||||
return crypto.createHash('sha256').update(password).digest('hex');
|
||||
@@ -31,6 +11,7 @@ function generateToken(): string {
|
||||
}
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
let connection;
|
||||
try {
|
||||
const { username, password } = await request.json();
|
||||
|
||||
@@ -38,18 +19,18 @@ export async function POST(request: NextRequest) {
|
||||
return NextResponse.json({ error: '用户名和密码不能为空' }, { status: 400 });
|
||||
}
|
||||
|
||||
const users = await readUsers();
|
||||
const user = users.find(u => u.username === username);
|
||||
connection = await pool.getConnection();
|
||||
|
||||
if (!user || user.passwordHash !== hashPassword(password)) {
|
||||
const [rows] = await connection.query<any[]>('SELECT * FROM users WHERE username = ?', [username]);
|
||||
|
||||
if (rows.length === 0 || rows[0].password_hash !== hashPassword(password)) {
|
||||
return NextResponse.json({ error: '用户名或密码错误' }, { status: 401 });
|
||||
}
|
||||
|
||||
const newToken = generateToken();
|
||||
user.token = newToken;
|
||||
await fs.writeFile(USERS_FILE, JSON.stringify(users, null, 2));
|
||||
await connection.query('UPDATE users SET token = ? WHERE id = ?', [newToken, rows[0].id]);
|
||||
|
||||
const response = NextResponse.json({ success: true, username: user.username });
|
||||
const response = NextResponse.json({ success: true, username });
|
||||
response.cookies.set('auth_token', newToken, {
|
||||
httpOnly: true,
|
||||
secure: false,
|
||||
@@ -62,5 +43,7 @@ export async function POST(request: NextRequest) {
|
||||
} catch (error) {
|
||||
console.error('Login error:', error);
|
||||
return NextResponse.json({ error: '登录失败' }, { status: 500 });
|
||||
} finally {
|
||||
if (connection) connection.release();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,25 +1,8 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import fs from 'fs/promises';
|
||||
import path from 'path';
|
||||
|
||||
const USERS_FILE = path.join(process.cwd(), 'data/users.json');
|
||||
|
||||
interface User {
|
||||
id: string;
|
||||
username: string;
|
||||
token: string;
|
||||
}
|
||||
|
||||
async function readUsers(): Promise<User[]> {
|
||||
try {
|
||||
const data = await fs.readFile(USERS_FILE, 'utf-8');
|
||||
return JSON.parse(data);
|
||||
} catch {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
import pool from '@/lib/db';
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
let connection;
|
||||
try {
|
||||
const token = request.cookies.get('auth_token')?.value;
|
||||
|
||||
@@ -27,17 +10,20 @@ export async function GET(request: NextRequest) {
|
||||
return NextResponse.json({ user: null });
|
||||
}
|
||||
|
||||
const users = await readUsers();
|
||||
const user = users.find(u => u.token === token);
|
||||
connection = await pool.getConnection();
|
||||
|
||||
if (!user) {
|
||||
const [rows] = await connection.query<any[]>('SELECT username FROM users WHERE token = ?', [token]);
|
||||
|
||||
if (rows.length === 0) {
|
||||
return NextResponse.json({ user: null });
|
||||
}
|
||||
|
||||
return NextResponse.json({ user: { username: user.username } });
|
||||
return NextResponse.json({ user: { username: rows[0].username } });
|
||||
} catch (error) {
|
||||
console.error('Get user error:', error);
|
||||
return NextResponse.json({ user: null });
|
||||
} finally {
|
||||
if (connection) connection.release();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,4 +31,4 @@ export async function DELETE(request: NextRequest) {
|
||||
const response = NextResponse.json({ success: true });
|
||||
response.cookies.delete('auth_token');
|
||||
return response;
|
||||
}
|
||||
}
|
||||
@@ -1,31 +1,6 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import fs from 'fs/promises';
|
||||
import path from 'path';
|
||||
import crypto from 'crypto';
|
||||
|
||||
const DATA_DIR = path.join(process.cwd(), 'data');
|
||||
const USERS_FILE = path.join(DATA_DIR, 'users.json');
|
||||
|
||||
interface User {
|
||||
id: string;
|
||||
username: string;
|
||||
passwordHash: string;
|
||||
token: string;
|
||||
createdAt: string;
|
||||
}
|
||||
|
||||
async function readUsers(): Promise<User[]> {
|
||||
try {
|
||||
const data = await fs.readFile(USERS_FILE, 'utf-8');
|
||||
return JSON.parse(data);
|
||||
} catch {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
async function writeUsers(users: User[]): Promise<void> {
|
||||
await fs.writeFile(USERS_FILE, JSON.stringify(users, null, 2));
|
||||
}
|
||||
import pool from '@/lib/db';
|
||||
|
||||
function hashPassword(password: string): string {
|
||||
return crypto.createHash('sha256').update(password).digest('hex');
|
||||
@@ -36,6 +11,7 @@ function generateToken(): string {
|
||||
}
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
let connection;
|
||||
try {
|
||||
const { username, password } = await request.json();
|
||||
|
||||
@@ -47,23 +23,19 @@ export async function POST(request: NextRequest) {
|
||||
return NextResponse.json({ error: '用户名至少3位,密码至少6位' }, { status: 400 });
|
||||
}
|
||||
|
||||
const users = await readUsers();
|
||||
connection = await pool.getConnection();
|
||||
|
||||
if (users.find(u => u.username === username)) {
|
||||
const [rows] = await connection.query<any[]>('SELECT id FROM users WHERE username = ?', [username]);
|
||||
|
||||
if (rows.length > 0) {
|
||||
return NextResponse.json({ error: '用户名已存在' }, { status: 400 });
|
||||
}
|
||||
|
||||
const token = generateToken();
|
||||
const newUser: User = {
|
||||
id: crypto.randomUUID(),
|
||||
username,
|
||||
passwordHash: hashPassword(password),
|
||||
token,
|
||||
createdAt: new Date().toISOString()
|
||||
};
|
||||
|
||||
users.push(newUser);
|
||||
await writeUsers(users);
|
||||
await connection.query(
|
||||
'INSERT INTO users (id, username, password_hash, token, created_at) VALUES (?, ?, ?, ?, ?)',
|
||||
[crypto.randomUUID(), username, hashPassword(password), token, new Date()]
|
||||
);
|
||||
|
||||
const response = NextResponse.json({ success: true, username });
|
||||
response.cookies.set('auth_token', token, {
|
||||
@@ -78,5 +50,7 @@ export async function POST(request: NextRequest) {
|
||||
} catch (error) {
|
||||
console.error('Register error:', error);
|
||||
return NextResponse.json({ error: '注册失败' }, { status: 500 });
|
||||
} finally {
|
||||
if (connection) connection.release();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user