/** * 加入游牧中国:确保用户存在 * 新用户:用默认密码 123456789 创建,支付成功后需修改 * 老用户:验证密码后登录 */ import { NextRequest, NextResponse } from "next/server"; import { getPocketBaseConfig } from "@/config/services.config"; const DEFAULT_PASSWORD = "123456789"; const COOKIE_NEEDS_PW = "meetup_needs_password_change"; async function getAdminToken(): Promise { const email = process.env.POCKETBASE_EMAIL; const password = process.env.POCKETBASE_PASSWORD; if (!email || !password) return null; const pb = getPocketBaseConfig(); const res = await fetch(`${pb.url}/api/admins/auth-with-password`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ identity: email, password }), }); if (!res.ok) return null; const data = await res.json(); return data?.token ?? null; } export async function POST(request: NextRequest) { try { const body = await request.json().catch(() => ({})); const email = String(body?.email || "").trim(); const password = String(body?.password || "").trim(); if (!email) { return NextResponse.json({ ok: false, error: "请输入邮箱" }, { status: 400 }); } const pb = getPocketBaseConfig(); const tryLogin = async (pwd: string) => { const res = await fetch(`${pb.url}/api/collections/users/auth-with-password`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ identity: email, password: pwd }), }); return res; }; let loginRes = await tryLogin(password || DEFAULT_PASSWORD); if (loginRes.ok) { const data = await loginRes.json(); const res = NextResponse.json({ ok: true, user_id: data.record?.id, token: data.token, record: data.record, is_new: false, }); return res; } const errData = await loginRes.json().catch(() => ({})); const isNotFound = loginRes.status === 400 && (errData?.message?.includes("Invalid") || errData?.message?.includes("identity")); if (!isNotFound && password) { return NextResponse.json({ ok: false, error: "密码错误" }, { status: 400 }); } const adminToken = await getAdminToken(); if (!adminToken) { return NextResponse.json({ ok: false, error: "服务配置错误" }, { status: 500 }); } const createRes = await fetch(`${pb.url}/api/collections/users/records`, { method: "POST", headers: { "Content-Type": "application/json", Authorization: `Bearer ${adminToken}`, }, body: JSON.stringify({ email, password: DEFAULT_PASSWORD, passwordConfirm: DEFAULT_PASSWORD, }), }); if (!createRes.ok) { const createErr = await createRes.json().catch(() => ({})); if (createRes.status === 400 && createErr?.data?.email?.message?.includes("already")) { return NextResponse.json({ ok: false, error: "该邮箱已注册,请输入密码登录" }, { status: 400 }); } return NextResponse.json({ ok: false, error: createErr?.message || "创建账号失败" }, { status: 500 }); } const newUser = await createRes.json(); const finalLogin = await tryLogin(DEFAULT_PASSWORD); if (!finalLogin.ok) { return NextResponse.json({ ok: false, error: "登录失败" }, { status: 500 }); } const authData = await finalLogin.json(); const res = NextResponse.json({ ok: true, user_id: authData.record?.id, token: authData.token, record: authData.record, is_new: true, }); res.cookies.set(COOKIE_NEEDS_PW, "1", { path: "/", maxAge: 60 * 60 * 24 }); return res; } catch (e) { console.error("ensure-user error:", e); return NextResponse.json({ ok: false, error: "操作失败" }, { status: 500 }); } }