| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- import { NextRequest, NextResponse } from 'next/server';
- import { db } from '@/lib/db';
- import { users } from '@/lib/schema';
- import { eq } from 'drizzle-orm';
- import jwt from 'jsonwebtoken';
- export async function PUT(request: NextRequest) {
- try {
- const token = request.cookies.get('auth-token')?.value;
- if (!token) {
- return NextResponse.json(
- { error: '未授权访问' },
- { status: 401 }
- );
- }
- let userId: string;
- try {
- const decoded = jwt.verify(token, process.env.JWT_SECRET!) as { userId: string };
- userId = decoded.userId;
- } catch (error) {
- return NextResponse.json(
- { error: '无效的认证令牌' },
- { status: 401 }
- );
- }
- const body = await request.json();
- const { username } = body;
- // 验证输入
- if (username !== null && typeof username !== 'string') {
- return NextResponse.json(
- { error: '用户名必须是字符串' },
- { status: 400 }
- );
- }
- // 如果提供了用户名,验证长度
- if (username && username.trim().length > 50) {
- return NextResponse.json(
- { error: '用户名长度不能超过50个字符' },
- { status: 400 }
- );
- }
- // 更新用户信息
- const updatedUser = await db
- .update(users)
- .set({
- username: username ? username.trim() : null,
- updatedAt: new Date(),
- })
- .where(eq(users.id, userId))
- .returning({
- id: users.id,
- email: users.email,
- username: users.username,
- isEmailVerified: users.isEmailVerified,
- });
- if (updatedUser.length === 0) {
- return NextResponse.json(
- { error: '用户不存在' },
- { status: 404 }
- );
- }
- return NextResponse.json({
- success: true,
- user: updatedUser[0],
- });
- } catch (error) {
- console.error('更新个人资料失败:', error);
- return NextResponse.json(
- { error: '服务器内部错误' },
- { status: 500 }
- );
- }
- }
|
