csdesign-pc-diy-store/app/api/user/profile/route.ts

import { NextRequest, NextResponse } from 'next/server'
import { prisma } from '@/lib/prisma'
import { verifyToken } from '@/lib/auth'

export async function GET(request: NextRequest) {
  try {
    const authHeader = request.headers.get('Authorization')
    const token = authHeader?.replace('Bearer ', '')

    if (!token) {
      return NextResponse.json({ message: '未提供认证令牌' }, { status: 401 })
    }

    const decoded = verifyToken(token)
    if (!decoded) {
      return NextResponse.json({ message: '无效的认证令牌' }, { status: 401 })
    }

    const user = await prisma.user.findUnique({
      where: { id: decoded.userId },
      select: {
        id: true,
        email: true,
        username: true,
        name: true,
        phone: true,
        address: true,
        isAdmin: true,
        createdAt: true
      }
    })

    if (!user) {
      return NextResponse.json({ message: '用户不存在' }, { status: 404 })
    }

    return NextResponse.json(user)

  } catch (error) {
    console.error('获取用户资料失败:', error)
    return NextResponse.json({ message: '获取用户资料失败' }, { status: 500 })
  }
}

export async function PUT(request: NextRequest) {
  try {
    const authHeader = request.headers.get('Authorization')
    const token = authHeader?.replace('Bearer ', '')

    if (!token) {
      return NextResponse.json({ message: '未提供认证令牌' }, { status: 401 })
    }

    const decoded = verifyToken(token)
    if (!decoded) {
      return NextResponse.json({ message: '无效的认证令牌' }, { status: 401 })
    }

    const { name, phone, address } = await request.json()

    const updatedUser = await prisma.user.update({
      where: { id: decoded.userId },
      data: {
        name,
        phone,
        address
      },
      select: {
        id: true,
        email: true,
        username: true,
        name: true,
        phone: true,
        address: true,
        isAdmin: true,
        createdAt: true
      }
    })

    return NextResponse.json(updatedUser)

  } catch (error) {
    console.error('更新用户资料失败:', error)
    return NextResponse.json({ message: '更新用户资料失败' }, { status: 500 })
  }
}