Update

src/app/api/change-password/route.ts

@@ -0,0 +1,72 @@
+/* eslint-disable no-console*/
+
+import { NextRequest, NextResponse } from 'next/server';
+
+import { getAuthInfoFromCookie } from '@/lib/auth';
+import { getStorage } from '@/lib/db';
+import { IStorage } from '@/lib/types';
+
+export const runtime = 'edge';
+
+export async function POST(request: NextRequest) {
+  const storageType = process.env.NEXT_PUBLIC_STORAGE_TYPE || 'localstorage';
+
+  // 不支持 localstorage 模式
+  if (storageType === 'localstorage') {
+    return NextResponse.json(
+      {
+        error: '不支持本地存储模式修改密码',
+      },
+      { status: 400 }
+    );
+  }
+
+  try {
+    const body = await request.json();
+    const { newPassword } = body;
+
+    // 获取认证信息
+    const authInfo = getAuthInfoFromCookie(request);
+    if (!authInfo || !authInfo.username) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    // 验证新密码
+    if (!newPassword || typeof newPassword !== 'string') {
+      return NextResponse.json({ error: '新密码不得为空' }, { status: 400 });
+    }
+
+    const username = authInfo.username;
+
+    // 不允许站长修改密码（站长用户名等于 process.env.USERNAME）
+    if (username === process.env.USERNAME) {
+      return NextResponse.json(
+        { error: '站长不能通过此接口修改密码' },
+        { status: 403 }
+      );
+    }
+
+    // 获取存储实例
+    const storage: IStorage | null = getStorage();
+    if (!storage || typeof storage.changePassword !== 'function') {
+      return NextResponse.json(
+        { error: '存储服务不支持修改密码' },
+        { status: 500 }
+      );
+    }
+
+    // 修改密码
+    await storage.changePassword(username, newPassword);
+
+    return NextResponse.json({ ok: true });
+  } catch (error) {
+    console.error('修改密码失败:', error);
+    return NextResponse.json(
+      {
+        error: '修改密码失败',
+        details: (error as Error).message,
+      },
+      { status: 500 }
+    );
+  }
+}