users/app/api/auth/login/route.ts

import { NextRequest, NextResponse } from "next/server"

/**
 * 本地登录 API - 支持邮箱/手机号 + 密码
 * 当未配置 NEXT_PUBLIC_API_BASE_URL 时使用
 * 开发账号: zhiqun@qq.com / Zhiqun1984
 */
const MOCK_USERS: Record<string, { password: string }> = {
  "zhiqun@qq.com": { password: "Zhiqun1984" },
}

function isEmail(value: string): boolean {
  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(value)
}

export async function POST(request: NextRequest) {
  try {
    const formData = await request.formData()
    const account = (formData.get("email") || formData.get("phone") || "").toString().trim()
    const password = (formData.get("password") || "").toString()
    const verificationCode = formData.get("verificationCode")?.toString()

    if (!account) {
      return NextResponse.json(
        { code: 40001, message: "请输入邮箱或手机号" },
        { status: 200 }
      )
    }

    // 验证码登录：开发环境下任意6位验证码通过
    if (verificationCode) {
      if (verificationCode.length >= 4) {
        const token = `mock_token_${Date.now()}_${account}`
        return NextResponse.json({
          code: 10000,
          message: "登录成功",
          data: { token },
        })
      }
      return NextResponse.json(
        { code: 40002, message: "验证码错误" },
        { status: 200 }
      )
    }

    // 密码登录
    if (!password) {
      return NextResponse.json(
        { code: 40003, message: "请输入密码" },
        { status: 200 }
      )
    }

    const key = isEmail(account) ? account : account
    const user = MOCK_USERS[key]

    if (user && user.password === password) {
      const token = `mock_token_${Date.now()}_${account}`
      return NextResponse.json({
        code: 10000,
        message: "登录成功",
        data: { token },
      })
    }

    return NextResponse.json(
      { code: 40004, message: "邮箱/手机号或密码错误" },
      { status: 200 }
    )
  } catch (error) {
    console.error("[auth/login]", error)
    return NextResponse.json(
      { code: 50000, message: "服务器错误" },
      { status: 500 }
    )
  }
}