feat: 初始化公网编辑器后端项目

- 配置 Next.js 14 + TypeScript + TailwindCSS
- 集成 Supabase (Auth + Storage + Database)
- 实现认证 API (login/logout/me)
- 实现文件存储 API (upload/list/get/delete)
- 实现数据库操作 API (tables/query)
- 添加 Supabase 初始化 SQL 脚本
- 添加环境变量配置示例
- 添加项目文档
This commit is contained in:
2026-03-17 01:03:03 +08:00
commit 23b117a3fa
32 changed files with 8446 additions and 0 deletions
+164
View File
@@ -0,0 +1,164 @@
import { NextRequest, NextResponse } from 'next/server';
import { supabase } from '@/lib/supabase';
// POST - Execute a query on a table
export async function POST(request: NextRequest) {
try {
// Get the access token from cookie or header
const accessToken =
request.cookies.get('sb-access-token')?.value ||
request.headers.get('authorization')?.replace('Bearer ', '');
if (!accessToken) {
return NextResponse.json(
{ success: false, error: 'Not authenticated' },
{ status: 401 }
);
}
// Verify user
const { data: userData, error: userError } = await supabase.auth.getUser(accessToken);
if (userError || !userData.user) {
return NextResponse.json(
{ success: false, error: 'Invalid authentication' },
{ status: 401 }
);
}
const userId = userData.user.id;
const { table, operation, data: queryData, filters } = await request.json();
if (!table) {
return NextResponse.json(
{ success: false, error: 'Table name is required' },
{ status: 400 }
);
}
let result;
switch (operation) {
case 'select': {
let query = supabase.from(table).select('*');
// Apply filters if provided
if (filters) {
for (const [key, value] of Object.entries(filters)) {
query = query.eq(key, value);
}
}
// Only allow user to query their own data
const { data: columns } = await supabase
.from(table)
.select('*')
.limit(1);
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
query = query.eq('user_id', userId);
}
const { data, error } = await query;
if (error) throw error;
result = data;
break;
}
case 'insert': {
const insertData = {
...queryData,
user_id: userId,
};
const { data, error } = await supabase
.from(table)
.insert(insertData)
.select()
.single();
if (error) throw error;
result = data;
break;
}
case 'update': {
if (!filters || Object.keys(filters).length === 0) {
return NextResponse.json(
{ success: false, error: 'Filters required for update' },
{ status: 400 }
);
}
let query = supabase.from(table).update(queryData);
// Apply filters
for (const [key, value] of Object.entries(filters)) {
query = query.eq(key, value);
}
// Ensure user can only update their own data
const { data: columns } = await supabase
.from(table)
.select('*')
.limit(1);
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
query = query.eq('user_id', userId);
}
const { data, error } = await query.select().single();
if (error) throw error;
result = data;
break;
}
case 'delete': {
if (!filters || Object.keys(filters).length === 0) {
return NextResponse.json(
{ success: false, error: 'Filters required for delete' },
{ status: 400 }
);
}
let query = supabase.from(table).delete();
// Apply filters
for (const [key, value] of Object.entries(filters)) {
query = query.eq(key, value);
}
// Ensure user can only delete their own data
const { data: columns } = await supabase
.from(table)
.select('*')
.limit(1);
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
query = query.eq('user_id', userId);
}
const { error } = await query;
if (error) throw error;
result = { deleted: true };
break;
}
default:
return NextResponse.json(
{ success: false, error: 'Invalid operation' },
{ status: 400 }
);
}
return NextResponse.json({
success: true,
data: result,
});
} catch (error) {
console.error('Database query error:', error);
return NextResponse.json(
{ success: false, error: 'Query failed' },
{ status: 500 }
);
}
}