feat: validated by normalized email / username

KUN1007 · KUN1007 · commit 935c8d736040 · 2025-07-24T02:00:26.000+08:00
diff --git a/app/api/auth/register/route.ts b/app/api/auth/register/route.ts
@@ -29,7 +29,10 @@ export const register = async (
     return '您的用户名已经有人注册了, 请修改'
   }
 
-  const sameEmailUser = await prisma.user.findUnique({ where: { email } })
+  const normalizedEmail = email.toLowerCase()
+  const sameEmailUser = await prisma.user.findFirst({
+    where: { email: { equals: normalizedEmail, mode: 'insensitive' } }
+  })
   if (sameEmailUser) {
     return '您的邮箱已经有人注册了, 请修改'
   }
diff --git a/app/api/forgot/one/route.ts b/app/api/forgot/one/route.ts
@@ -14,8 +14,14 @@ export const stepOne = async (
   //     OR: [{ email: input.name }, { name: input.name }]
   //   }
   // })
+  const normalizedInput = input.name.toLowerCase()
   const user = await prisma.user.findFirst({
-    where: { email: input.name }
+    where: {
+      OR: [
+        { email: { equals: normalizedInput, mode: 'insensitive' } },
+        { name: { equals: normalizedInput, mode: 'insensitive' } }
+      ]
+    }
   })
   if (!user) {
     return '用户未找到'
diff --git a/app/api/forgot/two/route.ts b/app/api/forgot/two/route.ts
@@ -11,9 +11,13 @@ export const stepTwo = async (input: z.infer<typeof stepTwoSchema>) => {
     return '两次密码输入不一致'
   }
 
+  const normalizedInput = input.name.toLowerCase()
   const user = await prisma.user.findFirst({
     where: {
-      OR: [{ email: input.name }, { name: input.name }]
+      OR: [
+        { email: { equals: normalizedInput, mode: 'insensitive' } },
+        { name: { equals: normalizedInput, mode: 'insensitive' } }
+      ]
     }
   })
   if (!user) {
diff --git a/app/api/utils/verifyVerificationCode.ts b/app/api/utils/verifyVerificationCode.ts
@@ -10,5 +10,5 @@ export const verifyVerificationCode = async (
     return false
   }
 
-  return userProvidedCode === storedCode
+  return userProvidedCode.toLowerCase() === storedCode.toLowerCase()
 }
diff --git a/migration/fixDuplicateUser.mjs b/migration/fixDuplicateUser.mjs
@@ -0,0 +1,88 @@
+import { PrismaClient } from '@prisma/client'
+import crypto from 'crypto'
+
+const prisma = new PrismaClient()
+
+const generateRandomEmail = () => {
+  const randomString = crypto.randomBytes(8).toString('hex')
+  return `${randomString}@example.com`
+}
+
+const main = async () => {
+  console.log('开始清理重复邮箱任务...')
+
+  console.log('正在获取所有用户信息...')
+  const allUsers = await prisma.user.findMany()
+  console.log(`共找到 ${allUsers.length} 个用户。`)
+
+  const emailGroups = new Map()
+  for (const user of allUsers) {
+    if (user.email) {
+      const lowerEmail = user.email.toLowerCase()
+      if (!emailGroups.has(lowerEmail)) {
+        emailGroups.set(lowerEmail, [])
+      }
+      emailGroups.get(lowerEmail).push(user)
+    }
+  }
+
+  const userIdsToUpdate = []
+  for (const [lowerEmail, usersInGroup] of emailGroups.entries()) {
+    if (usersInGroup.length > 1) {
+      console.log(
+        `\n发现重复邮箱组: ${lowerEmail} (共 ${usersInGroup.length} 个账户)`
+      )
+
+      usersInGroup.sort((a, b) => {
+        if (b.moemoepoint !== a.moemoepoint) {
+          return b.moemoepoint - a.moemoepoint
+        }
+
+        return (
+          new Date(a.register_time).getTime() -
+          new Date(b.register_time).getTime()
+        )
+      })
+
+      const userToKeep = usersInGroup[0]
+      const usersToReset = usersInGroup.slice(1)
+
+      console.log(
+        `  - 准备保留: 用户ID ${userToKeep.id} (Email: ${userToKeep.email}, Points: ${userToKeep.moemoepoint})`
+      )
+      usersToReset.forEach((u) => {
+        console.log(
+          `  - 准备重置: 用户ID ${u.id} (Email: ${u.email}, Points: ${u.moemoepoint})`
+        )
+        userIdsToUpdate.push(u.id)
+      })
+    }
+  }
+
+  if (userIdsToUpdate.length > 0) {
+    console.log(`\n共找到 ${userIdsToUpdate.length} 个账户需要重置邮箱。`)
+    console.log('正在执行数据库更新...')
+
+    const updatePromises = userIdsToUpdate.map((id) =>
+      prisma.user.update({
+        where: { id },
+        data: { email: generateRandomEmail() }
+      })
+    )
+
+    await prisma.$transaction(updatePromises)
+
+    console.log('所有需要重置的账户邮箱已更新完毕！')
+  } else {
+    console.log('\n没有找到需要清理的重复邮箱账户。')
+  }
+}
+
+main()
+  .catch((e) => {
+    console.error('脚本执行出错:', e)
+    process.exit(1)
+  })
+  .finally(async () => {
+    await prisma.$disconnect()
+  })

Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,10 @@ export const register = async (`
`29`	`29`	`return '您的用户名已经有人注册了, 请修改'`
`30`	`30`	`}`
`31`	`31`
`32`		`- const sameEmailUser = await prisma.user.findUnique({ where: { email } })`
	`32`	`+ const normalizedEmail = email.toLowerCase()`
	`33`	`+ const sameEmailUser = await prisma.user.findFirst({`
	`34`	`+ where: { email: { equals: normalizedEmail, mode: 'insensitive' } }`
	`35`	`+ })`
`33`	`36`	`if (sameEmailUser) {`
`34`	`37`	`return '您的邮箱已经有人注册了, 请修改'`
`35`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -11,9 +11,13 @@ export const stepTwo = async (input: z.infer<typeof stepTwoSchema>) => {`
`11`	`11`	`return '两次密码输入不一致'`
`12`	`12`	`}`
`13`	`13`
	`14`	`+ const normalizedInput = input.name.toLowerCase()`
`14`	`15`	`const user = await prisma.user.findFirst({`
`15`	`16`	`where: {`
`16`		`- OR: [{ email: input.name }, { name: input.name }]`
	`17`	`+ OR: [`
	`18`	`+ { email: { equals: normalizedInput, mode: 'insensitive' } },`
	`19`	`+ { name: { equals: normalizedInput, mode: 'insensitive' } }`
	`20`	`+ ]`
`17`	`21`	`}`
`18`	`22`	`})`
`19`	`23`	`if (!user) {`
Original file line number	Diff line number	Diff line change
`@@ -10,5 +10,5 @@ export const verifyVerificationCode = async (`
`10`	`10`	`return false`
`11`	`11`	`}`
`12`	`12`
`13`		`- return userProvidedCode === storedCode`
	`13`	`+ return userProvidedCode.toLowerCase() === storedCode.toLowerCase()`
`14`	`14`	`}`