feat:實作 Admin Panel — 平台管理後台

後端： - AdminStatsController：總會員/教練/課程數統計 API - AdminUserController：會員與教練列表、詳情、啟用/停用、教練驗證（toggle 反轉語意） - AdminOfferController：全平台課程列表與刪除 - routes/api.php：新增 /api/admin/stats、members、providers、offers 等路由前端（frontend/）： - adminAuth store、adminAxios（第三套獨立認證） - /admin/* 路由群組 + requiresAdmin guard - AdminNavBar、AdminLayout - App.vue：isCoachPage → isBackofficePage（/coach/* 和 /admin/* 皆隱藏會員 NavBar） - LoginView、DashboardView（統計卡片） - MembersView、ProvidersView（含驗證操作）、OffersView（含刪除確認） OpenSpec： - 新增 specs：admin-auth / admin-user-management / admin-offer-management / admin-stats / admin-panel-ui - 歸檔：openspec/changes/archive/2026-05-10-admin-panel Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-05-10 04:07:13 +08:00
parent da48a3652d
commit ad2c05779d
29 changed files with 1439 additions and 10 deletions
@@ -0,0 +1,150 @@
+<?php
+
+namespace App\Http\Controllers\API;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\Request;
+
+class AdminUserController extends Controller
+{
+    private function checkAdmin()
+    {
+        if (auth()->user()->role !== 'admin') {
+            return response()->json(['status' => false, 'message' => '無權限存取'], 403);
+        }
+        return null;
+    }
+
+    private function findUser(int $id, string $role)
+    {
+        return User::where('id', $id)->where('role', $role)->first();
+    }
+
+    public function members(Request $request)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $query = User::where('role', 'member')->with('memberProfile');
+
+        if ($q = $request->query('q')) {
+            $query->where(function ($sub) use ($q) {
+                $sub->where('name', 'like', "%{$q}%")
+                    ->orWhere('email', 'like', "%{$q}%");
+            });
+        }
+
+        $paginated = $query->latest()->paginate(15);
+
+        return response()->json([
+            'status' => true,
+            'data'   => $paginated->items(),
+            'meta'   => [
+                'total'        => $paginated->total(),
+                'per_page'     => $paginated->perPage(),
+                'current_page' => $paginated->currentPage(),
+                'last_page'    => $paginated->lastPage(),
+            ],
+        ]);
+    }
+
+    public function member(int $id)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $user = $this->findUser($id, 'member');
+        if (!$user) {
+            return response()->json(['status' => false, 'message' => '用戶不存在'], 404);
+        }
+
+        return response()->json(['status' => true, 'data' => $user->load('memberProfile')]);
+    }
+
+    public function toggleMemberActive(int $id)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $user = $this->findUser($id, 'member');
+        if (!$user) {
+            return response()->json(['status' => false, 'message' => '用戶不存在'], 404);
+        }
+
+        $user->is_active = !$user->is_active;
+        $user->save();
+
+        $msg = $user->is_active ? '帳號已啟用' : '帳號已停用';
+        return response()->json(['status' => true, 'message' => $msg, 'data' => ['is_active' => $user->is_active]]);
+    }
+
+    public function providers(Request $request)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $query = User::where('role', 'provider')->with('providerProfile');
+
+        if ($q = $request->query('q')) {
+            $query->where(function ($sub) use ($q) {
+                $sub->where('name', 'like', "%{$q}%")
+                    ->orWhere('email', 'like', "%{$q}%");
+            });
+        }
+
+        $paginated = $query->latest()->paginate(15);
+
+        return response()->json([
+            'status' => true,
+            'data'   => $paginated->items(),
+            'meta'   => [
+                'total'        => $paginated->total(),
+                'per_page'     => $paginated->perPage(),
+                'current_page' => $paginated->currentPage(),
+                'last_page'    => $paginated->lastPage(),
+            ],
+        ]);
+    }
+
+    public function provider(int $id)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $user = $this->findUser($id, 'provider');
+        if (!$user) {
+            return response()->json(['status' => false, 'message' => '用戶不存在'], 404);
+        }
+
+        return response()->json(['status' => true, 'data' => $user->load('providerProfile')]);
+    }
+
+    public function toggleProviderActive(int $id)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $user = $this->findUser($id, 'provider');
+        if (!$user) {
+            return response()->json(['status' => false, 'message' => '用戶不存在'], 404);
+        }
+
+        $user->is_active = !$user->is_active;
+        $user->save();
+
+        $msg = $user->is_active ? '帳號已啟用' : '帳號已停用';
+        return response()->json(['status' => true, 'message' => $msg, 'data' => ['is_active' => $user->is_active]]);
+    }
+
+    public function toggleProviderVerified(int $id)
+    {
+        if ($err = $this->checkAdmin()) return $err;
+
+        $user = $this->findUser($id, 'provider');
+        if (!$user) {
+            return response()->json(['status' => false, 'message' => '用戶不存在'], 404);
+        }
+
+        $profile = $user->providerProfile;
+        $profile->is_verified = !$profile->is_verified;
+        $profile->save();
+
+        $msg = $profile->is_verified ? '教練已驗證' : '已取消驗證';
+        return response()->json(['status' => true, 'message' => $msg, 'data' => ['is_verified' => $profile->is_verified]]);
+    }
+}