feat(profile): implement independent email update dialog to prevent accidental password resets during partial updates

inventory-backend/app/api/v1/auth.py

@@ -414,3 +414,55 @@ def change_my_password():
     except Exception as e:
         current_app.logger.error(f"Change Password Failed: {str(e)}")
         return jsonify({'msg': f'密码修改失败: {str(e)}'}), 500
+
+
+# ==============================================================================
+# 自我更新邮箱
+# ==============================================================================
+@auth_bp.route('/me/email', methods=['PUT'])
+@jwt_required()
+def update_my_email():
+    """
+    自我更新邮箱接口
+    - 仅更新 email 字段，与密码修改完全隔离
+    - 防止后端意外清空用户密码
+    """
+    try:
+        from app.models.system import SysUser
+
+        user_id = get_jwt_identity()
+
+        # 超级管理员（user_id=0）不允许修改邮箱
+        if user_id == 0:
+            return jsonify({'msg': '超级管理员邮箱由系统管理员管理'}), 400
+
+        data = request.get_json()
+        if not data:
+            return jsonify({'msg': '无效的请求数据'}), 400
+
+        email = data.get('email')
+        if not email:
+            return jsonify({'msg': '邮箱不能为空'}), 400
+
+        # 简单的邮箱格式校验
+        import re
+        if not re.match(r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$', email):
+            return jsonify({'msg': '邮箱格式不正确'}), 400
+
+        user = SysUser.query.get(user_id)
+        if not user:
+            return jsonify({'msg': '用户不存在'}), 404
+
+        # 检查邮箱是否已被其他用户使用
+        existing = SysUser.query.filter(SysUser.email == email, SysUser.id != user_id).first()
+        if existing:
+            return jsonify({'msg': '该邮箱已被其他用户使用'}), 400
+
+        user.email = email
+        db.session.commit()
+
+        return jsonify({'msg': '邮箱更新成功'}), 200
+
+    except Exception as e:
+        current_app.logger.error(f"Update Email Failed: {str(e)}")
+        return jsonify({'msg': f'邮箱更新失败: {str(e)}'}), 500