first commit
This commit is contained in:
58
server/src/routes/auth.ts
Normal file
58
server/src/routes/auth.ts
Normal file
@@ -0,0 +1,58 @@
|
||||
import { Router, Request, Response } from 'express';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { queryOne, execute } from '../db';
|
||||
import { generateToken, authMiddleware, AuthRequest } from '../middleware/auth.js';
|
||||
|
||||
const router = Router();
|
||||
|
||||
router.post('/register', (req: Request, res: Response) => {
|
||||
const { username, password } = req.body;
|
||||
|
||||
if (!username || !password) {
|
||||
res.status(400).json({ error: 'Username and password required' });
|
||||
return;
|
||||
}
|
||||
|
||||
if (username.length < 3 || password.length < 4) {
|
||||
res.status(400).json({ error: 'Username min 3 chars, password min 4 chars' });
|
||||
return;
|
||||
}
|
||||
|
||||
const existing = queryOne('SELECT id FROM users WHERE username = ?', [username]);
|
||||
if (existing) {
|
||||
res.status(409).json({ error: 'Username already taken' });
|
||||
return;
|
||||
}
|
||||
|
||||
const password_hash = bcrypt.hashSync(password, 10);
|
||||
execute('INSERT INTO users (username, password_hash) VALUES (?, ?)', [username, password_hash]);
|
||||
|
||||
const user = queryOne('SELECT id, username, points FROM users WHERE username = ?', [username]);
|
||||
|
||||
const token = generateToken(user.id, user.username);
|
||||
res.status(201).json({ token, user });
|
||||
});
|
||||
|
||||
router.post('/login', (req: Request, res: Response) => {
|
||||
const { username, password } = req.body;
|
||||
|
||||
const user = queryOne('SELECT id, username, password_hash, points FROM users WHERE username = ?', [username]);
|
||||
if (!user || !bcrypt.compareSync(password, user.password_hash)) {
|
||||
res.status(401).json({ error: 'Invalid credentials' });
|
||||
return;
|
||||
}
|
||||
|
||||
const token = generateToken(user.id, user.username);
|
||||
res.json({ token, user: { id: user.id, username: user.username, points: user.points } });
|
||||
});
|
||||
|
||||
router.get('/me', authMiddleware, (req: AuthRequest, res: Response) => {
|
||||
const user = queryOne('SELECT id, username, points, created_at FROM users WHERE id = ?', [req.userId]);
|
||||
if (!user) {
|
||||
res.status(404).json({ error: 'User not found' });
|
||||
return;
|
||||
}
|
||||
res.json({ user });
|
||||
});
|
||||
|
||||
export default router;
|
||||
Reference in New Issue
Block a user