import { Router, Request, Response } from 'express'; import bcrypt from 'bcryptjs'; import { queryOne, execute } from '../db'; import { generateToken, authMiddleware, AuthRequest } from '../middleware/auth.js'; const router = Router(); router.post('/register', (req: Request, res: Response) => { const { username, password } = req.body; if (!username || !password) { res.status(400).json({ error: 'Заполните все поля' }); return; } if (username.length < 3 || password.length < 4) { res.status(400).json({ error: 'Имя от 3 символов, пароль от 4' }); return; } const existing = queryOne('SELECT id FROM users WHERE username = ?', [username]); if (existing) { res.status(409).json({ error: 'Имя пользователя уже занято' }); return; } const password_hash = bcrypt.hashSync(password, 10); execute('INSERT INTO users (username, password_hash) VALUES (?, ?)', [username, password_hash]); const user = queryOne('SELECT id, username, points FROM users WHERE username = ?', [username]); const token = generateToken(user.id, user.username); res.status(201).json({ token, user }); }); router.post('/login', (req: Request, res: Response) => { const { username, password } = req.body; const user = queryOne('SELECT id, username, password_hash, points FROM users WHERE username = ?', [username]); if (!user || !bcrypt.compareSync(password, user.password_hash)) { res.status(401).json({ error: 'Неверное имя пользователя или пароль' }); return; } const token = generateToken(user.id, user.username); res.json({ token, user: { id: user.id, username: user.username, points: user.points } }); }); router.get('/me', authMiddleware, (req: AuthRequest, res: Response) => { const user = queryOne('SELECT id, username, points, created_at FROM users WHERE id = ?', [req.userId]); if (!user) { res.status(404).json({ error: 'User not found' }); return; } res.json({ user }); }); export default router;