feat: basic api setup and boilerplate

backend/src/controllers/auth.controller.js

@@ -0,0 +1,76 @@
+import prisma from "../prisma/client.js";
+import {generateToken} from "../utils/jwt.js";
+import {hashPassword, comparePassword} from "../utils/password.js";
+
+/**
+ * REGISTER
+ * POST /api/auth/register
+ */
+export async function register(req, res) {
+	const {username, password, role} = req.body;
+
+	if (!username || !password) {
+		return res.status(400).json({error: "Username and password required"});
+	}
+
+	const existingUser = await prisma.user.findUnique({
+		where: {username},
+	});
+
+	if (existingUser) {
+		return res.status(409).json({error: "Username already exists"});
+	}
+
+	const hashedPassword = await hashPassword(password);
+
+	const user = await prisma.user.create({
+		data: {
+			username,
+			password: hashedPassword,
+			role: role || "admin",
+		},
+	});
+
+	res.status(201).json({
+		message: "User registered successfully",
+		user: {
+			id: user.id,
+			username: user.username,
+			role: user.role,
+		},
+	});
+}
+
+/**
+ * LOGIN
+ * POST /api/auth/login
+ */
+export async function login(req, res) {
+	const {username, password} = req.body;
+
+	if (!username || !password) {
+		return res.status(400).json({error: "Username and password required"});
+	}
+
+	const user = await prisma.user.findUnique({
+		where: {username},
+	});
+
+	if (!user) {
+		return res.status(401).json({error: "Invalid credentials"});
+	}
+
+	const isValid = await comparePassword(password, user.password);
+
+	if (!isValid) {
+		return res.status(401).json({error: "Invalid credentials"});
+	}
+
+	const token = generateToken({
+		userId: user.id,
+		username: user.username,
+		role: user.role,
+	});
+
+	res.json({token});
+}