ARJUN S THAMPI
77 lines
1.5 KiB
JavaScript
77 lines
1.5 KiB
JavaScript
import prisma from "../prisma/client.js";
|
|
import {generateToken} from "../utils/jwt.js";
|
|
import {hashPassword, comparePassword} from "../utils/password.js";
|
|
|
|
/**
|
|
* REGISTER
|
|
* POST /api/auth/register
|
|
*/
|
|
export async function register(req, res) {
|
|
const {username, password, role} = req.body;
|
|
|
|
if (!username || !password) {
|
|
return res.status(400).json({error: "Username and password required"});
|
|
}
|
|
|
|
const existingUser = await prisma.user.findUnique({
|
|
where: {username},
|
|
});
|
|
|
|
if (existingUser) {
|
|
return res.status(409).json({error: "Username already exists"});
|
|
}
|
|
|
|
const hashedPassword = await hashPassword(password);
|
|
|
|
const user = await prisma.user.create({
|
|
data: {
|
|
username,
|
|
password: hashedPassword,
|
|
role: role || "admin",
|
|
},
|
|
});
|
|
|
|
res.status(201).json({
|
|
message: "User registered successfully",
|
|
user: {
|
|
id: user.id,
|
|
username: user.username,
|
|
role: user.role,
|
|
},
|
|
});
|
|
}
|
|
|
|
/**
|
|
* LOGIN
|
|
* POST /api/auth/login
|
|
*/
|
|
export async function login(req, res) {
|
|
const {username, password} = req.body;
|
|
|
|
if (!username || !password) {
|
|
return res.status(400).json({error: "Username and password required"});
|
|
}
|
|
|
|
const user = await prisma.user.findUnique({
|
|
where: {username},
|
|
});
|
|
|
|
if (!user) {
|
|
return res.status(401).json({error: "Invalid credentials"});
|
|
}
|
|
|
|
const isValid = await comparePassword(password, user.password);
|
|
|
|
if (!isValid) {
|
|
return res.status(401).json({error: "Invalid credentials"});
|
|
}
|
|
|
|
const token = generateToken({
|
|
userId: user.id,
|
|
username: user.username,
|
|
role: user.role,
|
|
});
|
|
|
|
res.json({token});
|
|
}
|