"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.authRoutes = void 0; const express_1 = require("express"); const bcryptjs_1 = __importDefault(require("bcryptjs")); const jsonwebtoken_1 = __importDefault(require("jsonwebtoken")); const db_js_1 = require("../db.js"); exports.authRoutes = (0, express_1.Router)(); const JWT_SECRET = process.env.JWT_SECRET || 'super-secret-key'; exports.authRoutes.post('/register', async (req, res) => { try { const { email, password, name } = req.body; if (!email || !password) { return res.status(400).json({ error: 'Email and password are required' }); } const existingUser = await db_js_1.prisma.user.findUnique({ where: { email } }); if (existingUser) { return res.status(400).json({ error: 'Email already in use' }); } const hashedPassword = await bcryptjs_1.default.hash(password, 10); const user = await db_js_1.prisma.user.create({ data: { email, password: hashedPassword, name: name || email.split('@')[0], role: email === 'admin@admin.com' || email === 'admin' ? 'ADMIN' : 'USER', }, }); const token = jsonwebtoken_1.default.sign({ userId: user.id }, JWT_SECRET, { expiresIn: '7d' }); await db_js_1.prisma.session.create({ data: { userId: user.id, token, expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // 7 days } }); res.json({ token, user: { id: user.id, email: user.email, name: user.name, role: user.role } }); } catch (error) { console.error('Register error:', error); res.status(500).json({ error: 'Failed to register', details: String(error) }); } }); exports.authRoutes.post('/login', async (req, res) => { try { const { email, password } = req.body; if (!email || !password) { return res.status(400).json({ error: 'Email and password are required' }); } const user = await db_js_1.prisma.user.findUnique({ where: { email } }); if (!user) { return res.status(401).json({ error: 'Invalid credentials' }); } const isValid = await bcryptjs_1.default.compare(password, user.password); if (!isValid) { return res.status(401).json({ error: 'Invalid credentials' }); } const token = jsonwebtoken_1.default.sign({ userId: user.id }, JWT_SECRET, { expiresIn: '7d' }); await db_js_1.prisma.session.create({ data: { userId: user.id, token, expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), } }); res.json({ token, user: { id: user.id, email: user.email, name: user.name, role: user.role } }); } catch (error) { console.error('Login error:', error); res.status(500).json({ error: 'Failed to login', details: String(error) }); } }); exports.authRoutes.get('/me', async (req, res) => { try { const authHeader = req.headers.authorization; if (!authHeader?.startsWith('Bearer ')) { return res.status(401).json({ error: 'No token provided' }); } const token = authHeader.substring(7); const decoded = jsonwebtoken_1.default.verify(token, JWT_SECRET); const session = await db_js_1.prisma.session.findUnique({ where: { token } }); if (!session || session.expiresAt < new Date()) { return res.status(401).json({ error: 'Session expired' }); } const user = await db_js_1.prisma.user.findUnique({ where: { id: decoded.userId } }); if (!user) { return res.status(404).json({ error: 'User not found' }); } res.json({ user: { id: user.id, email: user.email, name: user.name, role: user.role } }); } catch (error) { res.status(401).json({ error: 'Invalid token' }); } }); exports.authRoutes.post('/logout', async (req, res) => { try { const authHeader = req.headers.authorization; if (authHeader?.startsWith('Bearer ')) { const token = authHeader.substring(7); await db_js_1.prisma.session.deleteMany({ where: { token } }); } res.json({ message: 'Logged out successfully' }); } catch (error) { res.status(500).json({ error: 'Failed to logout' }); } }); //# sourceMappingURL=auth.js.map