timetracker/backend/dist/routes/auth.js

import { z } from 'zod';
import { prisma } from '../index.js';
import crypto from 'crypto';
const userSchema = z.object({
    username: z.string().min(3).max(50),
    password: z.string().min(6).max(100),
});
function hashPassword(password) {
    return crypto.createHash('sha256').update(password).digest('hex');
}
export async function authRoutes(fastify) {
    fastify.post('/register', async (request, reply) => {
        const result = userSchema.safeParse(request.body);
        if (!result.success) {
            return reply.status(400).send({ error: 'Invalid input', details: result.error.errors });
        }
        const { username, password } = result.data;
        const existing = await prisma.user.findUnique({ where: { username } });
        if (existing) {
            return reply.status(409).send({ error: 'Username already exists' });
        }
        const user = await prisma.user.create({
            data: {
                username,
                password: hashPassword(password),
            },
        });
        const token = fastify.jwt.sign({ id: user.id, username: user.username });
        return { token, user: { id: user.id, username: user.username } };
    });
    fastify.post('/login', async (request, reply) => {
        const result = userSchema.safeParse(request.body);
        if (!result.success) {
            return reply.status(400).send({ error: 'Invalid input' });
        }
        const { username, password } = result.data;
        const user = await prisma.user.findUnique({ where: { username } });
        if (!user || user.password !== hashPassword(password)) {
            return reply.status(401).send({ error: 'Invalid credentials' });
        }
        const token = fastify.jwt.sign({ id: user.id, username: user.username });
        return { token, user: { id: user.id, username: user.username } };
    });
    fastify.get('/me', {
        onRequest: [fastify.authenticate],
    }, async (request) => {
        const user = request.user;
        return { id: user.id, username: user.username };
    });
}