brian/TreasureTrails
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added unit and api tests

Browse source
This commit is contained in:
Brian McGonagill 2026-03-26 10:21:19 -05:00
parent 9f4204cc73
commit fedf1eb4c5
34 changed files with 9205 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

44
backend/dist/routes/auth.js vendored
View file

@ -11,22 +11,43 @@ const router = (0, express_1.Router)();
const JWT_SECRET = process.env.JWT_SECRET || 'treasure-trails-secret-key';
router.post('/register', async (req, res) => {
try {
const { email, password, name } = req.body;
const { email, password, name, inviteCode } = req.body;
if (!email || !password || !name) {
return res.status(400).json({ error: 'Email, password, and name are required' });
}
const settings = await index_1.prisma.systemSettings.findUnique({
where: { id: 'default' }
});
const isBanned = await index_1.prisma.bannedEmail.findUnique({
where: { email: email.toLowerCase() }
});
if (isBanned) {
return res.status(403).json({ error: 'This email is not allowed to register' });
}
if (settings && !settings.registrationEnabled) {
if (!inviteCode || settings.inviteCode !== inviteCode) {
return res.status(403).json({ error: 'Registration is currently closed. An invite code may be required.' });
}
}
const existingUser = await index_1.prisma.user.findUnique({ where: { email } });
if (existingUser) {
return res.status(400).json({ error: 'Email already registered' });
}
const passwordHash = await bcryptjs_1.default.hash(password, 10);
const userCount = await index_1.prisma.user.count();
const isFirstUser = userCount === 0;
const user = await index_1.prisma.user.create({
data: { email, passwordHash, name }
data: {
email,
passwordHash,
name,
isAdmin: isFirstUser
}
});
const token = jsonwebtoken_1.default.sign({ userId: user.id }, JWT_SECRET, { expiresIn: '7d' });
res.json({
token,
user: { id: user.id, email: user.email, name: user.name }
user: { id: user.id, email: user.email, name: user.name, isAdmin: user.isAdmin }
});
}
catch (error) {
@ -51,7 +72,7 @@ router.post('/login', async (req, res) => {
const token = jsonwebtoken_1.default.sign({ userId: user.id }, JWT_SECRET, { expiresIn: '7d' });
res.json({
token,
user: { id: user.id, email: user.email, name: user.name }
user: { id: user.id, email: user.email, name: user.name, isAdmin: user.isAdmin }
});
}
catch (error) {
@ -59,6 +80,19 @@ router.post('/login', async (req, res) => {
res.status(500).json({ error: 'Failed to login' });
}
});
router.get('/registration-status', async (req, res) => {
try {
const settings = await index_1.prisma.systemSettings.findUnique({
where: { id: 'default' }
});
res.json({
enabled: !settings || settings.registrationEnabled
});
}
catch (error) {
res.json({ enabled: true });
}
});
router.get('/me', async (req, res) => {
try {
const authHeader = req.headers.authorization;
@ -69,7 +103,7 @@ router.get('/me', async (req, res) => {
const decoded = jsonwebtoken_1.default.verify(token, JWT_SECRET);
const user = await index_1.prisma.user.findUnique({
where: { id: decoded.userId },
select: { id: true, email: true, name: true, createdAt: true }
select: { id: true, email: true, name: true, isAdmin: true, isApiEnabled: true, createdAt: true }
});
if (!user) {
return res.status(401).json({ error: 'User not found' });