ledadmin/meal-tracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Meal Tracker - full feature set with auth, favorites, admin panel

Browse Source
This commit is contained in:
Otto
2026-03-30 21:44:46 -04:00
parent 39b66bbb5a
commit e60aaa111a
20 changed files with 1422 additions and 622 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
server/routes/auth.js Normal file
View File

@@ -0,0 +1,65 @@
import { getDb } from '../models/db.js';
import bcrypt from 'bcryptjs';
export default function setupRoutes(app) {
// Login
app.post('/api/auth/login', (req, res) => {
const db = getDb();
const { username, password } = req.body;
const user = db.prepare('SELECT * FROM users WHERE username = ?').get(username);
if (!user) {
return res.status(401).json({ error: 'Invalid credentials' });
}
const valid = bcrypt.compareSync(password, user.password);
if (!valid) {
return res.status(401).json({ error: 'Invalid credentials' });
}
// Log the login
db.prepare('INSERT INTO activity_log (user_id, action, details) VALUES (?, ?, ?)').run(user.id, 'login', 'User logged in');
res.json({ id: user.id, username: user.username });
});
// Register
app.post('/api/auth/register', (req, res) => {
const db = getDb();
const { username, password } = req.body;
if (!username || !password) {
return res.status(400).json({ error: 'Username and password required' });
}
const existing = db.prepare('SELECT id FROM users WHERE username = ?').get(username);
if (existing) {
return res.status(400).json({ error: 'Username already exists' });
}
const hash = bcrypt.hashSync(password, 10);
const result = db.prepare('INSERT INTO users (username, password) VALUES (?, ?)').run(username, hash);
// Log registration
db.prepare('INSERT INTO activity_log (user_id, action, details) VALUES (?, ?, ?)').run(result.lastInsertRowid, 'register', 'New user registered');
res.json({ id: result.lastInsertRowid, username });
});
// Get current user
app.get('/api/auth/me', (req, res) => {
const userId = req.headers['x-user-id'];
if (!userId) {
return res.status(401).json({ error: 'Not authenticated' });
}
const db = getDb();
const user = db.prepare('SELECT id, username FROM users WHERE id = ?').get(userId);
if (!user) {
return res.status(401).json({ error: 'User not found' });
}
res.json(user);
});
}