Initial commit — Shop Manager for Tony Moon

Full auto mechanic shop management tool: jobs, invoices, estimates,
inspections, inventory, recommendations, technicians, appointments,
reports, file uploads, kanban board, and more.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-07 00:08:35 -05:00
commit 8839412b52
100 changed files with 18510 additions and 0 deletions

71
server/src/routes/auth.ts Normal file
View File

@@ -0,0 +1,71 @@
import { Router, Response } from 'express';
import bcrypt from 'bcryptjs';
import db from '../database';
import { AuthRequest, generateToken, authMiddleware } from '../middleware/auth';
import { User } from '../types';
const router = Router();
router.post('/register', (req: AuthRequest, res: Response) => {
try {
const { username, password, displayName } = req.body;
if (!username || !password) {
return res.status(400).json({ error: 'Username and password required' });
}
// Only allow registration if no users exist (first-run setup)
const userCount = db.prepare('SELECT COUNT(*) as count FROM users').get() as { count: number };
if (userCount.count > 0) {
return res.status(403).json({ error: 'Registration disabled. User already exists.' });
}
const hash = bcrypt.hashSync(password, 10);
const result = db.prepare(
'INSERT INTO users (username, password_hash, display_name) VALUES (?, ?, ?)'
).run(username, hash, displayName || null);
const token = generateToken(result.lastInsertRowid as number);
res.json({ token, user: { id: result.lastInsertRowid, username, displayName: displayName || null } });
} catch (error: any) {
if (error.code === 'SQLITE_CONSTRAINT_UNIQUE') {
return res.status(409).json({ error: 'Username already exists' });
}
res.status(500).json({ error: error.message });
}
});
router.post('/login', (req: AuthRequest, res: Response) => {
try {
const { username, password } = req.body;
if (!username || !password) {
return res.status(400).json({ error: 'Username and password required' });
}
const user = db.prepare('SELECT * FROM users WHERE username = ?').get(username) as User | undefined;
if (!user || !bcrypt.compareSync(password, user.password_hash)) {
return res.status(401).json({ error: 'Invalid credentials' });
}
const token = generateToken(user.id);
res.json({ token, user: { id: user.id, username: user.username, displayName: user.display_name } });
} catch (error: any) {
res.status(500).json({ error: error.message });
}
});
router.get('/me', authMiddleware, (req: AuthRequest, res: Response) => {
try {
const user = db.prepare('SELECT id, username, display_name FROM users WHERE id = ?').get(req.userId) as User | undefined;
if (!user) return res.status(404).json({ error: 'User not found' });
res.json({ id: user.id, username: user.username, displayName: user.display_name });
} catch (error: any) {
res.status(500).json({ error: error.message });
}
});
router.get('/setup-required', (_req: AuthRequest, res: Response) => {
const userCount = db.prepare('SELECT COUNT(*) as count FROM users').get() as { count: number };
res.json({ setupRequired: userCount.count === 0 });
});
export default router;