46 lines
1.3 KiB
JavaScript
46 lines
1.3 KiB
JavaScript
import express from "express";
|
|
import jwt from "jsonwebtoken";
|
|
import { User } from "../models/User.js";
|
|
|
|
const router = express.Router();
|
|
|
|
// POST /api/auth/register
|
|
router.post("/register", async (req, res) => {
|
|
const { email, password, role } = req.body;
|
|
try {
|
|
const exists = await User.findOne({ email });
|
|
if (exists) return res.status(409).json({ error: "Email in use" });
|
|
const user = new User({ email, password, role });
|
|
await user.save();
|
|
const token = jwt.sign(
|
|
{ sub: user._id, role: user.role },
|
|
process.env.JWT_SECRET,
|
|
{ expiresIn: "7d" }
|
|
);
|
|
res.json({ token });
|
|
} catch (err) {
|
|
res.status(500).json({ error: err.message });
|
|
}
|
|
});
|
|
|
|
// POST /api/auth/login
|
|
router.post("/login", async (req, res) => {
|
|
const { email, password } = req.body;
|
|
try {
|
|
const user = await User.findOne({ email });
|
|
if (!user || !(await user.comparePassword(password))) {
|
|
return res.status(401).json({ error: "Invalid credentials" });
|
|
}
|
|
const token = jwt.sign(
|
|
{ sub: user._id, role: user.role },
|
|
process.env.JWT_SECRET,
|
|
{ expiresIn: "7d" }
|
|
);
|
|
res.json({ token });
|
|
} catch (err) {
|
|
res.status(500).json({ error: err.message });
|
|
}
|
|
});
|
|
|
|
export default router;
|