const express = require('express'); const cors = require('cors'); const bcrypt = require('bcrypt'); const jwt = require('jsonwebtoken'); const pool = require('./db'); require('dotenv').config(); const app = express(); const PORT = process.env.PORT || 5000; app.use(cors()); app.use(express.json()); // Registration app.post('/api/register', async (req, res) => { try { const { username, email, password } = req.body; // Check if user exists const userExists = await pool.query('SELECT * FROM users WHERE email = $1 OR username = $2', [email, username]); if (userExists.rows.length > 0) { return res.status(400).json({ error: 'User already exists' }); } // Hash password const salt = await bcrypt.genSalt(10); const passwordHash = await bcrypt.hash(password, salt); // Save to DB const newUser = await pool.query( 'INSERT INTO users (username, email, password_hash) VALUES ($1, $2, $3) RETURNING id, username, email', [username, email, passwordHash] ); res.status(201).json({ user: newUser.rows[0] }); } catch (err) { console.error(err); res.status(500).json({ error: 'Server error' }); } }); // Login app.post('/api/login', async (req, res) => { try { const { email, password } = req.body; // Find user const user = await pool.query('SELECT * FROM users WHERE email = $1', [email]); if (user.rows.length === 0) { return res.status(400).json({ error: 'Invalid credentials' }); } // Check password const validPassword = await bcrypt.compare(password, user.rows[0].password_hash); if (!validPassword) { return res.status(400).json({ error: 'Invalid credentials' }); } // Create token const token = jwt.sign( { id: user.rows[0].id, username: user.rows[0].username }, process.env.JWT_SECRET || 'fallback_secret', { expiresIn: '1h' } ); res.json({ token, user: { id: user.rows[0].id, username: user.rows[0].username, email: user.rows[0].email } }); } catch (err) { console.error(err); res.status(500).json({ error: 'Server error' }); } }); app.listen(PORT, () => { console.log(\`Server running on port \${PORT}\`); });