Merge pull request 'f052_admin_area' (#27) from f052_admin_area into development

Reviewed-on: #27
2025-08-21 11:08:44 +02:00
parent 7995aab697 ec15095da3
commit e3f4a97772
9 changed files with 373 additions and 20 deletions
--- a/src/routes/api/users/+server.ts
+++ b/src/routes/api/users/+server.ts
@@ -0,0 +1,38 @@
+import { json } from '@sveltejs/kit';
+import { addUser, getUsers } from '$lib/server/userService';
+import bcrypt from 'bcrypt';
+
+const saltRounds = 12;
+
+export function GET({ locals }) {
+	if (!locals.user) {
+		return json({ error: 'Unauthorized' }, { status: 401 });
+	}
+
+	const userList = getUsers();
+
+	return new Response(JSON.stringify(userList));
+}
+
+export async function POST({ request, locals }) {
+	if (!locals.user) {
+		return json({ error: 'Unauthorized' }, { status: 401 });
+	}
+
+	const data = await request.json();
+	const userName = data.userName;
+	const userPassword = data.userPassword;
+
+	if (!userName || !userPassword) {
+		return json({ error: 'Missing input' }, { status: 400 });
+	}
+
+	const hashedPassword = bcrypt.hashSync(userPassword, saltRounds);
+	const rowInfo = addUser(userName, hashedPassword);
+
+	if (rowInfo?.changes == 1) {
+		return json({ userId: rowInfo.lastInsertRowid, userName: userName }, { status: 201 });
+	} else {
+		return new Response(null, { status: 400 });
+	}
+}
--- a/src/routes/api/users/[user]/+server.ts
+++ b/src/routes/api/users/[user]/+server.ts
@@ -0,0 +1,13 @@
+import { json } from '@sveltejs/kit';
+import { deleteUser } from '$lib/server/userService';
+
+export async function DELETE({ params, locals }) {
+	if (!locals.user) {
+		return json({ error: 'Unauthorized' }, { status: 401 });
+	}
+
+	const userId = params.user;
+	const rowCount = deleteUser(userId);
+
+	return new Response(null, { status: rowCount == 1 ? 204 : 400 });
+}