PriceGhost/backend/src/routes/auth.ts

import { Router, Request, Response } from 'express';
import bcrypt from 'bcrypt';
import { userQueries } from '../models';
import { generateToken } from '../middleware/auth';

const router = Router();

// Register new user
router.post('/register', async (req: Request, res: Response) => {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      res.status(400).json({ error: 'Email and password are required' });
      return;
    }

    if (password.length < 8) {
      res.status(400).json({ error: 'Password must be at least 8 characters' });
      return;
    }

    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
    if (!emailRegex.test(email)) {
      res.status(400).json({ error: 'Invalid email format' });
      return;
    }

    const existingUser = await userQueries.findByEmail(email);
    if (existingUser) {
      res.status(409).json({ error: 'Email already registered' });
      return;
    }

    const saltRounds = 12;
    const passwordHash = await bcrypt.hash(password, saltRounds);

    const user = await userQueries.create(email, passwordHash);
    const token = generateToken(user.id);

    res.status(201).json({
      message: 'User registered successfully',
      token,
      user: {
        id: user.id,
        email: user.email,
      },
    });
  } catch (error) {
    console.error('Registration error:', error);
    res.status(500).json({ error: 'Registration failed' });
  }
});

// Login
router.post('/login', async (req: Request, res: Response) => {
  try {
    const { email, password } = req.body;

    if (!email || !password) {
      res.status(400).json({ error: 'Email and password are required' });
      return;
    }

    const user = await userQueries.findByEmail(email);
    if (!user) {
      res.status(401).json({ error: 'Invalid email or password' });
      return;
    }

    const isValidPassword = await bcrypt.compare(password, user.password_hash);
    if (!isValidPassword) {
      res.status(401).json({ error: 'Invalid email or password' });
      return;
    }

    const token = generateToken(user.id);

    res.json({
      message: 'Login successful',
      token,
      user: {
        id: user.id,
        email: user.email,
      },
    });
  } catch (error) {
    console.error('Login error:', error);
    res.status(500).json({ error: 'Login failed' });
  }
});

export default router;
Initial commit: PriceGhost price tracking application Full-stack application for tracking product prices: - Backend: Node.js + Express + TypeScript - Frontend: React + Vite + TypeScript - Database: PostgreSQL - Price scraping with Cheerio - JWT authentication - Background price checking with node-cron - Price history charts with Recharts - Docker support with docker-compose Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-20 13:58:13 -05:00			`import { Router, Request, Response } from 'express';`
			`import bcrypt from 'bcrypt';`
			`import { userQueries } from '../models';`
			`import { generateToken } from '../middleware/auth';`

			`const router = Router();`

			`// Register new user`
			`router.post('/register', async (req: Request, res: Response) => {`
			`try {`
			`const { email, password } = req.body;`

			`if (!email \|\| !password) {`
			`res.status(400).json({ error: 'Email and password are required' });`
			`return;`
			`}`

			`if (password.length < 8) {`
			`res.status(400).json({ error: 'Password must be at least 8 characters' });`
			`return;`
			`}`

			`const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;`
			`if (!emailRegex.test(email)) {`
			`res.status(400).json({ error: 'Invalid email format' });`
			`return;`
			`}`

			`const existingUser = await userQueries.findByEmail(email);`
			`if (existingUser) {`
			`res.status(409).json({ error: 'Email already registered' });`
			`return;`
			`}`

			`const saltRounds = 12;`
			`const passwordHash = await bcrypt.hash(password, saltRounds);`

			`const user = await userQueries.create(email, passwordHash);`
			`const token = generateToken(user.id);`

			`res.status(201).json({`
			`message: 'User registered successfully',`
			`token,`
			`user: {`
			`id: user.id,`
			`email: user.email,`
			`},`
			`});`
			`} catch (error) {`
			`console.error('Registration error:', error);`
			`res.status(500).json({ error: 'Registration failed' });`
			`}`
			`});`

			`// Login`
			`router.post('/login', async (req: Request, res: Response) => {`
			`try {`
			`const { email, password } = req.body;`

			`if (!email \|\| !password) {`
			`res.status(400).json({ error: 'Email and password are required' });`
			`return;`
			`}`

			`const user = await userQueries.findByEmail(email);`
			`if (!user) {`
			`res.status(401).json({ error: 'Invalid email or password' });`
			`return;`
			`}`

			`const isValidPassword = await bcrypt.compare(password, user.password_hash);`
			`if (!isValidPassword) {`
			`res.status(401).json({ error: 'Invalid email or password' });`
			`return;`
			`}`

			`const token = generateToken(user.id);`

			`res.json({`
			`message: 'Login successful',`
			`token,`
			`user: {`
			`id: user.id,`
			`email: user.email,`
			`},`
			`});`
			`} catch (error) {`
			`console.error('Login error:', error);`
			`res.status(500).json({ error: 'Login failed' });`
			`}`
			`});`

			`export default router;`