...

src/app/api/auth/[...nextauth]/route.ts

@@ -0,0 +1,53 @@
+import { pool } from "@/lib/db";
+import NextAuth, { SessionStrategy } from "next-auth";
+import CredentialsProvider from "next-auth/providers/credentials";
+import bcrypt from "bcryptjs";
+
+export const authOptions = {
+  providers: [
+    CredentialsProvider({
+      name: "Credentials",
+      credentials: {
+        username: { label: "Username", type: "text", placeholder: "jsmith" },
+        password: { label: "Password", type: "password" },
+      },
+      async authorize(credentials) {
+        if (!credentials?.username || !credentials?.password) {
+          return null;
+        }
+
+        try {
+          const result = await pool.query(
+            "SELECT * FROM users WHERE username = $1",
+            [credentials.username],
+          );
+
+          const user = result.rows[0];
+
+          if (!user) {
+            return null;
+          }
+
+          const isValidPassword = await bcrypt.compare(
+            credentials.password,
+            user.password,
+          );
+          if (!isValidPassword) return null;
+
+          return {
+            id: user.id,
+            username: user.username,
+          };
+        } catch (error) {
+          console.error("Auth error:", error);
+          return null;
+        }
+      },
+    }),
+  ],
+  session: { strategy: "jwt" as SessionStrategy },
+  pages: { signIn: "/login" },
+};
+
+const handler = NextAuth(authOptions);
+export { handler as GET, handler as POST };

src/app/api/users/[...slug]/route.ts

@@ -0,0 +1,22 @@
+import { UserController } from "@/lib/db";
+import { NextRequest } from "next/server";
+
+async function handler(
+  req: NextRequest,
+  { params }: { params: { slug: string[] } },
+) {
+  const { slug } = params;
+  if (slug.length !== 1) {
+    return new Response("Invalid slug", { status: 400 });
+  }
+  
+  if (req.method === "GET") {
+    return UserController.getUsers();
+  } else if (req.method === "POST") {
+    return UserController.createUser(await req.json());
+  } else {
+    return new Response("Method not allowed", { status: 405 });
+  }
+}
+
+export { handler as GET, handler as POST };

src/app/api/users/route.ts

@@ -0,0 +1,7 @@
+import { UserController } from "@/lib/db";
+import { NextRequest, NextResponse } from "next/server";
+
+export async function GET() {
+  const users = await UserController.getUsers();
+  return NextResponse.json(users, { status: 200 });
+}