feat: registration and login with JWT auth

- users table: email, password_hash (bcrypt), role, is_active
- POST /auth/register — checks blocklist, hashes password, returns JWT
- POST /auth/login — verifies password, returns JWT
- Auth middleware: accepts env tokens (dev) OR valid JWTs
- end-user role → 403 Insufficient permissions on all /api/* routes
- JWT_SECRET + JWT_EXPIRES_IN env vars

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-21 13:04:17 +02:00
parent 5f79e76b67
commit 217aab7dcd
6 changed files with 246 additions and 6 deletions

View File

@@ -10,10 +10,12 @@
"dependencies": {
"@aws-sdk/client-s3": "^3.1050.0",
"@aws-sdk/lib-storage": "^3.1050.0",
"bcryptjs": "^3.0.3",
"cors": "^2.8.5",
"dotenv": "^16.4.5",
"express": "^4.19.2",
"express-validator": "^7.1.0",
"jsonwebtoken": "^9.0.3",
"multer": "^2.1.1",
"pg": "^8.11.3",
"uuid": "^14.0.0"