feat: add credentials authentication (#1)

packages/api/src/root.ts

@@ -1,10 +1,8 @@
-import { authRouter } from "./router/auth";
-import { postRouter } from "./router/post";
+import { userRouter } from "./router/user";
 import { createTRPCRouter } from "./trpc";
 
 export const appRouter = createTRPCRouter({
-  auth: authRouter,
-  post: postRouter,
+  user: userRouter,
 });
 
 // export type definition of API

packages/api/src/router/auth.ts

@@ -1,11 +0,0 @@
-import { createTRPCRouter, protectedProcedure, publicProcedure } from "../trpc";
-
-export const authRouter = createTRPCRouter({
-  getSession: publicProcedure.query(({ ctx }) => {
-    return ctx.session;
-  }),
-  getSecretMessage: protectedProcedure.query(() => {
-    // testing type validation of overridden next-auth Session in @alparr/auth package
-    return "you can see this secret message!";
-  }),
-});

packages/api/src/router/post.ts

@@ -1,40 +0,0 @@
-import { z } from "zod";
-
-import { desc, eq, schema } from "@alparr/db";
-
-import { createTRPCRouter, protectedProcedure, publicProcedure } from "../trpc";
-
-export const postRouter = createTRPCRouter({
-  all: publicProcedure.query(({ ctx }) => {
-    // return ctx.db.select().from(schema.post).orderBy(desc(schema.post.id));
-    return ctx.db.query.post.findMany({ orderBy: desc(schema.post.id) });
-  }),
-
-  byId: publicProcedure
-    .input(z.object({ id: z.number() }))
-    .query(({ ctx, input }) => {
-      // return ctx.db
-      //   .select()
-      //   .from(schema.post)
-      //   .where(eq(schema.post.id, input.id));
-
-      return ctx.db.query.post.findFirst({
-        where: eq(schema.post.id, input.id),
-      });
-    }),
-
-  create: protectedProcedure
-    .input(
-      z.object({
-        title: z.string().min(1),
-        content: z.string().min(1),
-      }),
-    )
-    .mutation(({ ctx, input }) => {
-      return ctx.db.insert(schema.post).values(input);
-    }),
-
-  delete: protectedProcedure.input(z.number()).mutation(({ ctx, input }) => {
-    return ctx.db.delete(schema.post).where(eq(schema.post.id, input));
-  }),
-});

packages/api/src/router/user.ts

@@ -0,0 +1,39 @@
+import "server-only";
+
+import { TRPCError } from "@trpc/server";
+
+import { createSalt, hashPassword } from "@alparr/auth";
+import { createId, schema } from "@alparr/db";
+import { initUserSchema } from "@alparr/validation";
+
+import { createTRPCRouter, publicProcedure } from "../trpc";
+
+export const userRouter = createTRPCRouter({
+  initUser: publicProcedure
+    .input(initUserSchema)
+    .mutation(async ({ ctx, input }) => {
+      const firstUser = await ctx.db.query.users.findFirst({
+        columns: {
+          id: true,
+        },
+      });
+
+      if (firstUser) {
+        throw new TRPCError({
+          code: "FORBIDDEN",
+          message: "User already exists",
+        });
+      }
+
+      const salt = await createSalt();
+      const hashedPassword = await hashPassword(input.password, salt);
+
+      const userId = createId();
+      await ctx.db.insert(schema.users).values({
+        id: userId,
+        name: input.username,
+        password: hashedPassword,
+        salt,
+      });
+    }),
+});