From 25397b7cf0e48665b4499b881909f505de9e899b Mon Sep 17 00:00:00 2001
From: Akshay <nerdy@peppe.rs>
Date: Fri, 8 Nov 2024 22:27:41 +0000
Subject: feat: Add user registration, login, and subscription endpoints

---
 src/routes/index.js | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

(limited to 'src')

diff --git a/src/routes/index.js b/src/routes/index.js
index 77ddd78..f703d2e 100644
--- a/src/routes/index.js
+++ b/src/routes/index.js
@@ -67,6 +67,53 @@ router.get("/media/*", async (req, res) => {
 	res.render("media", { kind, url });
 });
 
+// POST /register
+router.post("/register", async (req, res) => {
+	const { username, password } = req.body;
+	try {
+		db.run("INSERT INTO users (username, password) VALUES (?, ?)", [
+			username,
+			password,
+		]);
+		res.status(201).send("User registered successfully");
+	} catch (err) {
+		res.status(400).send("Error registering user");
+	}
+});
+
+// POST /login
+router.post("/login", async (req, res) => {
+	const { username, password } = req.body;
+	const user = db
+		.query("SELECT * FROM users WHERE username = ? AND password = ?", [
+			username,
+			password,
+		])
+		.get();
+	if (user) {
+		res.status(200).send("Login successful");
+	} else {
+		res.status(401).send("Invalid credentials");
+	}
+});
+
+// POST /subscribe
+router.post("/subscribe", async (req, res) => {
+	const { username, subreddit } = req.body;
+	const user = db
+		.query("SELECT * FROM users WHERE username = ?", [username])
+		.get();
+	if (user) {
+		db.run("INSERT INTO subscriptions (user_id, subreddit) VALUES (?, ?)", [
+			user.id,
+			subreddit,
+		]);
+		res.status(201).send("Subscribed successfully");
+	} else {
+		res.status(404).send("User not found");
+	}
+});
+
 module.exports = router;
 
 function unescape_submission(response) {
-- 
cgit v1.2.3