feat(49): create authorization

Author: cherman23

package.json

@@ -27,6 +27,8 @@
     },
     "dependencies": {
         "@prisma/client": "6.15.0",
+        "bcrypt": "^6.0.0",
+        "jose": "^6.1.0",
         "next": "15.5.2",
         "prisma": "^6.15.0",
         "react": "19.1.0",
@@ -36,6 +38,7 @@
     "devDependencies": {
         "@eslint/eslintrc": "^3",
         "@tailwindcss/postcss": "^4",
+        "@types/bcrypt": "^6.0.0",
         "@types/node": "^22",
         "@types/react": "^19",
         "@types/react-dom": "^19",

pnpm-lock.yaml

@@ -0,0 +1,8 @@
+/*
+  Warnings:
+
+  - Added the required column `hashedPassword` to the `User` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- AlterTable
+ALTER TABLE "public"."User" ADD COLUMN     "hashedPassword" TEXT NOT NULL;

prisma/migrations/20251008012125_add_password_to_user/migration.sql

@@ -9,31 +9,32 @@ datasource db {
 }
 
 model Organization {
-  id        String   @id @unique @default(uuid())
-  name      String
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
-  createdById String @unique
-  createdBy User @relation("CreatedOrganization", fields: [createdById], references: [id])
-  users              User[] @relation("UserOrganization")
+  id                 String               @id @unique @default(uuid())
+  name               String
+  createdAt          DateTime             @default(now())
+  updatedAt          DateTime             @updatedAt
+  createdById        String               @unique
+  createdBy          User                 @relation("CreatedOrganization", fields: [createdById], references: [id])
+  users              User[]               @relation("UserOrganization")
   positions          Position[]
   candidates         Candidate[]
   AssessmentTemplate AssessmentTemplate[]
   TaskTemplate       TaskTemplate[]
 }
 
 model User {
-  id           String        @id @unique @default(uuid())
-  name         String
-  email        String       @unique
-  orgId        String?
-  createdAt    DateTime     @default(now())
-  updatedAt    DateTime     @updatedAt
-  organization Organization? @relation("UserOrganization", fields: [orgId], references: [id])
+  id                  String        @id @unique @default(uuid())
+  name                String
+  email               String        @unique
+  orgId               String?
+  hashedPassword      String
+  createdAt           DateTime      @default(now())
+  updatedAt           DateTime      @updatedAt
+  organization        Organization? @relation("UserOrganization", fields: [orgId], references: [id])
   createdOrganization Organization? @relation("CreatedOrganization")
-  userRoles    UserRole[]
-  Review       Review[]
-  Comment      Comment[]
+  userRoles           UserRole[]
+  Review              Review[]
+  Comment             Comment[]
 }
 
 model Role {

prisma/schema.prisma

@@ -10,6 +10,7 @@ async function main() {
             update: {},
             create: {
                 id: 'e99335bd-9dd7-4260-8977-2eeaa4df799c',
+                hashedPassword: 'abcd',
                 name: 'Admin User',
                 email: 'admin@techcorp.com',
             },
@@ -20,6 +21,7 @@ async function main() {
             create: {
                 id: '68992d1e-e119-4874-b768-bf685d10194e',
                 name: 'John Doe',
+                hashedPassword: 'abcd',
                 email: 'john.doe@techcorp.com',
             },
         }),
@@ -29,6 +31,7 @@ async function main() {
             create: {
                 id: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890',
                 name: 'Jane Smith',
+                hashedPassword: 'abcd',
                 email: 'jane.smith@startupxyz.com',
             },
         }),
@@ -38,6 +41,7 @@ async function main() {
             create: {
                 id: 'b2c3d4e5-f6g7-8901-bcde-f12345678901',
                 name: 'Bob Wilson',
+                hashedPassword: 'abcd',
                 email: 'bob.wilson@enterprise.com',
             },
         }),

prisma/seed.ts

@@ -0,0 +1,3 @@
+export default function LoginPage() {
+    return <div className="">login</div>;
+}

src/app/(web)/(auth)/login/page.tsx

@@ -0,0 +1,3 @@
+export default function SignupPage() {
+    return <div className="">signup</div>;
+}

src/app/(web)/(auth)/signup/page.tsx

@@ -0,0 +1,3 @@
+export default function DashboardPage() {
+    return <div className=""></div>;
+}

src/app/(web)/dashboard/page.tsx

@@ -0,0 +1,37 @@
+import { type NextRequest } from 'next/server';
+import { sargeApiError, sargeApiResponse } from '@/lib/responses';
+import { login } from '@/lib/auth/auth-service';
+import { InvalidInputError } from '@/lib/schemas/errors';
+
+export async function POST(request: NextRequest) {
+    try {
+        const body = await request.json();
+
+        if (!body.email || !body.password) {
+            return sargeApiError('Email and password are required', 400);
+        }
+
+        const user = await login({
+            email: body.email,
+            password: body.password,
+        });
+
+        return sargeApiResponse(user, 200);
+    } catch (error) {
+        if (error instanceof InvalidInputError) {
+            return sargeApiError(error.message, 400);
+        }
+
+        const message = error instanceof Error ? error.message : String(error);
+
+        if (message.includes('Invalid credentials')) {
+            return sargeApiError('Invalid email or password', 401);
+        }
+
+        if (message.includes('Login implementation needed')) {
+            return sargeApiError('Authentication not yet configured', 501);
+        }
+
+        return sargeApiError(message, 500);
+    }
+}

src/app/api/auth/login/route.ts

@@ -0,0 +1,13 @@
+import { type NextRequest } from 'next/server';
+import { sargeApiResponse } from '@/lib/responses';
+import { logout } from '@/lib/auth/auth-service';
+
+export async function POST(_request: NextRequest) {
+    try {
+        await logout();
+        return sargeApiResponse({ message: 'Logged out successfully' }, 200);
+    } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return sargeApiResponse({ message: 'Logged out', error: message }, 200);
+    }
+}