feat: add initial user endpoints

Author: njncalub

deno.json

@@ -18,6 +18,8 @@
   "imports": {
     "@/": "./",
     "$fresh/": "https://deno.land/x/fresh@1.7.3/",
+    "@felix/bcrypt": "jsr:@felix/bcrypt@^1.0.5",
+    "@std/ulid": "jsr:@std/ulid@^1.0.0",
     "@surrealdb/surrealdb": "jsr:@surrealdb/surrealdb@^1.3.2",
     "preact": "https://esm.sh/preact@10.22.0",
     "preact/": "https://esm.sh/preact@10.22.0/",
@@ -26,7 +28,8 @@
     "tailwindcss": "npm:tailwindcss@3.4.1",
     "tailwindcss/": "npm:/tailwindcss@3.4.1/",
     "tailwindcss/plugin": "npm:/tailwindcss@3.4.1/plugin.js",
-    "$std/": "https://deno.land/std@0.216.0/"
+    "$std/": "https://deno.land/std@0.216.0/",
+    "zod": "https://deno.land/x/zod@v3.24.3/mod.ts"
   },
   "compilerOptions": {
     "jsx": "react-jsx",

example.rest

@@ -0,0 +1,23 @@
+# See documentation at:
+# - https://developer.fluro.io
+# - https://marketplace.visualstudio.com/items?itemName=humao.rest-client
+
+
+@baseUrl = http://localhost:8000
+@contentType = application/json
+
+###
+# Get all Users
+GET {{baseUrl}}/api/users
+content-type: {{contentType}}
+
+###
+# Create new User
+POST {{baseUrl}}/api/users
+content-type: {{contentType}}
+
+{
+  "email": "example@gmail.com",
+  "password": "sample",
+  "gender": "male"
+}

routes/api/users.ts

@@ -1,14 +1,49 @@
 import { Handlers } from "$fresh/server.ts";
 import { db, initDB } from "@/lib/surreal.ts";
+import { RecordId } from "@surrealdb/surrealdb";
+import { ulid } from "@std/ulid";
+import { hash } from "@felix/bcrypt";
+import { PublicUser, PublicUserSchema } from "@/types.ts";
+
+await initDB();
 
 export const handler: Handlers<null> = {
   async GET(_req, _ctx) {
-    await initDB();
+    const results: PublicUser[][] = await db.query(`
+      SELECT id, name FROM user;
+    `);
+    return new Response(JSON.stringify(results[0], null, 2), {
+      headers: { "Content-Type": "application/json" },
+    });
+  },
 
-    const users = await db.select("user");
+  async POST(req, _ctx) {
+    const body = await req.json();
+    const { email, password } = body;
 
-    return new Response(JSON.stringify(users, null, 2), {
-      headers: { "Content-Type": "application/json" },
+    if (!email || !password) {
+      return new Response(
+        JSON.stringify({ error: "Email and password are required." }),
+        { status: 400, headers: { "Content-Type": "application/json" } },
+      );
+    }
+
+    const hashedPassword = await hash(password);
+    const emailVerificationToken = ulid();
+
+    const user = await db.create<PublicUser>(new RecordId("user", ulid()), {
+      email,
+      password_hash: hashedPassword,
+      email_verification_token: emailVerificationToken,
     });
+    const parsed = PublicUserSchema.parse(user);
+
+    return new Response(
+      JSON.stringify(parsed, null, 2),
+      {
+        headers: { "Content-Type": "application/json" },
+        status: 201,
+      },
+    );
   },
 };

schema.surrealql

@@ -1,6 +1,45 @@
 OPTION IMPORT;
 
+-- Delete all existing tables
+REMOVE TABLE user;
+REMOVE TABLE skill;
+REMOVE TABLE session;
+REMOVE TABLE has_skill;
+REMOVE TABLE has_session;
+
+-- USERS
 DEFINE TABLE user TYPE NORMAL SCHEMAFULL PERMISSIONS NONE;
-DEFINE FIELD name ON user TYPE string PERMISSIONS FULL;
+DEFINE FIELD id ON user TYPE string ASSERT $value != NONE PERMISSIONS NONE;
+DEFINE FIELD email ON user TYPE string ASSERT string::is::email($value) PERMISSIONS FULL;
+DEFINE FIELD email_verified ON user TYPE bool DEFAULT false PERMISSIONS FULL;
+DEFINE FIELD password_hash ON user TYPE string PERMISSIONS NONE;
+DEFINE FIELD name ON user TYPE option<string> DEFAULT NONE PERMISSIONS FULL;
+DEFINE FIELD gender ON user TYPE option<string> DEFAULT NONE PERMISSIONS FULL;
+DEFINE FIELD picture ON user TYPE option<string> DEFAULT NONE PERMISSIONS FULL;
+DEFINE FIELD email_verification_token ON user TYPE string PERMISSIONS NONE;
+DEFINE FIELD password_reset_token ON user TYPE option<string> DEFAULT NONE PERMISSIONS NONE;
+DEFINE FIELD password_reset_expiry ON user TYPE option<datetime> DEFAULT NONE PERMISSIONS NONE;
+DEFINE FIELD oauth_providers ON user TYPE option<array> DEFAULT [] PERMISSIONS FULL;
 DEFINE FIELD date_created ON user TYPE datetime DEFAULT time::now() PERMISSIONS FULL;
 DEFINE FIELD date_updated ON user TYPE datetime DEFAULT time::now() PERMISSIONS FULL;
+
+-- SKILLS
+DEFINE TABLE skill TYPE NORMAL SCHEMAFULL PERMISSIONS NONE;
+DEFINE FIELD name ON skill TYPE string ASSERT $value != NONE PERMISSIONS FULL;
+DEFINE FIELD category ON skill TYPE string PERMISSIONS FULL;
+DEFINE FIELD description ON skill TYPE string PERMISSIONS FULL;
+
+-- SESSIONS
+DEFINE TABLE session TYPE NORMAL SCHEMAFULL PERMISSIONS NONE;
+DEFINE FIELD token ON session TYPE string ASSERT $value != NONE PERMISSIONS NONE;
+DEFINE FIELD issued_at ON session TYPE datetime DEFAULT time::now() PERMISSIONS FULL;
+DEFINE FIELD expires_at ON session TYPE datetime PERMISSIONS FULL;
+DEFINE FIELD ip_address ON session TYPE string PERMISSIONS FULL;
+DEFINE FIELD user_agent ON session TYPE string PERMISSIONS FULL;
+
+-- EDGE: USER -> SKILL (HAS_SKILL)
+DEFINE TABLE has_skill SCHEMALESS PERMISSIONS NONE;
+DEFINE FIELD proficiency ON has_skill TYPE string;
+
+-- EDGE: USER -> SESSION (HAS_SESSION)
+DEFINE TABLE has_session SCHEMALESS PERMISSIONS NONE;

types.ts

@@ -0,0 +1,14 @@
+import { z } from "zod";
+import { RecordId } from "@surrealdb/surrealdb";
+
+export const PublicUserSchema = z.object({
+  id: z.instanceof(RecordId).optional(),
+  email: z.string().email(),
+  password_hash: z.string().optional(),
+  email_verification_token: z.string().optional(),
+  email_verified: z.boolean().optional(),
+  name: z.string().optional(),
+  date_created: z.date().optional(),
+});
+
+export type PublicUser = z.infer<typeof PublicUserSchema>;