MCP Hospital Assistant

const express = require('express'); const router = express.Router(); const bcrypt = require('bcrypt'); const { Pool } = require('pg'); const config = require('./config/config'); const pool = new Pool(config.PG_CONFIG); // ✅ Register endpoint router.post('/register', async (req, res) => { const { username, password } = req.body; if (!username || !password) return res.status(400).json({ error: 'Username and password required' }); try { // Hash password const hashedPassword = await bcrypt.hash(password, 10); // Insert into users table await pool.query( 'INSERT INTO users (username, password) VALUES ($1, $2)', [username, hashedPassword] ); return res.json({ message: '✅ Registered successfully' }); } catch (err) { return res.status(500).json({ error: '❌ Registration failed: ' + err.message }); } }); // ✅ Login router.post('/login', async (req, res) => { const { username, password } = req.body; try { const result = await pool.query('SELECT * FROM users WHERE username = $1', [username]); if (result.rows.length === 0) { return res.status(401).json({ error: 'User not found' }); } const user = result.rows[0]; const isMatch = await bcrypt.compare(password, user.password); if (!isMatch) { return res.status(401).json({ error: 'Invalid password' }); } req.session.user = { id: user.id, username: user.username }; res.json({ success: true }); } catch (err) { res.status(500).json({ error: 'Login failed: ' + err.message }); } }); // ✅ Logout router.post('/logout', (req, res) => { req.session.destroy(); res.json({ success: true }); }); // ✅ Check Auth router.get('/check-auth', (req, res) => { if (req.session.user) { res.json({ authenticated: true, user: req.session.user }); } else { res.json({ authenticated: false }); } }); module.exports = router;