Add auth system with invite-only registration and admin roles
JWT-based auth (hono/jwt + bcrypt), anonymous-first flow preserved. Registration requires invite code when REQUIRE_INVITE=true. Admin user seeded on startup (admin/admin, forced password reset). Login accepts email or username. Admin invitations management page in sidebar. Regular users get invite-a-friend button when USER_INVITATIONS > 0. Frontend gate screen blocks game access for unregistered users with invite code entry, registration, login, and password reset flows. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,27 @@
|
||||
import { eq } from 'drizzle-orm';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { db } from './index';
|
||||
import { users } from './schema';
|
||||
|
||||
export async function seedAdmin() {
|
||||
const [existing] = await db
|
||||
.select()
|
||||
.from(users)
|
||||
.where(eq(users.username, 'admin'))
|
||||
.limit(1);
|
||||
|
||||
if (existing) {
|
||||
console.log('Admin user already exists');
|
||||
return;
|
||||
}
|
||||
|
||||
const passwordHash = await bcrypt.hash('admin', 10);
|
||||
await db.insert(users).values({
|
||||
username: 'admin',
|
||||
passwordHash,
|
||||
role: 'admin',
|
||||
mustResetPassword: true,
|
||||
});
|
||||
|
||||
console.log('Admin user seeded (admin/admin — password reset required)');
|
||||
}
|
||||
Reference in New Issue
Block a user