smarr · thomasb202 · Mar 23, 2026 · Mar 23, 2026 · Mar 23, 2026 · Apr 8, 2026
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
       RDB_DB: rebenchdb
       RDB_PORT: 5432
       REFRESH_SECRET: refresh
+      JWT_SECRET: dev-secret-change-in-production
       DEV: true
     depends_on:
       - postgres

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -14,12 +14,14 @@
     "@octokit/auth-app": "8.2.0",
     "@octokit/rest": "22.0.1",
     "@sgratzl/chartjs-chart-boxplot": "4.4.5",
+    "bcrypt": "^6.0.0",
     "canvas": "3.2.3",
     "chart.js": "4.5.1",
     "chartjs-plugin-annotation": "3.1.0",
     "decimal.js": "10.6.0",
     "ejs": "5.0.2",
     "join-images": "1.1.5",
+    "jsonwebtoken": "^9.0.3",
     "koa": "3.2.0",
     "koa-body": "7.0.1",
     "pg": "8.20.0",
@@ -40,6 +42,9 @@
   "devDependencies": {
     "@eslint/js": "10.0.1",
     "@octokit/types": "16.0.0",
+    "@types/bcrypt": "^6.0.0",
+    "@types/ejs": "3.1.5",
+    "@types/jsonwebtoken": "^9.0.10",
     "@types/jquery": "4.0.0",
     "@types/koa": "3.0.2",
     "@types/koa__router": "12.0.5",

diff --git a/src/backend/auth/auth-db.ts b/src/backend/auth/auth-db.ts
@@ -0,0 +1,50 @@
+import type { Database } from '../db/db.js';
+
+export interface AppUser {
+  id: number;
+  username: string;
+  email: string;
+  password_hash: string;
+  created_at: Date;
+  is_active: boolean;
+}
+
+export async function getUserByUsername(
+  db: Database,
+  username: string
+): Promise<AppUser | null> {
+  const result = await db.query<AppUser>({
+    name: 'getUserByUsername',
+    text: 'SELECT * FROM appuser WHERE username = $1',
+    values: [username]
+  });
+  return result.rows[0] ?? null;
+}
+
+export async function getUserByEmail(
+  db: Database,
+  email: string
+): Promise<AppUser | null> {
+  const result = await db.query<AppUser>({
+    name: 'getUserByEmail',
+    text: 'SELECT * FROM appuser WHERE email = $1',
+    values: [email]
+  });
+  return result.rows[0] ?? null;
+}
+
+export async function createUser(
+  db: Database,
+  username: string,
+  email: string,
+  passwordHash: string
+): Promise<AppUser> {
+  const result = await db.query<AppUser>({
+    name: 'createUser',
+    text: `INSERT INTO appuser (username, email, password_hash)
+           VALUES ($1, $2, $3)
+           RETURNING *`,
+    values: [username, email, passwordHash]
+  });
+  return result.rows[0];
+}