Added routes for login and bug reporting

src/routes/auth.ts

@@ -0,0 +1,55 @@
+import { Elysia, t } from "elysia";
+import { adminKeyGuard } from "../middleware/auth";
+import { loginUser, validateSession, logoutSession } from "../services/authService";
+import { Log } from "../logger";
+
+export const authRoutes = new Elysia({ prefix: "/api/admin/auth" })
+  .use(adminKeyGuard)
+  .post(
+    "/login",
+    async ({ body, error }) => {
+      const result = await loginUser(body.username, body.password);
+      if (!result) {
+        Log("AUTH", `Login failed for username=${body.username}`);
+        return error(401, { success: false, message: "Invalid credentials or account disabled" });
+      }
+      return { success: true, session_id: result.session_id, user: result.user };
+    },
+    {
+      body: t.Object({
+        username: t.String({ minLength: 1 }),
+        password: t.String({ minLength: 1 }),
+      }),
+      detail: { summary: "Login with username/password" },
+    }
+  )
+  .post(
+    "/logout",
+    async ({ headers }) => {
+      const sessionId = headers["x-session-token"];
+      if (sessionId) {
+        await logoutSession(sessionId);
+      }
+      return { success: true, message: "Logged out" };
+    },
+    {
+      detail: { summary: "Logout and invalidate session" },
+    }
+  )
+  .get(
+    "/validate",
+    async ({ headers, error }) => {
+      const sessionId = headers["x-session-token"];
+      if (!sessionId) {
+        return error(401, { success: false, message: "No session token provided" });
+      }
+      const user = await validateSession(sessionId);
+      if (!user) {
+        return error(401, { success: false, message: "Invalid or expired session" });
+      }
+      return { success: true, user };
+    },
+    {
+      detail: { summary: "Validate session and return user" },
+    }
+  );