feat(auth): add admin-only user registration and improve JWT Handling

Implemented secure admin-only user creation flow and improved authentication middleware.

- Protected POST /auth/register (valid JWT + ADMIN role)
- Auth middleware to validate tokens and handle expiration.
- Prisma User Creation (role enum + hashed passwords)

Completed the backend portion of the authentication/authorization loop.

Author: kevinduncke

package-lock.json

@@ -8,7 +8,8 @@
     "build": "tsc",
     "start": "node dist/server.js",
     "lint": "echo \"no linting yet\"",
-    "test": "echo \"No test specified\""
+    "test": "echo \"No test specified\"",
+    "seed": "ts-node prisma/seed.ts"
   },
   "repository": {
     "type": "git",
@@ -28,15 +29,19 @@
     "@types/cors": "^2.8.19",
     "@types/express": "^5.0.6",
     "@types/node": "^25.2.0",
+    "bcrypt": "^6.0.0",
     "cors": "^2.8.6",
     "dotenv": "^17.2.3",
     "express": "^5.2.1",
     "jest": "^30.2.0",
+    "jsonwebtoken": "^9.0.3",
     "ts-node-dev": "^2.0.0"
   },
   "devDependencies": {
+    "@types/bcrypt": "^6.0.0",
     "@types/jest": "^30.0.0",
+    "@types/jsonwebtoken": "^9.0.10",
     "prisma": "^7.3.0",
     "typescript": "^5.9.3"
   }
-}
+}

package.json

@@ -0,0 +1,2 @@
+-- CreateEnum
+CREATE TYPE "Role" AS ENUM ('ADMIN', 'DOCTOR', 'RECEPTIONIST');

prisma/migrations/20260205231258_add_user_and_role/migration.sql

@@ -11,11 +11,17 @@ model User {
   id        String   @id @default(cuid())
   email     String   @unique
   password  String
-  role      String   // 'admin' | 'doctor' | 'receptionist'
+  role      String
   createdAt DateTime @default(now())
   updatedAt DateTime @updatedAt
 }
 
+enum Role {
+  ADMIN
+  DOCTOR
+  RECEPTIONIST
+}
+
 model Patient {
   id        String  @id @default(cuid())
   firstName String

prisma/schema.prisma

@@ -0,0 +1,46 @@
+import dotenv from 'dotenv';
+import { PrismaPg } from '@prisma/adapter-pg';
+import { PrismaClient, Role } from '../src/config/generated/client';
+import bcrypt from 'bcrypt';
+
+dotenv.config();
+
+// Initialize Prisma Client with PSQL Adapter. ;(
+const adapter = new PrismaPg({ connectionString: process.env.DATABASE_URL });
+const prisma = new PrismaClient({ adapter });
+const SALT_ROUNDS = 10;
+
+// Seed main function to create an admin user.
+async function main() {
+    const email = 'admin@medsoft.local';
+    const password = 'adminDoc123!';
+
+    // Check if admin user already exists.
+    const existing = await prisma.user.findUnique({ where: { email } });
+    if (existing) {
+        console.log('Admin user already exists. Skipping creation...');
+        return;
+    }
+
+    // Hash new password and create admin user.
+    const hash = await bcrypt.hash(password, SALT_ROUNDS);
+
+    // Create admin user.
+    await prisma.user.create({
+        data: {
+            email,
+            password: hash,
+            role: Role.ADMIN,
+        },
+    });
+
+    // Log admin user email + password.. (Remove in prod).
+    console.log('Admin user created with email: ' + email + ' and a password: ' + password);
+}
+
+// Execute the main function to seed the database with an admin user (testing only).
+main()
+    .catch(console.error)
+    .finally(async () => {
+        await prisma.$disconnect();
+    });