created signup option and added validation

Author: rxmox

shatter-backend/src/app.ts

@@ -1,6 +1,7 @@
 // Express framework gives us fucnctions to creeate web server, handle routes, process HTTP req and send responses
 import express from 'express';
 import userRoutes from './routes/user_route.ts'; // these routes define how to handel requests to /api/users
+import authRoutes from './routes/auth_routes';
 
 // Creating express application as a single "app" object, started in server.ts
 // This object represents entire web server and will be used to:
@@ -20,6 +21,7 @@ app.get('/', (_req, res) => {
 // Mounts the user routes under the path 'api/users'
 // any routes defined in user_route.ts will be accessible with URLs starting with /api/users
 app.use('/api/users', userRoutes);
+app.use('/api/auth', authRoutes);
 
 
 // Export the configured Express app, so that server.ts can import it

shatter-backend/src/controllers/auth_controller.ts

@@ -0,0 +1,92 @@
+import { Request, Response } from 'express';
+import { User } from '../models/user_model';
+import { hashPassword } from '../utils/password_hash';
+
+// Email validation regex
+const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]{2,}$/;
+
+/**
+ * POST /api/auth/signup
+ * Create new user account
+ * 
+ * @param req.body.name - User's display name
+ * @param req.body.email - User's email
+ * @param req.body.password - User's plain text password
+ * @returns 201 with userId on success
+ */
+export const signup = async (req: Request, res: Response) => {
+    try {
+	// extract data from req body
+	const { name, email, password } = req.body as {
+	    name?: string;
+	    email?: string;
+	    password?: string;
+	};
+
+	// validate required fields
+	if (!name || !email || !password) {
+	    return res.status(400).json({
+		error: 'name, email and password are required'
+	    });
+	}
+
+	// normalize email before validation
+	const normalizedEmail = email.toLowerCase().trim();
+
+	// validate email format
+	if (!EMAIL_REGEX.test(normalizedEmail)) {
+	    return res.status(400).json({
+		error: 'Invalid email format'
+	    });
+	}
+
+	// validate password length
+	if (password.length < 8) {
+	    return res.status(400).json({
+		error: 'Password must be at least 8 characters long'
+	    });
+	}
+
+	// check if email already exists
+	const existingUser = await User.findOne({ email: normalizedEmail }).lean();
+	if (existingUser) {
+	    return res.status(409).json({
+		error: 'Email already exists'
+	    });
+	}
+
+	// hash the password
+	const passwordHash = await hashPassword(password);
+
+	// create user in database
+	// mongoose automatically adds createdAt, updatedAt, _id with User.create
+	const newUser = await User.create({
+	    name,
+	    email: normalizedEmail,
+	    passwordHash
+	});
+
+	// return success
+	res.status(201).json({
+	    message: 'User created successfully',
+	    userId: newUser._id
+	});
+
+    } catch (err: any) {
+	console.error('POST /api/auth/signup error:', err);
+
+	// handle duplicate email error form MongoDB
+	if (err?.code === 11000) {
+	    return res.status(409).json({
+		error: 'Email already exists'
+	    });
+	}
+	
+	// Generic error Response
+	res.status(500).json({
+	    error: 'Failed to create user'
+	});
+    }
+};
+
+

shatter-backend/src/routes/auth_routes.ts

@@ -0,0 +1,9 @@
+import { Router } from 'express';
+import { signup } from '../controllers/auth_controller';
+
+const router = Router();
+
+// create new user account
+router.post('/signup', signup);
+
+export default router;