import { query } from '../utils/database.js'; import bcrypt from 'bcryptjs'; export const checkPassword = async (req, res) => { try { const [settings] = await query('SELECT id FROM admin_settings WHERE setting_key = ?', ['admin_password']); res.json({ isFirstTime: !settings }); } catch (error) { console.error('Error checking password:', error); res.status(500).json({ message: 'Failed to check password status' }); } }; export const setPassword = async (req, res) => { try { const { password } = req.body; if (!password) { return res.status(400).json({ message: 'Password is required' }); } const hashedPassword = await bcrypt.hash(password, 10); // Check if a password already exists const [existingSettings] = await query('SELECT id FROM admin_settings WHERE setting_key = ?', ['admin_password']); if (existingSettings) { // Update existing password await query('UPDATE admin_settings SET setting_value = ? WHERE setting_key = ?', [hashedPassword, 'admin_password']); } else { // Insert new password await query('INSERT INTO admin_settings (setting_key, setting_value) VALUES (?, ?)', ['admin_password', hashedPassword]); } res.json({ message: 'Password set successfully' }); } catch (error) { console.error('Error setting password:', error); res.status(500).json({ message: 'Failed to set password' }); } }; export const verifyPassword = async (req, res) => { try { const { password } = req.body; if (!password) { return res.status(400).json({ message: 'Password is required' }); } const [settings] = await query('SELECT setting_value FROM admin_settings WHERE setting_key = ?', ['admin_password']); if (!settings) { return res.status(404).json({ message: 'No password set' }); } const isValid = await bcrypt.compare(password, settings.setting_value); if (!isValid) { return res.status(401).json({ message: 'Invalid password' }); } res.json({ message: 'Password verified successfully' }); } catch (error) { console.error('Error verifying password:', error); res.status(500).json({ message: 'Failed to verify password' }); } };