migrate from SQLite to PostgreSQL with Drizzle ORM

- Updated all packages to latest versions (React 19, Next.js 14.2.32) - Replaced sqlite3 with pg and drizzle-orm dependencies - Created complete PostgreSQL schema with relationships and indexes - Migrated all API endpoints from SQLite to Drizzle queries - Added database seeding with sample data - Updated authentication to use bcrypt instead of pbkdf2 - Configured connection pooling for PostgreSQL - Updated app version to 1.0.0 - All endpoints tested and working correctly
2025-09-06 12:56:33 +02:00
parent 52bde64e7f
commit 860070a302
26 changed files with 2526 additions and 2403 deletions
--- a/pages/api/auth/login.ts
+++ b/pages/api/auth/login.ts
@@ -1,11 +1,7 @@
 import type { NextApiRequest, NextApiResponse } from "next"
-import sqlite3 from "sqlite3"
-import path from "path"
-import crypto from "crypto"
-
-function hashPassword(password: string, salt: string): string {
-  return crypto.pbkdf2Sync(password, salt, 10000, 64, 'sha256').toString('hex')
-}
+import { db, schema } from '../../../lib/db/connection'
+import { eq } from 'drizzle-orm'
+import bcrypt from 'bcryptjs'

 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method !== "POST") return res.status(405).json({ error: "Method not allowed" })
@@ -16,45 +12,31 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
    return res.status(400).json({ error: "Email and password required" })
  }
  
-  const dbPath = path.join(process.cwd(), "database", "antihoax.db")
-  const db = new sqlite3.Database(dbPath)
-  
  try {
-    const user = await new Promise<any>((resolve, reject) => {
-      db.get(
-        "SELECT id, email, password_hash, salt, role, is_active FROM users WHERE email = ?",
-        [email],
-        (err, row) => {
-          if (err) reject(err)
-          else resolve(row)
-        }
-      )
-    })
+    const users = await db.select()
+      .from(schema.users)
+      .where(eq(schema.users.email, email))
+      .limit(1)
    
-    if (!user) {
+    if (users.length === 0) {
      return res.status(401).json({ error: "Invalid credentials" })
    }
    
-    if (!user.is_active) {
+    const user = users[0]
+    
+    if (!user.isActive) {
      return res.status(401).json({ error: "Account is disabled" })
    }
    
-    const hashedPassword = hashPassword(password, user.salt)
-    if (hashedPassword !== user.password_hash) {
+    const isValidPassword = await bcrypt.compare(password, user.passwordHash)
+    if (!isValidPassword) {
      return res.status(401).json({ error: "Invalid credentials" })
    }
    
    // Update last login
-    await new Promise<void>((resolve, reject) => {
-      db.run(
-        "UPDATE users SET last_login = datetime('now') WHERE id = ?",
-        [user.id],
-        (err) => {
-          if (err) reject(err)
-          else resolve()
-        }
-      )
-    })
+    await db.update(schema.users)
+      .set({ lastLogin: new Date() })
+      .where(eq(schema.users.id, user.id))
    
    res.json({
      success: true,
@@ -69,7 +51,5 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
  } catch (error) {
    console.error('Login error:', error)
    res.status(500).json({ error: "Login failed" })
-  } finally {
-    db.close()
  }
 }