logbuch/lib/auth.ts

import bcrypt from 'bcryptjs';
import { query } from './db';

export interface Beo {
  ID: number;
  Kuerzel: string;
  Name: string;
  Passwort: string | null;
  MustChangePassword: number;
}

export async function getBeoByKuerzel(kuerzel: string): Promise<Beo | null> {
  const rows = await query(
    'SELECT ID, Kuerzel, Name, Passwort, MustChangePassword FROM beos WHERE Kuerzel = ?',
    [kuerzel]
  ) as Beo[];
  return rows[0] ?? null;
}

export async function verifyCredentials(
  kuerzel: string,
  password: string
): Promise<{ beo: Beo; valid: boolean } | null> {
  const beo = await getBeoByKuerzel(kuerzel);
  if (!beo) return null;

  if (!beo.Passwort) {
    const valid = password === 'logbuch123';
    return { beo, valid };
  }

  const valid = await bcrypt.compare(password, beo.Passwort);
  return { beo, valid };
}

export async function hashPassword(password: string): Promise<string> {
  return bcrypt.hash(password, 10);
}