From 0a05039b8b263031aaca77b2e502e16a1a1bdf2b Mon Sep 17 00:00:00 2001
From: Lukian <lulul7018@gmail.com>
Date: Fri, 25 Apr 2025 10:42:17 +0200
Subject: [PATCH] add: added register page

---
 back/api/accounts.js |  2 +-
 back/api/users.js    | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 back/api/users.js

diff --git a/back/api/accounts.js b/back/api/accounts.js
index 99c1e9d..51a18c9 100644
--- a/back/api/accounts.js
+++ b/back/api/accounts.js
@@ -1,5 +1,5 @@
 const express = require('express');
-const { getConnection, getUserAccounts } = require('../libs/mysql');
+const { getConnection } = require('../libs/mysql');
 const { checkAuth } = require('../libs/middlewares');
 
 const router = express.Router();
diff --git a/back/api/users.js b/back/api/users.js
new file mode 100644
index 0000000..9e53487
--- /dev/null
+++ b/back/api/users.js
@@ -0,0 +1,25 @@
+const express = require('express');
+const { getConnection, addUser } = require('../libs/mysql');
+const { checkAuth } = require('../libs/middlewares');
+
+const router = express.Router();
+
+router.post('/add', checkAuth, async (req, res) => {
+    const user = req.user;
+    const { name, lastname, email, numero, password } = req.body;
+
+    if (!name || !lastname || !email || !numero || !password) {
+        return res.status(400).json({ error: 'All fields are required' });
+    }
+
+    if (!user.admin) {
+        return res.status(403).json({ error: 'Permission denied' });
+    }
+
+    const connection = await getConnection();
+    await addUser(connection, name, lastname, email, numero, password)
+    connection.end();
+    return res.status(201).json({ message: 'User added' });
+});
+
+module.exports = router;
\ No newline at end of file