generated from lucien/api-template
25 lines
No EOL
806 B
JavaScript
25 lines
No EOL
806 B
JavaScript
const express = require('express');
|
|
const { getConnection, addUser } = require('../libs/mysql');
|
|
const { checkAuth } = require('../libs/middlewares');
|
|
|
|
const router = express.Router();
|
|
|
|
router.post('/add', checkAuth, async (req, res) => {
|
|
const user = req.user;
|
|
const { name, lastname, email, numero, password } = req.body;
|
|
|
|
if (!name || !lastname || !email || !numero || !password) {
|
|
return res.status(400).json({ error: 'All fields are required' });
|
|
}
|
|
|
|
if (!user.admin) {
|
|
return res.status(403).json({ error: 'Permission denied' });
|
|
}
|
|
|
|
const connection = await getConnection();
|
|
await addUser(connection, name, lastname, email, numero, password)
|
|
connection.end();
|
|
return res.status(201).json({ message: 'User added' });
|
|
});
|
|
|
|
module.exports = router; |