feat: wire frontend pages to tRPC APIs

- Add hooks (useAuth, useSubscription, useNotifications) for real API data - Add auth service (login/signup) with password hashing and session support - Replace stub auth with real tRPC calls in login/signup/onboarding pages - Replace mock dashboard data with real API data from hooks - Create service pages: DarkWatch, VoicePrint, SpamShield, HomeTitle, RemoveBrokers, Settings - Update Navbar, TopBar, Sidebar with real user data and correct routes - Add passwordHash field to users schema for credential auth - Fix tests to work with real hooks (mock tRPC/hooks)
2026-05-25 17:34:48 -04:00
parent eb8e57c674
commit 7cbcde6a6b
46 changed files with 2418 additions and 418 deletions
--- a/web/src/server/services/user.service.ts
+++ b/web/src/server/services/user.service.ts
@@ -2,6 +2,63 @@ import { TRPCError } from "@trpc/server";
 import { eq } from "drizzle-orm";
 import { db } from "~/server/db";
 import { users } from "~/server/db/schema/auth";
+import { hashPassword, verifyPassword } from "~/server/auth/password";
+import { createSession } from "~/server/auth/session";
+
+export async function createUserWithPassword(
+  name: string,
+  email: string,
+  password: string,
+) {
+  const [existing] = await db
+    .select()
+    .from(users)
+    .where(eq(users.email, email))
+    .limit(1);
+
+  if (existing) {
+    throw new TRPCError({
+      code: "CONFLICT",
+      message: "Email already in use",
+    });
+  }
+
+  const passwordHash = await hashPassword(password);
+  const [user] = await db
+    .insert(users)
+    .values({ name, email, passwordHash })
+    .returning();
+  return user;
+}
+
+export async function authenticateUser(
+  email: string,
+  password: string,
+) {
+  const [user] = await db
+    .select()
+    .from(users)
+    .where(eq(users.email, email))
+    .limit(1);
+
+  if (!user || !user.passwordHash) {
+    throw new TRPCError({
+      code: "UNAUTHORIZED",
+      message: "Invalid email or password",
+    });
+  }
+
+  const valid = await verifyPassword(password, user.passwordHash);
+  if (!valid) {
+    throw new TRPCError({
+      code: "UNAUTHORIZED",
+      message: "Invalid email or password",
+    });
+  }
+
+  const session = await createSession(user.id);
+  return { user, sessionToken: session.sessionToken };
+}

 export async function getUserById(id: string) {
  const user = await db.query.users.findFirst({