Add bootstrap-recreate endpoint for proper user creation

2026-01-28 17:22:07 +00:00
parent 68de97735f
commit 3fbf75b1e1
1 changed files with 26 additions and 20 deletions
--- a/apps/api/src/routes/hammer.ts
+++ b/apps/api/src/routes/hammer.ts
@@ -416,30 +416,36 @@ export const hammerRoutes = new Elysia({ prefix: '/hammer' })
    }),
  })

-  // Bootstrap: reset user password (temporary setup helper - REMOVE after use)
-  .post('/bootstrap-reset', async ({ body, set }) => {
-    const user = await db.query.users.findFirst({
-      where: eq(users.email, body.email),
+  // Bootstrap: delete and recreate user with proper BetterAuth password (temporary - REMOVE after use)
+  .post('/bootstrap-recreate', async ({ body, set }) => {
+    const { email, password, name } = body;
+    const existing = await db.query.users.findFirst({
+      where: eq(users.email, email),
    });
-    if (!user) {
-      set.status = 404;
-      throw new Error('User not found');
+    if (existing) {
+      const { accounts, sessions } = await import('../db/schema');
+      await db.delete(accounts).where(eq(accounts.userId, existing.id));
+      await db.delete(sessions).where(eq(sessions.userId, existing.id));
+      await db.delete(users).where(eq(users.id, existing.id));
    }
-    // Use BetterAuth's internal API to set password
-    const ctx = await auth.api.signInEmail({
-      body: { email: body.email, password: body.newPassword },
-    }).catch(() => null);
-    // If sign-in fails, the password doesn't match. We need to update via the accounts table.
-    // Use Bun's password hash directly
-    const hash = await Bun.password.hash(body.newPassword, { algorithm: 'bcrypt' });
-    const { accounts } = await import('../db/schema');
-    await db.update(accounts).set({ password: hash }).where(eq(accounts.userId, user.id));
-    // Also set role to admin
-    await db.update(users).set({ role: 'admin' }).where(eq(users.id, user.id));
-    return { success: true, email: body.email, role: 'admin' };
+    const result = await auth.api.signUpEmail({
+      body: { email, password, name },
+    });
+    if (!result) {
+      set.status = 500;
+      throw new Error('Failed to create user');
+    }
+    const newUser = await db.query.users.findFirst({
+      where: eq(users.email, email),
+    });
+    if (newUser) {
+      await db.update(users).set({ role: 'admin' }).where(eq(users.id, newUser.id));
+    }
+    return { success: true, email, role: 'admin' };
  }, {
    body: t.Object({
      email: t.String({ format: 'email' }),
-      newPassword: t.String({ minLength: 8 }),
+      password: t.String({ minLength: 8 }),
+      name: t.String(),
    }),
  });