User creation and management

server/api/users/delete/[id].delete.ts

@@ -0,0 +1,49 @@
+import { deleteUser, getUserByUsername } from '~/server/utils/database'
+import { getAuthCookie } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const username = getAuthCookie(event)
+  
+  if (!username) {
+    throw createError({
+      statusCode: 401,
+      message: 'Unauthorized'
+    })
+  }
+
+  const user = getUserByUsername(username)
+  
+  if (!user || user.is_admin !== 1) {
+    throw createError({
+      statusCode: 403,
+      message: 'Forbidden - Admin access required'
+    })
+  }
+
+  const id = parseInt(event.context.params?.id || '')
+  
+  if (isNaN(id)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Invalid user ID'
+    })
+  }
+
+  // Prevent deleting yourself
+  if (user.id === id) {
+    throw createError({
+      statusCode: 400,
+      message: 'Cannot delete your own account'
+    })
+  }
+
+  try {
+    deleteUser(id)
+    return { success: true }
+  } catch (error) {
+    throw createError({
+      statusCode: 500,
+      message: 'Failed to delete user'
+    })
+  }
+})