Self-service password reset

server/api/auth/register.post.ts

@@ -1,14 +1,23 @@
-import { createUser, getUserByUsername } from '~/server/utils/database'
+import { createUser, getUserByUsername, getUserByEmail } from '~/server/utils/database'
 import { setAuthCookie } from '~/server/utils/auth'
 
 export default defineEventHandler(async (event) => {
   const body = await readBody(event)
-  const { username, password } = body
+  const { username, password, email, firstName, lastName } = body
 
-  if (!username || !password) {
+  if (!username || !password || !email || !firstName || !lastName) {
     throw createError({
       statusCode: 400,
-      message: 'Username and password are required'
+      message: 'All fields are required'
+    })
+  }
+
+  // Validate email format
+  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
+  if (!emailRegex.test(email)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Invalid email format'
     })
   }
 
@@ -49,7 +58,7 @@ export default defineEventHandler(async (event) => {
     })
   }
 
-  // Check if user already exists
+  // Check if username already exists
   const existingUser = getUserByUsername(username.toLowerCase())
   if (existingUser) {
     throw createError({
@@ -58,9 +67,18 @@ export default defineEventHandler(async (event) => {
     })
   }
 
+  // Check if email already exists
+  const existingEmail = getUserByEmail(email.toLowerCase())
+  if (existingEmail) {
+    throw createError({
+      statusCode: 409,
+      message: 'Email already exists'
+    })
+  }
+
   try {
-    // Create the new user
-    createUser(username.toLowerCase(), password)
+    // Create the new user with all fields
+    createUser(username.toLowerCase(), password, email.toLowerCase(), firstName, lastName)
     
     // Log them in automatically
     setAuthCookie(event, username.toLowerCase())