"use strict";(()=>{var e={};e.id=396,e.ids=[396],e.modules={3524:e=>{e.exports=require("@prisma/client")},7096:e=>{e.exports=require("bcrypt")},9344:e=>{e.exports=require("jsonwebtoken")},145:e=>{e.exports=require("next/dist/compiled/next-server/pages-api.runtime.prod.js")},6249:(e,t)=>{Object.defineProperty(t,"l",{enumerable:!0,get:function(){return function e(t,r){return r in t?t[r]:"then"in t&&"function"==typeof t.then?t.then(t=>e(t,r)):"function"==typeof t&&"default"===r?t:void 0}}})},8995:(e,t,r)=>{r.r(t),r.d(t,{config:()=>l,default:()=>c,routeModule:()=>p});var a={};r.r(a),r.d(a,{default:()=>d});var s=r(1802),n=r(7153),u=r(6249),i=r(3481),o=r(1026);async function d(e,t){if("POST"!==e.method)return t.status(405).json({success:!1,error:"Method not allowed"});try{let{username:r,password:a}=e.body;if(!r||!a)return t.status(400).json({success:!1,error:"Username and password are required"});let s=await i.K.authenticateUser(r,a);if(!s)return t.status(401).json({success:!1,error:"Invalid username or password"});if("BANNED"===s.status)return t.status(403).json({success:!1,error:"Account has been banned"});let n=(0,o.RA)(s.id);return t.setHeader("Set-Cookie",`token=${n}; HttpOnly; Path=/; Max-Age=604800; SameSite=Strict`),t.status(200).json({success:!0,data:{user:s,token:n}})}catch(e){return console.error("Login error:",e),t.status(500).json({success:!1,error:"Login failed"})}}let c=(0,u.l)(a,"default"),l=(0,u.l)(a,"config"),p=new s.PagesAPIRouteModule({definition:{kind:n.x.PAGES_API,page:"/api/v1/auth/login",pathname:"/api/v1/auth/login",bundlePath:"",filename:""},userland:a})},3481:(e,t,r)=>{r.d(t,{K:()=>n});var a=r(1450),s=r(1026);let n={async getUserById(e){let t=await a.Z.user.findUnique({where:{id:e},select:{id:!0,username:!0,avatarUrl:!0,role:!0,status:!0,createdAt:!0,lastLogin:!0}});return t?{...t,role:t.role,createdAt:t.createdAt.toISOString(),lastLogin:t.lastLogin?.toISOString()||new Date().toISOString(),avatarUrl:t.avatarUrl||""}:null},getUserByUsername:async e=>a.Z.user.findUnique({where:{username:e}}),async createUser(e,t,r){let n=await (0,s.c_)(t),u=`https://api.dicebear.com/7.x/avataaars/svg?seed=${e}`;return a.Z.user.create({data:{username:e,password:n,avatarUrl:u,role:"CREATOR",status:"ACTIVE"}})},async authenticateUser(e,t){let r=await this.getUserByUsername(e);return r&&r.password&&await (0,s.Gv)(t,r.password)?(await a.Z.user.update({where:{id:r.id},data:{lastLogin:new Date}}),{id:r.id,username:r.username,avatarUrl:r.avatarUrl||"",role:r.role,status:r.status,createdAt:r.createdAt.toISOString(),lastLogin:new Date().toISOString()}):null},getAllUsers:async()=>a.Z.user.findMany({orderBy:{createdAt:"desc"}}),updateUser:async(e,t)=>a.Z.user.update({where:{id:e},data:{username:t.username,avatarUrl:t.avatarUrl}}),updateUserRole:async(e,t)=>a.Z.user.update({where:{id:e},data:{role:t}}),async toggleUserStatus(e){let t=await a.Z.user.findUnique({where:{id:e}});if(!t)throw Error("User not found");let r="ACTIVE"===t.status?"BANNED":"ACTIVE";return a.Z.user.update({where:{id:e},data:{status:r}})}}},1026:(e,t,r)=>{r.d(t,{Gv:()=>d,RA:()=>c,WX:()=>l,c_:()=>o});var a=r(7096),s=r.n(a),n=r(9344),u=r.n(n);function i(){let e=process.env.JWT_SECRET;if(!e)throw Error("JWT_SECRET is not set");return e}async function o(e){return s().hash(e,10)}async function d(e,t){return s().compare(e,t)}function c(e){return u().sign({userId:e},i(),{expiresIn:"7d"})}function l(e){try{return u().verify(e,i())}catch(e){return null}}},1450:(e,t,r)=>{r.d(t,{Z:()=>s});var a=r(3524);let s=globalThis.prisma??new a.PrismaClient},7153:(e,t)=>{var r;Object.defineProperty(t,"x",{enumerable:!0,get:function(){return r}}),function(e){e.PAGES="PAGES",e.PAGES_API="PAGES_API",e.APP_PAGE="APP_PAGE",e.APP_ROUTE="APP_ROUTE"}(r||(r={}))},1802:(e,t,r)=>{e.exports=r(145)}};var t=require("../../../../webpack-api-runtime.js");t.C(e);var r=t(t.s=8995);module.exports=r})();