Initial commit: LuHost - Luanti Server Management Web Interface

A modern web interface for Luanti (Minetest) server management with ContentDB integration.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

routes/users.js

@@ -0,0 +1,118 @@
+const express = require('express');
+const AuthManager = require('../utils/auth');
+const { requireAuth } = require('../middleware/auth');
+
+const router = express.Router();
+const authManager = new AuthManager();
+
+// Initialize auth manager
+authManager.initialize().catch(console.error);
+
+// All routes require authentication
+router.use(requireAuth);
+
+// User management page
+router.get('/', async (req, res) => {
+  try {
+    const users = await authManager.getAllUsers();
+    
+    res.render('users/index', {
+      title: 'User Management',
+      users: users,
+      currentPage: 'users'
+    });
+  } catch (error) {
+    console.error('Error getting users:', error);
+    res.status(500).render('error', {
+      error: 'Failed to load users',
+      message: error.message
+    });
+  }
+});
+
+// Create new user page
+router.get('/new', (req, res) => {
+  res.render('users/new', {
+    title: 'Create New User',
+    currentPage: 'users'
+  });
+});
+
+// Process user creation
+router.post('/create', async (req, res) => {
+  try {
+    const { username, password, confirmPassword } = req.body;
+    const createdByUserId = req.session.user.id;
+    
+    // Validate inputs
+    if (!username || !password || !confirmPassword) {
+      return res.render('users/new', {
+        title: 'Create New User',
+        error: 'All fields are required',
+        currentPage: 'users',
+        formData: { username }
+      });
+    }
+    
+    if (password !== confirmPassword) {
+      return res.render('users/new', {
+        title: 'Create New User',
+        error: 'Passwords do not match',
+        currentPage: 'users',
+        formData: { username }
+      });
+    }
+    
+    const user = await authManager.createUser(username, password, createdByUserId);
+    
+    res.redirect('/users?created=' + encodeURIComponent(username));
+    
+  } catch (error) {
+    console.error('User creation error:', error);
+    
+    res.render('users/new', {
+      title: 'Create New User',
+      error: error.message,
+      currentPage: 'users',
+      formData: { 
+        username: req.body.username
+      }
+    });
+  }
+});
+
+// Delete user
+router.post('/delete/:userId', async (req, res) => {
+  try {
+    const { userId } = req.params;
+    const currentUserId = req.session.user.id;
+    
+    // Prevent self-deletion
+    if (parseInt(userId) === currentUserId) {
+      return res.status(400).json({ error: 'Cannot delete your own account' });
+    }
+    
+    const deleted = await authManager.deleteUser(userId);
+    
+    if (deleted) {
+      if (req.headers.accept && req.headers.accept.includes('application/json')) {
+        res.json({ message: 'User deleted successfully' });
+      } else {
+        res.redirect('/users?deleted=true');
+      }
+    } else {
+      res.status(404).json({ error: 'User not found' });
+    }
+    
+  } catch (error) {
+    console.error('Error deleting user:', error);
+    
+    if (req.headers.accept && req.headers.accept.includes('application/json')) {
+      res.status(500).json({ error: 'Failed to delete user' });
+    } else {
+      res.redirect('/users?error=' + encodeURIComponent(error.message));
+    }
+  }
+});
+
+module.exports = router;