Add authentication, user management, and database migration features

- Implement OAuth 2.0 and PAT authentication methods
- Add user management, roles, and profile functionality
- Add database migrations and admin user scripts
- Update services for authentication and user settings
- Add protected routes and permission hooks
- Update documentation for authentication and database access

backend/scripts/check-admin-user.ts

@@ -0,0 +1,109 @@
+/**
+ * Check Admin User
+ * 
+ * Script to check if the admin user exists and verify credentials.
+ * 
+ * Usage:
+ *   tsx scripts/check-admin-user.ts
+ */
+
+import { getAuthDatabase } from '../src/services/database/migrations.js';
+import { userService } from '../src/services/userService.js';
+import { roleService } from '../src/services/roleService.js';
+
+async function main() {
+  try {
+    const db = getAuthDatabase();
+    
+    console.log('\n=== Checking Admin User ===\n');
+    
+    // Check environment variables
+    const adminEmail = process.env.ADMIN_EMAIL;
+    const adminUsername = process.env.ADMIN_USERNAME || 'admin';
+    const adminPassword = process.env.ADMIN_PASSWORD;
+    
+    console.log('Environment Variables:');
+    console.log(`  ADMIN_EMAIL: ${adminEmail || 'NOT SET'}`);
+    console.log(`  ADMIN_USERNAME: ${adminUsername}`);
+    console.log(`  ADMIN_PASSWORD: ${adminPassword ? '***SET***' : 'NOT SET'}`);
+    console.log('');
+    
+    // Check if users table exists
+    try {
+      const userCount = await db.queryOne<{ count: number }>(
+        'SELECT COUNT(*) as count FROM users'
+      );
+      console.log(`Total users in database: ${userCount?.count || 0}`);
+    } catch (error) {
+      console.error('❌ Users table does not exist. Run migrations first: npm run migrate');
+      await db.close();
+      process.exit(1);
+    }
+    
+    // Try to find user by email
+    if (adminEmail) {
+      const userByEmail = await userService.getUserByEmail(adminEmail);
+      if (userByEmail) {
+        console.log(`✓ User found by email: ${adminEmail}`);
+        console.log(`  - ID: ${userByEmail.id}`);
+        console.log(`  - Username: ${userByEmail.username}`);
+        console.log(`  - Display Name: ${userByEmail.display_name}`);
+        console.log(`  - Active: ${userByEmail.is_active}`);
+        console.log(`  - Email Verified: ${userByEmail.email_verified}`);
+        
+        // Check roles
+        const roles = await roleService.getUserRoles(userByEmail.id);
+        console.log(`  - Roles: ${roles.map(r => r.name).join(', ') || 'None'}`);
+        
+        // Test password if provided
+        if (adminPassword) {
+          const isValid = await userService.verifyPassword(adminPassword, userByEmail.password_hash);
+          console.log(`  - Password verification: ${isValid ? '✓ VALID' : '✗ INVALID'}`);
+        }
+      } else {
+        console.log(`✗ User NOT found by email: ${adminEmail}`);
+      }
+    }
+    
+    // Try to find user by username
+    const userByUsername = await userService.getUserByUsername(adminUsername);
+    if (userByUsername) {
+      console.log(`✓ User found by username: ${adminUsername}`);
+      console.log(`  - ID: ${userByUsername.id}`);
+      console.log(`  - Email: ${userByUsername.email}`);
+      console.log(`  - Display Name: ${userByUsername.display_name}`);
+      console.log(`  - Active: ${userByUsername.is_active}`);
+      console.log(`  - Email Verified: ${userByUsername.email_verified}`);
+      
+      // Check roles
+      const roles = await roleService.getUserRoles(userByUsername.id);
+      console.log(`  - Roles: ${roles.map(r => r.name).join(', ') || 'None'}`);
+      
+      // Test password if provided
+      if (adminPassword) {
+        const isValid = await userService.verifyPassword(adminPassword, userByUsername.password_hash);
+        console.log(`  - Password verification: ${isValid ? '✓ VALID' : '✗ INVALID'}`);
+      }
+    } else {
+      console.log(`✗ User NOT found by username: ${adminUsername}`);
+    }
+    
+    // List all users
+    const allUsers = await db.query<any>('SELECT id, email, username, display_name, is_active, email_verified FROM users');
+    if (allUsers && allUsers.length > 0) {
+      console.log(`\n=== All Users (${allUsers.length}) ===`);
+      for (const user of allUsers) {
+        const roles = await roleService.getUserRoles(user.id);
+        console.log(`  - ${user.email} (${user.username}) - Active: ${user.is_active}, Verified: ${user.email_verified}, Roles: ${roles.map(r => r.name).join(', ') || 'None'}`);
+      }
+    }
+    
+    await db.close();
+    console.log('\n✓ Check completed\n');
+  } catch (error) {
+    console.error('✗ Error:', error);
+    process.exit(1);
+  }
+}
+
+main();

backend/scripts/run-migrations.ts

@@ -0,0 +1,27 @@
+/**
+ * Run Database Migrations
+ * 
+ * Standalone script to run database migrations manually.
+ * 
+ * Usage:
+ *   npm run migrate
+ *   or
+ *   tsx scripts/run-migrations.ts
+ */
+
+import { runMigrations } from '../src/services/database/migrations.js';
+import { logger } from '../src/services/logger.js';
+
+async function main() {
+  try {
+    console.log('Starting database migrations...');
+    await runMigrations();
+    console.log('✓ Database migrations completed successfully');
+    process.exit(0);
+  } catch (error) {
+    console.error('✗ Migration failed:', error);
+    process.exit(1);
+  }
+}
+
+main();