docs, auth starting officially 0.2.0 version

Cargo.lock

@@ -274,6 +274,19 @@ version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
 
+[[package]]
+name = "bcrypt"
+version = "0.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92758ad6077e4c76a6cadbce5005f666df70d4f13b19976b1a8062eef880040f"
+dependencies = [
+ "base64",
+ "blowfish",
+ "getrandom 0.3.1",
+ "subtle",
+ "zeroize",
+]
+
 [[package]]
 name = "bigdecimal"
 version = "0.4.7"
@@ -323,6 +336,16 @@ dependencies = [
  "generic-array",
 ]
 
+[[package]]
+name = "blowfish"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7"
+dependencies = [
+ "byteorder",
+ "cipher",
+]
+
 [[package]]
 name = "bumpalo"
 version = "3.17.0"
@@ -386,9 +409,19 @@ dependencies = [
  "windows-link",
 ]
 
+[[package]]
+name = "cipher"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
+dependencies = [
+ "crypto-common",
+ "inout",
+]
+
 [[package]]
 name = "client"
-version = "0.1.0"
+version = "0.2.0"
 dependencies = [
  "common",
  "crossterm",
@@ -424,7 +457,7 @@ dependencies = [
 
 [[package]]
 name = "common"
-version = "0.1.0"
+version = "0.2.0"
 dependencies = [
  "prost",
  "serde",
@@ -782,7 +815,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d"
 dependencies = [
  "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -1452,6 +1485,15 @@ version = "2.0.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f4c7245a08504955605670dbf141fceab975f15ca21570696aebe9d2e71576bd"
 
+[[package]]
+name = "inout"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "instability"
 version = "0.3.7"
@@ -2030,6 +2072,28 @@ dependencies = [
  "toml_edit",
 ]
 
+[[package]]
+name = "proc-macro-error-attr2"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5"
+dependencies = [
+ "proc-macro2",
+ "quote",
+]
+
+[[package]]
+name = "proc-macro-error2"
+version = "2.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802"
+dependencies = [
+ "proc-macro-error-attr2",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.99",
+]
+
 [[package]]
 name = "proc-macro2"
 version = "1.0.94"
@@ -2356,7 +2420,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.4.15",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -2369,7 +2433,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.9.2",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -2483,8 +2547,9 @@ dependencies = [
 
 [[package]]
 name = "server"
-version = "0.1.0"
+version = "0.2.0"
 dependencies = [
+ "bcrypt",
  "chrono",
  "common",
  "dashmap",
@@ -2504,6 +2569,8 @@ dependencies = [
  "tonic",
  "tonic-reflection",
  "tracing",
+ "uuid",
+ "validator",
 ]
 
 [[package]]
@@ -2678,6 +2745,7 @@ dependencies = [
  "tokio-stream",
  "tracing",
  "url",
+ "uuid",
 ]
 
 [[package]]
@@ -2760,6 +2828,7 @@ dependencies = [
  "thiserror 2.0.12",
  "time",
  "tracing",
+ "uuid",
  "whoami",
 ]
 
@@ -2799,6 +2868,7 @@ dependencies = [
  "thiserror 2.0.12",
  "time",
  "tracing",
+ "uuid",
  "whoami",
 ]
 
@@ -2825,6 +2895,7 @@ dependencies = [
  "time",
  "tracing",
  "url",
+ "uuid",
 ]
 
 [[package]]
@@ -3029,7 +3100,7 @@ dependencies = [
  "getrandom 0.3.1",
  "once_cell",
  "rustix 1.0.1",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -3473,6 +3544,45 @@ version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
 
+[[package]]
+name = "uuid"
+version = "1.16.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "458f7a779bf54acc9f347480ac654f68407d3aab21269a6e3c9f922acd9e2da9"
+dependencies = [
+ "getrandom 0.3.1",
+]
+
+[[package]]
+name = "validator"
+version = "0.20.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43fb22e1a008ece370ce08a3e9e4447a910e92621bb49b85d6e48a45397e7cfa"
+dependencies = [
+ "idna",
+ "once_cell",
+ "regex",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "url",
+ "validator_derive",
+]
+
+[[package]]
+name = "validator_derive"
+version = "0.20.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7df16e474ef958526d1205f6dda359fdfab79d9aa6d54bafcb92dcd07673dca"
+dependencies = [
+ "darling",
+ "once_cell",
+ "proc-macro-error2",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.99",
+]
+
 [[package]]
 name = "vcpkg"
 version = "0.2.15"
@@ -3623,7 +3733,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]

Cargo.toml

@@ -5,7 +5,7 @@ resolver = "2"
 [workspace.package]
 # TODO: idk how to do the name, fix later
 # name = "Multieko2"
-version = "0.1.0"
+version = "0.2.0"
 edition = "2021"
 license = "GPL-3.0-or-later"
 authors = ["Filip Priečinský <filippriec@gmail.com>"]

common/build.rs

@@ -8,6 +8,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
             &[
                 "proto/common.proto",
                 "proto/adresar.proto",
+                "proto/auth.proto",
                 "proto/uctovnictvo.proto",
                 "proto/table_structure.proto",
                 "proto/table_definition.proto",

common/proto/auth.proto

@@ -0,0 +1,23 @@
+// proto/auth.proto
+syntax = "proto3";
+package multieko2.auth;
+
+import "common.proto";
+
+service AuthService {
+    rpc Register(RegisterRequest) returns (AuthResponse);
+}
+
+message RegisterRequest {
+    string username = 1;
+    string email = 2;
+    string password = 3;
+    string password_confirmation = 4;
+}
+
+message AuthResponse {
+    string id = 1;           // UUID in string format
+    string username = 2;     // Registered username
+    string email = 3;        // Registered email (if provided)
+    string role = 4;         // Default role: 'accountant'
+}

common/src/lib.rs

@@ -4,6 +4,9 @@ pub mod proto {
         pub mod adresar {
             include!("proto/multieko2.adresar.rs");
         }
+        pub mod auth {
+            include!("proto/multieko2.auth.rs");
+        }
         pub mod common {
             include!("proto/multieko2.common.rs");
         }

common/src/proto/multieko2.auth.rs

@@ -0,0 +1,318 @@
+// This file is @generated by prost-build.
+#[derive(Clone, PartialEq, ::prost::Message)]
+pub struct RegisterRequest {
+    #[prost(string, tag = "1")]
+    pub username: ::prost::alloc::string::String,
+    #[prost(string, tag = "2")]
+    pub email: ::prost::alloc::string::String,
+    #[prost(string, tag = "3")]
+    pub password: ::prost::alloc::string::String,
+    #[prost(string, tag = "4")]
+    pub password_confirmation: ::prost::alloc::string::String,
+}
+#[derive(Clone, PartialEq, ::prost::Message)]
+pub struct AuthResponse {
+    /// UUID in string format
+    #[prost(string, tag = "1")]
+    pub id: ::prost::alloc::string::String,
+    /// Registered username
+    #[prost(string, tag = "2")]
+    pub username: ::prost::alloc::string::String,
+    /// Registered email (if provided)
+    #[prost(string, tag = "3")]
+    pub email: ::prost::alloc::string::String,
+    /// Default role: 'accountant'
+    #[prost(string, tag = "4")]
+    pub role: ::prost::alloc::string::String,
+}
+/// Generated client implementations.
+pub mod auth_service_client {
+    #![allow(
+        unused_variables,
+        dead_code,
+        missing_docs,
+        clippy::wildcard_imports,
+        clippy::let_unit_value,
+    )]
+    use tonic::codegen::*;
+    use tonic::codegen::http::Uri;
+    #[derive(Debug, Clone)]
+    pub struct AuthServiceClient<T> {
+        inner: tonic::client::Grpc<T>,
+    }
+    impl AuthServiceClient<tonic::transport::Channel> {
+        /// Attempt to create a new client by connecting to a given endpoint.
+        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
+        where
+            D: TryInto<tonic::transport::Endpoint>,
+            D::Error: Into<StdError>,
+        {
+            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
+            Ok(Self::new(conn))
+        }
+    }
+    impl<T> AuthServiceClient<T>
+    where
+        T: tonic::client::GrpcService<tonic::body::BoxBody>,
+        T::Error: Into<StdError>,
+        T::ResponseBody: Body<Data = Bytes> + std::marker::Send + 'static,
+        <T::ResponseBody as Body>::Error: Into<StdError> + std::marker::Send,
+    {
+        pub fn new(inner: T) -> Self {
+            let inner = tonic::client::Grpc::new(inner);
+            Self { inner }
+        }
+        pub fn with_origin(inner: T, origin: Uri) -> Self {
+            let inner = tonic::client::Grpc::with_origin(inner, origin);
+            Self { inner }
+        }
+        pub fn with_interceptor<F>(
+            inner: T,
+            interceptor: F,
+        ) -> AuthServiceClient<InterceptedService<T, F>>
+        where
+            F: tonic::service::Interceptor,
+            T::ResponseBody: Default,
+            T: tonic::codegen::Service<
+                http::Request<tonic::body::BoxBody>,
+                Response = http::Response<
+                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
+                >,
+            >,
+            <T as tonic::codegen::Service<
+                http::Request<tonic::body::BoxBody>,
+            >>::Error: Into<StdError> + std::marker::Send + std::marker::Sync,
+        {
+            AuthServiceClient::new(InterceptedService::new(inner, interceptor))
+        }
+        /// Compress requests with the given encoding.
+        ///
+        /// This requires the server to support it otherwise it might respond with an
+        /// error.
+        #[must_use]
+        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
+            self.inner = self.inner.send_compressed(encoding);
+            self
+        }
+        /// Enable decompressing responses.
+        #[must_use]
+        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
+            self.inner = self.inner.accept_compressed(encoding);
+            self
+        }
+        /// Limits the maximum size of a decoded message.
+        ///
+        /// Default: `4MB`
+        #[must_use]
+        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
+            self.inner = self.inner.max_decoding_message_size(limit);
+            self
+        }
+        /// Limits the maximum size of an encoded message.
+        ///
+        /// Default: `usize::MAX`
+        #[must_use]
+        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
+            self.inner = self.inner.max_encoding_message_size(limit);
+            self
+        }
+        pub async fn register(
+            &mut self,
+            request: impl tonic::IntoRequest<super::RegisterRequest>,
+        ) -> std::result::Result<tonic::Response<super::AuthResponse>, tonic::Status> {
+            self.inner
+                .ready()
+                .await
+                .map_err(|e| {
+                    tonic::Status::unknown(
+                        format!("Service was not ready: {}", e.into()),
+                    )
+                })?;
+            let codec = tonic::codec::ProstCodec::default();
+            let path = http::uri::PathAndQuery::from_static(
+                "/multieko2.auth.AuthService/Register",
+            );
+            let mut req = request.into_request();
+            req.extensions_mut()
+                .insert(GrpcMethod::new("multieko2.auth.AuthService", "Register"));
+            self.inner.unary(req, path, codec).await
+        }
+    }
+}
+/// Generated server implementations.
+pub mod auth_service_server {
+    #![allow(
+        unused_variables,
+        dead_code,
+        missing_docs,
+        clippy::wildcard_imports,
+        clippy::let_unit_value,
+    )]
+    use tonic::codegen::*;
+    /// Generated trait containing gRPC methods that should be implemented for use with AuthServiceServer.
+    #[async_trait]
+    pub trait AuthService: std::marker::Send + std::marker::Sync + 'static {
+        async fn register(
+            &self,
+            request: tonic::Request<super::RegisterRequest>,
+        ) -> std::result::Result<tonic::Response<super::AuthResponse>, tonic::Status>;
+    }
+    #[derive(Debug)]
+    pub struct AuthServiceServer<T> {
+        inner: Arc<T>,
+        accept_compression_encodings: EnabledCompressionEncodings,
+        send_compression_encodings: EnabledCompressionEncodings,
+        max_decoding_message_size: Option<usize>,
+        max_encoding_message_size: Option<usize>,
+    }
+    impl<T> AuthServiceServer<T> {
+        pub fn new(inner: T) -> Self {
+            Self::from_arc(Arc::new(inner))
+        }
+        pub fn from_arc(inner: Arc<T>) -> Self {
+            Self {
+                inner,
+                accept_compression_encodings: Default::default(),
+                send_compression_encodings: Default::default(),
+                max_decoding_message_size: None,
+                max_encoding_message_size: None,
+            }
+        }
+        pub fn with_interceptor<F>(
+            inner: T,
+            interceptor: F,
+        ) -> InterceptedService<Self, F>
+        where
+            F: tonic::service::Interceptor,
+        {
+            InterceptedService::new(Self::new(inner), interceptor)
+        }
+        /// Enable decompressing requests with the given encoding.
+        #[must_use]
+        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
+            self.accept_compression_encodings.enable(encoding);
+            self
+        }
+        /// Compress responses with the given encoding, if the client supports it.
+        #[must_use]
+        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
+            self.send_compression_encodings.enable(encoding);
+            self
+        }
+        /// Limits the maximum size of a decoded message.
+        ///
+        /// Default: `4MB`
+        #[must_use]
+        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
+            self.max_decoding_message_size = Some(limit);
+            self
+        }
+        /// Limits the maximum size of an encoded message.
+        ///
+        /// Default: `usize::MAX`
+        #[must_use]
+        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
+            self.max_encoding_message_size = Some(limit);
+            self
+        }
+    }
+    impl<T, B> tonic::codegen::Service<http::Request<B>> for AuthServiceServer<T>
+    where
+        T: AuthService,
+        B: Body + std::marker::Send + 'static,
+        B::Error: Into<StdError> + std::marker::Send + 'static,
+    {
+        type Response = http::Response<tonic::body::BoxBody>;
+        type Error = std::convert::Infallible;
+        type Future = BoxFuture<Self::Response, Self::Error>;
+        fn poll_ready(
+            &mut self,
+            _cx: &mut Context<'_>,
+        ) -> Poll<std::result::Result<(), Self::Error>> {
+            Poll::Ready(Ok(()))
+        }
+        fn call(&mut self, req: http::Request<B>) -> Self::Future {
+            match req.uri().path() {
+                "/multieko2.auth.AuthService/Register" => {
+                    #[allow(non_camel_case_types)]
+                    struct RegisterSvc<T: AuthService>(pub Arc<T>);
+                    impl<
+                        T: AuthService,
+                    > tonic::server::UnaryService<super::RegisterRequest>
+                    for RegisterSvc<T> {
+                        type Response = super::AuthResponse;
+                        type Future = BoxFuture<
+                            tonic::Response<Self::Response>,
+                            tonic::Status,
+                        >;
+                        fn call(
+                            &mut self,
+                            request: tonic::Request<super::RegisterRequest>,
+                        ) -> Self::Future {
+                            let inner = Arc::clone(&self.0);
+                            let fut = async move {
+                                <T as AuthService>::register(&inner, request).await
+                            };
+                            Box::pin(fut)
+                        }
+                    }
+                    let accept_compression_encodings = self.accept_compression_encodings;
+                    let send_compression_encodings = self.send_compression_encodings;
+                    let max_decoding_message_size = self.max_decoding_message_size;
+                    let max_encoding_message_size = self.max_encoding_message_size;
+                    let inner = self.inner.clone();
+                    let fut = async move {
+                        let method = RegisterSvc(inner);
+                        let codec = tonic::codec::ProstCodec::default();
+                        let mut grpc = tonic::server::Grpc::new(codec)
+                            .apply_compression_config(
+                                accept_compression_encodings,
+                                send_compression_encodings,
+                            )
+                            .apply_max_message_size_config(
+                                max_decoding_message_size,
+                                max_encoding_message_size,
+                            );
+                        let res = grpc.unary(method, req).await;
+                        Ok(res)
+                    };
+                    Box::pin(fut)
+                }
+                _ => {
+                    Box::pin(async move {
+                        let mut response = http::Response::new(empty_body());
+                        let headers = response.headers_mut();
+                        headers
+                            .insert(
+                                tonic::Status::GRPC_STATUS,
+                                (tonic::Code::Unimplemented as i32).into(),
+                            );
+                        headers
+                            .insert(
+                                http::header::CONTENT_TYPE,
+                                tonic::metadata::GRPC_CONTENT_TYPE,
+                            );
+                        Ok(response)
+                    })
+                }
+            }
+        }
+    }
+    impl<T> Clone for AuthServiceServer<T> {
+        fn clone(&self) -> Self {
+            let inner = self.inner.clone();
+            Self {
+                inner,
+                accept_compression_encodings: self.accept_compression_encodings,
+                send_compression_encodings: self.send_compression_encodings,
+                max_decoding_message_size: self.max_decoding_message_size,
+                max_encoding_message_size: self.max_encoding_message_size,
+            }
+        }
+    }
+    /// Generated gRPC service name
+    pub const SERVICE_NAME: &str = "multieko2.auth.AuthService";
+    impl<T> tonic::server::NamedService for AuthServiceServer<T> {
+        const NAME: &'static str = SERVICE_NAME;
+    }
+}

server/Cargo.toml

@@ -12,7 +12,7 @@ dotenvy = "0.15.7"
 prost = "0.13.5"
 serde = { version = "1.0.218", features = ["derive"] }
 serde_json = "1.0.140"
-sqlx = { version = "0.8.3", features = ["chrono", "postgres", "runtime-tokio", "runtime-tokio-native-tls", "time"] }
+sqlx = { version = "0.8.3", features = ["chrono", "postgres", "runtime-tokio", "runtime-tokio-native-tls", "time", "uuid"] }
 tokio = { version = "1.43.0", features = ["full", "macros"] }
 tonic = "0.12.3"
 tonic-reflection = "0.12.3"
@@ -24,6 +24,9 @@ thiserror = "2.0.12"
 dashmap = "6.1.0"
 lazy_static = "1.5.0"
 regex = "1.11.1"
+bcrypt = "0.17.0"
+validator = { version = "0.20.0", features = ["derive"] }
+uuid = { version = "1.16.0", features = ["v4"] }
 
 [lib]
 name = "server"

server/migrations/20250324192805_auth.sql

@@ -0,0 +1,38 @@
+-- Add migration script here
+
+CREATE TABLE IF NOT EXISTS users (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    username VARCHAR(255) NOT NULL UNIQUE,
+    email VARCHAR(255) UNIQUE,
+    password_hash VARCHAR(255),
+    role VARCHAR(20) NOT NULL DEFAULT 'accountant',
+    created_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Add an index for faster lookups
+CREATE INDEX idx_users_email_username ON users(email, username);
+
+ALTER TABLE users
+ADD CONSTRAINT valid_roles CHECK (role IN (
+    'admin',
+    'moderator',
+    'accountant',
+    'viewer'
+));
+
+-- Create JWT sessions table
+CREATE TABLE user_sessions (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    jwt_token TEXT NOT NULL UNIQUE,
+    expires_at TIMESTAMPTZ NOT NULL,
+    revoked BOOLEAN NOT NULL DEFAULT false,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Add indexes
+CREATE INDEX idx_sessions_user ON user_sessions(user_id);
+CREATE INDEX idx_sessions_expires ON user_sessions(expires_at);
+
+
+

server/src/auth/docs/first_reg.txt

@@ -0,0 +1,10 @@
+❯ grpcurl -plaintext -d '{
+  "username": "testuser2",
+  "email": "test2@example.com"
+}' localhost:50051 multieko2.auth.AuthService/Register
+{
+  "id": "5fa9bbce-85e0-4b06-8364-b561770c2fdd",
+  "username": "testuser2",
+  "email": "test2@example.com",
+  "role": "accountant"
+}

server/src/auth/handlers.rs

@@ -0,0 +1,5 @@
+// src/auth/handlers.rs
+
+pub mod register;
+
+pub use register::*;

server/src/auth/handlers/register.rs

@@ -0,0 +1,64 @@
+// src/auth/handlers/register.rs
+
+use bcrypt::{hash, DEFAULT_COST};
+use tonic::{Request, Response, Status};
+use common::proto::multieko2::auth::{auth_service_server, RegisterRequest, AuthResponse};
+use crate::db::PgPool;
+use crate::auth::models::AuthError;
+
+pub struct AuthService {
+    pool: PgPool,
+}
+
+impl AuthService {
+    pub fn new(pool: PgPool) -> Self {
+        Self { pool }
+    }
+}
+
+#[tonic::async_trait]
+impl auth_service_server::AuthService for AuthService {
+    async fn register(
+        &self,
+        request: Request<RegisterRequest>,
+    ) -> Result<Response<AuthResponse>, Status> {
+        let payload = request.into_inner();
+
+        // Validate passwords match
+        if payload.password != payload.password_confirmation {
+            return Err(Status::invalid_argument(AuthError::PasswordMismatch.to_string()));
+        }
+
+        // Hash password
+        let password_hash = hash(payload.password, DEFAULT_COST)
+            .map_err(|e| Status::internal(AuthError::HashingError(e.to_string()).to_string()))?;
+
+        // Insert user
+        let user = sqlx::query!(
+            r#"
+            INSERT INTO users (username, email, password_hash, role)
+            VALUES ($1, $2, $3, 'accountant')
+            RETURNING id, username, email, role
+            "#,
+            payload.username,
+            payload.email,
+            password_hash
+        )
+        .fetch_one(&self.pool)
+        .await
+        .map_err(|e| {
+            if e.to_string().contains("duplicate key") {
+                Status::already_exists(AuthError::UserExists.to_string())
+            } else {
+                Status::internal(AuthError::DatabaseError(e.to_string()).to_string())
+            }
+        })?;
+
+        Ok(Response::new(AuthResponse {
+            id: user.id.to_string(),
+            username: user.username,
+            email: user.email.unwrap_or_default(),
+            role: user.role,
+        }))
+    }
+}

server/src/auth/mod.rs

@@ -0,0 +1,5 @@
+// src/auth/mod.rs
+
+pub mod models;
+pub mod handlers;
+

server/src/auth/models.rs

@@ -0,0 +1,27 @@
+// src/auth/models.rs
+
+use serde::{Deserialize, Serialize};
+use validator::Validate;
+
+#[derive(Debug, Validate, Deserialize)]
+pub struct RegisterRequest {
+    #[validate(length(min = 1, max = 30))]
+    pub username: String,
+    #[validate(email)]
+    pub email: String,
+    #[validate(length(min = 1))]
+    pub password: String,
+    pub password_confirmation: String,
+}
+
+#[derive(Debug, thiserror::Error)]
+pub enum AuthError {
+    #[error("Passwords do not match")]
+    PasswordMismatch,
+    #[error("User already exists")]
+    UserExists,
+    #[error("Database error: {0}")]
+    DatabaseError(String),
+    #[error("Hashing error: {0}")]
+    HashingError(String),
+}

server/src/db.rs

@@ -1,5 +1,7 @@
 // src/db.rs
-use sqlx::postgres::{PgPool, PgPoolOptions};
+
+use sqlx::postgres::PgPoolOptions;
+pub use sqlx::postgres::PgPool;
 use std::time::Duration;
 use tracing::info;
 

server/src/lib.rs

@@ -1,5 +1,6 @@
 // src/lib.rs
 pub mod db;
+pub mod auth;
 pub mod server;
 pub mod adresar;
 pub mod uctovnictvo;

server/src/server/run.rs

@@ -11,12 +11,16 @@ use crate::server::services::{
     TablesDataService,
     TableScriptService,
 };
-use common::proto::multieko2::adresar::adresar_server::AdresarServer;
-use common::proto::multieko2::uctovnictvo::uctovnictvo_server::UctovnictvoServer;
-use common::proto::multieko2::table_structure::table_structure_service_server::TableStructureServiceServer;
-use common::proto::multieko2::table_definition::table_definition_server::TableDefinitionServer;
-use common::proto::multieko2::tables_data::tables_data_server::TablesDataServer;
-use common::proto::multieko2::table_script::table_script_server::TableScriptServer;
+use common::proto::multieko2::{
+    adresar::adresar_server::AdresarServer,
+    uctovnictvo::uctovnictvo_server::UctovnictvoServer,
+    table_structure::table_structure_service_server::TableStructureServiceServer,
+    table_definition::table_definition_server::TableDefinitionServer,
+    tables_data::tables_data_server::TablesDataServer,
+    table_script::table_script_server::TableScriptServer,
+    auth::auth_service_server::AuthServiceServer  // Add this import
+};
+use crate::auth::handlers::AuthService;  // Add this import
 
 pub async fn run_server(db_pool: sqlx::PgPool) -> Result<(), Box<dyn std::error::Error>> {
     let addr = "[::1]:50051".parse()?;
@@ -27,8 +31,9 @@ pub async fn run_server(db_pool: sqlx::PgPool) -> Result<(), Box<dyn std::error:
 
     // Initialize services
     let table_definition_service = TableDefinitionService { db_pool: db_pool.clone() };
-    let tables_data_service = TablesDataService { db_pool: db_pool.clone() }; // Add this
+    let tables_data_service = TablesDataService { db_pool: db_pool.clone() };
     let table_script_service = TableScriptService { db_pool: db_pool.clone() };
+    let auth_service = AuthService::new(db_pool.clone());  // Add this line
 
     Server::builder()
         .add_service(AdresarServer::new(AdresarService { db_pool: db_pool.clone() }))
@@ -37,6 +42,7 @@ pub async fn run_server(db_pool: sqlx::PgPool) -> Result<(), Box<dyn std::error:
         .add_service(TableDefinitionServer::new(table_definition_service))
         .add_service(TablesDataServer::new(tables_data_service))
         .add_service(TableScriptServer::new(table_script_service))
+        .add_service(AuthServiceServer::new(auth_service))
         .add_service(reflection_service)
         .serve(addr)
         .await?;