Implement comprehensive user authentication system for enhanced security

[Copilot]

This PR implements a complete user authentication system for the Notable Links platform, addressing the feature request for enhanced security and user accountability.

Overview

The Notable Links platform previously lacked user authentication, making it impossible to identify contributors or implement proper access controls. This implementation introduces a robust authentication system with email/password registration, JWT-based sessions, and role-based access control.

Key Features

🔐 User Authentication

• Registration: Users can create accounts with email, password, first name, and last name
• Sign-in: Secure authentication against the database with proper password verification
• JWT Tokens: Stateless authentication with 24-hour token expiry
• Password Security: Industry-standard bcrypt hashing with 12 salt rounds

👥 Role-Based Access Control

• Regular Users: Can access protected user endpoints
• Admin Users: Have additional permissions for content management and system administration
• Middleware Protection: Automatic authentication and authorization checks

🛡️ Security Measures

• Email format validation and password strength requirements (minimum 8 characters)
• Secure error handling that doesn't leak sensitive information
• Protection against duplicate registrations
• Proper HTTP status codes for different error scenarios

API Endpoints

The system introduces several new authentication endpoints:

# Register a new user
POST /auth/register
{
  "firstName": "John",
  "lastName": "Doe", 
  "email": "john@example.com",
  "password": "securePassword123"
}

# Sign in
POST /auth/sign-in
{
  "email": "john@example.com",
  "password": "securePassword123"
}

# Access protected profile (requires Bearer token)
GET /api/profile
Authorization: Bearer <jwt_token>

# Admin dashboard (requires admin role)
GET /api/admin/dashboard
Authorization: Bearer <admin_jwt_token>

Database Schema Updates

Enhanced the existing user table with proper relationships:

• Added user ID references to the links table for accountability
• Maintained backward compatibility with existing data
• Added proper indexes for performance

Technical Implementation

Dependencies Added

• bcrypt for secure password hashing
• jsonwebtoken for JWT token management
• uuid for unique user ID generation

Architecture

• Authentication Middleware: Validates JWT tokens and extracts user context
• Admin Middleware: Ensures admin-only endpoints are properly protected
• Error Handling: Centralized error management with appropriate HTTP status codes
• Type Safety: Full TypeScript support with proper type definitions

Testing

Comprehensive test suite with 13 test cases covering:

• User registration with validation
• Sign-in with various scenarios (valid/invalid credentials)
• Protected route access control
• Admin permission verification
• Input validation and error handling

All tests pass successfully, ensuring reliability of the authentication system.

Benefits

1. User Accountability: Contributors can now be identified and held accountable for their submissions
2. Enhanced Security: Proper authentication prevents unauthorized access and spam
3. Personalized Features: Foundation for user-specific features like saved links and viewing history
4. Admin Controls: Administrators can now manage users and verify content with proper access controls

Usage Example

After registration, users receive a JWT token that must be included in the Authorization header for protected endpoints:

// Example API call with authentication
fetch('/api/profile', {
  headers: {
    'Authorization': `Bearer ${userToken}`,
    'Content-Type': 'application/json'
  }
})

This implementation provides a solid foundation for the Notable Links platform's security requirements while maintaining simplicity and performance.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Feature Request: Add User Authentication for Enhanced Security</issue_title>
<issue_description>## Overview
Currently, the Notable Links platform allows users to share informative links, but it lacks a user authentication system for both contributors and admin verifiers. Implementing user authentication would not only enhance the security of the platform but also help in identifying contributors and ensuring accountability.

Benefits

1. User Accountability: Each user could be held accountable for their submissions, leading to more responsible content sharing.
2. Enhanced Security: Protecting user data and managing permissions effectively can prevent spam and misuse.
3. Personalized Experiences: Once users are authenticated, the platform could offer personalized features, such as saved links or viewing histories.

Proposed Solution

• Implement a user registration and login system using email and password.
• Consider using OAuth for third-party login options (like Google or GitHub).
• Set up roles for users (regular users, admins) with different permissions.

I believe this would greatly improve the user experience and the overall integrity of the content shared on the platform.</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #32

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.