initial commit

server/api/users.get.js

@@ -0,0 +1,12 @@
+import { getDb } from '../utils/db.js'
+import { requireAuth } from '../utils/authHelpers.js'
+
+export default defineEventHandler(async (event) => {
+  const user = requireAuth(event)
+  if (user.role !== 'admin' && user.role !== 'leader') {
+    throw createError({ statusCode: 403, message: 'Forbidden' })
+  }
+  const { all } = await getDb()
+  const rows = await all('SELECT id, identifier, role, auth_provider FROM users ORDER BY identifier')
+  return rows.map(r => ({ id: r.id, identifier: r.identifier, role: r.role, auth_provider: r.auth_provider ?? 'local' }))
+})