feat: initial prototype works

I can log in and create a book! Woo!

api/prisma/schema.prisma

@@ -5,12 +5,12 @@
 // Try Prisma Accelerate: https://pris.ly/cli/accelerate-init
 
 generator client {
-  provider = "prisma-client"
-  output   = "../generated/prisma"
+  provider = "prisma-client-js"
 }
 
 datasource db {
   provider = "mongodb"
+  url      = env("DATABASE_URL")
 }
 
 model Game {

api/prod.env

@@ -1,16 +0,0 @@
-# Database
-DATABASE_URL=op://Personal/MongoDB Atlas - Library/connection string
-
-# JWT Secret
-JWT_SECRET=op://Personal/Library API Secrets/jwt_secret
-
-# Discord OAuth
-DISCORD_CLIENT_ID=op://Personal/Library Discord OAuth/client_id
-DISCORD_CLIENT_SECRET=op://Personal/Library Discord OAuth/client_secret
-
-# Admin Configuration
-ADMIN_DISCORD_ID=op://Personal/Library API Secrets/admin_discord_id
-
-# API Configuration
-API_URL=op://Personal/Library API Secrets/api_url
-FRONTEND_URL=op://Personal/Library API Secrets/frontend_url

api/project.json

@@ -16,7 +16,7 @@
         "bundle": false,
         "main": "api/src/main.ts",
         "tsConfig": "api/tsconfig.app.json",
-        "assets": ["api/src/assets"],
+        "assets": ["api/src/assets", "api/generated"],
         "generatePackageJson": true,
         "esbuildOptions": {
           "sourcemap": true,

api/src/app/app.ts

@@ -22,6 +22,6 @@ export async function app(fastify: FastifyInstance, opts: AppOptions) {
   // define your routes in one of these
   fastify.register(AutoLoad, {
     dir: path.join(__dirname, 'routes'),
-    options: { ...opts },
+    options: { ...opts, prefix: '/api' },
   });
 }

api/src/app/lib/prisma.ts

@@ -0,0 +1,9 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { PrismaClient } from "@prisma/client";
+
+export const prisma = new PrismaClient();

api/src/app/plugins/auth.ts

@@ -9,9 +9,6 @@ declare module "fastify" {
     authenticate: (request: FastifyRequest) => Promise<void>;
     oauth2Discord: any;
   }
-  interface FastifyRequest {
-    user?: any;
-  }
 }
 
 const authPlugin: FastifyPluginAsync = async (app) => {
@@ -30,6 +27,7 @@ const authPlugin: FastifyPluginAsync = async (app) => {
   // Register Discord OAuth2
   app.register(fastifyOauth2, {
     name: "oauth2Discord",
+    scope: ["identify", "email"],
     credentials: {
       client: {
         id: process.env.DISCORD_CLIENT_ID || "",
@@ -38,7 +36,7 @@ const authPlugin: FastifyPluginAsync = async (app) => {
       auth: fastifyOauth2.DISCORD_CONFIGURATION,
     },
     startRedirectPath: "/api/auth/login",
-    callbackUri: `${process.env.API_URL || "http://localhost:3000"}/api/auth/callback`,
+    callbackUri: `${process.env.BASE_URL || "http://localhost:3000"}/api/auth/callback`,
   });
 
   // Authentication decorator

api/src/app/plugins/static.ts

@@ -0,0 +1,32 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { FastifyInstance } from "fastify";
+import fastifyStatic from "@fastify/static";
+import path from "path";
+
+export default async function staticPlugin(app: FastifyInstance) {
+  const isProduction = process.env.NODE_ENV === "production";
+
+  if (isProduction) {
+    // Serve the built Angular app from dist directory
+    await app.register(fastifyStatic, {
+      root: path.join(__dirname, "../../../../../../dist/apps/frontend"),
+      prefix: "/", // Serve at root
+      wildcard: false, // Disable wildcard routes to avoid conflicts
+    });
+
+    // Catch-all route for Angular SPA routing (must be registered after API routes)
+    app.setNotFoundHandler((request, reply) => {
+      // Only catch routes that don't start with /api
+      if (!request.url.startsWith("/api")) {
+        reply.sendFile("index.html");
+      } else {
+        reply.code(404).send({ error: "Not Found" });
+      }
+    });
+  }
+}

api/src/app/routes/auth/index.ts

@@ -1,32 +1,31 @@
 import { FastifyPluginAsync } from "fastify";
-import { AuthService } from "../services/auth.service";
+import { AuthService } from "../../services/auth.service";
 import { AuthResponse } from "@library/shared-types";
 
 const authRoutes: FastifyPluginAsync = async (app) => {
   const authService = new AuthService(app);
 
-  /**
-   * Initiate Discord OAuth login.
-   */
-  app.get("/login", async (request, reply) => {
-    const authUrl = app.oauth2Discord.generateAuthorizationUri({
-      scope: ["identify", "email"],
-    });
-
-    return reply.redirect(authUrl);
-  });
-
   /**
    * Discord OAuth callback.
    */
   app.get("/callback", async (request, reply) => {
     try {
-      const token = await app.oauth2Discord.getAccessTokenFromAuthorizationCodeFlow(
+      const tokenResult = await app.oauth2Discord.getAccessTokenFromAuthorizationCodeFlow(
         request
       );
 
-      // Get user data from Discord
-      const userData = await app.oauth2Discord.userinfo(token.access_token);
+      // Get user data from Discord API
+      const discordResponse = await fetch("https://discord.com/api/users/@me", {
+        headers: {
+          Authorization: `Bearer ${tokenResult.token.access_token}`,
+        },
+      });
+
+      if (!discordResponse.ok) {
+        throw new Error("Failed to fetch Discord user data");
+      }
+
+      const userData = await discordResponse.json();
 
       // Create or update user in database
       const user = await authService.createOrUpdateUserFromDiscord(userData);
@@ -43,12 +42,12 @@ const authRoutes: FastifyPluginAsync = async (app) => {
           sameSite: "lax",
           maxAge: 7 * 24 * 60 * 60, // 7 days
         })
-        .redirect(process.env.FRONTEND_URL || "http://localhost:4200");
+        .redirect("/"); // Redirect to root since API serves frontend
     } catch (error) {
-      app.log.error(error);
+      app.log.error({ err: error }, "Auth callback error");
       reply
         .code(401)
-        .send({ error: "Authentication failed" });
+        .send({ error: "Authentication failed", details: error instanceof Error ? error.message : String(error) });
     }
   });
 

api/src/app/routes/books/index.ts

@@ -0,0 +1,80 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { FastifyPluginAsync } from "fastify";
+import { Book, CreateBookDto, UpdateBookDto } from "@library/shared-types";
+import { BookService } from "../../services/book.service";
+import { adminGuard } from "../../middleware/admin-guard";
+
+const booksRoutes: FastifyPluginAsync = async (app) => {
+  const bookService = new BookService();
+
+  /**
+   * Get all books (public route).
+   */
+  app.get<{ Reply: Book[] }>("/", async () => {
+    return bookService.getAllBooks();
+  });
+
+  /**
+   * Get single book by ID (public route).
+   */
+  app.get<{ Params: { id: string }; Reply: Book | null }>(
+    "/:id",
+    async (request) => {
+      const { id } = request.params;
+      return bookService.getBookById(id);
+    }
+  );
+
+  /**
+   * Create new book (admin only).
+   */
+  app.post<{ Body: CreateBookDto; Reply: Book }>(
+    "/",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      return bookService.createBook(request.body);
+    }
+  );
+
+  /**
+   * Update book by ID (admin only).
+   */
+  app.put<{
+    Params: { id: string };
+    Body: UpdateBookDto;
+    Reply: Book | null;
+  }>(
+    "/:id",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      const { id } = request.params;
+      return bookService.updateBook(id, request.body);
+    }
+  );
+
+  /**
+   * Delete book by ID (admin only).
+   */
+  app.delete<{ Params: { id: string }; Reply: { success: boolean } }>(
+    "/:id",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      const { id } = request.params;
+      await bookService.deleteBook(id);
+      return { success: true };
+    }
+  );
+};
+
+export default booksRoutes;

api/src/app/routes/games/index.ts

@@ -5,22 +5,16 @@
  */
 
 import { FastifyPluginAsync } from "fastify";
-import { PrismaClient } from "../../../generated/prisma";
-import { Game, GameStatus } from "@library/shared-types";
+import { Game, CreateGameDto, UpdateGameDto } from "@library/shared-types";
+import { GameService } from "../../services/game.service";
 import { adminGuard } from "../../middleware/admin-guard";
 
 const gamesRoutes: FastifyPluginAsync = async (app) => {
-  const prisma = new PrismaClient();
+  const gameService = new GameService();
 
   // Get all games (public route)
   app.get<{ Reply: Game[] }>("/", async () => {
-    const games = await prisma.game.findMany({
-      orderBy: { updatedAt: "desc" },
-    });
-    return games.map((game) => ({
-      ...game,
-      status: game.status.toLowerCase() as GameStatus,
-    }));
+    return gameService.getAllGames();
   });
 
   // Get single game (public route)
@@ -28,64 +22,34 @@ const gamesRoutes: FastifyPluginAsync = async (app) => {
     "/:id",
     async (request) => {
       const { id } = request.params;
-      const game = await prisma.game.findUnique({
-        where: { id },
-      });
-      if (!game) return null;
-      return {
-        ...game,
-        status: game.status.toLowerCase() as GameStatus,
-      };
+      return gameService.getGameById(id);
     }
   );
 
   // Create game (protected admin route)
-  app.post<{ Body: Omit<Game, "id" | "createdAt" | "updatedAt">; Reply: Game }>(
+  app.post<{ Body: CreateGameDto; Reply: Game }>(
     "/",
     {
       preValidation: [app.authenticate, adminGuard],
     },
-    async (request, reply) => {
-
-      const game = await prisma.game.create({
-        data: {
-          ...request.body,
-          status: request.body.status.toUpperCase() as any,
-        },
-      });
-      return {
-        ...game,
-        status: game.status.toLowerCase() as GameStatus,
-      };
+    async (request) => {
+      return gameService.createGame(request.body);
     }
   );
 
   // Update game (protected admin route)
   app.put<{
     Params: { id: string };
-    Body: Partial<Omit<Game, "id" | "createdAt" | "updatedAt">>;
+    Body: UpdateGameDto;
     Reply: Game | null;
   }>(
     "/:id",
     {
       preValidation: [app.authenticate, adminGuard],
     },
-    async (request, reply) => {
-
+    async (request) => {
       const { id } = request.params;
-      const updateData = { ...request.body };
-      if (updateData.status) {
-        updateData.status = updateData.status.toUpperCase() as any;
-      }
-
-      const game = await prisma.game.update({
-        where: { id },
-        data: updateData,
-      });
-      return {
-        ...game,
-        status: game.status.toLowerCase() as GameStatus,
-      };
+      return gameService.updateGame(id, request.body);
     }
   );
 
@@ -95,12 +59,9 @@ const gamesRoutes: FastifyPluginAsync = async (app) => {
     {
       preValidation: [app.authenticate, adminGuard],
     },
-    async (request, reply) => {
-
+    async (request) => {
       const { id } = request.params;
-      await prisma.game.delete({
-        where: { id },
-      });
+      await gameService.deleteGame(id);
       return { success: true };
     }
   );

api/src/app/routes/music/index.ts

@@ -0,0 +1,80 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { FastifyPluginAsync } from "fastify";
+import { Music, CreateMusicDto, UpdateMusicDto } from "@library/shared-types";
+import { MusicService } from "../../services/music.service";
+import { adminGuard } from "../../middleware/admin-guard";
+
+const musicRoutes: FastifyPluginAsync = async (app) => {
+  const musicService = new MusicService();
+
+  /**
+   * Get all music (public route).
+   */
+  app.get<{ Reply: Music[] }>("/", async () => {
+    return musicService.getAllMusic();
+  });
+
+  /**
+   * Get single music item by ID (public route).
+   */
+  app.get<{ Params: { id: string }; Reply: Music | null }>(
+    "/:id",
+    async (request) => {
+      const { id } = request.params;
+      return musicService.getMusicById(id);
+    }
+  );
+
+  /**
+   * Create new music item (admin only).
+   */
+  app.post<{ Body: CreateMusicDto; Reply: Music }>(
+    "/",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      return musicService.createMusic(request.body);
+    }
+  );
+
+  /**
+   * Update music item by ID (admin only).
+   */
+  app.put<{
+    Params: { id: string };
+    Body: UpdateMusicDto;
+    Reply: Music | null;
+  }>(
+    "/:id",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      const { id } = request.params;
+      return musicService.updateMusic(id, request.body);
+    }
+  );
+
+  /**
+   * Delete music item by ID (admin only).
+   */
+  app.delete<{ Params: { id: string }; Reply: { success: boolean } }>(
+    "/:id",
+    {
+      preValidation: [app.authenticate, adminGuard],
+    },
+    async (request) => {
+      const { id } = request.params;
+      await musicService.deleteMusic(id);
+      return { success: true };
+    }
+  );
+};
+
+export default musicRoutes;

api/src/app/services/auth.service.ts

@@ -1,13 +1,11 @@
 import { FastifyInstance } from "fastify";
 import { JwtPayload, User } from "@library/shared-types";
-import { PrismaClient } from "../../generated/prisma";
+import { prisma } from "../lib/prisma";
 
 export class AuthService {
-  private prisma: PrismaClient;
+  private prisma = prisma;
 
-  constructor(private readonly app: FastifyInstance) {
-    this.prisma = new PrismaClient();
-  }
+  constructor(private readonly app: FastifyInstance) {}
 
   /**
    * Generate JWT token for user.

api/src/app/services/book.service.ts

@@ -0,0 +1,106 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { Book, BookStatus, CreateBookDto, UpdateBookDto } from "@library/shared-types";
+import { prisma } from "../lib/prisma";
+
+export class BookService {
+  private prisma = prisma;
+
+  constructor() {}
+
+  /**
+   * Get all books.
+   */
+  async getAllBooks(): Promise<Book[]> {
+    const books = await this.prisma.book.findMany({
+      orderBy: { updatedAt: "desc" },
+    });
+
+    return books.map((book) => ({
+      ...book,
+      status: book.status.toLowerCase() as BookStatus,
+      dateAdded: book.dateAdded,
+      dateFinished: book.dateFinished || undefined,
+      createdAt: book.createdAt,
+      updatedAt: book.updatedAt,
+    }));
+  }
+
+  /**
+   * Get book by ID.
+   */
+  async getBookById(id: string): Promise<Book | null> {
+    const book = await this.prisma.book.findUnique({
+      where: { id },
+    });
+
+    if (!book) return null;
+
+    return {
+      ...book,
+      status: book.status.toLowerCase() as BookStatus,
+      dateAdded: book.dateAdded,
+      dateFinished: book.dateFinished || undefined,
+      createdAt: book.createdAt,
+      updatedAt: book.updatedAt,
+    };
+  }
+
+  /**
+   * Create new book.
+   */
+  async createBook(data: CreateBookDto): Promise<Book> {
+    const book = await this.prisma.book.create({
+      data: {
+        ...data,
+        status: data.status.toUpperCase() as any,
+      },
+    });
+
+    return {
+      ...book,
+      status: book.status.toLowerCase() as BookStatus,
+      dateAdded: book.dateAdded,
+      dateFinished: book.dateFinished || undefined,
+      createdAt: book.createdAt,
+      updatedAt: book.updatedAt,
+    };
+  }
+
+  /**
+   * Update book by ID.
+   */
+  async updateBook(id: string, data: UpdateBookDto): Promise<Book> {
+    const updateData = { ...data };
+    if (updateData.status) {
+      updateData.status = updateData.status.toUpperCase() as any;
+    }
+
+    const book = await this.prisma.book.update({
+      where: { id },
+      data: updateData,
+    });
+
+    return {
+      ...book,
+      status: book.status.toLowerCase() as BookStatus,
+      dateAdded: book.dateAdded,
+      dateFinished: book.dateFinished || undefined,
+      createdAt: book.createdAt,
+      updatedAt: book.updatedAt,
+    };
+  }
+
+  /**
+   * Delete book by ID.
+   */
+  async deleteBook(id: string): Promise<void> {
+    await this.prisma.book.delete({
+      where: { id },
+    });
+  }
+}

api/src/app/services/game.service.ts

@@ -0,0 +1,106 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { Game, GameStatus, CreateGameDto, UpdateGameDto } from "@library/shared-types";
+import { prisma } from "../lib/prisma";
+
+export class GameService {
+  private prisma = prisma;
+
+  constructor() {}
+
+  /**
+   * Get all games.
+   */
+  async getAllGames(): Promise<Game[]> {
+    const games = await this.prisma.game.findMany({
+      orderBy: { updatedAt: "desc" },
+    });
+
+    return games.map((game) => ({
+      ...game,
+      status: game.status.toLowerCase() as GameStatus,
+      dateAdded: game.dateAdded,
+      dateCompleted: game.dateCompleted || undefined,
+      createdAt: game.createdAt,
+      updatedAt: game.updatedAt,
+    }));
+  }
+
+  /**
+   * Get game by ID.
+   */
+  async getGameById(id: string): Promise<Game | null> {
+    const game = await this.prisma.game.findUnique({
+      where: { id },
+    });
+
+    if (!game) return null;
+
+    return {
+      ...game,
+      status: game.status.toLowerCase() as GameStatus,
+      dateAdded: game.dateAdded,
+      dateCompleted: game.dateCompleted || undefined,
+      createdAt: game.createdAt,
+      updatedAt: game.updatedAt,
+    };
+  }
+
+  /**
+   * Create new game.
+   */
+  async createGame(data: CreateGameDto): Promise<Game> {
+    const game = await this.prisma.game.create({
+      data: {
+        ...data,
+        status: data.status.toUpperCase() as any,
+      },
+    });
+
+    return {
+      ...game,
+      status: game.status.toLowerCase() as GameStatus,
+      dateAdded: game.dateAdded,
+      dateCompleted: game.dateCompleted || undefined,
+      createdAt: game.createdAt,
+      updatedAt: game.updatedAt,
+    };
+  }
+
+  /**
+   * Update game by ID.
+   */
+  async updateGame(id: string, data: UpdateGameDto): Promise<Game> {
+    const updateData = { ...data };
+    if (updateData.status) {
+      updateData.status = updateData.status.toUpperCase() as any;
+    }
+
+    const game = await this.prisma.game.update({
+      where: { id },
+      data: updateData,
+    });
+
+    return {
+      ...game,
+      status: game.status.toLowerCase() as GameStatus,
+      dateAdded: game.dateAdded,
+      dateCompleted: game.dateCompleted || undefined,
+      createdAt: game.createdAt,
+      updatedAt: game.updatedAt,
+    };
+  }
+
+  /**
+   * Delete game by ID.
+   */
+  async deleteGame(id: string): Promise<void> {
+    await this.prisma.game.delete({
+      where: { id },
+    });
+  }
+}

api/src/app/services/index.ts

@@ -0,0 +1,10 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+export { AuthService } from "./auth.service";
+export { GameService } from "./game.service";
+export { BookService } from "./book.service";
+export { MusicService } from "./music.service";

api/src/app/services/music.service.ts

@@ -0,0 +1,114 @@
+/**
+ * @copyright 2026 NHCarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { Music, MusicStatus, MusicType, CreateMusicDto, UpdateMusicDto } from "@library/shared-types";
+import { prisma } from "../lib/prisma";
+
+export class MusicService {
+  private prisma = prisma;
+
+  constructor() {}
+
+  /**
+   * Get all music.
+   */
+  async getAllMusic(): Promise<Music[]> {
+    const musicItems = await this.prisma.music.findMany({
+      orderBy: { updatedAt: "desc" },
+    });
+
+    return musicItems.map((music) => ({
+      ...music,
+      type: music.type.toLowerCase() as MusicType,
+      status: music.status.toLowerCase() as MusicStatus,
+      dateAdded: music.dateAdded,
+      dateCompleted: music.dateCompleted || undefined,
+      createdAt: music.createdAt,
+      updatedAt: music.updatedAt,
+    }));
+  }
+
+  /**
+   * Get music by ID.
+   */
+  async getMusicById(id: string): Promise<Music | null> {
+    const music = await this.prisma.music.findUnique({
+      where: { id },
+    });
+
+    if (!music) return null;
+
+    return {
+      ...music,
+      type: music.type.toLowerCase() as MusicType,
+      status: music.status.toLowerCase() as MusicStatus,
+      dateAdded: music.dateAdded,
+      dateCompleted: music.dateCompleted || undefined,
+      createdAt: music.createdAt,
+      updatedAt: music.updatedAt,
+    };
+  }
+
+  /**
+   * Create new music.
+   */
+  async createMusic(data: CreateMusicDto): Promise<Music> {
+    const music = await this.prisma.music.create({
+      data: {
+        ...data,
+        type: data.type.toUpperCase() as any,
+        status: data.status.toUpperCase() as any,
+      },
+    });
+
+    return {
+      ...music,
+      type: music.type.toLowerCase() as MusicType,
+      status: music.status.toLowerCase() as MusicStatus,
+      dateAdded: music.dateAdded,
+      dateCompleted: music.dateCompleted || undefined,
+      createdAt: music.createdAt,
+      updatedAt: music.updatedAt,
+    };
+  }
+
+  /**
+   * Update music by ID.
+   */
+  async updateMusic(id: string, data: UpdateMusicDto): Promise<Music> {
+    const updateData = { ...data };
+    if (updateData.type) {
+      updateData.type = updateData.type.toUpperCase() as any;
+    }
+    if (updateData.status) {
+      updateData.status = updateData.status.toUpperCase() as any;
+    }
+
+    const music = await this.prisma.music.update({
+      where: { id },
+      data: updateData,
+    });
+
+    return {
+      ...music,
+      type: music.type.toLowerCase() as MusicType,
+      status: music.status.toLowerCase() as MusicStatus,
+      dateAdded: music.dateAdded,
+      dateCompleted: music.dateCompleted || undefined,
+      createdAt: music.createdAt,
+      updatedAt: music.updatedAt,
+    };
+  }
+
+  /**
+   * Delete music by ID.
+   */
+  async deleteMusic(id: string): Promise<void> {
+    await this.prisma.music.delete({
+      where: { id },
+    });
+  }
+}