added function to change user password with the admin panel

backend/routes/api.js

@@ -18,6 +18,7 @@ import {
   getAllItems,
   deleteItemID,
   createItem,
+  changeUserPassword,
 } from "../services/database.js";
 import { authenticate, generateToken } from "../services/tokenService.js";
 const router = express.Router();
@@ -276,4 +277,17 @@ router.post("/createItem", authenticate, async (req, res) => {
   return res.status(500).json({ message: "Failed to create item" });
 });
 
+router.post("/changePWadmin", authenticate, async (req, res) => {
+  const newPassword = req.body.newPassword;
+  if (!newPassword) {
+    return res.status(400).json({ message: "New password is required" });
+  }
+
+  const result = await changeUserPassword(req.body.username, newPassword);
+  if (result.success) {
+    return res.status(200).json({ message: "Password changed successfully" });
+  }
+  return res.status(500).json({ message: "Failed to change password" });
+});
+
 export default router;

backend/services/database.js

@@ -327,7 +327,9 @@ export const loginAdmin = async (username, password) => {
 };
 
 export const getAllUsers = async () => {
-  const [result] = await pool.query("SELECT * FROM users");
+  const [result] = await pool.query(
+    "SELECT id, username, role, entry_created_at FROM users"
+  );
   if (result.length > 0) return { success: true, data: result };
   return { success: false };
 };
@@ -382,3 +384,12 @@ export const createItem = async (item_name, can_borrow_role) => {
   if (result.affectedRows > 0) return { success: true };
   return { success: false };
 };
+
+export const changeUserPassword = async (username, newPassword) => {
+  const [result] = await pool.query(
+    "UPDATE users SET password = ? WHERE username = ?",
+    [newPassword, username]
+  );
+  if (result.affectedRows > 0) return { success: true };
+  return { success: false };
+};