From 893ad6558d762914ed398f2298a4481cdbb8ece2 Mon Sep 17 00:00:00 2001
From: notshop <notshop@notshop.org>
Date: Sun, 26 Apr 2026 16:36:14 +0000
Subject: [PATCH] chore: add scripts/seed-admin.ts

---
 scripts/seed-admin.ts | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 scripts/seed-admin.ts

diff --git a/scripts/seed-admin.ts b/scripts/seed-admin.ts
new file mode 100644
index 0000000..e81144d
--- /dev/null
+++ b/scripts/seed-admin.ts
@@ -0,0 +1,33 @@
+/**
+ * Seed script — creates the first admin user.
+ * Run: npm run db:seed
+ *
+ * It reads ADMIN_EMAIL and ADMIN_PASSWORD from environment variables,
+ * or falls back to admin@example.com / changeme.
+ *
+ * Usage in Replit Secrets:
+ *   ADMIN_EMAIL=you@yourdomain.com
+ *   ADMIN_PASSWORD=your-secure-password
+ */
+import "dotenv/config";
+import bcrypt from "bcrypt";
+import { db } from "../server/db";
+import { adminUsers } from "../shared/schema";
+import { eq } from "drizzle-orm";
+
+const email = process.env.ADMIN_EMAIL || "admin@example.com";
+const password = process.env.ADMIN_PASSWORD || "changeme";
+
+async function seed() {
+  const existing = await db.select().from(adminUsers).where(eq(adminUsers.email, email));
+  if (existing.length) {
+    console.log(`Admin ${email} already exists.`);
+    process.exit(0);
+  }
+  const passwordHash = await bcrypt.hash(password, 12);
+  await db.insert(adminUsers).values({ email, passwordHash, role: "superadmin" });
+  console.log(`✓ Admin created: ${email}`);
+  process.exit(0);
+}
+
+seed().catch((err) => { console.error(err); process.exit(1); });