feat: add authentication routes, update environment variables, and enhance error handling

Backend/utils/jwt.ts

@@ -0,0 +1,28 @@
+import jwt from 'jsonwebtoken';
+
+const JWT_EXPIRES_IN = (process.env.JWT_EXPIRES_IN ?? '7d') as jwt.SignOptions['expiresIn'];
+
+function getJwtSecret(): string {
+  const secret = process.env.JWT_SECRET;
+
+  if (!secret) {
+    throw new Error('JWT_SECRET is not set');
+  }
+
+  return secret;
+}
+
+export type JwtPayload = {
+  userId: string;
+  email: string;
+};
+
+export function signAccessToken(payload: JwtPayload): string {
+  return jwt.sign(payload, getJwtSecret(), {
+    expiresIn: JWT_EXPIRES_IN,
+  });
+}
+
+export function verifyAccessToken(token: string): JwtPayload {
+  return jwt.verify(token, getJwtSecret()) as JwtPayload;
+}