Added authenication/authorization. Refactored api startup.

JSMR.Infrastructure/Data/AppDbContext.cs

@@ -17,6 +17,7 @@ public class AppDbContext(DbContextOptions<AppDbContext> options) : DbContext(op
     public DbSet<VoiceWorkCreator> VoiceWorkCreators { get; set; }
     public DbSet<Series> Series { get; set; }
     public DbSet<VoiceWorkSearch> VoiceWorkSearches { get; set; }
+    public DbSet<User> Users { get; set; }
 
     protected override void OnModelCreating(ModelBuilder modelBuilder)
     {

JSMR.Infrastructure/Data/Repositories/Users/UserRepository.cs

@@ -0,0 +1,20 @@
+using JSMR.Application.Users;
+using JSMR.Domain.Entities;
+using Microsoft.EntityFrameworkCore;
+
+namespace JSMR.Infrastructure.Data.Repositories.Users;
+
+public class UserRepository(AppDbContext db) : IUserRepository
+{
+    public async Task<User?> FindByUsernameAsync(string username)
+    {
+        return await db.Users
+            .FirstOrDefaultAsync(u => u.Username == username);
+    }
+
+    public bool VerifyPassword(User user, string password)
+    {
+        // Using BCrypt (recommended)
+        return BCrypt.Net.BCrypt.Verify(password, user.PasswordHash);
+    }
+}