feat(backend): Implement User Profile Management API Endpoints #5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…and update validation functions - Refactored `userSchema` to include a `profile` object containing `name`, `avatar`, `birthday`, `school`, and `country`. - Moved `name`, `school`, and `country` fields into the `profile` object. - Added `avatar` and `birthday` fields to the `profile` object. - Updated validation functions in `validationUtils.js` to include `validateAvatar` and `validateBirthday`. - Ensured `profile` fields are properly validated and default values are set.
… schema - Added indexes for `roles` and `locked` fields in `userSchema` to improve query performance.
…entation - Added `getUser` endpoint in `userRoutes.js` to handle requests for retrieving user details by ID. - Implemented `getUser` controller in `userControllers.js` to fetch user details from the database. - Updated `API.md` to include documentation for the `getUser` endpoint. - Included request parameters and response examples for the new endpoint.
…ery parameters - Added `validateLimit` function in `validationUtils.js` to validate limit query parameters. - Added `validateOffset` function in `validationUtils.js` to validate offset query parameters. - Ensured both functions check for valid numeric values within acceptable ranges. - Exported `validateLimit` and `validateOffset` functions for use in other modules.
…documentation - Added `getSafetyRecords` endpoint in `userRoutes.js` to handle requests for retrieving user safety records. - Implemented `getSafetyRecords` controller in `userControllers.js` to fetch safety records from the database with pagination support. - Updated `API.md` to include documentation for the `getSafetyRecords` endpoint. - Included request parameters, query parameters, and response examples for the new endpoint.
…tation - Added `getSettings` endpoint in `userRoutes.js` to handle requests for retrieving user settings. - Implemented `getSettings` controller in `userControllers.js` to fetch user settings from the database. - Updated `API.md` to include documentation for the `getSettings` endpoint. - Included request parameters and response examples for the new endpoint.
- Updated `settingsSchema` in `userSchema.js` to explicitly set `_id: false` to prevent storing an `_id` field in the settings subdocument. - Ensured the `settings` subdocument is properly configured and validated.
…mentation - Added `updateUsername` endpoint in `userRoutes.js` to handle requests for updating a user's username. - Implemented `updateUsername` controller in `userControllers.js` to validate the new username, check for conflicts, and update the user's username in the database. - Updated `API.md` to include documentation for the `updateUsername` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
- Updated the not found handler in `index.js` to use `router.use('*', ...)` instead of `router.get('*', ...)`.
- Ensured all unmatched routes are properly handled and return a 404 response.
…tation - Added `updateEmail` endpoint in `userRoutes.js` to handle requests for updating a user's email. - Implemented `updateEmail` controller in `userControllers.js` to validate the new email, check for conflicts, generate a verification token, and send a verification email. - Updated `API.md` to include documentation for the `updateEmail` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
…I documentation - Added `completeEmailUpdate` endpoint in `userRoutes.js` to handle requests for completing an email update. - Implemented `completeEmailUpdate` controller in `userControllers.js` to verify the email update token and update the user's email in the database. - Updated `API.md` to include documentation for the `completeEmailUpdate` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
…ser routes - Updated `userRoutes.js` to change the HTTP method for the email update endpoint from `PUT` to `POST`. - Ensured the `updateEmail` endpoint correctly handles email update requests with the new method. - Updated `API.md` documentation to reflect the change in the HTTP method for the email update endpoint.
…mentation - Added `updatePassword` endpoint in `userRoutes.js` to handle requests for updating a user's password. - Implemented `updatePassword` controller in `userControllers.js` to validate the current and new passwords, verify the current password, and update the user's password in the database. - Updated `API.md` to include documentation for the `updatePassword` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
…entation - Added `updateProfile` endpoint in `userRoutes.js` to handle requests for updating a user's profile. - Implemented `updateProfile` controller in `userControllers.js` to validate and update profile fields such as name, avatar, birthday, school, and country. - Updated `API.md` to include documentation for the `updateProfile` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
…ction - Updated `validateAvatar` function in `validationUtils.js` to include size validation for base64 avatars. - Ensured the avatar size is less than or equal to 5MB.
…mentation - Added `updateSettings` endpoint in `userRoutes.js` to handle requests for updating a user's settings. - Implemented `updateSettings` controller in `userControllers.js` to validate and update settings fields such as time format, date format, and theme. - Updated `API.md` to include documentation for the `updateSettings` endpoint. - Included request parameters, request body, and response examples for the new endpoint.
…settings - Updated `updateSettingsById` function in `userService.js` to preserve existing settings when updating user settings. - Ensured only provided settings fields are updated, leaving other fields unchanged. - Validated and applied partial updates to the `settings` subdocument.
… profiles - Added `updateProfileById` function in `userService.js` to update user profiles by ID. - Preserved existing profile fields when updating to avoid resetting unspecified fields. - Exported the `updateProfileById` function for use in other modules.
… function - Updated `updateProfile` controller in `userControllers.js` to use `updateProfileById` function from `userService.js`. - Ensured the `updateProfileById` function validates and updates profile fields such as name, avatar, birthday, school, and country. - Preserved existing profile fields when updating to avoid resetting unspecified fields.
…rations - Moved JWT operations from `jwtService` to `jwtUtils` for better organization. - Updated all references to JWT operations in controllers and middleware to use `jwtUtils`. - Ensured all JWT operations such as token generation, verification, and decoding are handled by `jwtUtils`.
… update imports - Moved `hashPassword` and `verifyPassword` functions from `passwordHashService` to `passwordHashUtils`. - Updated all imports in `userService.js` and `userControllers.js` to use `passwordHashUtils` for password hashing and verification. - Ensured all password-related operations are handled by the utility functions.
TKanX
added
documentation 📖
49 tasks
There was a problem hiding this comment.
Copilot reviewed 7 out of 12 changed files in this pull request and generated 1 comment.
Files not reviewed (5)
- backend/src/services/emailService.js: Evaluated as low risk
- backend/src/controllers/authControllers.js: Evaluated as low risk
- backend/src/middlewares/authMiddleware.js: Evaluated as low risk
- backend/src/utils/passwordHashUtils.js: Evaluated as low risk
- backend/src/utils/jwtUtils.js: Evaluated as low risk
- Updated `birthday` field in `userSchema` to use a function for the `max` value: `max: () => Date.now()`. - Ensured the `max` value is dynamically calculated at the time of validation, reflecting the current date. - Fixed the issue where the `max` value was set to the schema definition time, causing incorrect validation for new documents. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary:
Implemented a comprehensive user profile management system with the following features:
Changes
Added Backend API Endpoints:
GET /users/:id: Retrieves user data, excluding sensitive information.GET /users/:id/settings: Fetches user settings.PATCH /users/:id/settings: Updates user settings, ensuring existing settings are preserved.GET /users/:id/safety-records: Retrieves user safety records with pagination (query params:limit,offset).PATCH /users/:id/profile: Updates user profile data (e.g., avatar, school, name).PUT /users/:id/username: Updates username after validating input.POST /users/:id/email: Sends a verification email for email updates.POST /users/:id/email/complete: Completes the email update after token validation.PUT /users/:id/password: Updates user password after verifying current password.Model and Schema Changes:
Usermodel for attributes likeavatar,school, andcountry._idfields.lockedfields, and ensured proper indexing for query performance.Utility Enhancements:
jwtUtilsmodule.utilsmodule for better reusability.Documentation Updates:
API.mdto include detailed descriptions and example requests/responses for all new user endpoints.