Merge pull request #13 from JawherKl/feature/14-upload-picture-profile

implement upload feature for profile picture

Author: JawherKl

README.md

@@ -69,6 +69,7 @@ CREATE TABLE users (
   name VARCHAR(100) NOT NULL,
   email VARCHAR(255) UNIQUE NOT NULL,
   password VARCHAR(255) NOT NULL,
+  picture VARCHAR(255) NULL,
   role VARCHAR(20) DEFAULT 'user',  -- Role-based access control
   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
   updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

controllers/userController.js

@@ -29,12 +29,17 @@ const getUserById = async (req, res, next) => {
 };
 
 const createUser = async (req, res, next) => {
-  const { error, value } = userSchema.validate(req.body);
-  if (error) return res.status(400).json({ error: error.details[0].message });
-
   try {
+    const { error, value } = userSchema.validate(req.body);
+    if (error) {
+      return res.status(400).json({ error: error.details[0].message });
+    }
+    if (!req.file) {
+      return res.status(400).json({ error: "Profile picture is required" });
+    }
+    value.picture = req.file.filename; // Add uploaded filename to user data
     const userId = await User.create(value);
-    res.status(201).json({ message: 'User added', userId });
+    res.status(201).json({ message: "User added", userId });
   } catch (error) {
     next(error);
   }

index.js

@@ -43,6 +43,8 @@ app.use(cors({
 // Serve Swagger documentation at the /api-docs route
 app.use('/api-docs', swaggerUi.serve, swaggerUi.setup(swaggerSpec));
 
+app.use('/uploads', express.static(path.join(__dirname, 'uploads')));
+
 // Routes
 app.use('/users', userRoutes);
 

middleware/upload.js

@@ -0,0 +1,29 @@
+const multer = require('multer');
+const path = require('path');
+
+const storage = multer.diskStorage({
+  destination: (req, file, cb) => {
+    cb(null, 'uploads/'); // Directory for uploaded files
+  },
+  filename: (req, file, cb) => {
+    const uniqueName = `${Date.now()}-${file.originalname}`;
+    cb(null, uniqueName);
+  },
+});
+
+const fileFilter = (req, file, cb) => {
+  const allowedTypes = ['image/jpeg', 'image/png', 'image/gif'];
+  if (allowedTypes.includes(file.mimetype)) {
+    cb(null, true);
+  } else {
+    cb(new Error('Invalid file type. Only JPEG, PNG, and GIF are allowed.'));
+  }
+};
+
+const upload = multer({
+  storage,
+  limits: { fileSize: 2 * 1024 * 1024 }, // Limit: 2MB
+  fileFilter,
+});
+
+module.exports = upload;

models/user.js

@@ -28,11 +28,14 @@ class User {
     return result.rows[0];
   }
 
-  static async create({ name, email, password }) {
+  static async create({ name, email, password, picture }) {
+    if (!password) {
+      throw new Error("Password is required");
+    }
     const hashedPassword = await bcrypt.hash(password, 10);
     const result = await pool.query(
-      'INSERT INTO users (name, email, password) VALUES ($1, $2, $3) RETURNING id',
-      [name, email, hashedPassword]
+      'INSERT INTO users (name, email, password, picture) VALUES ($1, $2, $3, $4) RETURNING id',
+      [name, email, hashedPassword, picture]
     );
     return result.rows[0].id;
   }

routes/userRoutes.js

@@ -2,6 +2,8 @@ const express = require('express');
 const userController = require('../controllers/userController');
 const authenticateToken = require('../middleware/auth');
 const authorize = require('../middleware/authorize');
+const multer = require('multer');
+const upload = multer({ dest: 'uploads/' });
 
 const router = express.Router();
 
@@ -118,7 +120,7 @@ router.get('/:id', authenticateToken, userController.getUserById);
  *       500:
  *         description: Server error
  */
-router.post('/', authenticateToken, userController.createUser);
+router.post('/', authenticateToken, upload.single('picture'), userController.createUser);
 
 /**
  * @swagger