Profile (#5)

* draft implementation

* refactor: profile controller corrections

* feat: profile page

* refactor: fix cookies and add favicon

* chore: remove unsed code

---------

Co-authored-by: dabouledidia <dimitrisdim8900@gmail.com>
Co-authored-by: sitaras <sitaras@thinkdesquared.com>

Author: 3 people

back-end/src/controllers/auth.controller.ts

@@ -24,27 +24,26 @@ export class AuthController {
         lastName,
         dateOfBirth,
       } = req.body;
-
+      
       if (password !== verifyPassword) {
         res.error("Passwords do not match");
         return;
       }
-
+      
       const existingUser = await User.findOne({
         $or: [{ email }, { phoneNumber }],
       });
-
+      
       if (existingUser) {
         res.error("User already exists");
         return;
       }
-
+      
       const user = new User({
         email,
         password,
         phoneNumber,
       });
-
       const profile = new Profile({
         user: user._id,
         firstName,
@@ -53,13 +52,14 @@ export class AuthController {
         email,
         phoneNumber,
       });
-
+      
       user.profile = profile._id as any;
-
+      
       await Promise.all([user.save(), profile.save()]);
-
+      
       res.success(req.body, "User registered successfully");
     } catch (error) {
+      console.error("Registration error:", error);
       res.error("An error occurred", 500);
     }
   }
@@ -70,30 +70,32 @@ export class AuthController {
   ): Promise<void> {
     try {
       const { email, password } = req.body;
-
+      
       const user = await User.findOne({ email });
+      
       if (!user) {
         res.error("INVALID_CREDENTIALS");
         return;
       }
-
+      
       const isValidPassword = await user.comparePassword(password);
+      
       if (!isValidPassword) {
         res.error("INVALID_CREDENTIALS");
         return;
       }
-
+      
       const tokenPayload = {
         userId: user._id as string,
         roles: user.roles,
       };
-
+      
       const accessToken = tokenUtils.generateAccessToken(tokenPayload);
       const refreshToken = tokenUtils.generateRefreshToken(tokenPayload);
-
+      
       user.refreshTokens.push({ token: refreshToken, createdAt: new Date() });
       await user.save();
-
+      
       res.success(
         {
           tokens: {
@@ -114,51 +116,50 @@ export class AuthController {
   ): Promise<void> {
     try {
       const { refreshToken } = req.body;
-
+      
       const user = await User.findOne({
         "refreshTokens.token": refreshToken,
       });
-
+      
       if (!user) {
         res.error("Unauthorized", 401);
         return;
       }
-
+      
       try {
         const decoded = verifyRefreshToken(refreshToken);
-
+        
         if (
           typeof decoded === "string" ||
           (user._id as string).toString() !== decoded.userId
         ) {
           res.error("Unauthorized", 401);
           return;
         }
-
+        
         user.refreshTokens = user.refreshTokens.filter((token) => {
           const tokenAge = Date.now() - token.createdAt.getTime();
           return tokenAge < 7 * 24 * 60 * 60 * 1000; // 7 days
         });
-
+        
         const tokenPayload = {
           userId: user._id as string,
           roles: user.roles,
         };
-
+        
         const newAccessToken = tokenUtils.generateAccessToken(tokenPayload);
         const newRefreshToken = tokenUtils.generateRefreshToken(tokenPayload);
-
+        
         user.refreshTokens = user.refreshTokens.filter(
           (token) => token.token !== refreshToken
         );
-
         user.refreshTokens.push({
           token: newRefreshToken,
           createdAt: new Date(),
         });
-
+        
         await user.save();
-
+        
         res.success(
           {
             accessToken: newAccessToken,
@@ -174,4 +175,4 @@ export class AuthController {
       res.error("An error occurred", 500);
     }
   }
-}
+}

back-end/src/controllers/user.controller.ts

@@ -1,6 +1,9 @@
 import { Response } from "express";
 import { User } from "../models/user.model";
+import { Profile } from "../models/profile.model";
 import { AuthRequest } from "@/middleware/auth.middleware";
+import { StatusCodes } from "http-status-codes";
+import { UpdateProfilePayload } from "@/schemas/profileSchema";
 
 export class UserController {
   static async getUserInfo(req: AuthRequest, res: Response) {
@@ -11,17 +14,63 @@ export class UserController {
         .select("-password -refreshTokens -__v -_id")
         .populate({
           path: "profile",
-          select: "-__v -createdAt -updatedAt -_id"
+          select: "-__v -createdAt -updatedAt -_id",
         });
 
       if (!user) {
-        res.error("Not found", 404);
+        res.error("Not found", StatusCodes.NOT_FOUND);
         return;
       }
 
       res.success(user);
-    } catch (error: Error) {
-      res.error("An error occurred", 500);
+    } catch (error: any) {
+      res.error("An error occurred", StatusCodes.INTERNAL_SERVER_ERROR);
+      return;
+    }
+  }
+
+  static async getProfile(req: AuthRequest, res: Response) {
+    try {
+      const userId = req.user?.userId;
+
+      const profile = await Profile.findOne({ user: userId });
+
+      if (!profile) {
+        res.error("Profile not found", StatusCodes.NOT_FOUND);
+        return;
+      }
+
+      res.success(profile);
+    } catch (error) {
+      console.error("Get profile error:", error);
+      res.error("An error occurred", StatusCodes.INTERNAL_SERVER_ERROR);
+      return;
+    }
+  }
+
+  static async updateProfile(
+    req: AuthRequest<{}, {}, UpdateProfilePayload>,
+    res: Response
+  ) {
+    try {
+      const userId = req.user?.userId;
+      const updateData = req.body;
+
+      const profile = await Profile.findOneAndUpdate(
+        { user: userId },
+        { $set: updateData },
+        { new: true, runValidators: true }
+      );
+
+      if (!profile) {
+        res.error("Profile not found", StatusCodes.NOT_FOUND);
+        return;
+      }
+
+      res.success(profile);
+    } catch (error: any) {
+      console.error("Profile update error:", error);
+      res.error("An error occurred", StatusCodes.INTERNAL_SERVER_ERROR);
       return;
     }
   }

back-end/src/models/profile.model.ts

@@ -32,32 +32,44 @@ const profileSchema = new Schema<IProfileDocument>(
     },
     avatar: {
       type: String,
+      default: "",
     },
     bio: {
       type: String,
       maxlength: 500,
+      default: "",
     },
     socials: {
       facebook: {
         type: String,
+        default: "",
       },
       twitter: {
         type: String,
+        default: "",
       },
       linkedIn: {
         type: String,
+        default: "",
       },
     },
+
     verificationDocuments: {
       idCard: {
-        url: String,
+        url: {
+          type: String,
+          default: "",
+        },
         verified: {
           type: Boolean,
           default: false,
         },
       },
       drivingLicense: {
-        url: String,
+        url: {
+          type: String,
+          default: "",
+        },
         verified: {
           type: Boolean,
           default: false,

back-end/src/routes/user.routes.ts

@@ -1,11 +1,20 @@
 import { Router } from "express";
 import { authenticateToken } from "../middleware/auth.middleware";
 import { UserController } from "../controllers/user.controller";
+import { validateData } from "../middleware/validationMiddleware";
+import { updateProfileSchema } from "../schemas/profileSchema";
 
 const router = Router();
 
 router.use(authenticateToken);
 
 router.get("/user-info", UserController.getUserInfo);
 
+router.get("/profile", UserController.getProfile);
+router.patch(
+  "/profile",
+  validateData(updateProfileSchema),
+  UserController.updateProfile
+);
+
 export const userRoutes = router;

back-end/src/schemas/auth/loginSchema.ts

@@ -1,6 +1,9 @@
 import { z } from "zod";
 
 export const loginSchema = z.object({
-  email: z.string().min(1, { message: "required" }),
+  email: z
+    .string()
+    .min(1, { message: "required" })
+    .email({ message: "emailError" }),
   password: z.string().min(1, { message: "required" }),
 });

back-end/src/schemas/auth/registerSchema.ts

@@ -22,10 +22,7 @@ const passwordSchema = z
   });
 
 export const registerSchema = z.object({
-  email: z
-    .string()
-    .min(1, { message: "required" })
-    .email({ message: "Invalid format" }),
+  email: z.string().trim().email({ message: "emailError" }),
   firstName: z.string().min(1, { message: "required" }),
   lastName: z.string().min(1, { message: "required" }),
   phoneNumber: z

back-end/src/schemas/profileSchema.ts

@@ -0,0 +1,34 @@
+import { z } from "zod";
+import { isoDateSchema } from "./isoDateSchema";
+
+const greekPhoneNumber = new RegExp(/^(?:[0-9]{10})$/);
+
+export const updateProfileSchema = z.object({
+  firstName: z.string().trim().min(1, { message: "required" }).optional(),
+
+  lastName: z.string().trim().min(1, { message: "required" }).optional(),
+
+  dateOfBirth: isoDateSchema.optional(),
+
+  email: z.string().trim().email({ message: "emailError" }).optional(),
+
+  phoneNumber: z
+    .string()
+    .trim()
+    .regex(greekPhoneNumber, {
+      message: "Invalid format",
+    })
+    .optional(),
+
+  bio: z.string().trim().max(500, "Maximum 500 characters").optional(),
+
+  socials: z
+    .object({
+      facebook: z.string().url("Invalid URL").or(z.literal("")).optional(),
+      twitter: z.string().url("Invalid URL").or(z.literal("")).optional(),
+      linkedIn: z.string().url("Invalid URL").or(z.literal("")).optional(),
+    })
+    .optional(),
+});
+
+export type UpdateProfilePayload = z.infer<typeof updateProfileSchema>;

back-end/src/schemas/uploadAvatarSchema.ts

@@ -0,0 +1,20 @@
+import { z } from "zod";
+
+export const uploadAvatarSchema = z.object({
+  avatar: z
+    .instanceof(File)
+    .refine((file) => file.size <= 2 * 1024 * 1024, {
+      message: "File size must be less than 2MB",
+    })
+    .refine(
+      (file) =>
+        ["image/jpeg", "image/jpg", "image/png", "image/webp"].includes(
+          file.type
+        ),
+      {
+        message: "Only JPEG, PNG, and WebP images are allowed",
+      }
+    ),
+});
+
+export type UploadAvatarSchemaPayload = z.infer<typeof uploadAvatarSchema>;