Adding features

2025-10-05 16:15:09 +01:00 · 2025-10-05 16:15:09 +01:00 · 2b55ca4104
commit 2b55ca4104
parent 600fef2b7c
75 changed files with 9796 additions and 2759 deletions
--- a/server/api/members/profile.patch.js
+++ b/server/api/members/profile.patch.js
@ -0,0 +1,117 @@
+import jwt from "jsonwebtoken";
+import Member from "../../models/member.js";
+import { connectDB } from "../../utils/mongoose.js";
+
+export default defineEventHandler(async (event) => {
+  await connectDB();
+
+  const token = getCookie(event, "auth-token");
+
+  if (!token) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: "Not authenticated",
+    });
+  }
+
+  let memberId;
+  try {
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    memberId = decoded.memberId;
+  } catch (err) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: "Invalid or expired token",
+    });
+  }
+
+  const body = await readBody(event);
+
+  // Define allowed profile fields
+  const allowedFields = [
+    "pronouns",
+    "timeZone",
+    "avatar",
+    "studio",
+    "bio",
+    "skills",
+    "location",
+    "socialLinks",
+    "offering",
+    "lookingFor",
+    "showInDirectory",
+    "helcimCustomerId",
+  ];
+
+  // Define privacy fields
+  const privacyFields = [
+    "pronounsPrivacy",
+    "timeZonePrivacy",
+    "avatarPrivacy",
+    "studioPrivacy",
+    "bioPrivacy",
+    "skillsPrivacy",
+    "locationPrivacy",
+    "socialLinksPrivacy",
+    "offeringPrivacy",
+    "lookingForPrivacy",
+  ];
+
+  // Build update object
+  const updateData = {};
+
+  allowedFields.forEach((field) => {
+    if (body[field] !== undefined) {
+      updateData[field] = body[field];
+    }
+  });
+
+  // Handle privacy settings
+  privacyFields.forEach((privacyField) => {
+    if (body[privacyField] !== undefined) {
+      const baseField = privacyField.replace("Privacy", "");
+      updateData[`privacy.${baseField}`] = body[privacyField];
+    }
+  });
+
+  try {
+    const member = await Member.findByIdAndUpdate(
+      memberId,
+      { $set: updateData },
+      { new: true, runValidators: true },
+    );
+
+    if (!member) {
+      throw createError({
+        statusCode: 404,
+        message: "Member not found",
+      });
+    }
+
+    // Return sanitized member data
+    return {
+      id: member._id,
+      email: member.email,
+      name: member.name,
+      circle: member.circle,
+      contributionTier: member.contributionTier,
+      pronouns: member.pronouns,
+      timeZone: member.timeZone,
+      avatar: member.avatar,
+      studio: member.studio,
+      bio: member.bio,
+      skills: member.skills,
+      location: member.location,
+      socialLinks: member.socialLinks,
+      offering: member.offering,
+      lookingFor: member.lookingFor,
+      showInDirectory: member.showInDirectory,
+    };
+  } catch (error) {
+    console.error("Profile update error:", error);
+    throw createError({
+      statusCode: 500,
+      message: "Failed to update profile",
+    });
+  }
+});