UI/UX tweaks and improvements.

server/api/dev/member-login.get.js

@@ -25,7 +25,7 @@ export default defineEventHandler(async (event) => {
 
   const config = useRuntimeConfig(event)
   const token = jwt.sign(
-    { memberId: member._id, email: member.email },
+    { memberId: member._id, email: member.email, tv: member.tokenVersion },
     config.jwtSecret,
     { expiresIn: '7d' }
   )

server/api/dev/members.get.js

@@ -0,0 +1,19 @@
+import Member from '../../models/member.js'
+import { connectDB } from '../../utils/mongoose.js'
+
+export default defineEventHandler(async () => {
+  if (process.env.NODE_ENV === 'production') {
+    throw createError({ statusCode: 404, statusMessage: 'Not found' })
+  }
+
+  await connectDB()
+
+  const members = await Member.find({}, 'name email circle role status').sort({ name: 1 }).lean()
+
+  return members.map((m) => ({
+    label: `${m.name} (${m.email})`,
+    value: m.email,
+    circle: m.circle,
+    role: m.role
+  }))
+})

server/api/dev/test-login.get.js

@@ -26,7 +26,7 @@ export default defineEventHandler(async (event) => {
 
   const config = useRuntimeConfig(event)
   const token = jwt.sign(
-    { memberId: member._id, email: member.email },
+    { memberId: member._id, email: member.email, tv: member.tokenVersion },
     config.jwtSecret,
     { expiresIn: '7d' }
   )

server/api/members/[id].get.js

@@ -0,0 +1,96 @@
+import jwt from "jsonwebtoken";
+import Member from "../../models/member.js";
+import { connectDB } from "../../utils/mongoose.js";
+
+export default defineEventHandler(async (event) => {
+  await connectDB();
+
+  // Check if user is authenticated (optional — works for public and authenticated users)
+  const token = getCookie(event, "auth-token");
+  let isAuthenticated = false;
+
+  if (token) {
+    try {
+      const decoded = jwt.verify(token, useRuntimeConfig().jwtSecret);
+      if (decoded.memberId) {
+        isAuthenticated = true;
+      }
+    } catch {
+      // Invalid token, treat as public
+      isAuthenticated = false;
+    }
+  }
+
+  const id = event.context.params.id;
+
+  try {
+    const member = await Member.findOne({
+      _id: id,
+      showInDirectory: true,
+      status: "active",
+    })
+      .select(
+        "name pronouns timeZone avatar studio bio location socialLinks offering lookingFor privacy circle peerSupport createdAt",
+      )
+      .lean();
+
+    if (!member) {
+      throw createError({
+        statusCode: 404,
+        message: "Member not found",
+      });
+    }
+
+    // Filter fields based on privacy settings
+    const privacy = member.privacy || {};
+    const filtered = {
+      _id: member._id,
+      name: member.name,
+      circle: member.circle,
+      createdAt: member.createdAt,
+    };
+
+    // Helper function to check if field should be visible
+    const isVisible = (field) => {
+      const privacySetting = privacy[field] || "members";
+      if (privacySetting === "public") return true;
+      if (privacySetting === "members" && isAuthenticated) return true;
+      if (privacySetting === "private") return false;
+      return false;
+    };
+
+    // Add fields based on privacy settings
+    if (isVisible("avatar")) filtered.avatar = member.avatar;
+    if (isVisible("pronouns")) filtered.pronouns = member.pronouns;
+    if (isVisible("timeZone")) filtered.timeZone = member.timeZone;
+    if (isVisible("studio")) filtered.studio = member.studio;
+    if (isVisible("bio")) filtered.bio = member.bio;
+    if (isVisible("location")) filtered.location = member.location;
+    if (isVisible("socialLinks")) filtered.socialLinks = member.socialLinks;
+    if (isVisible("offering")) filtered.offering = member.offering;
+    if (isVisible("lookingFor")) filtered.lookingFor = member.lookingFor;
+
+    // Peer support: expose only fields needed for matching/contact UX
+    // slackUserId, slackDMChannelId, slackUsername, personalMessage are internal
+    if (member.peerSupport?.enabled) {
+      filtered.peerSupport = {
+        enabled: true,
+        skillTopics: member.peerSupport.skillTopics,
+        supportTopics: member.peerSupport.supportTopics,
+        availability: member.peerSupport.availability,
+      };
+    }
+
+    return { member: filtered };
+  } catch (error) {
+    // Re-throw NuxtErrors (like the 404 above)
+    if (error.statusCode) {
+      throw error;
+    }
+    console.error("Member profile fetch error:", error);
+    throw createError({
+      statusCode: 500,
+      message: "Failed to fetch member profile",
+    });
+  }
+});

server/api/members/update-email.post.js

@@ -0,0 +1,77 @@
+// Update member's email address
+import Member from '../../models/member.js'
+import { connectDB } from '../../utils/mongoose.js'
+import { requireAuth } from '../../utils/auth.js'
+
+const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
+
+export default defineEventHandler(async (event) => {
+  try {
+    const member = await requireAuth(event)
+    await connectDB()
+
+    const body = await readBody(event)
+    const newEmail = (body?.email ?? '').trim().toLowerCase()
+
+    if (!newEmail) {
+      throw createError({
+        statusCode: 400,
+        statusMessage: 'Email address is required',
+      })
+    }
+
+    if (!EMAIL_REGEX.test(newEmail)) {
+      throw createError({
+        statusCode: 400,
+        statusMessage: 'Invalid email address format',
+      })
+    }
+
+    const oldEmail = member.email.trim().toLowerCase()
+
+    if (newEmail === oldEmail) {
+      throw createError({
+        statusCode: 400,
+        statusMessage: 'New email address must be different from your current email',
+      })
+    }
+
+    const existing = await Member.findOne({
+      email: newEmail,
+      _id: { $ne: member._id },
+    })
+
+    if (existing) {
+      throw createError({
+        statusCode: 409,
+        statusMessage: 'This email address is already in use by another account',
+      })
+    }
+
+    await Member.findByIdAndUpdate(
+      member._id,
+      {
+        $set: { email: newEmail },
+        $push: {
+          emailHistory: {
+            email: oldEmail,
+            changedAt: new Date(),
+          },
+        },
+      },
+      { runValidators: false }
+    )
+
+    return {
+      success: true,
+      email: newEmail,
+    }
+  } catch (error) {
+    if (error.statusCode) throw error
+    console.error('Error updating email:', error)
+    throw createError({
+      statusCode: 500,
+      statusMessage: 'An unexpected error occurred',
+    })
+  }
+})

server/migrations/import-babyghosts-preregistrations.js

@@ -0,0 +1,109 @@
+// Migration: copy pre-registrations from babyghosts → ghostguild
+//
+// Usage (from ghostguild-org root):
+//   BG_MONGODB_URI="<babyghosts uri>" node server/migrations/import-babyghosts-preregistrations.js
+//
+// The ghostguild URI is read from NUXT_MONGODB_URI or MONGODB_URI in your .env.
+// Set DRY_RUN=1 to preview without writing anything.
+
+import { MongoClient } from "mongodb";
+import { config } from "dotenv";
+import { resolve, dirname } from "path";
+import { fileURLToPath } from "url";
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+config({ path: resolve(__dirname, "../../.env") });
+
+const BG_URI = process.env.BG_MONGODB_URI;
+const GG_URI = process.env.NUXT_MONGODB_URI || process.env.MONGODB_URI;
+const DRY_RUN = process.env.DRY_RUN === "1";
+
+if (!BG_URI) {
+  console.error("ERROR: BG_MONGODB_URI is not set.");
+  process.exit(1);
+}
+if (!GG_URI) {
+  console.error(
+    "ERROR: No ghostguild MongoDB URI found (NUXT_MONGODB_URI or MONGODB_URI).",
+  );
+  process.exit(1);
+}
+
+async function run() {
+  console.log("=== Importing babyghosts pre-registrations into ghostguild ===");
+  if (DRY_RUN) console.log("DRY RUN – nothing will be written.\n");
+
+  const bgClient = new MongoClient(BG_URI);
+  const ggClient = new MongoClient(GG_URI);
+
+  await bgClient.connect();
+  await ggClient.connect();
+
+  try {
+    const source = bgClient.db("babyghosts").collection("guild_waitlist");
+    const dest = ggClient.db().collection("preregistrations");
+
+    const records = await source.find({}).toArray();
+    console.log(
+      `Found ${records.length} record(s) in babyghosts.guild_waitlist.\n`,
+    );
+
+    if (records.length === 0) {
+      console.log("Nothing to import.");
+      return;
+    }
+
+    let inserted = 0;
+    let skipped = 0;
+    let errors = 0;
+
+    for (const doc of records) {
+      const email = doc.email?.trim().toLowerCase();
+
+      if (!email) {
+        console.warn(`  SKIP – record ${doc._id} has no email.`);
+        skipped++;
+        continue;
+      }
+
+      if (DRY_RUN) {
+        console.log(`  [dry-run] ${email}`);
+        inserted++;
+        continue;
+      }
+
+      try {
+        const result = await dest.updateOne(
+          { email },
+          { $setOnInsert: doc },
+          { upsert: true },
+        );
+
+        if (result.upsertedCount > 0) {
+          console.log(`  INSERT  ${email}`);
+          inserted++;
+        } else {
+          console.log(`  EXISTS  ${email} (skipped)`);
+          skipped++;
+        }
+      } catch (err) {
+        console.error(`  ERROR   ${email}: ${err.message}`);
+        errors++;
+      }
+    }
+
+    console.log("\n=== Summary ===");
+    console.log(`  Inserted : ${inserted}`);
+    console.log(`  Skipped  : ${skipped}`);
+    console.log(`  Errors   : ${errors}`);
+  } finally {
+    await bgClient.close();
+    await ggClient.close();
+    console.log("\nDone.");
+  }
+}
+
+run().catch((err) => {
+  console.error("Unexpected error:", err);
+  process.exit(1);
+});

server/models/member.js

@@ -11,6 +11,12 @@ const getValidContributionValues = () => ["0", "5", "15", "30", "50"];
 
 const memberSchema = new mongoose.Schema({
   email: { type: String, required: true, unique: true },
+  emailHistory: [
+    {
+      email: { type: String, required: true },
+      changedAt: { type: Date, default: Date.now },
+    },
+  ],
   name: { type: String, required: true },
   circle: {
     type: String,