117 lines
2.6 KiB
JavaScript
117 lines
2.6 KiB
JavaScript
import jwt from "jsonwebtoken";
|
|
import Member from "../../models/member.js";
|
|
import { connectDB } from "../../utils/mongoose.js";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
await connectDB();
|
|
|
|
const token = getCookie(event, "auth-token");
|
|
|
|
if (!token) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: "Not authenticated",
|
|
});
|
|
}
|
|
|
|
let memberId;
|
|
try {
|
|
const decoded = jwt.verify(token, process.env.JWT_SECRET);
|
|
memberId = decoded.memberId;
|
|
} catch (err) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: "Invalid or expired token",
|
|
});
|
|
}
|
|
|
|
const body = await readBody(event);
|
|
|
|
// Define allowed profile fields
|
|
const allowedFields = [
|
|
"pronouns",
|
|
"timeZone",
|
|
"avatar",
|
|
"studio",
|
|
"bio",
|
|
"skills",
|
|
"location",
|
|
"socialLinks",
|
|
"offering",
|
|
"lookingFor",
|
|
"showInDirectory",
|
|
"helcimCustomerId",
|
|
];
|
|
|
|
// Define privacy fields
|
|
const privacyFields = [
|
|
"pronounsPrivacy",
|
|
"timeZonePrivacy",
|
|
"avatarPrivacy",
|
|
"studioPrivacy",
|
|
"bioPrivacy",
|
|
"skillsPrivacy",
|
|
"locationPrivacy",
|
|
"socialLinksPrivacy",
|
|
"offeringPrivacy",
|
|
"lookingForPrivacy",
|
|
];
|
|
|
|
// Build update object
|
|
const updateData = {};
|
|
|
|
allowedFields.forEach((field) => {
|
|
if (body[field] !== undefined) {
|
|
updateData[field] = body[field];
|
|
}
|
|
});
|
|
|
|
// Handle privacy settings
|
|
privacyFields.forEach((privacyField) => {
|
|
if (body[privacyField] !== undefined) {
|
|
const baseField = privacyField.replace("Privacy", "");
|
|
updateData[`privacy.${baseField}`] = body[privacyField];
|
|
}
|
|
});
|
|
|
|
try {
|
|
const member = await Member.findByIdAndUpdate(
|
|
memberId,
|
|
{ $set: updateData },
|
|
{ new: true, runValidators: true },
|
|
);
|
|
|
|
if (!member) {
|
|
throw createError({
|
|
statusCode: 404,
|
|
message: "Member not found",
|
|
});
|
|
}
|
|
|
|
// Return sanitized member data
|
|
return {
|
|
id: member._id,
|
|
email: member.email,
|
|
name: member.name,
|
|
circle: member.circle,
|
|
contributionTier: member.contributionTier,
|
|
pronouns: member.pronouns,
|
|
timeZone: member.timeZone,
|
|
avatar: member.avatar,
|
|
studio: member.studio,
|
|
bio: member.bio,
|
|
skills: member.skills,
|
|
location: member.location,
|
|
socialLinks: member.socialLinks,
|
|
offering: member.offering,
|
|
lookingFor: member.lookingFor,
|
|
showInDirectory: member.showInDirectory,
|
|
};
|
|
} catch (error) {
|
|
console.error("Profile update error:", error);
|
|
throw createError({
|
|
statusCode: 500,
|
|
message: "Failed to update profile",
|
|
});
|
|
}
|
|
});
|