2026-03-04 18:02:42 +00:00
|
|
|
import { Router } from 'express';
|
|
|
|
|
import { z } from 'zod';
|
|
|
|
|
import { pool } from '../db/connection.js';
|
|
|
|
|
import { requireAuth } from '../middleware/auth.js';
|
|
|
|
|
import { encryptText } from '../services/encryption.js';
|
|
|
|
|
|
|
|
|
|
const router = Router();
|
|
|
|
|
|
|
|
|
|
router.post('/phone', requireAuth, async (req, res) => {
|
2026-03-06 17:43:24 +00:00
|
|
|
try {
|
|
|
|
|
const parsed = z.object({ phone: z.string().min(6).max(40) }).safeParse(req.body);
|
|
|
|
|
if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() });
|
2026-03-04 18:02:42 +00:00
|
|
|
|
2026-03-06 17:43:24 +00:00
|
|
|
const encryptedPhone = encryptText(parsed.data.phone);
|
|
|
|
|
await pool.query('UPDATE users SET phone_encrypted = ? WHERE id = ?', [encryptedPhone, req.user.userId]);
|
2026-03-04 18:02:42 +00:00
|
|
|
|
2026-03-06 17:43:24 +00:00
|
|
|
res.status(200).json({ status: 'updated' });
|
|
|
|
|
} catch (error) {
|
|
|
|
|
console.error('Error updating phone:', error);
|
|
|
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
|
|
|
}
|
2026-03-04 18:02:42 +00:00
|
|
|
});
|
|
|
|
|
|
2026-03-06 17:43:24 +00:00
|
|
|
export default router;
|
