helpyourneighbour/backend/src/routes/profile.js

import { Router } from 'express';
import { z } from 'zod';
import { pool } from '../db/connection.js';
import { requireAuth } from '../middleware/auth.js';
import { encryptText } from '../services/encryption.js';

const router = Router();

router.post('/phone', requireAuth, async (req, res) => {
  try {
    const parsed = z.object({ phone: z.string().min(6).max(40) }).safeParse(req.body);
    if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() });

    const encryptedPhone = encryptText(parsed.data.phone);
    await pool.query('UPDATE users SET phone_encrypted = ? WHERE id = ?', [encryptedPhone, req.user.userId]);

    res.status(200).json({ status: 'updated' });
  } catch (error) {
    console.error('Error updating phone:', error);
    res.status(500).json({ error: 'Internal server error' });
  }
});

// GET /profile endpoint
router.get('/', requireAuth, async (req, res) => {
  try {
    const [rows] = await pool.query('SELECT id, name, email, phone_encrypted FROM users WHERE id = ?', [req.user.userId]);
    if (rows.length === 0) return res.status(404).json({ error: 'User not found' });

    const user = rows[0];
    // Decrypt phone number for response
    const decryptedPhone = user.phone_encrypted ? decryptText(user.phone_encrypted) : null;
    
    res.status(200).json({
      id: user.id,
      name: user.name,
      email: user.email,
      phone: decryptedPhone
    });
  } catch (error) {
    console.error('Error fetching profile:', error);
    res.status(500).json({ error: 'Internal server error' });
  }
});

export default router;
feat: add server-side encryption for address and phone 2026-03-04 18:02:42 +00:00			`import { Router } from 'express';`
			`import { z } from 'zod';`
			`import { pool } from '../db/connection.js';`
			`import { requireAuth } from '../middleware/auth.js';`
			`import { encryptText } from '../services/encryption.js';`

			`const router = Router();`

			`router.post('/phone', requireAuth, async (req, res) => {`
auto(agent): added try/catch and proper HTTP status codes in profile.js 2026-03-06 17:43:24 +00:00			`try {`
			`const parsed = z.object({ phone: z.string().min(6).max(40) }).safeParse(req.body);`
			`if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() });`
feat: add server-side encryption for address and phone 2026-03-04 18:02:42 +00:00
auto(agent): added try/catch and proper HTTP status codes in profile.js 2026-03-06 17:43:24 +00:00			`const encryptedPhone = encryptText(parsed.data.phone);`
			`await pool.query('UPDATE users SET phone_encrypted = ? WHERE id = ?', [encryptedPhone, req.user.userId]);`
feat: add server-side encryption for address and phone 2026-03-04 18:02:42 +00:00
auto(agent): added try/catch and proper HTTP status codes in profile.js 2026-03-06 17:43:24 +00:00			`res.status(200).json({ status: 'updated' });`
			`} catch (error) {`
			`console.error('Error updating phone:', error);`
			`res.status(500).json({ error: 'Internal server error' });`
			`}`
feat: add server-side encryption for address and phone 2026-03-04 18:02:42 +00:00			`});`

auto(agent): Add GET /profile endpoint and POST /phone test 2026-03-06 19:29:31 +00:00			`// GET /profile endpoint`
			`router.get('/', requireAuth, async (req, res) => {`
			`try {`
			`const [rows] = await pool.query('SELECT id, name, email, phone_encrypted FROM users WHERE id = ?', [req.user.userId]);`
			`if (rows.length === 0) return res.status(404).json({ error: 'User not found' });`

			`const user = rows[0];`
			`// Decrypt phone number for response`
			`const decryptedPhone = user.phone_encrypted ? decryptText(user.phone_encrypted) : null;`

			`res.status(200).json({`
			`id: user.id,`
			`name: user.name,`
			`email: user.email,`
			`phone: decryptedPhone`
			`});`
			`} catch (error) {`
			`console.error('Error fetching profile:', error);`
			`res.status(500).json({ error: 'Internal server error' });`
			`}`
			`});`

auto(agent): added try/catch and proper HTTP status codes in profile.js 2026-03-06 17:43:24 +00:00			`export default router;`