helpyourneighbour/backend/src/routes/profile.js

import { Router } from 'express';
import { z } from 'zod';
import { pool } from '../db/connection.js';
import { requireAuth } from '../middleware/auth.js';
import { encryptText } from '../services/encryption.js';

const router = Router();

router.post('/phone', requireAuth, async (req, res) => {
  const parsed = z.object({ phone: z.string().min(6).max(40) }).safeParse(req.body);
  if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() });

  const encryptedPhone = encryptText(parsed.data.phone);
  await pool.query('UPDATE users SET phone_encrypted = ? WHERE id = ?', [encryptedPhone, req.user.userId]);

  res.json({ status: 'updated' });
});

export default router;
feat: add server-side encryption for address and phone 2026-03-04 18:02:42 +00:00			`import { Router } from 'express';`
			`import { z } from 'zod';`
			`import { pool } from '../db/connection.js';`
			`import { requireAuth } from '../middleware/auth.js';`
			`import { encryptText } from '../services/encryption.js';`

			`const router = Router();`

			`router.post('/phone', requireAuth, async (req, res) => {`
			`const parsed = z.object({ phone: z.string().min(6).max(40) }).safeParse(req.body);`
			`if (!parsed.success) return res.status(400).json({ error: parsed.error.flatten() });`

			`const encryptedPhone = encryptText(parsed.data.phone);`
			`await pool.query('UPDATE users SET phone_encrypted = ? WHERE id = ?', [encryptedPhone, req.user.userId]);`

			`res.json({ status: 'updated' });`
			`});`

			`export default router;`