add /update route

2026-04-19 19:55:17 +00:00 · 2025-11-10 10:22:40 -05:00 · 2025-11-10 10:22:40 -05:00 · 58e90d7b40
commit 58e90d7b40
parent 1ed7d49ce4
4 changed files with 142 additions and 2 deletions
--- a/src/api/index.js
+++ b/src/api/index.js
@ -1,6 +1,6 @@
 import express from "express"; 
 import spaces from './spaces/space.route.js';
-import auth from './users/auth.route.js';
+import users from './users/users.route.js';
 import admin from './admin/admin.route.js';


@ -13,6 +13,6 @@ router.get('/', (req, res) => {
 });

 router.use('/spaces/', spaces);
-router.use('/users/', auth);
+router.use('/users/', users);
 router.use('/admin/', admin);
 export default router;
--- a/src/api/users/update.route.js
+++ b/src/api/users/update.route.js
@ -0,0 +1,41 @@
+import express from 'express';
+import { updateUser } from '../../utils/user.js';
+
+const router = express.Router();
+
+router.post('/', async (req, res) => {
+  try {
+    const { authorization, email, username, hackatime_api_key } = req.body;
+    
+    if (!authorization) {
+      return res.status(401).json({
+        success: false,
+        message: 'Authorization token is required'
+      });
+    }
+
+    const updateData = {};
+    if (email !== undefined) updateData.email = email;
+    if (username !== undefined) updateData.username = username;
+    if (hackatime_api_key !== undefined) updateData.hackatime_api_key = hackatime_api_key;
+
+    const updatedUser = await updateUser(authorization, updateData);
+    
+    res.status(200).json({
+      success: true,
+      message: 'User updated successfully'
+    });
+    
+  } catch (error) {
+    console.error('Error in /update route:', error);
+    
+    const statusCode = error.statusCode || 500;
+    res.status(statusCode).json({
+      success: false,
+      message: error.message || 'Failed to update user',
+      error: process.env.NODE_ENV === 'development' ? error.message : undefined
+    });
+  }
+});
+
+export default router;
--- a/src/api/users/users.route.js
+++ b/src/api/users/users.route.js
@ -0,0 +1,16 @@
+import express from "express"; 
+import auth from './auth.route.js';
+import update from './update.route.js';
+
+
+const router = express.Router();
+
+router.get('/', (req, res) => {
+  res.status(200).json({
+    message: 'Users API Route',
+  });
+});
+ 
+router.use('/', auth);
+router.use('/update', update);
+export default router;
--- a/src/utils/user.js
+++ b/src/utils/user.js
@ -52,4 +52,87 @@ export const checkUserSpaceLimit = async (userId) => {
    console.error('Error checking space limit:', error);
    throw error;
  }
+};
+
+export const updateUser = async (authorization, updateData) => {
+  if (!authorization) {
+    throw new Error("Authorization token is required");
+  }
+
+  try {
+    const user = await pg('users')
+      .where('authorization', authorization)
+      .first();
+
+    if (!user) {
+      const error = new Error("User not found");
+      error.statusCode = 404;
+      throw error;
+    }
+
+    const updates = {};
+    
+    if (updateData.email !== undefined) {
+      const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+      if (!emailRegex.test(updateData.email)) {
+        const error = new Error("Invalid email format");
+        error.statusCode = 400;
+        throw error;
+      }
+      
+      const existingEmail = await pg('users')
+        .where('email', updateData.email)
+        .whereNot('id', user.id)
+        .first();
+      
+      if (existingEmail) {
+        const error = new Error("Email already in use");
+        error.statusCode = 409;
+        throw error;
+      }
+      
+      updates.email = updateData.email;
+    }
+    
+    if (updateData.username !== undefined) {
+      if (updateData.username.length > 100) {
+        const error = new Error("Username must be 100 characters or less");
+        error.statusCode = 400;
+        throw error;
+      }
+      
+      const existingUsername = await pg('users')
+        .where('username', updateData.username)
+        .whereNot('id', user.id)
+        .first();
+      
+      if (existingUsername) {
+        const error = new Error("Username already taken");
+        error.statusCode = 409;
+        throw error;
+      }
+      
+      updates.username = updateData.username;
+    }
+    
+    if (updateData.hackatime_api_key !== undefined) {
+      updates.hackatime_api_key = updateData.hackatime_api_key;
+    }
+
+    if (Object.keys(updates).length === 0) {
+      const error = new Error("No valid fields to update");
+      error.statusCode = 400;
+      throw error;
+    }
+
+    const [updatedUser] = await pg('users')
+      .where('authorization', authorization)
+      .update(updates)
+      .returning(['id', 'email', 'username', 'hackatime_api_key']);
+
+    return updatedUser;
+  } catch (error) {
+    console.error('Error updating user:', error);
+    throw error;
+  }
 };