phone auth, image uploading, address broken up

2025-07-30 19:12:56 -04:00
parent 72d79596ce
commit 7c6c120969
17 changed files with 759 additions and 182 deletions
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@@ -1,20 +1,20 @@
-const express = require('express');
-const jwt = require('jsonwebtoken');
-const { User } = require('../models'); // Import from models/index.js to get models with associations
+const express = require("express");
+const jwt = require("jsonwebtoken");
+const { User } = require("../models"); // Import from models/index.js to get models with associations
 const router = express.Router();

-router.post('/register', async (req, res) => {
+router.post("/register", async (req, res) => {
  try {
    const { username, email, password, firstName, lastName, phone } = req.body;

    const existingUser = await User.findOne({
      where: {
-        [require('sequelize').Op.or]: [{ email }, { username }]
-      }
+        [require("sequelize").Op.or]: [{ email }, { username }],
+      },
    });

    if (existingUser) {
-      return res.status(400).json({ error: 'User already exists' });
+      return res.status(400).json({ error: "User already exists" });
    }

    const user = await User.create({
@@ -23,11 +23,11 @@ router.post('/register', async (req, res) => {
      password,
      firstName,
      lastName,
-      phone
+      phone,
    });

-    const token = jwt.sign({ userId: user.id }, process.env.JWT_SECRET, {
-      expiresIn: '7d'
+    const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET, {
+      expiresIn: "7d",
    });

    res.status(201).json({
@@ -36,27 +36,27 @@ router.post('/register', async (req, res) => {
        username: user.username,
        email: user.email,
        firstName: user.firstName,
-        lastName: user.lastName
+        lastName: user.lastName,
      },
-      token
+      token,
    });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
 });

-router.post('/login', async (req, res) => {
+router.post("/login", async (req, res) => {
  try {
    const { email, password } = req.body;

    const user = await User.findOne({ where: { email } });

    if (!user || !(await user.comparePassword(password))) {
-      return res.status(401).json({ error: 'Invalid credentials' });
+      return res.status(401).json({ error: "Invalid credentials" });
    }

-    const token = jwt.sign({ userId: user.id }, process.env.JWT_SECRET, {
-      expiresIn: '7d'
+    const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET, {
+      expiresIn: "7d",
    });

    res.json({
@@ -65,13 +65,13 @@ router.post('/login', async (req, res) => {
        username: user.username,
        email: user.email,
        firstName: user.firstName,
-        lastName: user.lastName
+        lastName: user.lastName,
      },
-      token
+      token,
    });
  } catch (error) {
    res.status(500).json({ error: error.message });
  }
 });

-module.exports = router;
+module.exports = router;
--- a/backend/routes/phone-auth.js
+++ b/backend/routes/phone-auth.js
@@ -59,31 +59,25 @@ router.post("/verify-code", async (req, res) => {
    const storedData = verificationCodes.get(phoneNumber);

    if (!storedData) {
-      return res
-        .status(400)
-        .json({
-          message: "No verification code found. Please request a new one.",
-        });
+      return res.status(400).json({
+        message: "No verification code found. Please request a new one.",
+      });
    }

    // Check if code expired (10 minutes)
    if (Date.now() - storedData.createdAt > 10 * 60 * 1000) {
      verificationCodes.delete(phoneNumber);
-      return res
-        .status(400)
-        .json({
-          message: "Verification code expired. Please request a new one.",
-        });
+      return res.status(400).json({
+        message: "Verification code expired. Please request a new one.",
+      });
    }

    // Check attempts
    if (storedData.attempts >= 3) {
      verificationCodes.delete(phoneNumber);
-      return res
-        .status(400)
-        .json({
-          message: "Too many failed attempts. Please request a new code.",
-        });
+      return res.status(400).json({
+        message: "Too many failed attempts. Please request a new code.",
+      });
    }

    if (storedData.code !== code) {
--- a/backend/routes/users.js
+++ b/backend/routes/users.js
@@ -1,6 +1,9 @@
 const express = require('express');
 const { User } = require('../models'); // Import from models/index.js to get models with associations
 const { authenticateToken } = require('../middleware/auth');
+const { uploadProfileImage } = require('../middleware/upload');
+const fs = require('fs').promises;
+const path = require('path');
 const router = express.Router();

 router.get('/profile', authenticateToken, async (req, res) => {
@@ -32,15 +35,38 @@ router.get('/:id', async (req, res) => {

 router.put('/profile', authenticateToken, async (req, res) => {
  try {
-    const { firstName, lastName, phone, address, profileImage } = req.body;
+    const { 
+      firstName, 
+      lastName, 
+      email, 
+      phone, 
+      address1,
+      address2,
+      city,
+      state,
+      zipCode,
+      country
+    } = req.body;
    
-    await req.user.update({
+    // Build update object, excluding empty email
+    const updateData = {
      firstName,
      lastName,
      phone,
-      address,
-      profileImage
-    });
+      address1,
+      address2,
+      city,
+      state,
+      zipCode,
+      country
+    };
+    
+    // Only include email if it's not empty
+    if (email && email.trim() !== '') {
+      updateData.email = email;
+    }
+    
+    await req.user.update(updateData);

    const updatedUser = await User.findByPk(req.user.id, {
      attributes: { exclude: ['password'] }
@@ -48,8 +74,53 @@ router.put('/profile', authenticateToken, async (req, res) => {

    res.json(updatedUser);
  } catch (error) {
-    res.status(500).json({ error: error.message });
+    console.error('Profile update error:', error);
+    res.status(500).json({ 
+      error: error.message,
+      details: error.errors ? error.errors.map(e => ({ field: e.path, message: e.message })) : undefined
+    });
  }
 });

+// Upload profile image endpoint
+router.post('/profile/image', authenticateToken, (req, res) => {
+  uploadProfileImage(req, res, async (err) => {
+    if (err) {
+      console.error('Upload error:', err);
+      return res.status(400).json({ error: err.message });
+    }
+
+    if (!req.file) {
+      return res.status(400).json({ error: 'No file uploaded' });
+    }
+
+    try {
+      // Delete old profile image if exists
+      const user = await User.findByPk(req.user.id);
+      if (user.profileImage) {
+        const oldImagePath = path.join(__dirname, '../uploads/profiles', user.profileImage);
+        try {
+          await fs.unlink(oldImagePath);
+        } catch (unlinkErr) {
+          console.error('Error deleting old image:', unlinkErr);
+        }
+      }
+
+      // Update user with new image filename
+      await user.update({
+        profileImage: req.file.filename
+      });
+
+      res.json({
+        message: 'Profile image uploaded successfully',
+        filename: req.file.filename,
+        imageUrl: `/uploads/profiles/${req.file.filename}`
+      });
+    } catch (error) {
+      console.error('Database update error:', error);
+      res.status(500).json({ error: 'Failed to update profile image' });
+    }
+  });
+});
+
 module.exports = router;