Implement task 6.1: Create PUT /api/auth/profile endpoint for updating user display name

- Create src/app/api/auth/profile/route.ts with PUT handler - Validates user is authenticated (returns 401 if not) - Validates request body has a non-empty name field - Updates user's name in the database - Returns 200 with updated user data Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-20 10:20:20 +01:00 · 2026-02-20 10:20:20 +01:00 · c36ab7c146
commit c36ab7c146
parent d4e92cf88f
27 changed files with 2699 additions and 2 deletions
--- a/src/app/api/auth/profile/route.ts
+++ b/src/app/api/auth/profile/route.ts
@ -0,0 +1,43 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { eq } from 'drizzle-orm';
+import { db } from '@/lib/db';
+import { users } from '@/lib/db/schema';
+import { getAuthUser } from '@/lib/auth';
+
+export async function PUT(request: NextRequest) {
+  // Get authenticated user
+  const user = await getAuthUser();
+  if (!user) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  }
+
+  // Parse request body
+  let body: unknown;
+  try {
+    body = await request.json();
+  } catch {
+    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 });
+  }
+
+  const { name } = body as Record<string, unknown>;
+
+  // Validate name field exists
+  if (!name || typeof name !== 'string' || name.trim() === '') {
+    return NextResponse.json({ error: 'Name is required' }, { status: 400 });
+  }
+
+  // Update user in database
+  const [updatedUser] = await db
+    .update(users)
+    .set({
+      name: name.trim(),
+      updated_at: new Date(),
+    })
+    .where(eq(users.id, user.id))
+    .returning({ id: users.id, email: users.email, name: users.name });
+
+  return NextResponse.json(
+    { id: updatedUser.id, email: updatedUser.email, name: updatedUser.name },
+    { status: 200 }
+  );
+}