MeetUp/src/app/api/user/me/route.ts

import { auth } from '@/auth';
import { NextResponse } from 'next/server';
import { prisma } from '@/prisma';
import {
  userEmailSchema,
  userFirstNameSchema,
  userNameSchema,
  userLastNameSchema,
} from '@/lib/validation/user';
import { z } from 'zod/v4';

const patchUserMeSchema = z.object({
  name: userNameSchema.optional(),
  first_name: userFirstNameSchema.optional(),
  last_name: userLastNameSchema.optional(),
  email: userEmailSchema.optional(),
  image: z.string().optional(),
  timezone: z.string().optional(),
});

/**
 * @swagger
 * /api/user/me:
 *  get:
 *   summary: Get the currently authenticated user's information
 *   description: Retrieve the information of the currently authenticated user.
 *   tags:
 *    - User
 *   responses:
 *    200:
 *     description: User information retrieved successfully.
 *     content:
 *      application/json:
 *       schema:
 *        type: object
 *        properties:
 *         success:
 *          type: boolean
 *          default: true
 *         user:
 *          $ref: '#/components/schemas/User'
 *    401:
 *     description: User is not authenticated.
 *     content:
 *      application/json:
 *       schema:
 *        $ref: '#/components/schemas/ErrorResponse'
 *       example:
 *        success: false
 *        message: 'Not authenticated'
 *    404:
 *     description: User not found.
 *     content:
 *      application/json:
 *       schema:
 *        $ref: '#/components/schemas/ErrorResponse'
 *       example:
 *        success: false
 *        message: 'User not found'
 */
export const GET = auth(async function GET(req) {
  if (!req.auth)
    return NextResponse.json(
      { success: false, message: 'Not authenticated' },
      { status: 401 },
    );
  if (!req.auth.user || !req.auth.user.id)
    return NextResponse.json(
      { success: false, message: 'User not found' },
      { status: 404 },
    );

  const dbUser = await prisma.user.findUnique({
    where: {
      id: req.auth.user.id,
    },
    select: {
      id: true,
      name: true,
      first_name: true,
      last_name: true,
      email: true,
      image: true,
      timezone: true,
      created_at: true,
      updated_at: true,
    },
  });
  if (!dbUser)
    return NextResponse.json(
      { success: false, message: 'User not found' },
      { status: 404 },
    );

  return NextResponse.json(
    {
      success: true,
      user: {
        ...dbUser,
      },
    },
    { status: 200 },
  );
});

/**
 * @swagger
 * /api/user/me:
 *  patch:
 *   summary: Update the currently authenticated user's information
 *   description: Update the information of the currently authenticated user.
 *   tags:
 *    - User
 *   requestBody:
 *    required: true
 *    content:
 *     application/json:
 *      schema:
 *       type: object
 *       properties:
 *        name:
 *         type: string
 *         description: Username of the user.
 *        first_name:
 *         type: string
 *         description: First name of the user.
 *        last_name:
 *         type: string
 *         description: Last name of the user.
 *        email:
 *         type: string
 *         description: Email address of the user.
 *        image:
 *         type: string
 *         description: URL of the user's profile image.
 *        timezone:
 *         type: string
 *         description: Timezone of the user.
 *   responses:
 *    200:
 *     description: User information updated successfully.
 *     content:
 *      application/json:
 *       schema:
 *        type: object
 *        properties:
 *         success:
 *          type: boolean
 *          default: true
 *         user:
 *          $ref: '#/components/schemas/User'
 *    401:
 *     description: User is not authenticated.
 *     content:
 *      application/json:
 *       schema:
 *        $ref: '#/components/schemas/ErrorResponse'
 *       example:
 *        success: false
 *        message: 'Not authenticated'
 *    404:
 *     description: User not found.
 *     content:
 *      application/json:
 *       schema:
 *        $ref: '#/components/schemas/ErrorResponse'
 *       example:
 *        success: false
 *        message: 'User not found'
 *    400:
 *     description: Bad request due to invalid input data.
 *     content:
 *      application/json:
 *       schema:
 *        $ref: '#/components/schemas/ErrorResponse'
 *       example:
 *        success: false
 *        message: 'Invalid input data'
 */
export const PATCH = auth(async function PATCH(req) {
  if (!req.auth)
    return NextResponse.json(
      { success: false, message: 'Not authenticated' },
      { status: 401 },
    );
  if (!req.auth.user)
    return NextResponse.json(
      { success: false, message: 'User not found' },
      { status: 404 },
    );

  const dataRaw = await req.json();
  const data = await patchUserMeSchema.safeParseAsync(dataRaw);
  if (!data.success) {
    return NextResponse.json(
      {
        success: false,
        message: 'Invalid request data',
        errors: data.error.issues,
      },
      { status: 400 },
    );
  }
  const { name, first_name, last_name, email, image, timezone } = data.data;
  const updatedUser = await prisma.user.update({
    where: {
      id: req.auth.user.id,
    },
    data: {
      name,
      first_name,
      last_name,
      email,
      image,
      timezone,
    },
    select: {
      id: true,
      name: true,
      first_name: true,
      last_name: true,
      email: true,
      image: true,
      timezone: true,
      created_at: true,
      updated_at: true,
    },
  });
  if (!updatedUser)
    return NextResponse.json(
      { success: false, message: 'User not found' },
      { status: 404 },
    );
  return NextResponse.json(
    {
      success: true,
      user: updatedUser,
    },
    { status: 200 },
  );
});