Merge pull request #106 from SatyamPrakash09/feat/user-update

backend/app/routes/auth.py

@@ -2,11 +2,14 @@
 Auth API routes — register, login, and user profile.
 """
 from fastapi import APIRouter, Depends, HTTPException, status
+from langsmith import expect
+from sqlalchemy.exc import SQLAlchemyError
 from sqlalchemy.orm import Session
-
+from sqlalchemy import select
 from app.database import get_db
 from app.models import User
-from app.schemas import UserRegister, UserLogin, TokenResponse, UserResponse, RefreshRequest
+from app.schemas import UserRegister, UserLogin, TokenResponse, UserResponse, RefreshRequest, UserUpdate, \
+    UserUpdateResponse, UpdatePassword, UpdatePasswordResponse
 from app.auth import hash_password, verify_password, create_access_token, create_refresh_token, get_current_user, decode_token
 
 router = APIRouter(prefix="/auth", tags=["Authentication"])
@@ -102,3 +105,58 @@ def refresh_token(payload: RefreshRequest, db: Session = Depends(get_db)):
 def get_me(user: User = Depends(get_current_user)):
     """Get current authenticated user profile."""
     return UserResponse.model_validate(user)
+
+@router.put("/update")
+def update_user_info(payload:UserUpdate,
+                    user: User = Depends(get_current_user),
+                    db: Session = Depends(get_db))-> UserUpdateResponse:
+
+    """Update user info."""
+    if payload.username is None and payload.email is None:
+        raise HTTPException(status_code=400, detail="Username and email are required")
+
+    try:
+        if payload.username:
+            existing_user = db.execute(select(User).where(User.username == payload.username)).scalar_one_or_none()
+
+            if existing_user:
+                raise HTTPException(status_code=400, detail="Username already exists")
+            user.username = payload.username
+        if payload.email:
+            existing_user = db.execute(select(User).where(User.username == payload.email)).scalar_one_or_none()
+
+            if existing_user:
+                raise HTTPException(status_code=400, detail="Username already exists")
+            user.email = payload.email
+        db.commit()
+        db.refresh(user)
+        return user
+    except HTTPException:
+        raise
+    except SQLAlchemyError:
+        db.rollback()
+
+        raise HTTPException(status_code=400, detail="Database error")
+
+@router.put("/password")
+def update_password(payload:UpdatePassword,
+                    user: User = Depends(get_current_user),
+                    db: Session = Depends(get_db))-> UpdatePasswordResponse:
+    """Update user password."""
+    if not payload.password and not payload.confirm_password:
+        raise HTTPException(status_code=400, detail="Password and confirm_password are required")
+    if len(payload.password) == 0 and len(payload.confirm_password) == 0:
+        raise HTTPException(status_code=400, detail="Password and confirm_password are required")
+    if payload.password != payload.confirm_password:
+        raise HTTPException(status_code=400, detail="Password and confirm_password are different")
+    try:
+        hashed_password = hash_password(payload.password)
+        user.hashed_password = hashed_password
+        db.commit()
+        db.refresh(user)
+        return user
+    except HTTPException:
+        raise
+    except SQLAlchemyError:
+        db.rollback()
+        raise HTTPException(status_code=400, detail="Database error")

backend/app/schemas.py

@@ -18,6 +18,24 @@ class UserLogin(BaseModel):
     email: EmailStr
     password: str
 
+class UserUpdate(BaseModel):
+    email: Optional[EmailStr] = None
+    username:Optional[str] = None
+
+class UserUpdateResponse(BaseModel):
+    id: str
+    username: str
+    email: EmailStr
+
+class UpdatePassword(BaseModel):
+    password: str
+    confirm_password: str
+
+class UpdatePasswordResponse(BaseModel):
+    id: str
+    username: str
+    email: EmailStr
+    password_changed:bool = True
 
 class TokenResponse(BaseModel):
     access_token: str