feat(profile): implement jwt-protected profile endpoint with service layer

- Add JWT authentication middleware with token verification
- Create profile service to fetch customer data from database
- Implement error handling and logging for profile operations

app/routers/profile_router.py

@@ -1,11 +1,52 @@
 
 ## bookmyservice-ums/app/routers/profile_router.py
 
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends, HTTPException, status
+from typing import Dict, Any
+import logging
+
+from app.utils.jwt import get_current_user_id
+from app.services.profile_service import profile_service
+
+logger = logging.getLogger(__name__)
 
 router = APIRouter()
 
-@router.get("/me")
-def get_profile():
-    return {"user": "Sample user profile - implement real logic here"}
+@router.get("/me", response_model=Dict[str, Any])
+async def get_profile(current_user_id: str = Depends(get_current_user_id)):
+    """
+    Get current user's profile from customers collection.
+    
+    This endpoint is JWT protected and requires a valid Bearer token.
+    
+    Args:
+        current_user_id (str): User ID extracted from JWT token
+        
+    Returns:
+        Dict[str, Any]: Customer profile data
+        
+    Raises:
+        HTTPException: 401 if token is invalid, 404 if profile not found
+    """
+    try:
+        logger.info(f"Profile request for user: {current_user_id}")
+        
+        # Fetch customer profile using the service
+        profile_data = await profile_service.get_customer_profile(current_user_id)
+        
+        return {
+            "success": True,
+            "message": "Profile retrieved successfully",
+            "data": profile_data
+        }
+        
+    except HTTPException:
+        # Re-raise HTTP exceptions from service
+        raise
+    except Exception as e:
+        logger.error(f"Unexpected error in get_profile: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Internal server error"
+        )
 

app/services/profile_service.py

@@ -0,0 +1,72 @@
+"""
+Profile service for customer profile operations.
+"""
+
+import logging
+from typing import Optional, Dict, Any
+from bson import ObjectId
+from app.core.nosql_client import db
+from fastapi import HTTPException, status
+
+logger = logging.getLogger(__name__)
+
+class ProfileService:
+    """Service class for profile-related operations."""
+    
+    @staticmethod
+    async def get_customer_profile(user_id: str) -> Dict[str, Any]:
+        """
+        Fetch customer profile from the customers collection.
+        
+        Args:
+            user_id (str): The user ID from JWT token
+            
+        Returns:
+            Dict[str, Any]: Customer profile data
+            
+        Raises:
+            HTTPException: If customer not found or database error
+        """
+        try:
+            # Convert string ID to ObjectId if needed
+            if ObjectId.is_valid(user_id):
+                query = {"_id": ObjectId(user_id)}
+            else:
+                # If not a valid ObjectId, try searching by other fields
+                query = {"$or": [
+                    {"user_id": user_id},
+                    {"email": user_id},
+                    {"mobile": user_id}
+                ]}
+            
+            logger.info(f"Fetching profile for user: {user_id}")
+            
+            # Fetch customer from customers collection
+            customer = await db.customers.find_one(query)
+            
+            if not customer:
+                logger.warning(f"Customer not found for user_id: {user_id}")
+                raise HTTPException(
+                    status_code=status.HTTP_404_NOT_FOUND,
+                    detail="Customer profile not found"
+                )
+            
+            # Convert ObjectId to string for JSON serialization
+            if "_id" in customer:
+                customer["_id"] = str(customer["_id"])
+            
+            logger.info(f"Successfully fetched profile for user: {user_id}")
+            return customer
+            
+        except HTTPException:
+            # Re-raise HTTP exceptions
+            raise
+        except Exception as e:
+            logger.error(f"Error fetching customer profile for user {user_id}: {str(e)}")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="Internal server error while fetching profile"
+            )
+
+# Create service instance
+profile_service = ProfileService()

app/utils/jwt.py

@@ -3,10 +3,16 @@
 
 from jose import jwt, JWTError
 from datetime import datetime, timedelta
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from typing import Optional
+import os
 
-SECRET_KEY = "secret-key-placeholder"
+SECRET_KEY = os.getenv("JWT_SECRET_KEY", "secret-key-placeholder")
 ALGORITHM = "HS256"
 
+# Security scheme
+security = HTTPBearer()
 
 def create_access_token(data: dict, expires_minutes: int = 60):
     to_encode = data.copy()
@@ -21,4 +27,36 @@ def decode_token(token: str) -> dict:
     try:
         return jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
     except JWTError:
-        return {}
+        return {}
+
+def verify_token(token: str) -> dict:
+    """
+    Verify and decode JWT token, raise HTTPException if invalid.
+    """
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        user_id: str = payload.get("sub")
+        if user_id is None:
+            raise credentials_exception
+        return payload
+    except JWTError:
+        raise credentials_exception
+
+async def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(security)) -> dict:
+    """
+    Dependency to get current authenticated user from JWT token.
+    """
+    token = credentials.credentials
+    return verify_token(token)
+
+async def get_current_user_id(current_user: dict = Depends(get_current_user)) -> str:
+    """
+    Dependency to get current user ID.
+    """
+    return current_user.get("sub")