npm - hazo_auth - Versions diffs - 1.4.1 → 1.6.0 - Mend

hazo_auth 1.4.1 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (478) hide show

package/dist/app/api/hazo_auth/logout/route.js ADDED Viewed

@@ -0,0 +1,71 @@
+// file_description: API route for user logout
+// section: imports
+import { NextResponse } from "next/server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { get_auth_cache } from "../../../../lib/auth/auth_cache";
+import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
+// section: api_handler
+export async function POST(request) {
+    var _a, _b;
+    const logger = create_app_logger();
+    try {
+        // Get user info from cookie before clearing
+        const user_email = (_a = request.cookies.get("hazo_auth_user_email")) === null || _a === void 0 ? void 0 : _a.value;
+        const user_id = (_b = request.cookies.get("hazo_auth_user_id")) === null || _b === void 0 ? void 0 : _b.value;
+        // Clear authentication cookies
+        const response = NextResponse.json({
+            success: true,
+            message: "Logout successful",
+        }, { status: 200 });
+        // Clear cookies by setting them to expire in the past
+        response.cookies.set("hazo_auth_user_email", "", {
+            expires: new Date(0),
+            path: "/",
+        });
+        response.cookies.set("hazo_auth_user_id", "", {
+            expires: new Date(0),
+            path: "/",
+        });
+        // Invalidate user cache
+        if (user_id) {
+            try {
+                const config = get_auth_utility_config();
+                const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
+                cache.invalidate_user(user_id);
+            }
+            catch (cache_error) {
+                // Log but don't fail logout if cache invalidation fails
+                const cache_error_message = cache_error instanceof Error
+                    ? cache_error.message
+                    : "Unknown error";
+                logger.warn("logout_cache_invalidation_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    user_id,
+                    error: cache_error_message,
+                });
+            }
+        }
+        if (user_email || user_id) {
+            logger.info("logout_successful", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id: user_id || "unknown",
+                email: user_email || "unknown",
+            });
+        }
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("logout_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Logout failed. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/me/route.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function GET(request: NextRequest): Promise<NextResponse<unknown>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/me/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/me/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAIxD,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW,kCAuC7C"}

package/dist/app/api/hazo_auth/me/route.js ADDED Viewed

@@ -0,0 +1,34 @@
+// file_description: API route to get current authenticated user information
+// section: imports
+import { NextResponse } from "next/server";
+import { get_authenticated_user_with_response } from "../../../../lib/auth/auth_utils.server";
+// section: api_handler
+export async function GET(request) {
+    try {
+        // Use centralized auth utility
+        const { auth_result, response } = await get_authenticated_user_with_response(request);
+        // If response is provided, it means cookies were cleared (invalid auth)
+        if (response) {
+            return response;
+        }
+        // If not authenticated, return false
+        if (!auth_result.authenticated) {
+            return NextResponse.json({ authenticated: false }, { status: 200 });
+        }
+        // Return user info
+        return NextResponse.json({
+            authenticated: true,
+            user_id: auth_result.user_id,
+            email: auth_result.email,
+            name: auth_result.name,
+            email_verified: auth_result.email_verified,
+            last_logon: auth_result.last_logon,
+            profile_picture_url: auth_result.profile_picture_url,
+            profile_source: auth_result.profile_source,
+        }, { status: 200 });
+    }
+    catch (error) {
+        // On error, assume not authenticated
+        return NextResponse.json({ authenticated: false }, { status: 200 });
+    }
+}

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function GET(request: NextRequest, { params }: {
+    params: {
+        filename: string;
+    };
+}): Promise<NextResponse<unknown>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/app/api/hazo_auth/profile_picture/[filename]/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAMxD,wBAAsB,GAAG,CACvB,OAAO,EAAE,WAAW,EACpB,EAAE,MAAM,EAAE,EAAE;IAAE,MAAM,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,kCAuD7C"}

package/dist/app/api/hazo_auth/profile_picture/[filename]/route.js ADDED Viewed

@@ -0,0 +1,43 @@
+// file_description: API route to serve uploaded profile pictures
+// section: imports
+import { NextResponse } from "next/server";
+import { get_profile_picture_config } from "../../../../../lib/profile_picture_config.server";
+import fs from "fs";
+import path from "path";
+// section: api_handler
+export async function GET(request, { params }) {
+    try {
+        const config = get_profile_picture_config();
+        if (!config.allow_photo_upload || !config.upload_photo_path) {
+            return NextResponse.json({ error: "Profile picture upload is not enabled" }, { status: 404 });
+        }
+        const filename = params.filename;
+        // Validate filename (prevent path traversal)
+        if (filename.includes("..") || filename.includes("/") || filename.includes("\\")) {
+            return NextResponse.json({ error: "Invalid filename" }, { status: 400 });
+        }
+        // Resolve upload path
+        const uploadPath = path.isAbsolute(config.upload_photo_path)
+            ? config.upload_photo_path
+            : path.resolve(process.cwd(), config.upload_photo_path);
+        const filePath = path.join(uploadPath, filename);
+        // Check if file exists
+        if (!fs.existsSync(filePath)) {
+            return NextResponse.json({ error: "File not found" }, { status: 404 });
+        }
+        // Read file
+        const fileBuffer = fs.readFileSync(filePath);
+        const fileExt = path.extname(filename).toLowerCase();
+        const contentType = fileExt === ".png" ? "image/png" : "image/jpeg";
+        // Return file with appropriate content type
+        return new NextResponse(fileBuffer, {
+            headers: {
+                "Content-Type": contentType,
+                "Cache-Control": "public, max-age=31536000, immutable",
+            },
+        });
+    }
+    catch (error) {
+        return NextResponse.json({ error: "Failed to serve profile picture" }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/register/route.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    user_id: string | undefined;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/register/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/register/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;IAiG9C"}

package/dist/app/api/hazo_auth/register/route.js ADDED Viewed

@@ -0,0 +1,80 @@
+// file_description: API route for user registration using hazo_connect to insert into hazo_users table
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { register_user } from "../../../../lib/services/registration_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { sanitize_error_for_user } from "../../../../lib/utils/error_sanitizer";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { name, email, password, url_on_logon } = body;
+        // Validate input
+        if (!email || !password) {
+            logger.warn("registration_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+                has_password: !!password,
+            });
+            return NextResponse.json({ error: "Email and password are required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("registration_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Register user using the registration service
+        const result = await register_user(hazoConnect, {
+            email,
+            password,
+            name,
+            url_on_logon,
+        });
+        if (!result.success) {
+            const status_code = result.error === "Email address already registered" ? 409 : 500;
+            logger.warn("registration_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+            });
+            return NextResponse.json({ error: result.error || "Registration failed" }, { status: status_code });
+        }
+        logger.info("registration_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: result.user_id,
+            email,
+            has_name: !!name,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Registration successful",
+            user_id: result.user_id,
+        }, { status: 201 });
+    }
+    catch (error) {
+        const user_friendly_error = sanitize_error_for_user(error, {
+            logToConsole: true,
+            logToLogger: true,
+            logger,
+            context: {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                operation: "register_api_route",
+            },
+        });
+        return NextResponse.json({ error: user_friendly_error }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function DELETE(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/remove_profile_picture/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,MAAM,CAAC,OAAO,EAAE,WAAW;;;;;IA2EhD"}

package/dist/app/api/hazo_auth/remove_profile_picture/route.js ADDED Viewed

@@ -0,0 +1,64 @@
+// file_description: API route for removing profile pictures
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { remove_user_profile_picture } from "../../../../lib/services/profile_picture_remove_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function DELETE(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const { require_auth } = await import("../../../../lib/auth/auth_utils.server");
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("profile_picture_remove_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        // Get singleton hazo_connect instance
+        const hazoConnect = get_hazo_connect_instance();
+        // Remove profile picture
+        const result = await remove_user_profile_picture(hazoConnect, user_id);
+        if (!result.success) {
+            logger.warn("profile_picture_remove_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                error: result.error,
+            });
+            return NextResponse.json({ error: result.error || "Failed to remove profile picture" }, { status: 400 });
+        }
+        logger.info("profile_picture_remove_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Profile picture removed successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("profile_picture_remove_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to remove profile picture. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/resend_verification/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/resend_verification/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/resend_verification/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAiG9C"}

package/dist/app/api/hazo_auth/resend_verification/route.js ADDED Viewed

@@ -0,0 +1,79 @@
+// file_description: API route for resending email verification using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { resend_verification_email } from "../../../../lib/services/email_verification_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { email } = body;
+        // Validate input
+        if (!email) {
+            logger.warn("resend_verification_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email: email || "missing",
+            });
+            return NextResponse.json({ error: "Email is required" }, { status: 400 });
+        }
+        // Validate email format
+        const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!email_pattern.test(email)) {
+            logger.warn("resend_verification_invalid_email", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+            });
+            return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Resend verification email using the email verification service
+        const result = await resend_verification_email(hazoConnect, {
+            email,
+        });
+        if (!result.success) {
+            logger.error("resend_verification_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                email,
+                error: result.error,
+            });
+            // Return error response (500) when email sending fails
+            // This is a technical error, not a security issue, so we can reveal it
+            return NextResponse.json({
+                success: false,
+                error: result.error || "Failed to resend verification email",
+            }, { status: 500 });
+        }
+        logger.info("resend_verification_requested", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            email,
+        });
+        // Always return success to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists and is not verified, a verification link has been sent.",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("resend_verification_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        // Still return 200 OK to prevent email enumeration attacks
+        return NextResponse.json({
+            success: true,
+            message: "If an account with that email exists and is not verified, a verification link has been sent.",
+        }, { status: 200 });
+    }
+}

package/dist/app/api/hazo_auth/reset_password/route.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/reset_password/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/reset_password/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IA+F9C"}

package/dist/app/api/hazo_auth/reset_password/route.js ADDED Viewed

@@ -0,0 +1,76 @@
+// file_description: API route for resetting user password using a reset token
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { reset_password } from "../../../../lib/services/password_reset_service";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_password_requirements_config } from "../../../../lib/password_requirements_config.server";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { token, new_password } = body;
+        // Validate input
+        if (!token) {
+            logger.warn("password_reset_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "Token is required",
+            });
+            return NextResponse.json({ error: "Token is required" }, { status: 400 });
+        }
+        if (!new_password) {
+            logger.warn("password_reset_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "New password is required",
+            });
+            return NextResponse.json({ error: "New password is required" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Get password requirements from config
+        const passwordRequirements = get_password_requirements_config();
+        // Reset password using the password reset service
+        const result = await reset_password(hazoConnect, {
+            token,
+            new_password,
+            minimum_length: passwordRequirements.minimum_length,
+        });
+        if (!result.success) {
+            logger.warn("password_reset_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+            });
+            return NextResponse.json({
+                success: false,
+                error: result.error || "Failed to reset password",
+            }, { status: 400 });
+        }
+        logger.info("password_reset_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: result.user_id,
+            email: result.email,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Password has been reset successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        logger.error("password_reset_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error: error_message,
+        });
+        return NextResponse.json({
+            success: false,
+            error: "An error occurred while resetting your password",
+        }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/update_user/route.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function PATCH(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    email_changed: boolean | undefined;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/update_user/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/update_user/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,KAAK,CAAC,OAAO,EAAE,WAAW;;;;;;IAkH/C"}

package/dist/app/api/hazo_auth/update_user/route.js ADDED Viewed

@@ -0,0 +1,95 @@
+// file_description: API route for updating user profile information
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { update_user_profile } from "../../../../lib/services/user_update_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { require_auth } from "../../../../lib/auth/auth_utils.server";
+// section: api_handler
+export async function PATCH(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("user_update_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        const body = await request.json();
+        const { name, email, profile_picture_url, profile_source } = body;
+        // Validate input (at least one field must be provided)
+        if (name === undefined && email === undefined && profile_picture_url === undefined) {
+            logger.warn("user_update_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "No fields to update",
+            });
+            return NextResponse.json({ error: "At least one field (name, email, or profile_picture_url) must be provided" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance
+        const hazoConnect = get_hazo_connect_instance();
+        // Update user profile
+        const result = await update_user_profile(hazoConnect, user_id, {
+            name,
+            email,
+            profile_picture_url,
+            profile_source,
+        });
+        if (!result.success) {
+            logger.warn("user_update_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+                user_id,
+                email_changed: result.email_changed,
+            });
+            return NextResponse.json({ error: result.error || "Failed to update user profile" }, { status: 400 });
+        }
+        logger.info("user_update_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+            email_changed: result.email_changed,
+        });
+        // Create response
+        const response = NextResponse.json({
+            success: true,
+            message: "Profile updated successfully",
+            email_changed: result.email_changed,
+        }, { status: 200 });
+        // If email changed, update the cookie (match login route cookie settings)
+        if (result.email_changed && email) {
+            response.cookies.set("hazo_auth_user_email", email, {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === "production",
+                sameSite: "lax",
+                path: "/",
+                maxAge: 60 * 60 * 24 * 30, // 30 days
+            });
+        }
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("user_update_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to update user profile. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    profile_picture_url: string;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/upload_profile_picture/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAaxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;IA2P9C"}