7c2ed687c1
Backend changes: - Add PATCH /api/users/me endpoint for profile updates (firstName, lastName, email) - Add PATCH /api/users/me/password endpoint for password change - Email change triggers re-verification flow (emailVerified=false, new verification token/code) - Send verification email automatically on email change - Return new JWT token when email changes (to update emailVerified status) - Add validation for profile update and password change - Create user controller with updateProfile and changePassword functions Frontend changes: - Add ProfilePage with tabbed interface (Profile & Password tabs) - Profile tab: Edit firstName, lastName, email - Password tab: Change password (requires current password) - Add Profile link to navigation bar - Add authAPI.updateProfile() and authAPI.changePassword() functions - Update AuthContext user data when profile is updated - Display success/error messages for profile and password updates Security: - Username cannot be changed (permanent identifier) - Email uniqueness validation - Password change requires current password - Email change forces re-verification to prevent hijacking User flow: 1. User edits profile and changes email 2. Backend sets emailVerified=false and generates new verification tokens 3. Verification email sent to new address 4. User must verify new email to access all features 5. Banner appears until email is verified
spotlight.cam Backend
Node.js + Express backend for spotlight.cam - P2P video exchange app for dance events.
Features
- ✅ Express REST API
- ✅ CORS enabled
- ✅ Health check endpoint
- ✅ Error handling
- ✅ Unit tests (Jest + Supertest)
- ⏳ PostgreSQL integration (planned)
- ⏳ JWT authentication (planned)
- ⏳ Socket.IO for real-time chat (planned)
- ⏳ WebRTC signaling (planned)
API Endpoints
Health Check
GET /api/health- Backend health status
Future Endpoints
POST /api/auth/register- Register new userPOST /api/auth/login- Login userGET /api/users/me- Get current userGET /api/events- List eventsPOST /api/matches- Create matchPOST /api/ratings- Rate partner
Development
Install dependencies
npm install
Run in development mode
npm run dev
Run tests
npm test
Run tests in watch mode
npm run test:watch
Run in production mode
npm start
Environment Variables
Create a .env file (see .env.example):
NODE_ENV=development
PORT=3000
CORS_ORIGIN=http://localhost:8080
Project Structure
backend/
├── src/
│ ├── __tests__/ # Unit tests
│ │ └── app.test.js
│ ├── routes/ # API routes (future)
│ ├── controllers/ # Business logic (future)
│ ├── middleware/ # Custom middleware (future)
│ ├── utils/ # Helper functions (future)
│ ├── app.js # Express app setup
│ └── server.js # Server entry point
├── .env # Environment variables (gitignored)
├── .env.example # Environment variables template
├── package.json
└── Dockerfile
Testing
Tests are written using:
- Jest - Test framework
- Supertest - HTTP assertions
Run tests:
npm test
Current test coverage:
- Health check endpoint
- 404 error handling
- CORS configuration
- JSON body parsing
Docker
Build and run with Docker Compose (from project root):
docker compose up --build
Backend will be available at:
- Internal: http://backend:3000
- Through nginx: http://localhost:8080/api
Next Steps
- ✅ Basic Express setup
- ✅ Health check endpoint
- ✅ Unit tests
- ⏳ PostgreSQL connection
- ⏳ Database schema and migrations
- ⏳ Authentication (JWT + bcrypt)
- ⏳ Socket.IO for real-time chat
- ⏳ WebRTC signaling
License
TBD