From 418da74756430c97a35a34d1b58d8ad1d6d3add8 Mon Sep 17 00:00:00 2001
From: "Timothy J. Baek" <timothyjrbeck@gmail.com>
Date: Fri, 26 Jan 2024 20:27:45 -0800
Subject: [PATCH] feat: profile image update backend

---
 backend/apps/web/models/auths.py  |  4 +++
 backend/apps/web/models/users.py  | 14 ++++++++++
 backend/apps/web/routers/auths.py | 45 +++++++++++++++++++++++--------
 3 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/backend/apps/web/models/auths.py b/backend/apps/web/models/auths.py
index 00c66a2c..2124e620 100644
--- a/backend/apps/web/models/auths.py
+++ b/backend/apps/web/models/auths.py
@@ -63,6 +63,10 @@ class SigninForm(BaseModel):
     password: str
 
 
+class ProfileImageUrlForm(BaseModel):
+    profile_image_url: str
+
+
 class UpdatePasswordForm(BaseModel):
     password: str
     new_password: str
diff --git a/backend/apps/web/models/users.py b/backend/apps/web/models/users.py
index f86697f4..d387c8b5 100644
--- a/backend/apps/web/models/users.py
+++ b/backend/apps/web/models/users.py
@@ -108,6 +108,20 @@ class UsersTable:
         except:
             return None
 
+    def update_user_profile_image_url_by_id(
+        self, id: str, profile_image_url: str
+    ) -> Optional[UserModel]:
+        try:
+            query = User.update(profile_image_url=profile_image_url).where(
+                User.id == id
+            )
+            query.execute()
+
+            user = User.get(User.id == id)
+            return UserModel(**model_to_dict(user))
+        except:
+            return None
+
     def update_user_by_id(self, id: str, updated: dict) -> Optional[UserModel]:
         try:
             query = User.update(**updated).where(User.id == id)
diff --git a/backend/apps/web/routers/auths.py b/backend/apps/web/routers/auths.py
index a0772223..6a2f3895 100644
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@@ -11,6 +11,7 @@ import uuid
 from apps.web.models.auths import (
     SigninForm,
     SignupForm,
+    ProfileImageUrlForm,
     UpdatePasswordForm,
     UserResponse,
     SigninResponse,
@@ -40,14 +41,36 @@ async def get_session_user(user=Depends(get_current_user)):
     }
 
 
+############################
+# Update Profile Image Url
+############################
+
+
+@router.post("/update/profile", response_model=UserResponse)
+async def update_profile_image_url(
+    form_data: ProfileImageUrlForm, session_user=Depends(get_current_user)
+):
+    if session_user:
+        user = Users.update_user_profile_image_url_by_id(
+            session_user.id, form_data.profile_image_url
+        )
+        if user:
+            return user
+        else:
+            raise HTTPException(400, detail=ERROR_MESSAGES.DEFAULT())
+    else:
+        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
+
+
 ############################
 # Update Password
 ############################
 
 
 @router.post("/update/password", response_model=bool)
-async def update_password(form_data: UpdatePasswordForm,
-                          session_user=Depends(get_current_user)):
+async def update_password(
+    form_data: UpdatePasswordForm, session_user=Depends(get_current_user)
+):
     if session_user:
         user = Auths.authenticate_user(session_user.email, form_data.password)
 
@@ -93,18 +116,19 @@ async def signin(form_data: SigninForm):
 async def signup(request: Request, form_data: SignupForm):
     if not request.app.state.ENABLE_SIGNUP:
         raise HTTPException(400, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)
-        
+
     if not validate_email_format(form_data.email.lower()):
         raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)
-        
+
     if Users.get_user_by_email(form_data.email.lower()):
         raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
-        
+
     try:
         role = "admin" if Users.get_num_users() == 0 else "pending"
         hashed = get_password_hash(form_data.password)
-        user = Auths.insert_new_auth(form_data.email.lower(),
-                                     hashed, form_data.name, role)
+        user = Auths.insert_new_auth(
+            form_data.email.lower(), hashed, form_data.name, role
+        )
 
         if user:
             token = create_token(data={"email": user.email})
@@ -120,11 +144,10 @@ async def signup(request: Request, form_data: SignupForm):
                 "profile_image_url": user.profile_image_url,
             }
         else:
-            raise HTTPException(
-                500, detail=ERROR_MESSAGES.CREATE_USER_ERROR)
+            raise HTTPException(500, detail=ERROR_MESSAGES.CREATE_USER_ERROR)
     except Exception as err:
-        raise HTTPException(500,
-                            detail=ERROR_MESSAGES.DEFAULT(err))
+        raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err))
+
 
 ############################
 # ToggleSignUp