From bbc5625b2dc7f05411cd47f655151a3720eeea20 Mon Sep 17 00:00:00 2001 From: counterweight Date: Fri, 19 Dec 2025 10:38:15 +0100 Subject: [PATCH] second round of review --- backend/main.py | 24 +++++++++++------------- backend/validation.py | 4 ++-- frontend/app/profile/page.tsx | 23 +++++++++++------------ 3 files changed, 24 insertions(+), 27 deletions(-) diff --git a/backend/main.py b/backend/main.py index fa7186a..cae2d61 100644 --- a/backend/main.py +++ b/backend/main.py @@ -343,23 +343,21 @@ class ProfileUpdate(BaseModel): nostr_npub: str | None = None -def require_regular_user(): +async def require_regular_user( + current_user: User = Depends(get_current_user), +) -> User: """Dependency that requires the user to have the 'regular' role.""" - async def checker( - current_user: User = Depends(get_current_user), - ) -> User: - if ROLE_REGULAR not in current_user.role_names: - raise HTTPException( - status_code=status.HTTP_403_FORBIDDEN, - detail="Profile access is only available to regular users", - ) - return current_user - return checker + if ROLE_REGULAR not in current_user.role_names: + raise HTTPException( + status_code=status.HTTP_403_FORBIDDEN, + detail="Profile access is only available to regular users", + ) + return current_user @app.get("/api/profile", response_model=ProfileResponse) async def get_profile( - current_user: User = Depends(require_regular_user()), + current_user: User = Depends(require_regular_user), ): """Get the current user's profile (contact details).""" return ProfileResponse( @@ -374,7 +372,7 @@ async def get_profile( async def update_profile( data: ProfileUpdate, db: AsyncSession = Depends(get_db), - current_user: User = Depends(require_regular_user()), + current_user: User = Depends(require_regular_user), ): """Update the current user's profile (contact details).""" # Validate all fields diff --git a/backend/validation.py b/backend/validation.py index b697306..3963667 100644 --- a/backend/validation.py +++ b/backend/validation.py @@ -34,8 +34,8 @@ def validate_telegram(value: str | None) -> str | None: if not value.startswith("@"): return "Telegram handle must start with @" - handle = value[1:] # Remove @ - if len(handle) < 1: + handle = value[1:] + if not handle: return "Telegram handle must have at least one character after @" if len(handle) > 32: diff --git a/frontend/app/profile/page.tsx b/frontend/app/profile/page.tsx index 9fcc393..31bb859 100644 --- a/frontend/app/profile/page.tsx +++ b/frontend/app/profile/page.tsx @@ -101,6 +101,15 @@ function validateForm(data: FormData): FieldErrors { return errors; } +function toFormData(data: ProfileData): FormData { + return { + contact_email: data.contact_email || "", + telegram: data.telegram || "", + signal: data.signal || "", + nostr_npub: data.nostr_npub || "", + }; +} + export default function ProfilePage() { const { user, isLoading, logout, hasRole } = useAuth(); const router = useRouter(); @@ -151,12 +160,7 @@ export default function ProfilePage() { }); if (res.ok) { const data: ProfileData = await res.json(); - const formValues: FormData = { - contact_email: data.contact_email || "", - telegram: data.telegram || "", - signal: data.signal || "", - nostr_npub: data.nostr_npub || "", - }; + const formValues = toFormData(data); setFormData(formValues); setOriginalData(formValues); } else { @@ -221,12 +225,7 @@ export default function ProfilePage() { if (res.ok) { const data: ProfileData = await res.json(); - const formValues: FormData = { - contact_email: data.contact_email || "", - telegram: data.telegram || "", - signal: data.signal || "", - nostr_npub: data.nostr_npub || "", - }; + const formValues = toFormData(data); setFormData(formValues); setOriginalData(formValues); setToast({ message: "Profile saved successfully!", type: "success" });