diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php index 2e2e34d..a93953e 100644 --- a/app/Http/Controllers/UsersController.php +++ b/app/Http/Controllers/UsersController.php @@ -11,4 +11,26 @@ class UsersController extends Controller { return $user; } + + public function updateAvatar(Request $request, User $user) + { + if ($request->user()->id !== $user->id) { + return response()->json(['message' => 'Unauthorized'], 403); + } + + $request->validate([ + 'avatar' => ['required', 'image', 'max:2048'], // 2MB max + ]); + + $path = $request->file('avatar')->store('avatars', 'public'); + + $user->update([ + 'avatarUri' => url('storage/' . $path), + ]); + + return response()->json([ + 'message' => 'Avatar updated successfully', + 'avatarUri' => $user->avatarUri, + ]); + } } diff --git a/database/factories/UserFactory.php b/database/factories/UserFactory.php index 584104c..6b73242 100644 --- a/database/factories/UserFactory.php +++ b/database/factories/UserFactory.php @@ -24,7 +24,7 @@ class UserFactory extends Factory public function definition(): array { return [ - 'name' => fake()->name(), + 'username' => fake()->userName(), 'email' => fake()->unique()->safeEmail(), 'email_verified_at' => now(), 'password' => static::$password ??= Hash::make('password'), diff --git a/routes/api.php b/routes/api.php index e82825e..1869f36 100644 --- a/routes/api.php +++ b/routes/api.php @@ -35,6 +35,7 @@ Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function () Route::middleware('auth:sanctum')->group(function (): void { // User Route::get('users/{user}', [UsersController::class, 'show']); + Route::post('users/{user}/avatar', [UsersController::class, 'updateAvatar']); Route::post('hunts/{hunt}/participate', [HuntsController::class, 'participate']); Route::get('auth/me', [AuthController::class, 'me']); Route::post('auth/logout', [AuthController::class, 'logout']);