user avatar route

This commit is contained in:
Leon 2025-12-19 15:12:08 +01:00
parent 8712f83a3e
commit f2f91934b5
3 changed files with 24 additions and 1 deletions

View File

@ -11,4 +11,26 @@ class UsersController extends Controller
{
return $user;
}
public function updateAvatar(Request $request, User $user)
{
if ($request->user()->id !== $user->id) {
return response()->json(['message' => 'Unauthorized'], 403);
}
$request->validate([
'avatar' => ['required', 'image', 'max:2048'], // 2MB max
]);
$path = $request->file('avatar')->store('avatars', 'public');
$user->update([
'avatarUri' => url('storage/' . $path),
]);
return response()->json([
'message' => 'Avatar updated successfully',
'avatarUri' => $user->avatarUri,
]);
}
}

View File

@ -24,7 +24,7 @@ class UserFactory extends Factory
public function definition(): array
{
return [
'name' => fake()->name(),
'username' => fake()->userName(),
'email' => fake()->unique()->safeEmail(),
'email_verified_at' => now(),
'password' => static::$password ??= Hash::make('password'),

View File

@ -35,6 +35,7 @@ Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function ()
Route::middleware('auth:sanctum')->group(function (): void {
// User
Route::get('users/{user}', [UsersController::class, 'show']);
Route::post('users/{user}/avatar', [UsersController::class, 'updateAvatar']);
Route::post('hunts/{hunt}/participate', [HuntsController::class, 'participate']);
Route::get('auth/me', [AuthController::class, 'me']);
Route::post('auth/logout', [AuthController::class, 'logout']);