update username regex, normalize usernames, add user info query

src/routes/api/auth/register.ts

@@ -53,6 +53,7 @@ async function handler(
 		}
 	});
 
+	const normalizedUsername: string = username.normalize("NFC");
 	const reservation: ReservedSQL = await sql.reserve();
 	let firstUser: boolean = false;
 	let inviteData: Invite | null = null;
@@ -91,7 +92,7 @@ async function handler(
 		const result: { usernameExists: boolean; emailExists: boolean }[] =
 			await reservation`
 				SELECT
-				EXISTS(SELECT 1 FROM users WHERE LOWER(username) = LOWER(${username})) AS "usernameExists",
+				EXISTS(SELECT 1 FROM users WHERE LOWER(username) = LOWER(${normalizedUsername})) AS "usernameExists",
 				EXISTS(SELECT 1 FROM users WHERE LOWER(email) = LOWER(${email})) AS "emailExists";
 			`;
 
@@ -137,7 +138,7 @@ async function handler(
 	try {
 		const result: User[] = await reservation`
 				INSERT INTO users (username, email, password, invited_by, roles, timezone)
-				VALUES (${username}, ${email}, ${hashedPassword}, ${inviteData?.created_by}, ARRAY[${roles.join(",")}]::TEXT[], ${defaultTimezone})
+				VALUES (${normalizedUsername}, ${email}, ${hashedPassword}, ${inviteData?.created_by}, ARRAY[${roles.join(",")}]::TEXT[], ${defaultTimezone})
 				RETURNING *;
 			`;
 

src/routes/api/user/info[query].ts

@@ -0,0 +1,103 @@
+import { isValidUsername } from "@config/sql/users";
+import { sql } from "bun";
+
+import { isUUID } from "@/helpers/char";
+import { logger } from "@/helpers/logger";
+
+const routeDef: RouteDef = {
+	method: "GET",
+	accepts: "*/*",
+	returns: "application/json",
+};
+
+async function handler(request: ExtendedRequest): Promise<Response> {
+	const { query } = request.params as { query: string };
+	const { invites: showInvites } = request.query as { invites: string };
+
+	if (!query) {
+		return Response.json(
+			{
+				success: false,
+				code: 400,
+				error: "Username or user ID is required",
+			},
+			{ status: 400 },
+		);
+	}
+
+	let user: GetUser | null = null;
+	let isSelf: boolean = false;
+	const isId: boolean = isUUID(query);
+	const normalized: string = isId ? query : query.normalize("NFC");
+	const isAdmin: boolean = request.session
+		? request.session.roles.includes("admin")
+		: false;
+
+	if (!isId && !isValidUsername(normalized).valid) {
+		return Response.json(
+			{
+				success: false,
+				code: 400,
+				error: "Invalid username",
+			},
+			{ status: 400 },
+		);
+	}
+
+	try {
+		const result: GetUser[] = isId
+			? await sql`SELECT * FROM users WHERE id = ${normalized}`
+			: await sql`SELECT * FROM users WHERE username = ${normalized}`;
+
+		if (result.length === 0) {
+			return Response.json(
+				{
+					success: false,
+					code: 404,
+					error: "User not found",
+				},
+				{ status: 404 },
+			);
+		}
+
+		user = result[0];
+		isSelf = request.session ? user.id === request.session.id : false;
+
+		if (showInvites === "true" && (isAdmin || isSelf)) {
+			const invites: Invite[] =
+				await sql`SELECT * FROM invites WHERE created_by = ${user.id}`;
+			user.invites = invites;
+		}
+	} catch (error) {
+		logger.error([
+			"An error occurred while fetching user data",
+			error as Error,
+		]);
+
+		return Response.json(
+			{
+				success: false,
+				code: 500,
+				error: "An error occurred while fetching user data",
+			},
+			{ status: 500 },
+		);
+	}
+
+	delete user.password;
+	delete user.authorization_token;
+	if (!isSelf) delete user.email;
+
+	user.roles = user.roles ? user.roles[0].split(",") : [];
+
+	return Response.json(
+		{
+			success: true,
+			code: 200,
+			user: user,
+		},
+		{ status: 200 },
+	);
+}
+
+export { handler, routeDef };

src/views/index.ejs

@@ -3,6 +3,6 @@
 <head>
 </head>
 <body>
-	<h1> hello </h1>
+
 </body>
 </html>