/** * PATCH /api/profile/me/demographics * * User-initiated demographics update. Strict: data flows ONLY from the user * via this endpoint — never from Lyra-Extraction (see * memory/feedback_demographics_user_initiated.md). * * Side-effect: when all 6 core fields are filled AND user is on free plan AND * trial has never been used, awards a 7-day Pro-Trial * (memory/project_demographic_pro_trial_reward.md). * * Core 6 for trial: birthYear, gender, maritalStatus, employmentStatus, * bundesland, city. shiftWork/industry/jobTenure are bonus fields. * * Logging: count of changed fields only — never the values themselves * (DSGVO Art-9 + DiGA privacy posture). */ import { z } from "zod"; import { type DemographicsPatch, tryAwardProTrial, updateDemographics, } from "../../../db/profile"; import { requireUser } from "../../../utils/auth"; // 16 ISO-3166-2:DE Bundesländer-Codes const BUNDESLAND_REGEX = /^DE-(BW|BY|BE|BB|HB|HH|HE|MV|NI|NW|RP|SL|SN|ST|SH|TH)$/; const GENDER_VALUES = ["male", "female", "diverse", "no_answer"] as const; const MARITAL_VALUES = [ "single", "partnered", "married", "divorced", "widowed", "no_answer", ] as const; // Enum-Werte SYNCED mit Frontend (apps/rebreak-native/components/profile/DemographicsAccordion.tsx). // Wenn hier was ändert MUSS Frontend nachgezogen werden — sonst rejected Backend alle PATCHes. const EMPLOYMENT_STATUS_VALUES = [ "employed", "self_employed", "in_training", "unemployed", "retired", "homemaking", "other", ] as const; const JOB_TENURE_VALUES = [ "less_1y", "1_3y", "3_5y", "5_10y", "more_10y", ] as const; const Schema = z.object({ birthYear: z .number() .int() .min(1920) .max(2010) .nullable() .optional(), gender: z.enum(GENDER_VALUES).nullable().optional(), maritalStatus: z.enum(MARITAL_VALUES).nullable().optional(), // legacy field — accepted for backwards-compat with old frontend versions, not shown in new UI profession: z.string().trim().max(80).nullable().optional(), // new structured employment fields employmentStatus: z.enum(EMPLOYMENT_STATUS_VALUES).nullable().optional(), shiftWork: z.boolean().nullable().optional(), industry: z.string().trim().max(64).nullable().optional(), jobTenure: z.enum(JOB_TENURE_VALUES).nullable().optional(), bundesland: z .string() .regex(BUNDESLAND_REGEX, "Ungültiger Bundesland-Code (ISO-3166-2:DE)") .nullable() .optional(), city: z.string().trim().max(80).nullable().optional(), }); export default defineEventHandler(async (event) => { const user = await requireUser(event); const raw = await readBody(event); const parsed = Schema.safeParse(raw); if (!parsed.success) { throw createError({ statusCode: 422, message: "Validation failed", data: { issues: parsed.error.issues }, }); } // Strip undefined entries — keep null (= explicit clear) const patch: DemographicsPatch = {}; for (const [key, value] of Object.entries(parsed.data)) { if (value !== undefined) { (patch as Record)[key] = value; } } const changedFields = Object.keys(patch).length; if (changedFields === 0) { throw createError({ statusCode: 400, message: "Keine Felder zum Aktualisieren übergeben", }); } await updateDemographics(user.id, patch); // Trial-Trigger: prüft DB-Zustand nach Update — nicht patch-Felder. // Erlaubt schrittweise Eingabe (1 Feld pro Save) und triggert erst // wenn alle 6 Felder zusammen gesetzt sind. const trial = await tryAwardProTrial(user.id, "demographics_complete"); console.log( `[demographics-update] user=${user.id} changedFields=${changedFields} trialAwarded=${trial.trialAwarded}`, ); return { success: true, data: { trialAwarded: trial.trialAwarded, expiresAt: trial.expiresAt?.toISOString() ?? null, }, }; });