53d6e69512
Read-counterpart zum existierenden PATCH/DELETE. Frontend braucht den endpoint um nach Page-Reload die schon-gespeicherten Werte zu fetchen — sonst sieht User leere Felder und denkt save funktioniert nicht. - backend/server/db/profile.ts: getDemographics(userId) — SELECT der 9 fields + demographics_consent_at + demographics_withdrawn_at - backend/server/api/profile/me/demographics.get.ts: requireUser + getDemographics + ISO-string conversion. 404 wenn Profile-row fehlt. - backend/tests/profile/demographics.get.test.ts: 5 vitest cases (null fields, 404, populated, withdrawn, 401) Response shape kompatibel mit PATCH-input (gleiche field names, camelCase) plus metadata consentAt/withdrawnAt. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
19 lines
672 B
TypeScript
19 lines
672 B
TypeScript
/**
|
|
* GET /api/profile/me/demographics
|
|
*
|
|
* Returns the 9 demographic fields + 2 consent-timestamps for the current
|
|
* user. All fields are null when not yet filled. Frontend uses this on
|
|
* page-open to hydrate the DemographicsAccordion form.
|
|
*
|
|
* DSGVO note: only the authenticated user can read their own demographics.
|
|
* Fields are never exposed in public profile endpoints.
|
|
*/
|
|
import { requireUser } from "../../../utils/auth";
|
|
import { getDemographics } from "../../../db/profile";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const user = await requireUser(event);
|
|
const data = await getDemographics(user.id);
|
|
return { success: true, data };
|
|
});
|