cddc4d0f26
Schema: - 8 neue Profile-Felder fuer DiGA-Demographics (birthYear/gender/maritalStatus/ profession/bundesland/city + 2 consent-stamps demographicsConsentAt/ demographicsWithdrawnAt) - 4 Pro-Trial-Felder (proTrialStartedAt/ExpiresAt/Source/UsedAt) — Free-User bekommen 1 Woche Pro als Reward fuer DiGA-Daten-Pflege (siehe project_demographic_pro_trial_reward.md) - lyra_voice_id (Legend-only Voice-Picker) - diga_banner_dismissed_at (server-side persistence ueber Re-Install) - last_install_at (Streak-Logic survives Re-Install) - Migration 20260507_profile_demographics_and_trial: alle Felder optional, keine Backfill-Logik notwendig Endpoints (alle auth-protected, scope=me): - GET /api/profile/me/sos-insights - GET /api/profile/me/cooldown-history - GET /api/profile/me/approved-domains - POST /api/profile/me/install-event (track app re-installs) - POST /api/profile/me/diga-banner-dismiss - PATCH /api/profile/me/demographics (consent-stamp + re-grant-after-withdrawal in tx) - DELETE /api/profile/me/demographics (DSGVO right-to-be-forgotten) Plugin: - pro-trial-expiry-cron: 6h-Interval, conservative-fallback (revoke nur wenn kein stripeSubId), 60s initial-delay damit Server-boot nicht blockiert wird Tests: - vitest config + erste Test-Files (test-infrastructure setup) Memory: - feedback_demographics_user_initiated.md (Lyra darf NIE extrahieren) - project_demographic_pro_trial_reward.md (Pro-Trial-Reward-Mechanik) - project_profile_page_design.md (UI-Showpiece, eigene/fremde-Ansicht streng getrennt) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
103 lines
2.9 KiB
TypeScript
103 lines
2.9 KiB
TypeScript
/**
|
|
* PATCH /api/profile/me/demographics
|
|
*
|
|
* User-initiated demographics update. Strict: data flows ONLY from the user
|
|
* via this endpoint — never from Lyra-Extraction (see
|
|
* memory/feedback_demographics_user_initiated.md).
|
|
*
|
|
* Side-effect: when all 6 fields are filled AND user is on free plan AND
|
|
* trial has never been used, awards a 7-day Pro-Trial
|
|
* (memory/project_demographic_pro_trial_reward.md).
|
|
*
|
|
* Logging: count of changed fields only — never the values themselves
|
|
* (DSGVO Art-9 + DiGA privacy posture).
|
|
*/
|
|
import { z } from "zod";
|
|
import {
|
|
type DemographicsPatch,
|
|
tryAwardProTrial,
|
|
updateDemographics,
|
|
} from "../../../db/profile";
|
|
import { requireUser } from "../../../utils/auth";
|
|
|
|
// 16 ISO-3166-2:DE Bundesländer-Codes
|
|
const BUNDESLAND_REGEX = /^DE-(BW|BY|BE|BB|HB|HH|HE|MV|NI|NW|RP|SL|SN|ST|SH|TH)$/;
|
|
|
|
const GENDER_VALUES = ["male", "female", "diverse", "no_answer"] as const;
|
|
const MARITAL_VALUES = [
|
|
"single",
|
|
"partnered",
|
|
"married",
|
|
"divorced",
|
|
"widowed",
|
|
"no_answer",
|
|
] as const;
|
|
|
|
const Schema = z.object({
|
|
birthYear: z
|
|
.number()
|
|
.int()
|
|
.min(1920)
|
|
.max(2010)
|
|
.nullable()
|
|
.optional(),
|
|
gender: z.enum(GENDER_VALUES).nullable().optional(),
|
|
maritalStatus: z.enum(MARITAL_VALUES).nullable().optional(),
|
|
profession: z.string().trim().max(80).nullable().optional(),
|
|
bundesland: z
|
|
.string()
|
|
.regex(BUNDESLAND_REGEX, "Ungültiger Bundesland-Code (ISO-3166-2:DE)")
|
|
.nullable()
|
|
.optional(),
|
|
city: z.string().trim().max(80).nullable().optional(),
|
|
});
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const user = await requireUser(event);
|
|
const raw = await readBody(event);
|
|
const parsed = Schema.safeParse(raw);
|
|
|
|
if (!parsed.success) {
|
|
throw createError({
|
|
statusCode: 422,
|
|
message: "Validation failed",
|
|
data: { issues: parsed.error.issues },
|
|
});
|
|
}
|
|
|
|
// Strip undefined entries — keep null (= explicit clear)
|
|
const patch: DemographicsPatch = {};
|
|
for (const [key, value] of Object.entries(parsed.data)) {
|
|
if (value !== undefined) {
|
|
(patch as Record<string, unknown>)[key] = value;
|
|
}
|
|
}
|
|
|
|
const changedFields = Object.keys(patch).length;
|
|
if (changedFields === 0) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: "Keine Felder zum Aktualisieren übergeben",
|
|
});
|
|
}
|
|
|
|
await updateDemographics(user.id, patch);
|
|
|
|
// Trial-Trigger: prüft DB-Zustand nach Update — nicht patch-Felder.
|
|
// Erlaubt schrittweise Eingabe (1 Feld pro Save) und triggert erst
|
|
// wenn alle 6 Felder zusammen gesetzt sind.
|
|
const trial = await tryAwardProTrial(user.id, "demographics_complete");
|
|
|
|
console.log(
|
|
`[demographics-update] user=${user.id} changedFields=${changedFields} trialAwarded=${trial.trialAwarded}`,
|
|
);
|
|
|
|
return {
|
|
success: true,
|
|
data: {
|
|
trialAwarded: trial.trialAwarded,
|
|
expiresAt: trial.expiresAt?.toISOString() ?? null,
|
|
},
|
|
};
|
|
});
|