Profile API

Managing user profile information

Profile API

Endpoints for managing the current authenticated user's profile information.

Base URL: https://ycwadelaide.adenmgb.com

Authentication: All endpoints require Authorization: Bearer <token> header.

GET /api/staff/profile

Get the current authenticated user's profile information.

Headers:

Authorization: Bearer <token>

Success Response (200 OK):

{
  "id": 1,
  "username": "admin",
  "email": "admin@example.com",
  "displayName": "Admin User",
  "roles": ["admin", "editor"],
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T12:30:00.000Z"
}

Error Responses:

  • 401 Unauthorized - Invalid or missing token
{
  "error": "Unauthorized"
}
  • 404 Not Found - User not found
{
  "error": "User not found"
}
  • 500 Internal Server Error - Server error
{
  "error": "Failed to get profile"
}

Use Cases:

  • Display user info in profile screen
  • Show current user's name/email in UI
  • Check user roles for feature access
  • Display account creation/update dates

PUT /api/staff/profile

Update the current user's profile information (username, email, displayName, or password).

Headers:

Authorization: Bearer <token>
Content-Type: application/json

Request Body:

{
  "username": "newusername",        // Optional
  "email": "newemail@example.com",   // Optional
  "displayName": "New Display Name", // Optional
  "password": "newpassword123",      // Optional - requires currentPassword
  "currentPassword": "oldpassword123" // Required if changing password
}

Success Response (200 OK):

{
  "success": true
}

Error Responses:

  • 400 Bad Request - Missing currentPassword when changing password
{
  "error": "Current password is required to change password"
}
  • 400 Bad Request - Username already taken
{
  "error": "Username already exists"
}
  • 401 Unauthorized - Invalid token
{
  "error": "Unauthorized"
}
  • 404 Not Found - User not found
{
  "error": "User not found"
}
  • 500 Internal Server Error - Update failed
{
  "error": "Failed to update profile"
}

Use Cases:

  • Update user profile information
  • Change password
  • Update display name or email
  • Modify username

Important Notes:

  • If changing password, currentPassword is required
  • Username must be unique (will return error if taken)
  • Email is optional but should be validated client-side
  • All fields are optional - only send fields you want to update
  • Partial updates are supported

Example - Update display name only:

{
  "displayName": "New Name"
}

Example - Change password:

{
  "currentPassword": "oldpass123",
  "password": "newpass456"
}

Example - Update email:

{
  "email": "newemail@example.com"
}

Related Guides

Edit this page
Media APIs
Image upload and management
Public APIs
Public-facing endpoints for published content