Stage 2

src/handlers/handler_user_me.erl

@@ -0,0 +1,57 @@
+-module(handler_user_me).
+-include("records.hrl").
+
+-export([init/2]).
+
+init(Req, Opts) ->
+  handle(Req, Opts).
+
+handle(Req, _Opts) ->
+  case cowboy_req:method(Req) of
+    <<"GET">> ->
+      case authenticate(Req) of
+        {ok, UserId, Req1} ->
+          case core_user:get_by_id(UserId) of
+            {ok, User} ->
+              Response = #{
+                id => User#user.id,
+                email => User#user.email,
+                role => User#user.role,
+                status => User#user.status,
+                created_at => User#user.created_at,
+                updated_at => User#user.updated_at
+              },
+              send_json(Req1, 200, Response);
+            {error, not_found} ->
+              send_error(Req1, 404, <<"User not found">>)
+          end;
+        {error, Code, Message, Req1} ->
+          send_error(Req1, Code, Message)
+      end;
+    _ ->
+      send_error(Req, 405, <<"Method not allowed">>)
+  end.
+
+authenticate(Req) ->
+  case cowboy_req:parse_header(<<"authorization">>, Req) of
+    {bearer, Token} ->
+      case logic_auth:verify_jwt(Token) of
+        {ok, Claims} ->
+          UserId = maps:get(<<"user_id">>, Claims),
+          {ok, UserId, Req};
+        {error, expired} ->
+          {error, 401, <<"Token expired">>, Req};
+        {error, _} ->
+          {error, 401, <<"Invalid token">>, Req}
+      end;
+    _ ->
+      {error, 401, <<"Missing or invalid Authorization header">>, Req}
+  end.
+
+send_json(Req, Status, Data) ->
+  Body = jsx:encode(Data),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).
+
+send_error(Req, Status, Message) ->
+  Body = jsx:encode(#{error => Message}),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).