Skip to content

🛠️ Feat: Implement User Profile API Route #12

New issue
New issue
Open
Open
🛠️ Feat: Implement User Profile API Route#12
Labels
enhancementNew feature or requestgood first issueGood for newcomers
@abhishek-nexgen-dev

Description

@abhishek-nexgen-dev
abhishek-nexgen-dev
opened on Oct 12, 2025

A secure API route that allows a logged-in user to fetch their profile information, including:

  • Basic user details: name and email
  • Local Mind API key (used in our system)
  • The AI model selected by the user
  • The AI model provider (e.g., OpenAI, Anthropic)
  • If the selected model is paid, return the user's API key for that model

Security Requirements

⚠️ Sensitive fields (like API keys) must be encrypted in the database and decrypted only on the client-side.
Never expose plain-text API keys in network requests or server logs.

  • API keys must be stored encrypted at rest (e.g., using AES-256).
  • The server should only return encrypted API keys.
  • Client is responsible for decrypting the keys securely.
  • Ensure authenticated access — only the logged-in user can fetch their own profile data.
  • No logging or exposure of sensitive keys on the server.

📍 Endpoint

GET /api/v1/user/profile

📤 Response Example

{
  "success": true,
  "message": "User profile fetched successfully",
  "data": {
    "name": "Jane Doe",
    "email": "jane@example.com",
    "localMindApiKey": "abc123-local-key",
    "aiModel": {
      "provider": "OpenAI",
      "model": "gpt-4",
      "isPaid": true,
      "apiKey": "sk-user-api-key"
    }
  }
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions