feat:Added leave/assets

.gitattributes

@@ -0,0 +1,35 @@
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.arrow filter=lfs diff=lfs merge=lfs -text
+*.bin filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.ckpt filter=lfs diff=lfs merge=lfs -text
+*.ftz filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.h5 filter=lfs diff=lfs merge=lfs -text
+*.joblib filter=lfs diff=lfs merge=lfs -text
+*.lfs.* filter=lfs diff=lfs merge=lfs -text
+*.mlmodel filter=lfs diff=lfs merge=lfs -text
+*.model filter=lfs diff=lfs merge=lfs -text
+*.msgpack filter=lfs diff=lfs merge=lfs -text
+*.npy filter=lfs diff=lfs merge=lfs -text
+*.npz filter=lfs diff=lfs merge=lfs -text
+*.onnx filter=lfs diff=lfs merge=lfs -text
+*.ot filter=lfs diff=lfs merge=lfs -text
+*.parquet filter=lfs diff=lfs merge=lfs -text
+*.pb filter=lfs diff=lfs merge=lfs -text
+*.pickle filter=lfs diff=lfs merge=lfs -text
+*.pkl filter=lfs diff=lfs merge=lfs -text
+*.pt filter=lfs diff=lfs merge=lfs -text
+*.pth filter=lfs diff=lfs merge=lfs -text
+*.rar filter=lfs diff=lfs merge=lfs -text
+*.safetensors filter=lfs diff=lfs merge=lfs -text
+saved_model/**/* filter=lfs diff=lfs merge=lfs -text
+*.tar.* filter=lfs diff=lfs merge=lfs -text
+*.tar filter=lfs diff=lfs merge=lfs -text
+*.tflite filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.wasm filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
+*tfevents* filter=lfs diff=lfs merge=lfs -text

Dockerfile

@@ -0,0 +1,11 @@
+FROM python:3.10
+
+WORKDIR /app
+
+COPY . .
+
+RUN pip install --no-cache-dir -r requirements.txt
+
+EXPOSE 7860
+
+CMD ["uvicorn", "src.main:app", "--host", "0.0.0.0", "--port", "7860"]

README.md

@@ -1 +1,10 @@
-# YB's Wellness App FastAPI Backend
+---
+title: Yuvabe Backend App
+emoji: 👁
+colorFrom: pink
+colorTo: red
+sdk: docker
+pinned: false
+---
+
+Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

alembic/versions/b33e3b5b7af9_added_roles.py

@@ -0,0 +1,33 @@
+"""Added roles
+
+Revision ID: b33e3b5b7af9
+Revises: e8066533b622
+Create Date: 2025-11-16 21:10:02.038255
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+import sqlmodel.sql.sqltypes
+
+
+# revision identifiers, used by Alembic.
+revision: str = 'b33e3b5b7af9'
+down_revision: Union[str, Sequence[str], None] = 'e8066533b622'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    pass
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    pass
+    # ### end Alembic commands ###

src/assets/feed_db_script.py

@@ -0,0 +1,132 @@
+from src.auth.utils import hash_password
+from datetime import date
+from sqlmodel import Session
+
+from src.core.database import engine
+from src.core.models import Users, Teams, Roles, UserTeamsRole
+
+
+# ------------------------
+# 1. Seed Users
+# ------------------------
+def seed_users(session: Session):
+    users = [
+        Users(
+            email_id="[email protected]",
+            password=hash_password("Yuvabe"),
+            user_name="ragul",
+            dob=date(2001, 5, 21),
+            address="Chennai",
+            profile_picture="ragul.png",
+        ),
+        Users(
+            email_id="[email protected]",
+            password=hash_password("Yuvabe"),
+            user_name="Shri",
+            dob=date(1999, 3, 14),
+            address="Chennai",
+            profile_picture="shri.png",
+        ),
+        Users(
+            email_id="[email protected]",
+            password=hash_password("Yuvabe"),
+            user_name="Sathish",
+            dob=date(1998, 7, 10),
+            address="Chennai",
+            profile_picture="Sathish.png",
+        ),
+        Users(
+            email_id="[email protected]",
+            password=hash_password("Yuvabe"),
+            user_name="Deepika",
+            dob=date(1997, 2, 5),
+            address="Chennai",
+            profile_picture="deepika.png",
+        ),
+    ]
+
+    session.add_all(users)
+    session.commit()
+    print("Users added.")
+    return users
+
+
+# ------------------------
+# 2. Seed Teams
+# ------------------------
+def seed_teams(session: Session):
+    teams = [
+        Teams(name="Tech Team"),
+        Teams(name="HR Team"),
+    ]
+    session.add_all(teams)
+    session.commit()
+    print("Teams added.")
+    return teams
+
+
+# ------------------------
+# 3. Seed Roles
+# ------------------------
+def seed_roles(session: Session):
+    roles = [
+        Roles(name="Developer"),
+        Roles(name="Team Lead"),
+        Roles(name="HR Manager"),
+    ]
+    session.add_all(roles)
+    session.commit()
+    print("Roles added.")
+    return roles
+
+
+# ------------------------
+# 4. Map Users → Teams → Roles
+# ------------------------
+def seed_user_teams_roles(session: Session, users, teams, roles):
+    mappings = [
+        # Hari → Tech Team → Developer
+        UserTeamsRole(
+            user_id=users[0].id,  # Hari
+            team_id=teams[0].id,  # Tech Team
+            role_id=roles[0].id,  # Developer
+        ),
+        # Shri → Tech Team → Team Lead
+        UserTeamsRole(
+            user_id=users[1].id,  # Shri
+            team_id=teams[0].id,  # Tech Team
+            role_id=roles[1].id,  # Team Lead
+        ),
+        # HR Keerthana
+        UserTeamsRole(
+            user_id=users[2].id,  # Keerthana
+            team_id=teams[1].id,  # HR Team
+            role_id=roles[2].id,  # HR Manager
+        ),
+        # HR Deepika
+        UserTeamsRole(
+            user_id=users[3].id,  # Deepika
+            team_id=teams[1].id,  # HR Team
+            role_id=roles[2].id,  # HR Manager
+        ),
+    ]
+
+    session.add_all(mappings)
+    session.commit()
+    print("User-Team-Role mappings added.")
+
+
+# ------------------------
+# 5. Master Runner
+# ------------------------
+def run_all_seeds():
+    with Session(engine) as session:
+        users = seed_users(session)
+        teams = seed_teams(session)
+        roles = seed_roles(session)
+        seed_user_teams_roles(session, users, teams, roles)
+        print("All data seeded successfully!")
+
+
+if __name__ == "__main__":
+    run_all_seeds()

src/assets/router.py

@@ -0,0 +1,30 @@
+from fastapi import APIRouter, Depends
+from sqlmodel.ext.asyncio.session import AsyncSession
+from src.core.database import get_async_session
+from src.auth.utils import get_current_user
+from src.assets.schemas import BaseResponse
+from src.assets.service import list_user_assets
+
+router = APIRouter(prefix="/assets", tags=["Assets"])
+
+@router.get("/", response_model=BaseResponse)
+async def get_assets(
+    user_id: str = Depends(get_current_user),
+    session: AsyncSession = Depends(get_async_session)
+):
+    assets = await list_user_assets(session, user_id)
+
+    data = {
+        "assets": [
+            {
+                "id": a.id,
+                "name": a.name,
+                "type": a.type,
+                "status": a.status,
+            }
+            for a in assets
+        ]
+    }
+
+    return {"code": 200, "data": data}
+    

src/assets/schemas.py

@@ -0,0 +1,31 @@
+from typing import Optional
+from pydantic import BaseModel
+import uuid
+from enum import Enum
+
+class AssetStatus(str, Enum):
+    ACTIVE = "Active"
+    UNAVAILABLE = "Unavailable"
+    ON_REQUEST = "On Request"
+    IN_SERVICE = "In Service"
+
+class AssetCreateRequest(BaseModel):
+    name: str
+    type: str
+    status: Optional[AssetStatus] = AssetStatus.UNAVAILABLE
+
+class AssetUpdateRequest(BaseModel):
+    name: Optional[str] = None
+    type: Optional[str] = None
+    status: Optional[AssetStatus] = None
+
+class AssetResponse(BaseModel):
+    id: uuid.UUID
+    user_id: uuid.UUID
+    name: str
+    type: str
+    status: AssetStatus
+
+class BaseResponse(BaseModel):
+    code: int
+    data: dict

src/assets/service.py

@@ -0,0 +1,11 @@
+import uuid
+from typing import List
+from sqlmodel import select
+from sqlmodel.ext.asyncio.session import AsyncSession
+from src.core.models import Assets
+
+async def list_user_assets(session: AsyncSession, user_id: str) -> List[Assets]:
+    q = await session.exec(
+        select(Assets).where(Assets.user_id == uuid.UUID(user_id))
+    )
+    return q.all()

src/auth/router.py

@@ -8,7 +8,6 @@ from sqlmodel.ext.asyncio.session import AsyncSession
 from src.auth.service import (
     create_user,
     verify_email,
-    send_verification_link,
     login_user,
 )
 from src.auth.utils import get_current_user
@@ -37,26 +36,26 @@ async def signup(
         raise HTTPException(status_code=400, detail=str(e))
 
 
-@router.post("/send-verification", response_model=BaseResponse)
-async def send_verification(
-    payload: SendVerificationRequest, session: AsyncSession = Depends(get_async_session)
-):
-    if not payload.email:
-        raise HTTPException(status_code=400, detail="Email is required")
+# @router.post("/send-verification", response_model=BaseResponse)
+# async def send_verification(
+#     payload: SendVerificationRequest, session: AsyncSession = Depends(get_async_session)
+# ):
+#     if not payload.email:
+#         raise HTTPException(status_code=400, detail="Email is required")
 
-    response = await send_verification_link(session, payload.email)
-    return {"code": 200, "data": response}
+#     response = await send_verification_link(session, payload.email)
+#     return {"code": 200, "data": response}
 
 
-@router.get("/verify-email", response_model=BaseResponse)
-async def verify_email_route(
-    token: str, session: AsyncSession = Depends(get_async_session)
-):
-    response = await verify_email(session, token)
-    access_token = response["access_token"]
-    redirect_url = f"yuvabe://verified?token={access_token}"
+# @router.get("/verify-email", response_model=BaseResponse)
+# async def verify_email_route(
+#     token: str, session: AsyncSession = Depends(get_async_session)
+# ):
+#     response = await verify_email(session, token)
+#     access_token = response["access_token"]
+#     redirect_url = f"yuvabe://verified?token={access_token}"
 
-    return RedirectResponse(url=redirect_url)
+#     return RedirectResponse(url=redirect_url)
 
 
 @router.post("/login", response_model=BaseResponse)
@@ -115,6 +114,8 @@ async def get_home(
                 "name": user.user_name,
                 "email": user.email_id,
                 "is_verified": user.is_verified,
+                "dob": user.dob.isoformat() if user.dob else None,
+                "profile_picture": user.profile_picture
             },
             "home_data": {
                 "announcements": ["Welcome!", "New protocol released"],

src/auth/service.py

@@ -6,7 +6,6 @@ from src.auth.utils import (
     verify_verification_token,
     create_access_token,
     hash_password,
-    send_verification_email,
     create_verification_token,
 )
 from src.core.models import Users
@@ -17,6 +16,10 @@ from sqlmodel.ext.asyncio.session import AsyncSession
 
 async def create_user(session: AsyncSession, name: str, email: str, password: str):
     """Create user without sending email"""
+
+    if not email.lower().endswith("@yuvabe.com"):
+        raise HTTPException(status_code=400, detail="Enter you're Yuvabe email ID")
+
     user = await session.exec(select(Users).where(Users.email_id == email))
     existing_user = user.first()
     if existing_user:
@@ -26,7 +29,7 @@ async def create_user(session: AsyncSession, name: str, email: str, password: st
         user_name=name,
         email_id=email,
         password=hash_password(password),
-        is_verified=False,
+        is_verified=True,
     )
 
     session.add(new_user)
@@ -57,32 +60,32 @@ async def create_user(session: AsyncSession, name: str, email: str, password: st
     }
 
 
-async def send_verification_link(session: Session, email: str):
-    """Send verification email for an existing user."""
-    result = await session.exec(select(Users).where(Users.email_id == email))
-    user = result.first()
+# async def send_verification_link(session: Session, email: str):
+#     """Send verification email for an existing user."""
+#     result = await session.exec(select(Users).where(Users.email_id == email))
+#     user = result.first()
 
-    if not user:
-        raise HTTPException(status_code=404, detail="User not found")
+#     if not user:
+#         raise HTTPException(status_code=404, detail="User not found")
 
-    if user.is_verified:
-        raise HTTPException(status_code=400, detail="User is already verified")
+#     if user.is_verified:
+#         raise HTTPException(status_code=400, detail="User is already verified")
 
-    # Create a token using existing user ID (opaque token)
-    token = create_verification_token(str(user.id))
+#     # Create a token using existing user ID (opaque token)
+#     token = create_verification_token(str(user.id))
 
-    try:
-        send_verification_email(email, token)
-    except Exception as e:
-        raise HTTPException(
-            status_code=500, detail=f"Failed to send verification email: {str(e)}"
-        )
+#     try:
+#         send_verification_email(email, token)
+#     except Exception as e:
+#         raise HTTPException(
+#             status_code=500, detail=f"Failed to send verification email: {str(e)}"
+#         )
 
-    return {
-        "message": "Verification link sent successfully",
-        "user_id": str(user.id),
-        "email": user.email_id,
-    }
+#     return {
+#         "message": "Verification link sent successfully",
+#         "user_id": str(user.id),
+#         "email": user.email_id,
+#     }
 
 
 async def verify_email(session: Session, token: str):
@@ -116,6 +119,10 @@ async def verify_email(session: Session, token: str):
 
 
 async def login_user(session: Session, email: str, password: str):
+
+    if not email.lower().endswith("@yuvabe.com"):
+        raise HTTPException(status_code=400, detail="Enter you're Yuvabe email ID")
+
     users = await session.exec(select(Users).where(Users.email_id == email))
     user = users.first()
 

src/auth/utils.py

@@ -3,6 +3,8 @@ import smtplib
 import os
 import uuid
 from email.mime.text import MIMEText
+import logging
+import traceback
 from passlib.context import CryptContext
 from src.core.database import get_async_session
 from sqlmodel.ext.asyncio.session import AsyncSession
@@ -18,6 +20,7 @@ from src.core.config import settings
 SECRET_KEY = settings.SECRET_KEY
 ALGORITHM = settings.JWT_ALGORITHM
 ACCESS_TOKEN_EXPIRE_MINUTES = settings.JWT_EXPIRE
+logger = logging.getLogger(__name__)
 
 SMTP_SERVER = settings.EMAIL_SERVER
 SMTP_PORT = settings.EMAIL_PORT
@@ -50,28 +53,75 @@ def create_access_token(data: dict):
     return encoded_jwt
 
 
-def send_verification_email(to_email: str, token: str):
-    """Send email with verification link"""
-    subject = f"Verify your {settings.APP_NAME} Account"
-    verification_link = f"{VERIFICATION_BASE_URL}/auth/verify-email?token={token}"
-    body = f"""
-    Hi,
-
-    Please verify your {settings.APP_NAME} account by clicking the link below:
-    {verification_link}
-
-    This link will expire in 24 hours.
-    """
-
-    msg = MIMEText(body)
-    msg["Subject"] = subject
-    msg["From"] = SMTP_EMAIL
-    msg["To"] = to_email
-
-    with smtplib.SMTP(SMTP_SERVER, SMTP_PORT) as server:
-        server.starttls()
-        server.login(SMTP_EMAIL, SMTP_PASSWORD)
-        server.send_message(msg)
+# def send_verification_email(to_email: str, token: str):
+#     """Send verification email using smtplib with detailed debug logs."""
+#     subject = f"Verify your {settings.APP_NAME} Account"
+#     verification_link = f"{VERIFICATION_BASE_URL}/auth/verify-email?token={token}"
+
+#     body = f"""
+#     Hi,
+
+#     Please verify your {settings.APP_NAME} account by clicking the link below:
+#     {verification_link}
+
+#     This link will expire in 24 hours.
+
+#     Regards,
+#     {settings.APP_NAME} Team
+#     """
+
+#     msg = MIMEText(body)
+#     msg["Subject"] = subject
+#     msg["From"] = SMTP_EMAIL
+#     msg["To"] = to_email
+
+#     logger.info("🟢 Starting send_verification_email()")
+#     logger.info(f"📨 To: {to_email}")
+#     logger.info(f"📤 SMTP Server: {SMTP_SERVER}:{SMTP_PORT}")
+
+#     try:
+#         logger.info("🔌 Connecting to SMTP server...")
+#         with smtplib.SMTP(SMTP_SERVER, SMTP_PORT, timeout=30) as server:
+#             logger.info("✅ Connected successfully.")
+
+#             logger.info("🔒 Starting TLS...")
+#             server.starttls()
+#             logger.info("✅ TLS secured.")
+
+#             logger.info("🔑 Logging in to SMTP server...")
+#             server.login(SMTP_EMAIL, SMTP_PASSWORD)
+#             logger.info("✅ Logged in successfully.")
+
+#             # Send email
+#             logger.info("📧 Sending email message...")
+#             server.send_message(msg)
+#             logger.info(f"✅ Email successfully sent to {to_email}")
+
+#     except smtplib.SMTPAuthenticationError as e:
+#         logger.error("❌ Authentication failed — check email or app password.")
+#         logger.error(f"Error details: {e}")
+#         logger.error(traceback.format_exc())
+#         raise
+#     except smtplib.SMTPConnectError as e:
+#         logger.error("❌ Could not connect to SMTP server.")
+#         logger.error(f"Error details: {e}")
+#         logger.error(traceback.format_exc())
+#         raise
+#     except smtplib.SMTPRecipientsRefused as e:
+#         logger.error("❌ Recipient address refused.")
+#         logger.error(f"Error details: {e}")
+#         logger.error(traceback.format_exc())
+#         raise
+#     except smtplib.SMTPException as e:
+#         logger.error("❌ General SMTP error occurred.")
+#         logger.error(f"Error details: {e}")
+#         logger.error(traceback.format_exc())
+#         raise
+#     except Exception as e:
+#         logger.error("❌ Unknown error occurred while sending verification email.")
+#         logger.error(f"Error details: {e}")
+#         logger.error(traceback.format_exc())
+#         raise
 
 
 fernet = Fernet(FERNET_KEY.encode())

src/leave/router.py

@@ -0,0 +1,91 @@
+from src.leave.utils import send_email
+from fastapi import APIRouter, Depends, HTTPException
+from sqlmodel import select
+from sqlmodel.ext.asyncio.session import AsyncSession
+from src.auth.utils import get_current_user
+from src.core.database import get_async_session
+from src.core.models import Users, Teams, Roles, UserTeamsRole
+from src.auth.schemas import BaseResponse
+from fastapi import BackgroundTasks
+
+router = APIRouter(prefix="/leave", tags=["leave"])
+
+
+@router.get("/contacts", response_model=BaseResponse)
+async def get_leave_contacts(
+    current_user=Depends(get_current_user),
+    session: AsyncSession = Depends(get_async_session),
+):
+    # get_current_user returns a STRING user_id
+    user_id = current_user
+
+    if not user_id:
+        raise HTTPException(status_code=400, detail="Invalid user token")
+
+    # 1) Get user's team
+    stmt = select(UserTeamsRole).where(UserTeamsRole.user_id == user_id)
+    ut = (await session.exec(stmt)).first()
+
+    if not ut:
+        raise HTTPException(status_code=404, detail="User-Team mapping not found")
+
+    # 2) Get Team Lead role
+    lead_role = (
+        await session.exec(select(Roles).where(Roles.name == "Team Lead"))
+    ).first()
+
+    if not lead_role:
+        raise HTTPException(status_code=500, detail="Team Lead role not found")
+
+    # 3) Find Team Lead user in same team
+    lead_user = (
+        await session.exec(
+            select(Users)
+            .join(UserTeamsRole)
+            .where(UserTeamsRole.team_id == ut.team_id)
+            .where(UserTeamsRole.role_id == lead_role.id)
+        )
+    ).all()
+
+    if not lead_user:
+        raise HTTPException(status_code=404, detail="Team lead not found")
+
+    to_email = ", ".join([u.email_id for u in lead_user])
+
+    # 4) HR CC emails
+    hr_team = (await session.exec(select(Teams).where(Teams.name == "HR Team"))).first()
+
+    cc = []
+    if hr_team:
+        hr_users = (
+            await session.exec(
+                select(Users)
+                .join(UserTeamsRole)
+                .where(UserTeamsRole.team_id == hr_team.id)
+            )
+        ).all()
+
+        cc = [str(row.email_id) for row in hr_users]
+
+    return BaseResponse(code=200, message="success", data={"to": to_email, "cc": cc})
+
+
+@router.post("/send", response_model=BaseResponse)
+async def send_leave_email(
+    payload: dict,
+    background: BackgroundTasks,
+    current_user=Depends(get_current_user),
+):
+    from_email = payload.get("from_email")
+    to_email = payload.get("to")
+    cc = payload.get("cc", [])
+    subject = payload.get("subject")
+    body = payload.get("body")
+
+    if not subject or not body:
+        raise HTTPException(status_code=400, detail="Subject and body required")
+
+    # send in background so API returns fast
+    background.add_task(send_email, to_email, subject, body, cc, from_email)
+
+    return BaseResponse(code=200, message="Leave request sent", data=None)

src/leave/utils.py

@@ -0,0 +1,50 @@
+# src/core/email_utils.py
+import smtplib
+from email.message import EmailMessage
+from src.core.config import settings
+from typing import List
+
+
+SMTP_HOST = settings.EMAIL_SERVER
+SMTP_PORT = settings.EMAIL_PORT
+SMTP_USER = settings.EMAIL_USERNAME
+SMTP_PASS = settings.EMAIL_PASSWORD
+FROM_DEFAULT = settings.EMAIL_USERNAME
+
+
+def send_email(
+    to_email: str, subject: str, body: str, cc: list[str] = None, from_email: str = None
+):
+    """
+    Gmail cannot send as another user.
+    So we set 'From' = your Gmail, but 'Reply-To' = user email.
+    """
+
+    cc = cc or []
+
+    msg = EmailMessage()
+    msg["Subject"] = subject
+
+    # Always send FROM your SMTP account
+    msg["From"] = settings.EMAIL_USERNAME
+
+    # Show this as reply address
+    if from_email:
+        msg["Reply-To"] = from_email
+
+    msg["To"] = to_email
+
+    if cc:
+        msg["Cc"] = ", ".join(cc)
+
+    msg.set_content(body)
+
+    try:
+        with smtplib.SMTP(settings.EMAIL_SERVER, settings.EMAIL_PORT) as server:
+            server.starttls()
+            server.login(settings.EMAIL_USERNAME, settings.EMAIL_PASSWORD)
+
+            server.send_message(msg)
+
+    except Exception as e:
+        raise Exception(f"Email sending failed: {str(e)}")

src/main.py

@@ -1,8 +1,11 @@
+from src.assets.router import router as assets
+from src.profile.router import router as profile
 from fastapi import FastAPI
 
 from src.core.database import init_db
 from src.home.router import router as home_router
 from src.auth.router import router as auth_router
+from src.leave.router import router as leave
 
 app = FastAPI(title="Yuvabe App API")
 
@@ -12,6 +15,12 @@ init_db()
 
 app.include_router(auth_router)
 
+app.include_router(profile)
+
+app.include_router(assets)
+
+app.include_router(leave)
+
 
 @app.get("/")
 def root():

src/profile/router.py

@@ -0,0 +1,20 @@
+from fastapi.routing import APIRouter
+from src.core.database import get_async_session
+from src.auth.utils import get_current_user
+from src.auth.schemas import BaseResponse
+from sqlalchemy.ext.asyncio.session import AsyncSession
+from fastapi.params import Depends
+from .schemas import UpdateProfileRequest
+from src.profile.service import update_user_profile
+
+router = APIRouter(prefix="/profile", tags=["Profile"])
+
+
+@router.put("/update-profile", response_model=BaseResponse)
+async def update_profile(
+    payload: UpdateProfileRequest,
+    user_id: str = Depends(get_current_user),
+    session: AsyncSession = Depends(get_async_session),
+):
+    result = await update_user_profile(session, user_id, payload)
+    return {"code": 200, "data": result}

src/profile/schemas.py

@@ -0,0 +1,11 @@
+from pydantic import BaseModel, EmailStr
+from typing import Optional
+
+class UpdateProfileRequest(BaseModel):
+    name: Optional[str] = None
+    email: Optional[EmailStr] = None
+    dob: Optional[str] = None
+    address: Optional[str] = None
+
+    current_password: Optional[str] = None
+    new_password: Optional[str] = None

src/profile/service.py

@@ -1,2 +1,65 @@
-from typing import List
-from uuid import UUID
+from datetime import datetime
+import uuid
+from fastapi import HTTPException
+from passlib.context import CryptContext
+from src.core.models import Users
+
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+
+async def update_user_profile(session, user_id: str, data):
+    user = await session.get(Users, uuid.UUID(user_id))
+
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    # --- Update Name ---
+    if data.name:
+        user.user_name = data.name
+
+    # --- Update Email ---
+    if data.email:
+        user.email_id = data.email
+
+    # --- Update DOB ---
+    if data.dob:
+        try:
+            # Convert DD.MM.YYYY → Python date
+            parsed_date = datetime.strptime(data.dob, "%d.%m.%Y").date()
+            user.dob = parsed_date
+        except:
+            raise HTTPException(
+                status_code=400, detail="DOB must be in DD.MM.YYYY format"
+            )
+
+    # --- Update Address ---
+    if data.address:
+        user.address = data.address
+
+    # --- Change Password ---
+    if data.new_password:
+        if not data.current_password:
+            raise HTTPException(status_code=400, detail="Current password required")
+
+        # Verify old password
+        if not pwd_context.verify(data.current_password, user.password):
+            raise HTTPException(status_code=400, detail="Incorrect current password")
+
+        # Set new password
+        user.password = pwd_context.hash(data.new_password)
+
+    # Commit changes
+    await session.commit()
+    await session.refresh(user)
+
+    return {
+        "message": "Profile updated successfully",
+        "user": {
+            "id": str(user.id),
+            "name": user.user_name,
+            "email": user.email_id,
+            "dob": user.dob.isoformat() if user.dob else None,
+            "address": user.address,
+            "is_verified": user.is_verified,
+        },
+    }