Skip to main content
GET
/
api
/
profile
Get User Profile
curl --request GET \
  --url https://harbor-parking.vercel.app/api/profile
{
  "profile": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "email": "john.doe@example.com",
    "full_name": "John Doe",
    "apartment_number": "12A",
    "phone_number": "+1234567890",
    "is_approved": true,
    "is_admin": false,
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  },
  "user": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "email": "john.doe@example.com",
    "email_confirmed_at": "2024-01-15T10:30:00Z",
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  }
}

Overview

This endpoint retrieves comprehensive profile and authentication data for the currently authenticated user. It returns both the user’s profile information (managed by Harbor Parking) and their basic authentication data (managed by Supabase Auth).

Authentication

Response

profile
object
required
User’s Harbor Parking profile information
user
object
required
User’s authentication data from Supabase

Example Request

curl -X GET "https://harbor-parking.vercel.app/api/profile" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json"

Example Response

{
  "profile": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "email": "john.doe@example.com",
    "full_name": "John Doe",
    "apartment_number": "12A",
    "phone_number": "+1234567890",
    "is_approved": true,
    "is_admin": false,
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  },
  "user": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "email": "john.doe@example.com",
    "email_confirmed_at": "2024-01-15T10:30:00Z",
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  }
}

Error Responses

{
  "error": "Authentication required"
}

Use Cases

Check User Approval Status

const { profile } = await fetch('/api/profile').then(r => r.json());

if (!profile.is_approved) {
  // Redirect to pending approval page
  showPendingApprovalMessage();
} else {
  // User can access full features
  redirectToDashboard();
}

Display User Information

const { profile, user } = await fetch('/api/profile').then(r => r.json());

const userInfo = {
  displayName: profile.full_name || user.email,
  apartment: profile.apartment_number,
  isAdmin: profile.is_admin,
  memberSince: new Date(user.created_at).toLocaleDateString()
};

Profile Completeness Check

function checkProfileCompleteness(profile) {
  const missing = [];
  
  if (!profile.full_name) missing.push('full_name');
  if (!profile.phone_number) missing.push('phone_number');
  
  return {
    isComplete: missing.length === 0,
    missingFields: missing,
    completionPercentage: ((4 - missing.length) / 4) * 100
  };
}

Rate Limiting

This endpoint is rate limited to:
  • 10 requests per minute per user
  • 100 requests per hour per user

Security Notes

  • Profile data is protected by Row Level Security (RLS)
  • Users can only access their own profile data
  • Administrators can view all profiles through separate admin endpoints
  • Email and phone data should be handled securely in client applications

Next: Update Profile

Learn how to update user profile information