Problem: users.ts exposes POST /users/register but there is no GET /users/me endpoint for the authenticated user to retrieve their own profile. The frontend Settings page (FE-029) would need to call a user-fetch endpoint but none exists for authenticated self-lookup.
Scope: Add GET /users/me that returns the authenticated user's profile.
Implementation guidance:
Add usersRouter.get("/me", authJwtMiddleware, async (req, res, next) => { ... }) (depends on BE-007 for authJwtMiddleware, but can be stubbed with a wallet-address header in the meantime).
Look up the user by req.user.walletAddress from the JWT payload.
Return { id, walletAddress, email, alias, role, createdAt }.
If the user is not found (e.g. JWT is valid but the account was deleted), return 404.
Acceptance criteria: Authenticated GET returns the user profile; unauthenticated GET returns 401.
Validation: Unit test for authenticated and unauthenticated cases.
Files to modify: backend/src/routes/users.ts
Problem: users.ts exposes POST /users/register but there is no GET /users/me endpoint for the authenticated user to retrieve their own profile. The frontend Settings page (FE-029) would need to call a user-fetch endpoint but none exists for authenticated self-lookup.
Scope: Add GET /users/me that returns the authenticated user's profile.
Implementation guidance:
Add usersRouter.get("/me", authJwtMiddleware, async (req, res, next) => { ... }) (depends on BE-007 for authJwtMiddleware, but can be stubbed with a wallet-address header in the meantime).
Look up the user by req.user.walletAddress from the JWT payload.
Return { id, walletAddress, email, alias, role, createdAt }.
If the user is not found (e.g. JWT is valid but the account was deleted), return 404.
Acceptance criteria: Authenticated GET returns the user profile; unauthenticated GET returns 401.
Validation: Unit test for authenticated and unauthenticated cases.
Files to modify: backend/src/routes/users.ts