HarshYadav152 · arnab9957 · Feb 15, 2026
diff --git a/savebook/app/(auth)/login/page.js b/savebook/app/(auth)/login/page.js
@@ -110,7 +110,7 @@ const LoginForm = () => {
         {/* Username */}
         <div>
           <label className="block text-sm font-medium text-gray-300 mb-2">
-            Username
+            Username or Email
           </label>
           <input
             type="text"
@@ -120,7 +120,7 @@ const LoginForm = () => {
             required
             disabled={isLoading}
             className="w-full px-4 py-3 bg-gray-700 border border-gray-600 rounded-lg text-white"
-            placeholder="Enter username"
+            placeholder="Enter username or email"
           />
         </div>
 
@@ -178,7 +178,7 @@ const LoginForm = () => {
           onClick={() => window.location.href = "/api/auth/github"}
           className="w-full flex items-center justify-center gap-3 bg-gray-700 hover:bg-gray-600 text-white py-3 rounded-lg transition-colors"
         >
-          <svg className="w-5 h-5" fill="currentColor" viewBox="0 0 24 24"><path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.041-1.412-4.041-1.412-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z"/></svg>
+          <svg className="w-5 h-5" fill="currentColor" viewBox="0 0 24 24"><path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.041-1.412-4.041-1.412-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z" /></svg>
           Continue with GitHub
         </button>
 

diff --git a/savebook/app/(auth)/register/page.js b/savebook/app/(auth)/register/page.js
diff --git a/savebook/app/api/auth/register/route.js b/savebook/app/api/auth/register/route.js
@@ -6,36 +6,63 @@ export async function POST(request) {
   try {
     await dbConnect();
 
-    const { username, password } = await request.json();
+    const { username, password, email, education, course, phoneNumber, subjectsOfInterest, name } = await request.json();
 
     // ✅ Input validation
     if (
       !username ||
       !password ||
+      !email ||
       typeof username !== "string" ||
       typeof password !== "string" ||
+      typeof email !== "string" ||
       password.length < 6
     ) {
       return NextResponse.json(
-        { success: false, message: "Invalid input" },
+        { success: false, message: "Invalid input. Username, password (min 6 chars), and email are required." },
         { status: 400 }
       );
     }
 
-    // ✅ Prevent username enumeration
-    const existingUser = await User.findOne({ username });
+    // Basic email validation regex
+    const emailRegex = /^\w+([.-]?\w+)*@\w+([.-]?\w+)*(\.\w{2,3})+$/;
+    if (!emailRegex.test(email)) {
+      return NextResponse.json(
+        { success: false, message: "Invalid email format." },
+        { status: 400 }
+      );
+    }
+
+    // ✅ Prevent username/email enumeration
+    const existingUser = await User.findOne({ $or: [{ username }, { email }] });
 
     if (existingUser) {
       return NextResponse.json(
-        { success: false, message: "Unable to create account" },
+        { success: false, message: "Username or Email already exists" },
         { status: 400 }
       );
     }
 
+    // Split name into firstName and lastName if provided
+    let firstName = '';
+    let lastName = '';
+    if (name) {
+      const parts = name.trim().split(' ');
+      firstName = parts[0];
+      lastName = parts.slice(1).join(' ');
+    }
+
     // ✅ Create user
     await User.create({
       username,
-      password
+      password,
+      email,
+      education,
+      course,
+      phoneNumber,
+      subjectsOfInterest: Array.isArray(subjectsOfInterest) ? subjectsOfInterest : [],
+      firstName,
+      lastName
     });
 
     return NextResponse.json(

diff --git a/savebook/app/api/auth/update-profile/route.js b/savebook/app/api/auth/update-profile/route.js
@@ -11,33 +11,46 @@ export async function PUT(request) {
 
     // Get token from cookies
     const authtoken = request.cookies.get("authToken");
-    
+
     if (!authtoken) {
       return NextResponse.json({ success: false, message: "Unauthorized - No token provided" }, { status: 401 });
     }
 
     // Verify token
-    const decoded = verifyJwtToken(authtoken.value);
-    
+    const decoded = await verifyJwtToken(authtoken.value);
+
     if (!decoded || !decoded.success) {
       return NextResponse.json({ success: false, message: "Unauthorized - Invalid token" }, { status: 401 });
     }
 
-    
+
     // Get user ID from token
     const userId = new mongoose.Types.ObjectId(decoded.userId);
     // Get updated user data from request
-    const { profileImage, firstName, lastName, bio, location } = await request.json();
+    const { profileImage, firstName, lastName, bio, location, email, education, course, phoneNumber, subjectsOfInterest } = await request.json();
+
+    // Check if email is being updated and if it's already taken
+    if (email) {
+      const emailExists = await User.findOne({ email, _id: { $ne: userId } });
+      if (emailExists) {
+        return NextResponse.json({ success: false, message: "Email already in use" }, { status: 400 });
+      }
+    }
 
     // Update user
     const updatedUser = await User.findByIdAndUpdate(
       userId,
-      { 
+      {
         ...(profileImage !== undefined && { profileImage }),
         ...(firstName !== undefined && { firstName }),
         ...(lastName !== undefined && { lastName }),
         ...(bio !== undefined && { bio }),
-        ...(location !== undefined && { location })
+        ...(location !== undefined && { location }),
+        ...(email !== undefined && { email }),
+        ...(education !== undefined && { education }),
+        ...(course !== undefined && { course }),
+        ...(phoneNumber !== undefined && { phoneNumber }),
+        ...(subjectsOfInterest !== undefined && { subjectsOfInterest })
       },
       { new: true, select: "-password" } // Return updated user without password
     );
@@ -47,16 +60,21 @@ export async function PUT(request) {
     }
 
     // Return success response with updated user data
-    return NextResponse.json({ 
-      success: true, 
+    return NextResponse.json({
+      success: true,
       message: "Profile updated successfully",
       user: {
         username: updatedUser.username,
+        email: updatedUser.email,
         profileImage: updatedUser.profileImage,
         firstName: updatedUser.firstName,
         lastName: updatedUser.lastName,
         bio: updatedUser.bio,
-        location: updatedUser.location
+        location: updatedUser.location,
+        education: updatedUser.education,
+        course: updatedUser.course,
+        phoneNumber: updatedUser.phoneNumber,
+        subjectsOfInterest: updatedUser.subjectsOfInterest
       }
     }, { status: 200 });
 

diff --git a/savebook/app/api/auth/user/route.js b/savebook/app/api/auth/user/route.js
@@ -48,7 +48,12 @@ export async function GET(request) {
                 firstName: user.firstName,
                 lastName: user.lastName,
                 bio: user.bio,
-                location: user.location
+                location: user.location,
+                email: user.email,
+                education: user.education,
+                course: user.course,
+                phoneNumber: user.phoneNumber,
+                subjectsOfInterest: user.subjectsOfInterest
             }
         }, { status: 200 });