update to API spec

Author: tollsimy

src/dao/user.go

@@ -267,7 +267,6 @@ func (d *UserDao) GenerateOTP(c context.Context, username string) (api.OTPRespon
 	}
 	return api.OTPResponse{
 		Otp:        otpCode,
-		Username:   user.Username,
 		ValidUntil: exp_date,
 	}, nil
 }
@@ -293,3 +292,22 @@ func (d *UserDao) ValidateOTP(c context.Context, otpCode string) (bool, error) {
 
 	return true, nil
 }
+
+func (d *UserDao) GetUserByOTP(c context.Context, otpCode string) (*api.UserResponse, error) {
+	query := `
+        SELECT u.user_id, u.username, u.email, u.name, u.surname, u.role
+        FROM users u
+        JOIN otps o ON u.user_id = o.user_id
+        WHERE o.otp_code = $1 AND o.expires_at > CURRENT_TIMESTAMP
+    `
+	row := d.db.QueryRow(c, query, otpCode)
+
+	var user api.UserResponse
+	if err := row.Scan(&user.Id, &user.Username, &user.Email, &user.Name, &user.Surname, &user.Role); err != nil {
+		if strings.Contains(err.Error(), "no rows in result set") {
+			return nil, ErrUserNotFound
+		}
+		return nil, fmt.Errorf("failed to get user by OTP: %w", err)
+	}
+	return &user, nil
+}

src/handlers/session.go

@@ -276,3 +276,17 @@ func (h *SessionHandlers) ValidateOTP(c *gin.Context) {
 	}
 	c.JSON(http.StatusOK, gin.H{"message": "OTP validated successfully"})
 }
+
+func (h *SessionHandlers) GetUserByOTP(c *gin.Context, otp string) {
+	user, err := h.dao.GetUserByOTP(c.Request.Context(), otp)
+	if err != nil {
+		if err == dao.ErrUserNotFound {
+			c.JSON(http.StatusNotFound, gin.H{"error": "User not found"})
+			return
+		}
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get user by OTP"})
+		return
+	}
+
+	c.JSON(http.StatusOK, user.Username)
+}