✨ Add endpoint to fetch Discord user profile using access token

code/websites/pokedex.online/server/routes/auth.js

@@ -277,5 +277,60 @@ export function createAuthRouter({ secret, adminPassword } = {}) {
     }
   });
 
+  /**
+   * GET /auth/discord/profile
+   * Fetch Discord user profile using the stored Discord token
+   * Requires: Authorization header with Discord access token
+   */
+  router.get('/discord/profile', async (req, res) => {
+    try {
+      const authHeader = req.headers.authorization;
+      if (!authHeader || !authHeader.startsWith('Bearer ')) {
+        return res.status(401).json({
+          error: 'Missing or invalid authorization header',
+          code: 'MISSING_AUTH'
+        });
+      }
+
+      const token = authHeader.substring('Bearer '.length);
+
+      // Fetch user profile from Discord API
+      const response = await fetch('https://discord.com/api/users/@me', {
+        headers: {
+          Authorization: `Bearer ${token}`
+        }
+      });
+
+      if (!response.ok) {
+        console.error('Discord API error:', response.status);
+        return res.status(response.status).json({
+          error: 'Failed to fetch Discord profile',
+          code: 'DISCORD_API_ERROR'
+        });
+      }
+
+      const userData = await response.json();
+
+      // Return user data
+      res.json({
+        user: {
+          id: userData.id,
+          username: userData.username,
+          global_name: userData.global_name,
+          discriminator: userData.discriminator,
+          avatar: userData.avatar,
+          email: userData.email,
+          verified: userData.verified
+        }
+      });
+    } catch (err) {
+      console.error('Failed to fetch Discord profile:', err);
+      return res.status(500).json({
+        error: 'Failed to fetch Discord profile',
+        code: 'PROFILE_FETCH_ERROR'
+      });
+    }
+  });
+
   return router;
 }