feat: user export service. bug and UX fixes. Complete minus outstanding email template fixes.

backend/src/features/auth/api/auth.controller.ts

@@ -182,4 +182,63 @@ export class AuthController {
       });
     }
   }
+
+  /**
+   * GET /api/auth/security-status
+   * Get user security status
+   * Protected endpoint - requires JWT
+   */
+  async getSecurityStatus(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const userId = (request as any).user.sub;
+
+      const result = await this.authService.getSecurityStatus(userId);
+
+      logger.info('Security status retrieved', {
+        userId: userId.substring(0, 8) + '...',
+        emailVerified: result.emailVerified,
+      });
+
+      return reply.code(200).send(result);
+    } catch (error: any) {
+      logger.error('Failed to get security status', {
+        error,
+        userId: (request as any).user?.sub,
+      });
+
+      return reply.code(500).send({
+        error: 'Internal server error',
+        message: 'Failed to get security status',
+      });
+    }
+  }
+
+  /**
+   * POST /api/auth/request-password-reset
+   * Request password reset email
+   * Protected endpoint - requires JWT
+   */
+  async requestPasswordReset(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const userId = (request as any).user.sub;
+
+      const result = await this.authService.requestPasswordReset(userId);
+
+      logger.info('Password reset email requested', {
+        userId: userId.substring(0, 8) + '...',
+      });
+
+      return reply.code(200).send(result);
+    } catch (error: any) {
+      logger.error('Failed to request password reset', {
+        error,
+        userId: (request as any).user?.sub,
+      });
+
+      return reply.code(500).send({
+        error: 'Internal server error',
+        message: 'Failed to send password reset email. Please try again later.',
+      });
+    }
+  }
 }

backend/src/features/auth/api/auth.routes.ts

@@ -36,4 +36,16 @@ export const authRoutes: FastifyPluginAsync = async (
     preHandler: [fastify.authenticate],
     handler: authController.getUserStatus.bind(authController),
   });
+
+  // GET /api/auth/security-status - Get security status (requires JWT)
+  fastify.get('/auth/security-status', {
+    preHandler: [fastify.authenticate],
+    handler: authController.getSecurityStatus.bind(authController),
+  });
+
+  // POST /api/auth/request-password-reset - Request password reset email (requires JWT)
+  fastify.post('/auth/request-password-reset', {
+    preHandler: [fastify.authenticate],
+    handler: authController.requestPasswordReset.bind(authController),
+  });
 };