Fixed profile url exposure (#120)

### Short description of changes:

src/app/(pages)/(auth)/signup/addinfo/page.tsx

@@ -36,7 +36,7 @@ import {ZOD_ERR, DEFAULT_SERVER_ERR} from '@constants/error-messages';
 import axios from 'axios';
 import {useState, useCallback, useEffect} from 'react';
 import {useDropzone, FileRejection} from 'react-dropzone';
-import {setRevalidateHeaders} from 'next/dist/server/send-payload';
+import {getClientSession} from '@utils/getClientSession';
 
 const schema = z.object({
   skill: z.string().min(1, ZOD_ERR.REQ_FIELD),
@@ -50,7 +50,6 @@ const AddInfo = () => {
   const statusToast = useToast();
   const params = useSearchParams();
   const id = params.get('id');
-  const picture = params.get('picture');
 
   const {
     handleSubmit,
@@ -132,7 +131,17 @@ const AddInfo = () => {
   const watched = watch();
 
   useEffect(() => {
-    setValue('profile', picture!);
+    const getUserFromSession = async () => {
+      const session = await getClientSession();
+      return session;
+    };
+
+    const fetchSession = async () => {
+      const session = await getUserFromSession();
+      setValue('profile', session.user.profile);
+    };
+
+    fetchSession();
   }, []);
 
   return (
@@ -143,11 +152,7 @@ const AddInfo = () => {
             <Heading as="h1" size="2xl">
               Create your profile
             </Heading>
-            {watched.profile ? (
-              <Image src={watched.profile} mt="10" boxSize="80px" />
-            ) : (
-              <Image src={picture!} mt="10" boxSize="80px" />
-            )}
+            <Image src={watched.profile} mt="10" boxSize="80px" />
             <Button onClick={onOpen} size="md" mt={2}>
               Update your profile
             </Button>

src/app/api/auth/email-verification/[token]/route.ts

@@ -6,7 +6,7 @@ import {auth} from '@lib';
 import {cookies, headers} from 'next/headers';
 
 export const GET = async (
-  _: NextRequest,
+  request: NextRequest,
   {params: {token}}: {params: {token: string}}
 ) => {
   await connectToDatabase();
@@ -30,14 +30,35 @@ export const GET = async (
         }
       );
 
+      const userAttributes = {
+        first_name: user.first_name,
+        last_name: user.last_name,
+        email_address: user.email_address,
+        email_verified: user.email_verified,
+        skill: user.skill,
+        instagram: user.instagram,
+        profile: user.profile,
+      };
+
+      const session = await auth.createSession({
+        userId: id,
+        attributes: userAttributes,
+      });
+
+      const authRequest = auth.handleRequest(request.method, {
+        cookies,
+        headers,
+      });
+
+      authRequest.setSession(session);
       success = true;
     }
   } catch (e) {
     logger.error(e);
   }
 
   if (success) {
-    redirect(`/signup/addinfo?id=${id}&picture=${profile}`);
+    redirect(`/signup/addinfo?id=${id}`);
   } else {
     redirect('/login?confirmation-status=failed');
   }

src/app/api/auth/signup/google/callback/route.ts

@@ -53,10 +53,7 @@ export const GET = async (request: NextRequest) => {
     });
     authRequest.setSession(session);
     return NextResponse.redirect(
-      new URL(
-        `/signup/addinfo?id=${user.userId}&picture=${googleUser.picture}`,
-        request.url
-      )
+      new URL(`/signup/addinfo?id=${user.userId}`, request.url)
     );
   } catch (e) {
     if (e instanceof OAuthRequestError) {

src/lib/lucia.ts

@@ -24,6 +24,7 @@ export const auth = lucia({
       email_verified: data.email_verified,
       skill: data.skill,
       instagram: data.instagram,
+      profile: data.profile,
     };
   },
 });