Add UserProfileUpdateDto for profile updates without password validation

Previously, the /user/updateUser endpoint used UserDto which requires
email, password, and matchingPassword fields. This caused validation
errors when users only wanted to update their name.

Changes:
- Add new UserProfileUpdateDto with only firstName and lastName fields
- Update UserAPI.updateUserAccount() to use the new DTO
- Profile updates no longer require password fields

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: devondragon

src/main/java/com/digitalsanctuary/spring/user/api/UserAPI.java

@@ -21,6 +21,7 @@
 import com.digitalsanctuary.spring.user.dto.PasswordResetRequestDto;
 import com.digitalsanctuary.spring.user.dto.SavePasswordDto;
 import com.digitalsanctuary.spring.user.dto.UserDto;
+import com.digitalsanctuary.spring.user.dto.UserProfileUpdateDto;
 import com.digitalsanctuary.spring.user.event.OnRegistrationCompleteEvent;
 import com.digitalsanctuary.spring.user.exceptions.InvalidOldPasswordException;
 import com.digitalsanctuary.spring.user.exceptions.UserAlreadyExistException;
@@ -131,24 +132,24 @@ public ResponseEntity<JSONResponse> resendRegistrationToken(@Valid @RequestBody
 	}
 
 	/**
-	 * Updates the user's password. This is used when the user is logged in and
-	 * wants to change their password.
+	 * Updates the user's profile (first name, last name). This is used when the
+	 * user is logged in and wants to update their profile information.
 	 *
-	 * @param userDetails the authenticated user details
-	 * @param userDto     the user data transfer object containing user details
-	 * @param request     the HTTP servlet request
-	 * @param locale      the locale
-	 * @return a ResponseEntity containing a JSONResponse with the password update
+	 * @param userDetails      the authenticated user details
+	 * @param profileUpdateDto the profile update DTO containing first and last name
+	 * @param request          the HTTP servlet request
+	 * @param locale           the locale
+	 * @return a ResponseEntity containing a JSONResponse with the profile update
 	 *         result
 	 */
 	@PostMapping("/updateUser")
 	public ResponseEntity<JSONResponse> updateUserAccount(@AuthenticationPrincipal DSUserDetails userDetails,
-			@Valid @RequestBody UserDto userDto,
+			@Valid @RequestBody UserProfileUpdateDto profileUpdateDto,
 			HttpServletRequest request, Locale locale) {
 		validateAuthenticatedUser(userDetails);
 		User user = userDetails.getUser();
-		user.setFirstName(userDto.getFirstName());
-		user.setLastName(userDto.getLastName());
+		user.setFirstName(profileUpdateDto.getFirstName());
+		user.setLastName(profileUpdateDto.getLastName());
 		userService.saveRegisteredUser(user);
 
 		logAuditEvent("ProfileUpdate", "Success", "User profile updated", user, request);

src/main/java/com/digitalsanctuary/spring/user/dto/UserProfileUpdateDto.java

@@ -0,0 +1,23 @@
+package com.digitalsanctuary.spring.user.dto;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+import lombok.Data;
+
+/**
+ * DTO for updating user profile information (first name, last name).
+ * This is separate from UserDto to avoid requiring password fields during profile updates.
+ */
+@Data
+public class UserProfileUpdateDto {
+
+	/** The first name. */
+	@NotBlank(message = "First name is required")
+	@Size(max = 50, message = "First name must not exceed 50 characters")
+	private String firstName;
+
+	/** The last name. */
+	@NotBlank(message = "Last name is required")
+	@Size(max = 50, message = "Last name must not exceed 50 characters")
+	private String lastName;
+}