// routes/auth
router.put("/update-profile", requireSignin, auth.updateProfile);

// controllers/auth
// name username company image phone about
export const updateProfile = async (req, res) => {
  try {
    const user = await User.findByIdAndUpdate(
      req.user._id,
      {
        ...req.body,
      },
      { new: true }
    );

    user.password = undefined;
    user.resetCode = undefined;
    res.json(user);
  } catch (err) {
    console.log(err);
    if (err.codeName === "DuplicateKey") {
      return res.status(403).json({ error: "Username is taken" });
    } else {
      return res.status(403).json({ error: "Unauhorized" });
    }
  }
};

To test this endpoint, try making PUT request using Postman. Send for example username in req.body and see how it updates.