diff --git a/backend/controllers/authController.js b/backend/controllers/authController.js
index f22ed19..f140e69 100644
--- a/backend/controllers/authController.js
+++ b/backend/controllers/authController.js
@@ -225,18 +225,34 @@ export const loginUser = async (req, res, next) => {
 export const getProfile = async (req, res, next) => {
   try {
     // TODO: Implement get profile logic
+    //altho user will be there, just incase added it
+    if (!req.user) {
+      return res.status(401).json({
+        success: false,
+        message: "User is not validated",
+      });
+    }
+
 
     // Option 1: Use req.user directly (set by protect middleware)
     // return res.status(200).json({ success: true, user: req.user });
 
     // Option 2: Fetch fresh data from database
     // const user = await User.findById(req.user.id).select('-password');
+    const user = await User.findById(req.user.id).select("-password");
+
     // if (!user) { return 404 error }
-    // return res.status(200).json({ success: true, user });
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: "User not found!",
+      });
+    }
 
-    res.status(501).json({
-      success: false,
-      message: 'Get profile endpoint not implemented yet',
+    // return res.status(200).json({ success: true, user });
+    return res.status(200).json({
+      success: true,
+      user,
     });
   } catch (error) {
     next(error);
diff --git a/backend/routes/authRoutes.js b/backend/routes/authRoutes.js
index 00b6dd3..9abe52f 100644
--- a/backend/routes/authRoutes.js
+++ b/backend/routes/authRoutes.js
@@ -47,7 +47,7 @@ import { registerUser, loginUser, getProfile } from '../controllers/authControll
 import { validateRegister, validateLogin, validate } from '../middleware/validationMiddleware.js';
 
 // TODO: Import auth middleware
-// import { protect } from '../middleware/authMiddleware.js';
+import { protect } from '../middleware/authMiddleware.js';
 
 const router = express.Router();
 
@@ -80,6 +80,7 @@ router.get('/test', (req, res) => {
   });
 });
 
+router.get('/profile', protect, getProfile);
 router.post('/register', [validateRegister, validate], registerUser);
 router.post('/login', [validateLogin, validate], loginUser);