diff --git a/backend/users/migrations/0003_customuser_profile_pic.py b/backend/users/migrations/0003_customuser_profile_pic.py
new file mode 100644
index 0000000..1604578
--- /dev/null
+++ b/backend/users/migrations/0003_customuser_profile_pic.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.6 on 2023-11-04 19:15
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0002_customuser_refresh_token'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='customuser',
+            name='profile_pic',
+            field=models.ImageField(blank=True, default='profile_pics/default.png', null=True, upload_to='profile_pics'),
+        ),
+    ]
diff --git a/backend/users/models.py b/backend/users/models.py
index 64d976d..5b5b176 100644
--- a/backend/users/models.py
+++ b/backend/users/models.py
@@ -13,6 +13,7 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
     first_name = models.CharField(max_length=150, blank=True)
     start_date = models.DateTimeField(default=timezone.now)
     about = models.TextField(_('about'), max_length=500, blank=True)
+    profile_pic = models.ImageField(upload_to='profile_pics', null=True, blank=True, default='profile_pics/default.png')
     is_staff = models.BooleanField(default=False)
     is_active = models.BooleanField(default=True)
 
diff --git a/backend/users/serializers.py b/backend/users/serializers.py
index a25e8ec..531d912 100644
--- a/backend/users/serializers.py
+++ b/backend/users/serializers.py
@@ -7,12 +7,12 @@ class CustomUserSerializer(serializers.ModelSerializer):
     Serializer for CustomUser model.
     """
     email = serializers.EmailField(required=True)
-    username = serializers.CharField(required=True)
+    username = serializers.CharField()
     password = serializers.CharField(min_length=8, write_only=True)
 
     class Meta:
         model = CustomUser
-        fields = ('email', 'password')
+        fields = ('email', 'username', 'password')
         extra_kwargs = {'password': {'write_only': True}}
 
     def create(self, validated_data):
@@ -25,3 +25,12 @@ class CustomUserSerializer(serializers.ModelSerializer):
             instance.set_password(password)
         instance.save()
         return instance
+
+
+class UpdateProfileSerializer(serializers.ModelSerializer):
+    """
+    Serializer for updating user profile.
+    """
+    class Meta:
+        model = CustomUser
+        fields = ('profile_pic', 'first_name', 'about')
\ No newline at end of file
diff --git a/backend/users/urls.py b/backend/users/urls.py
index 2b44459..474da31 100644
--- a/backend/users/urls.py
+++ b/backend/users/urls.py
@@ -1,6 +1,7 @@
 from django.urls import path
-from users.views import CustomUserCreate
+from users.views import CustomUserCreate, CustomUserProfileUpdate
 
 urlpatterns = [
     path('user/create/', CustomUserCreate.as_view(), name="create_user"),
+    path('user/update/', CustomUserProfileUpdate.as_view(), name='update_user')
 ]
\ No newline at end of file
diff --git a/backend/users/views.py b/backend/users/views.py
index 6f020b6..0cebbae 100644
--- a/backend/users/views.py
+++ b/backend/users/views.py
@@ -1,11 +1,13 @@
 """This module defines API views for user creation"""
 
 from rest_framework import status
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import AllowAny, IsAuthenticated
+
 from rest_framework.response import Response
 from rest_framework.views import APIView
+from rest_framework.parsers import MultiPartParser
 
-from .serializers import CustomUserSerializer
+from users.serializers import CustomUserSerializer, UpdateProfileSerializer
 
 
 class CustomUserCreate(APIView):
@@ -25,3 +27,30 @@ class CustomUserCreate(APIView):
             if user:
                 return Response(serializer.data, status=status.HTTP_201_CREATED)
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+    
+
+class CustomUserProfileUpdate(APIView):
+    """
+    Custom User Profile Update View.
+    """
+    parser_classes = (MultiPartParser,)
+    permission_classes = (IsAuthenticated,)
+
+    def get(self, request):
+        user = request.user
+        image_url = user.profile_pic.url
+        username = user.username
+
+        data = {
+            'image_url': image_url,
+            'username': username
+        }
+
+        return Response(data)
+
+    def post(self, request):
+        serializer = UpdateProfileSerializer(data=request.data)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data)
+        return Response(serializer.errors, status=400)
\ No newline at end of file