Spaces:
Running
Running
File size: 3,768 Bytes
f78b36a 131aa2a f78b36a 131aa2a f78b36a 131aa2a f78b36a c35b446 f78b36a | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 | import {
Body,
Controller,
HttpCode,
HttpStatus,
Post,
Req,
UseGuards,
} from "@nestjs/common";
import { AuthService } from "./auth.service";
import { RegisterDto } from "./dto/register.dto";
import { LoginDto } from "./dto/login.dto";
import { RefreshTokenDto } from "./dto/refresh-token.dto";
import { AuthResponseDto } from "./dto/auth-response.dto";
import { ForgotPasswordDto } from "./dto/forgot-password.dto";
import { ResetPasswordDto } from "./dto/reset-password.dto";
import { SetupPasswordDto } from "./dto/setup-password.dto";
import { JwtAuthGuard } from "./guards/jwt-auth.guard";
/**
* Authentication Controller
*
* ENDPOINTS:
* - POST /auth/register - Register new user
* - POST /auth/login - Login user
* - POST /auth/refresh - Refresh access token
* - POST /auth/forgot-password - Forgot password request
* - POST /auth/reset-password - Reset password with token
* - POST /auth/setup-password - Setup initial password for new users
*
* CLINICAL SAFETY:
* - No health data collected
* - Minimal PII only
* - No credential logging
*/
@Controller("auth")
export class AuthController {
constructor(private readonly authService: AuthService) {}
/**
* Register a new user
*
* @param registerDto - Email/phone and password
* @returns Access token, refresh token, and user ID
*/
@Post("register")
@HttpCode(HttpStatus.CREATED)
async register(@Body() registerDto: RegisterDto): Promise<AuthResponseDto> {
return this.authService.register(registerDto);
}
/**
* Login user
*
* @param loginDto - Email/phone and password
* @returns Access token, refresh token, and user ID
*/
@Post("login")
@HttpCode(HttpStatus.OK)
async login(@Body() loginDto: LoginDto): Promise<AuthResponseDto> {
return this.authService.login(loginDto);
}
/**
* Forgot password request
*
* @param forgotPasswordDto - Email or phone
*/
@Post("forgot-password")
@HttpCode(HttpStatus.OK)
async forgotPassword(
@Body() forgotPasswordDto: ForgotPasswordDto
): Promise<void> {
return this.authService.forgotPassword(forgotPasswordDto);
}
/**
* Reset password with token
*
* @param resetPasswordDto - Token and new password
*/
@Post("reset-password")
@HttpCode(HttpStatus.OK)
async resetPassword(
@Body() resetPasswordDto: ResetPasswordDto
): Promise<void> {
return this.authService.resetPassword(resetPasswordDto);
}
/**
* Setup initial password for new user
*
* @param setupPasswordDto - Token and password
*/
@Post("setup-password")
@HttpCode(HttpStatus.OK)
async setupPassword(
@Body() setupPasswordDto: SetupPasswordDto
): Promise<void> {
return this.authService.setupPassword(setupPasswordDto.token, setupPasswordDto.password);
}
/**
* Refresh access token
*
* @param refreshTokenDto - Refresh token
* @returns New access token and refresh token
*/
@Post("refresh")
@HttpCode(HttpStatus.OK)
async refresh(
@Body() refreshTokenDto: RefreshTokenDto
): Promise<AuthResponseDto> {
return this.authService.refreshToken(refreshTokenDto.refreshToken);
}
/**
* Logout user
*
* SECURITY:
* - Requires valid access token
* - Clears stored refresh token so it cannot be reused
*/
@Post("logout")
@UseGuards(JwtAuthGuard)
@HttpCode(HttpStatus.OK)
async logout(@Req() req: any): Promise<void> {
await this.authService.logout(req.user.id);
}
/**
* Get current authenticated user
*
* @param req - Request with authenticated user
* @returns Current user details
*/
@Post("me")
@UseGuards(JwtAuthGuard)
@HttpCode(HttpStatus.OK)
async getMe(@Req() req: any) {
return this.authService.validateUser(req.user.id);
}
}
|