Spaces:
Running
Running
| import { | |
| Body, | |
| Controller, | |
| HttpCode, | |
| HttpStatus, | |
| Post, | |
| Req, | |
| UseGuards, | |
| } from "@nestjs/common"; | |
| import { AuthService } from "./auth.service"; | |
| import { RegisterDto } from "./dto/register.dto"; | |
| import { LoginDto } from "./dto/login.dto"; | |
| import { RefreshTokenDto } from "./dto/refresh-token.dto"; | |
| import { AuthResponseDto } from "./dto/auth-response.dto"; | |
| import { ForgotPasswordDto } from "./dto/forgot-password.dto"; | |
| import { ResetPasswordDto } from "./dto/reset-password.dto"; | |
| import { SetupPasswordDto } from "./dto/setup-password.dto"; | |
| import { JwtAuthGuard } from "./guards/jwt-auth.guard"; | |
| /** | |
| * Authentication Controller | |
| * | |
| * ENDPOINTS: | |
| * - POST /auth/register - Register new user | |
| * - POST /auth/login - Login user | |
| * - POST /auth/refresh - Refresh access token | |
| * - POST /auth/forgot-password - Forgot password request | |
| * - POST /auth/reset-password - Reset password with token | |
| * - POST /auth/setup-password - Setup initial password for new users | |
| * | |
| * CLINICAL SAFETY: | |
| * - No health data collected | |
| * - Minimal PII only | |
| * - No credential logging | |
| */ | |
| ("auth") | |
| export class AuthController { | |
| constructor(private readonly authService: AuthService) {} | |
| /** | |
| * Register a new user | |
| * | |
| * @param registerDto - Email/phone and password | |
| * @returns Access token, refresh token, and user ID | |
| */ | |
| ("register") | |
| (HttpStatus.CREATED) | |
| async register(() registerDto: RegisterDto): Promise<AuthResponseDto> { | |
| return this.authService.register(registerDto); | |
| } | |
| /** | |
| * Login user | |
| * | |
| * @param loginDto - Email/phone and password | |
| * @returns Access token, refresh token, and user ID | |
| */ | |
| ("login") | |
| (HttpStatus.OK) | |
| async login(() loginDto: LoginDto): Promise<AuthResponseDto> { | |
| return this.authService.login(loginDto); | |
| } | |
| /** | |
| * Forgot password request | |
| * | |
| * @param forgotPasswordDto - Email or phone | |
| */ | |
| ("forgot-password") | |
| (HttpStatus.OK) | |
| async forgotPassword( | |
| () forgotPasswordDto: ForgotPasswordDto | |
| ): Promise<void> { | |
| return this.authService.forgotPassword(forgotPasswordDto); | |
| } | |
| /** | |
| * Reset password with token | |
| * | |
| * @param resetPasswordDto - Token and new password | |
| */ | |
| ("reset-password") | |
| (HttpStatus.OK) | |
| async resetPassword( | |
| () resetPasswordDto: ResetPasswordDto | |
| ): Promise<void> { | |
| return this.authService.resetPassword(resetPasswordDto); | |
| } | |
| /** | |
| * Setup initial password for new user | |
| * | |
| * @param setupPasswordDto - Token and password | |
| */ | |
| ("setup-password") | |
| (HttpStatus.OK) | |
| async setupPassword( | |
| () setupPasswordDto: SetupPasswordDto | |
| ): Promise<void> { | |
| return this.authService.setupPassword(setupPasswordDto.token, setupPasswordDto.password); | |
| } | |
| /** | |
| * Refresh access token | |
| * | |
| * @param refreshTokenDto - Refresh token | |
| * @returns New access token and refresh token | |
| */ | |
| ("refresh") | |
| (HttpStatus.OK) | |
| async refresh( | |
| () refreshTokenDto: RefreshTokenDto | |
| ): Promise<AuthResponseDto> { | |
| return this.authService.refreshToken(refreshTokenDto.refreshToken); | |
| } | |
| /** | |
| * Logout user | |
| * | |
| * SECURITY: | |
| * - Requires valid access token | |
| * - Clears stored refresh token so it cannot be reused | |
| */ | |
| ("logout") | |
| (JwtAuthGuard) | |
| (HttpStatus.OK) | |
| async logout(() req: any): Promise<void> { | |
| await this.authService.logout(req.user.id); | |
| } | |
| /** | |
| * Get current authenticated user | |
| * | |
| * @param req - Request with authenticated user | |
| * @returns Current user details | |
| */ | |
| ("me") | |
| (JwtAuthGuard) | |
| (HttpStatus.OK) | |
| async getMe(() req: any) { | |
| return this.authService.validateUser(req.user.id); | |
| } | |
| } | |