File size: 3,589 Bytes
b185a6d eefe94f b185a6d eefe94f b185a6d eefe94f 7a5560e eefe94f b185a6d eefe94f b185a6d eefe94f 7a5560e eefe94f b185a6d eefe94f b185a6d eefe94f b185a6d ad26941 b185a6d ad26941 b185a6d 7a5560e b185a6d 7a5560e b185a6d eefe94f b185a6d 7a5560e b185a6d 345d455 eefe94f b185a6d 7a5560e b185a6d 7a5560e b185a6d eefe94f b185a6d 7a5560e b185a6d 7a5560e b185a6d eefe94f b185a6d 7a5560e b185a6d 345d455 eefe94f b185a6d 7a5560e b185a6d 7a5560e b185a6d eefe94f | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | import {
Controller,
Get,
Post,
Body,
Param,
Query,
Put,
Delete,
HttpCode,
UseGuards,
Req,
ForbiddenException,
} from "@nestjs/common";
import { UsersService } from "./users.service";
import { ApiTags, ApiOperation, ApiBearerAuth } from "@nestjs/swagger";
import { JwtAuthGuard } from "../auth/jwt-auth.guard";
import { RolesGuard } from "../auth/roles.guard";
import { Roles } from "../auth/roles.decorator";
import { RegisterDto } from "./dto/register.dto";
import { LoginDto } from "./dto/login.dto";
import { GoogleLoginDto } from "./dto/google-login.dto";
import { SupabaseLoginDto } from "./dto/supabase-login.dto";
import { UpdateUserDto } from "./dto/update-user.dto";
import { CreateFeedbackDto } from "./dto/create-feedback.dto";
@ApiTags("Authentication & User Management")
@Controller()
export class UsersController {
constructor(private usersService: UsersService) {}
@Post("auth/register")
@ApiOperation({ summary: "Register a new student account" })
async register(@Body() dto: RegisterDto) {
return this.usersService.register(dto.email, dto.name, dto.password);
}
@Post("auth/login")
@HttpCode(200)
@ApiOperation({ summary: "Login student account" })
async login(@Body() dto: LoginDto) {
return this.usersService.login(dto.email, dto.password);
}
@Post("auth/google")
@HttpCode(200)
@ApiOperation({ summary: "Authenticate with Google ID Token" })
async googleLogin(@Body() dto: GoogleLoginDto) {
return this.usersService.googleLogin(dto.idToken);
}
@Post("auth/supabase")
@HttpCode(200)
@ApiOperation({ summary: "Authenticate with Supabase JWT Token" })
async supabaseLogin(@Body() dto: SupabaseLoginDto) {
return this.usersService.supabaseLogin(dto.token);
}
@Get("users")
@UseGuards(JwtAuthGuard, RolesGuard)
@Roles("admin")
@ApiBearerAuth()
@ApiOperation({ summary: "List all users (Admin)" })
async getUsers(@Query("take") take?: string, @Query("skip") skip?: string) {
const limit = take ? parseInt(take, 10) : 50;
const offset = skip ? parseInt(skip, 10) : 0;
return this.usersService.findAll(limit, offset);
}
@Get("users/:id")
@UseGuards(JwtAuthGuard)
@ApiBearerAuth()
@ApiOperation({ summary: "Get details of a single user" })
async getUserById(@Param("id") id: string, @Req() req: any) {
if (req.user.role !== "admin" && req.user.id !== id) {
throw new ForbiddenException("You can only access your own user profile");
}
return this.usersService.findById(id);
}
@Put("users/:id")
@UseGuards(JwtAuthGuard, RolesGuard)
@Roles("admin")
@ApiBearerAuth()
@ApiOperation({ summary: "Update a user (Admin)" })
async updateUser(@Param("id") id: string, @Body() dto: UpdateUserDto) {
return this.usersService.update(id, dto.name, dto.email, dto.streak);
}
@Delete("users/:id")
@UseGuards(JwtAuthGuard, RolesGuard)
@Roles("admin")
@ApiBearerAuth()
@ApiOperation({ summary: "Delete a user (Admin)" })
async deleteUser(@Param("id") id: string) {
return this.usersService.remove(id);
}
@Post("feedbacks")
@UseGuards(JwtAuthGuard)
@ApiBearerAuth()
@ApiOperation({ summary: "Submit feedback (Student)" })
async createFeedback(@Body() dto: CreateFeedbackDto, @Req() req: any) {
return this.usersService.createFeedback(req.user.id, dto.content);
}
@Get("feedbacks")
@UseGuards(JwtAuthGuard, RolesGuard)
@Roles("admin")
@ApiBearerAuth()
@ApiOperation({ summary: "List all feedbacks (Admin)" })
async getFeedbacks() {
return this.usersService.findAllFeedbacks();
}
}
|