ankhbayar/Assist_Design
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Assist_Design/apps/bff/src/modules/auth/presentation/http/auth.controller.ts

372 lines
13 KiB
TypeScript
Raw Normal View History

Update pnpm-lock.yaml to add '@next/bundle-analyzer' and 'webpack-bundle-analyzer' dependencies. Modify nest-cli.json to prevent deletion of output directory during build. Enhance package.json scripts for development and clean commands. Refactor distributed-transaction.service.ts and transaction.service.ts for improved error handling and logging consistency. Update queue-health.controller.ts and csrf.controller.ts for better API documentation. Clean up whitespace and formatting across various files for improved readability.
2025-09-26 16:30:00 +09:00
import {
Controller,
Post,
Body,
UseGuards,
Enhance WHMCS API response handling and error logging across services. Update response parsing to align with official documentation, ensuring proper validation of response structures. Improve error messages for client lookups and credential validation, providing more context for debugging. Refactor SetPasswordView to redirect to the dashboard upon successful password setup.
2025-09-27 17:51:54 +09:00
UseInterceptors,
Update pnpm-lock.yaml to add '@next/bundle-analyzer' and 'webpack-bundle-analyzer' dependencies. Modify nest-cli.json to prevent deletion of output directory during build. Enhance package.json scripts for development and clean commands. Refactor distributed-transaction.service.ts and transaction.service.ts for improved error handling and logging consistency. Update queue-health.controller.ts and csrf.controller.ts for better API documentation. Clean up whitespace and formatting across various files for improved readability.
2025-09-26 16:30:00 +09:00
Get,
Req,
HttpCode,
Res,
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
UnauthorizedException,
Update pnpm-lock.yaml to add '@next/bundle-analyzer' and 'webpack-bundle-analyzer' dependencies. Modify nest-cli.json to prevent deletion of output directory during build. Enhance package.json scripts for development and clean commands. Refactor distributed-transaction.service.ts and transaction.service.ts for improved error handling and logging consistency. Update queue-health.controller.ts and csrf.controller.ts for better API documentation. Clean up whitespace and formatting across various files for improved readability.
2025-09-26 16:30:00 +09:00
} from "@nestjs/common";
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
import type { Request, Response } from "express";
Refactor rate limiting implementation and update package dependencies - Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility. - Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints. - Cleaned up unused throttler configuration files and guards to streamline the codebase. - Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
2025-12-11 11:25:23 +09:00
import { RateLimitGuard, RateLimit } from "@bff/core/rate-limiting/index.js";
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
import { AuthOrchestrator } from "@bff/modules/auth/application/auth-orchestrator.service.js";
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
import { AuthHealthService } from "@bff/modules/auth/application/auth-health.service.js";
Update TypeScript configurations, improve module imports, and clean up Dockerfiles - Adjusted TypeScript settings in tsconfig files for better alignment with ESNext standards. - Updated pnpm-lock.yaml to reflect dependency changes and improve package management. - Cleaned up Dockerfiles for both BFF and Portal applications to enhance build processes. - Modified import statements across various modules to include file extensions for consistency. - Removed outdated SHA256 files for backend and frontend tarballs to streamline project structure. - Enhanced health check mechanisms in Dockerfiles for improved application startup reliability.
2025-12-10 16:08:34 +09:00
import { LocalAuthGuard } from "./guards/local-auth.guard.js";
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
import {
FailedLoginThrottleGuard,
type RequestWithRateLimit,
Update TypeScript configurations, improve module imports, and clean up Dockerfiles - Adjusted TypeScript settings in tsconfig files for better alignment with ESNext standards. - Updated pnpm-lock.yaml to reflect dependency changes and improve package management. - Cleaned up Dockerfiles for both BFF and Portal applications to enhance build processes. - Modified import statements across various modules to include file extensions for consistency. - Removed outdated SHA256 files for backend and frontend tarballs to streamline project structure. - Enhanced health check mechanisms in Dockerfiles for improved application startup reliability.
2025-12-10 16:08:34 +09:00
} from "./guards/failed-login-throttle.guard.js";
import { LoginResultInterceptor } from "./interceptors/login-result.interceptor.js";
feat(address): integrate AddressModule and optimize Japan address form handling
2026-01-14 13:54:01 +09:00
import { Public, OptionalAuth } from "../../decorators/public.decorator.js";
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
import { createZodDto, ZodResponse } from "nestjs-zod";
refactor: enhance WHMCS HTTP client error logging and streamline auth module - Simplified error logging in WhmcsHttpClientService by removing action parameters from log messages for clarity. - Introduced RequestWithCookies type to improve type safety in auth controllers and utilities. - Refactored ValidatedUser interface to remove export, aligning with internal usage. - Removed deprecated auth error constants and streamlined error handling in various auth services. - Consolidated token handling logic by utilizing a shared hashToken utility across token services. - Removed unused and redundant methods in token services, improving code maintainability.
2026-03-04 10:17:04 +09:00
import type { RequestWithUser, RequestWithCookies } from "@bff/modules/auth/auth.types.js";
Update package dependencies and refactor authentication module - Added sharp dependency for image processing in package.json. - Updated argon2 dependency version to 0.44.0 for enhanced security. - Removed unused @nestjs/jwt dependency and refactored authentication module to utilize JoseJwtService for JWT handling. - Adjusted type definitions for @types/node and @types/pg to ensure compatibility across applications. - Cleaned up package.json files in BFF and Portal applications for consistency and improved dependency management.
2025-12-11 12:03:31 +09:00
import { JoseJwtService } from "../../infra/token/jose-jwt.service.js";
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
import { LoginOtpWorkflowService } from "../../infra/workflows/login-otp-workflow.service.js";
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
import { PasswordWorkflowService } from "../../infra/workflows/password-workflow.service.js";
Enhance authentication and CSRF protection mechanisms - Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation. - Updated CSRF middleware to streamline token validation and enhance security measures. - Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups. - Refactored CSRF controller and middleware to improve token handling and security checks. - Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController. - Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
2025-12-12 15:00:11 +09:00
import type { UserAuth } from "@customer-portal/domain/customer";
import { extractAccessTokenFromRequest } from "../../utils/token-from-request.util.js";
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
import { getRequestFingerprint } from "@bff/core/http/request-context.util.js";
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
import {
setAuthCookies,
clearAuthCookies,
buildSessionInfo,
ACCESS_COOKIE_PATH,
REFRESH_COOKIE_PATH,
TOKEN_TYPE,
} from "./utils/auth-cookie.util.js";
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
import {
setTrustedDeviceCookie,
clearTrustedDeviceCookie,
getTrustedDeviceToken,
} from "./utils/trusted-device-cookie.util.js";
fix: resolve Order Activation Flow issues - Fix SF Order locking by deferring Status change to final step - executeSfActivatedUpdate now only sets Activation_Status__c - executeSfRegistrationComplete sets Status: Processed atomically with WHMCS info - Add WHMCS custom fields update step (whmcs_custom_fields) - AddOrder API expects field IDs, UpdateClientProduct accepts field names - New step updates SIM Number, Serial Number, EID after order acceptance - Add Opportunity WH_Registeration__c field update - Sets productselect={serviceId} for WHMCS linking - Add SIM Inventory assignment fields - Assigned_Account__c, Assigned_Order__c, SIM_Type__c now populated - Remove PA05-18 Semi-Black SIM registration (only Black SIMs used) - Changed to direct PA02-01 call with createType=new - Fix me-status to check for Status: Processed instead of Activated Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 15:38:59 +09:00
import { getDevAuthConfig } from "@bff/core/config/auth-dev.config.js";
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
import { TrustedDeviceService } from "../../infra/trusted-device/trusted-device.service.js";
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
// Import Zod schemas from domain
import {
Remove deprecated files and schemas related to validation and type patterns. Update package.json scripts for type-checking with improved memory options. Refactor various components to utilize Zod for validation, enhancing form handling across the application. Clean up unused imports and streamline API client configurations for consistency.
2025-09-19 16:34:10 +09:00
passwordResetRequestSchema,
passwordResetSchema,
setPasswordRequestSchema,
changePasswordRequestSchema,
accountStatusRequestSchema,
ssoLinkRequestSchema,
checkPasswordNeededRequestSchema,
Refactor authentication and billing components to streamline functionality and improve code organization. Remove deprecated files and consolidate loading states across the application. Update package configurations and enhance error handling in various services for better consistency and maintainability.
2025-09-20 11:35:40 +09:00
refreshTokenRequestSchema,
Refactor user management and validation integration - Replaced UsersService with UsersFacade across various modules for improved abstraction and consistency. - Updated validation imports to utilize the new @customer-portal/validation package, enhancing modularity. - Removed deprecated validation files and streamlined user-related logic in controllers and services. - Enhanced order processing by integrating field mappings for Salesforce orders, improving maintainability. - Improved error handling and response structures in authentication and user management workflows.
2025-11-04 13:28:36 +09:00
checkPasswordNeededResponseSchema,
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
loginVerifyOtpRequestSchema,
Refactor import paths in user mapping and authentication modules to align with the new domain structure, enhancing type safety and maintainability. Remove deprecated Freebit types and streamline integration services by utilizing updated provider methods for improved organization and consistency in data handling.
2025-10-03 16:37:52 +09:00
} from "@customer-portal/domain/auth";
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
// Re-export for backward compatibility with tests
export { ACCESS_COOKIE_PATH, REFRESH_COOKIE_PATH, TOKEN_TYPE };
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
class AccountStatusRequestDto extends createZodDto(accountStatusRequestSchema) {}
class RefreshTokenRequestDto extends createZodDto(refreshTokenRequestSchema) {}
class SetPasswordRequestDto extends createZodDto(setPasswordRequestSchema) {}
class CheckPasswordNeededRequestDto extends createZodDto(checkPasswordNeededRequestSchema) {}
class PasswordResetRequestDto extends createZodDto(passwordResetRequestSchema) {}
class ResetPasswordRequestDto extends createZodDto(passwordResetSchema) {}
class ChangePasswordRequestDto extends createZodDto(changePasswordRequestSchema) {}
class SsoLinkRequestDto extends createZodDto(ssoLinkRequestSchema) {}
class CheckPasswordNeededResponseDto extends createZodDto(checkPasswordNeededResponseSchema) {}
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
class LoginVerifyOtpRequestDto extends createZodDto(loginVerifyOtpRequestSchema) {}
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Controller("auth")
Refactor AuthZodController to AuthController, enhancing login and password set functionalities with throttling and improved response handling. Update AuthModule to reflect controller name change and add new services. Refine AuthService to return sanitized user data and improve error logging. Enhance AuthThrottleGuard to track login attempts by IP and User Agent for better security. Clean up unused JWT guard and streamline token management in AuthTokenService.
2025-09-19 17:37:46 +09:00
export class AuthController {
Refactor EditorConfig and improve code formatting across multiple files - Replaced the existing .editorconfig file to establish consistent coding styles across editors. - Cleaned up whitespace and improved formatting in various TypeScript files for better readability. - Enhanced logging and error handling in Salesforce and WHMCS services to provide clearer insights during operations. - Streamlined order processing and caching mechanisms, ensuring efficient handling of API requests and responses. - Updated test cases to reflect changes in service methods and improve overall test coverage.
2025-11-17 11:49:58 +09:00
constructor(
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
private authOrchestrator: AuthOrchestrator,
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
private readonly jwtService: JoseJwtService,
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
private readonly loginOtpWorkflow: LoginOtpWorkflowService,
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
private readonly trustedDeviceService: TrustedDeviceService,
private readonly passwordWorkflow: PasswordWorkflowService,
private readonly healthService: AuthHealthService
Refactor EditorConfig and improve code formatting across multiple files - Replaced the existing .editorconfig file to establish consistent coding styles across editors. - Cleaned up whitespace and improved formatting in various TypeScript files for better readability. - Enhanced logging and error handling in Salesforce and WHMCS services to provide clearer insights during operations. - Streamlined order processing and caching mechanisms, ensuring efficient handling of API requests and responses. - Updated test cases to reflect changes in service methods and improve overall test coverage.
2025-11-17 11:49:58 +09:00
) {}
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
private applyAuthRateLimitHeaders(req: RequestWithRateLimit, res: Response): void {
FailedLoginThrottleGuard.applyRateLimitHeaders(req, res);
}
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Public()
@Get("health-check")
async healthCheck() {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
return this.healthService.check();
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
@Public()
@Post("account-status")
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
async accountStatus(@Body() body: AccountStatusRequestDto) {
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
return this.authOrchestrator.getAccountStatus(body.email);
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
/**
* POST /auth/login - Initiate login with credentials
*
* After valid credential check:
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
* 1. Check if device is trusted (has valid trusted device cookie for this user)
* 2. If trusted, skip OTP and complete login directly
* 3. Otherwise, generate OTP and send to user's email
* 4. Return session token for OTP verification
* 5. User must call /auth/login/verify-otp to complete login
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
*/
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Public()
Enhance WHMCS API response handling and error logging across services. Update response parsing to align with official documentation, ensuring proper validation of response structures. Improve error messages for client lookups and credential validation, providing more context for debugging. Refactor SetPasswordView to redirect to the dashboard upon successful password setup.
2025-09-27 17:51:54 +09:00
@UseGuards(LocalAuthGuard, FailedLoginThrottleGuard)
@UseInterceptors(LoginResultInterceptor)
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Post("login")
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
async login(
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
@Req() req: RequestWithUser & RequestWithRateLimit & RequestWithCookies,
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
@Res({ passthrough: true }) res: Response
) {
Refactor conditional rendering and improve code readability across multiple components - Simplified conditional rendering in OrderSummary, ProductCard, InstallationOptions, InternetOfferingCard, DeviceCompatibility, SimPlansContent, and other components by removing unnecessary parentheses. - Enhanced clarity in the use of ternary operators for better maintainability. - Updated documentation to reflect changes in development setup for skipping OTP verification during login. - Removed outdated orchestrator refactoring plan document. - Added new environment variable for skipping OTP verification in development. - Minor adjustments in domain contracts and mappers for consistency in conditional checks.
2026-02-03 18:28:38 +09:00
this.applyAuthRateLimitHeaders(req, res);
// In dev mode with SKIP_OTP=true, skip OTP and complete login directly
fix: resolve Order Activation Flow issues - Fix SF Order locking by deferring Status change to final step - executeSfActivatedUpdate now only sets Activation_Status__c - executeSfRegistrationComplete sets Status: Processed atomically with WHMCS info - Add WHMCS custom fields update step (whmcs_custom_fields) - AddOrder API expects field IDs, UpdateClientProduct accepts field names - New step updates SIM Number, Serial Number, EID after order acceptance - Add Opportunity WH_Registeration__c field update - Sets productselect={serviceId} for WHMCS linking - Add SIM Inventory assignment fields - Assigned_Account__c, Assigned_Order__c, SIM_Type__c now populated - Remove PA05-18 Semi-Black SIM registration (only Black SIMs used) - Changed to direct PA02-01 call with createType=new - Fix me-status to check for Status: Processed instead of Activated Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 15:38:59 +09:00
if (getDevAuthConfig().skipOtp) {
Refactor conditional rendering and improve code readability across multiple components - Simplified conditional rendering in OrderSummary, ProductCard, InstallationOptions, InternetOfferingCard, DeviceCompatibility, SimPlansContent, and other components by removing unnecessary parentheses. - Enhanced clarity in the use of ternary operators for better maintainability. - Updated documentation to reflect changes in development setup for skipping OTP verification during login. - Removed outdated orchestrator refactoring plan document. - Added new environment variable for skipping OTP verification in development. - Minor adjustments in domain contracts and mappers for consistency in conditional checks.
2026-02-03 18:28:38 +09:00
const loginResult = await this.authOrchestrator.completeLogin(
{ id: req.user.id, email: req.user.email, role: req.user.role ?? "USER" },
req
);
setAuthCookies(res, loginResult.tokens);
return {
user: loginResult.user,
session: buildSessionInfo(loginResult.tokens),
};
}
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
// Check if this is a trusted device for the authenticated user
const trustedDeviceToken = getTrustedDeviceToken(req);
const trustedDeviceResult = await this.trustedDeviceService.validateTrustedDevice(
trustedDeviceToken,
req.user.id
);
// If device is trusted for this user, skip OTP and complete login
if (trustedDeviceResult.valid) {
const loginResult = await this.authOrchestrator.completeLogin(
{ id: req.user.id, email: req.user.email, role: req.user.role ?? "USER" },
req
);
setAuthCookies(res, loginResult.tokens);
return {
user: loginResult.user,
session: buildSessionInfo(loginResult.tokens),
};
}
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
// Credentials validated by LocalAuthGuard - now initiate OTP
const fingerprint = getRequestFingerprint(req);
const otpResult = await this.loginOtpWorkflow.initiateOtp(
{
id: req.user.id,
email: req.user.email,
role: req.user.role ?? "USER",
},
fingerprint
);
// Return OTP required response - no tokens issued yet
return {
requiresOtp: true,
sessionToken: otpResult.sessionToken,
maskedEmail: otpResult.maskedEmail,
expiresAt: otpResult.expiresAt,
};
}
/**
* POST /auth/login/verify-otp - Complete login with OTP verification
*
* Verifies the OTP code and issues auth tokens on success.
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
* If rememberDevice is true, sets a trusted device cookie to skip OTP on future logins.
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
*/
@Public()
@Post("login/verify-otp")
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 10, ttl: 300 }) // 10 attempts per 5 minutes per IP
@HttpCode(200)
async verifyLoginOtp(
@Body() body: LoginVerifyOtpRequestDto,
@Req() req: Request,
@Res({ passthrough: true }) res: Response
) {
const fingerprint = getRequestFingerprint(req);
const result = await this.loginOtpWorkflow.verifyOtp(body.sessionToken, body.code, fingerprint);
if (!result.success) {
throw new UnauthorizedException(result.error);
}
// OTP verified - complete login with token generation
const loginResult = await this.authOrchestrator.completeLogin(
{ id: result.userId, email: result.email, role: result.role },
req
);
setAuthCookies(res, loginResult.tokens);
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
// If user wants to remember this device, create and set trusted device cookie
if (body.rememberDevice) {
const rawUserAgent = req.headers["user-agent"];
const userAgent = typeof rawUserAgent === "string" ? rawUserAgent : undefined;
const trustedDeviceToken = await this.trustedDeviceService.createTrustedDevice(
result.userId,
userAgent
);
setTrustedDeviceCookie(res, trustedDeviceToken, this.trustedDeviceService.getTtlMs());
}
feat: add address reconciliation queue service for Salesforce integration - Implement AddressReconcileQueueService to handle address reconciliation jobs between WHMCS and Salesforce. - Define job data structure and queue configuration for retries and error handling. - Add methods for enqueueing reconciliation jobs and retrieving queue health metrics. feat: create loading components for various services in the portal - Add loading skeletons for Internet, SIM, VPN, and public services configuration. - Implement loading states for account-related views including account details, services, and verification settings. - Introduce loading states for support case details and subscription actions. feat: implement OTP input component for user verification - Create OtpInput component to handle 6-digit OTP input with auto-focus and navigation. - Add LoginOtpStep component for OTP verification during login, including countdown timer and error handling. feat: define address domain constants for validation - Establish constants for address field length limits to ensure compliance with WHMCS API constraints. - Include maximum lengths for address fields and user input fields to maintain data integrity.
2026-02-03 11:48:49 +09:00
return {
user: loginResult.user,
session: buildSessionInfo(loginResult.tokens),
};
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
@Public()
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Post("logout")
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
async logout(
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
@Req() req: RequestWithCookies & { user?: { id: string } },
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
@Res({ passthrough: true }) res: Response
) {
Enhance authentication and CSRF protection mechanisms - Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation. - Updated CSRF middleware to streamline token validation and enhance security measures. - Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups. - Refactored CSRF controller and middleware to improve token handling and security checks. - Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController. - Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
2025-12-12 15:00:11 +09:00
const token = extractAccessTokenFromRequest(req);
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
let userId = req.user?.id;
if (!userId && token) {
Update package dependencies and refactor authentication module - Added sharp dependency for image processing in package.json. - Updated argon2 dependency version to 0.44.0 for enhanced security. - Removed unused @nestjs/jwt dependency and refactored authentication module to utilize JoseJwtService for JWT handling. - Adjusted type definitions for @types/node and @types/pg to ensure compatibility across applications. - Cleaned up package.json files in BFF and Portal applications for consistency and improved dependency management.
2025-12-11 12:03:31 +09:00
const payload = await this.jwtService.verifyAllowExpired<{ sub?: string }>(token);
if (payload?.sub) {
userId = payload.sub;
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
}
}
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
// Revoke trusted device for this user if they have one
const trustedDeviceToken = getTrustedDeviceToken(req);
if (trustedDeviceToken && userId) {
// Validate to get device ID, then revoke
const validation = await this.trustedDeviceService.validateTrustedDevice(
trustedDeviceToken,
userId
);
if (validation.deviceId) {
await this.trustedDeviceService.revokeDevice(validation.deviceId);
}
}
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
await this.authOrchestrator.logout(userId, token, req as Request);
Refactor Salesforce request handling and improve logging - Moved metrics tracking and logging from the queueing phase to the execution phase in SalesforceRequestQueueService for better accuracy. - Updated CSRF token generation in CsrfController to accept parameters in a more flexible manner. - Enhanced CacheService to handle immediate expiry requests without leaking stale values. - Improved error handling and re-authentication logic in SalesforceConnection for better resilience during session expiration. - Refactored logout functionality in AuthFacade to handle optional userId and improve logging during token revocation. - Updated AuthController to apply rate limit headers and improved type handling in various request contexts. - Streamlined imports and improved overall code organization across multiple modules for better maintainability.
2025-11-05 15:47:06 +09:00
// Always clear cookies, even if session expired
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
clearAuthCookies(res);
feat: implement trusted device functionality for enhanced login experience
2026-02-03 19:21:48 +09:00
clearTrustedDeviceCookie(res);
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
return { message: "Logout successful" };
}
Refactor authentication and billing components to streamline functionality and improve code organization. Remove deprecated files and consolidate loading states across the application. Update package configurations and enhance error handling in various services for better consistency and maintainability.
2025-09-20 11:35:40 +09:00
@Public()
@Post("refresh")
Refactor rate limiting implementation and update package dependencies - Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility. - Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints. - Cleaned up unused throttler configuration files and guards to streamline the codebase. - Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
2025-12-11 11:25:23 +09:00
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 10, ttl: 300 }) // 10 attempts per 5 minutes per IP
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
async refreshToken(
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@Body() body: RefreshTokenRequestDto,
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
@Req() req: RequestWithCookies,
@Res({ passthrough: true }) res: Response
) {
feat: add eligibility check flow with form, OTP, and success steps - Implemented FormStep component for user input (name, email, address). - Created OtpStep component for OTP verification. - Developed SuccessStep component to display success messages based on account creation. - Introduced eligibility-check.store for managing state throughout the eligibility check process. - Added commitlint configuration for standardized commit messages. - Configured knip for workspace management and project structure.
2026-01-15 11:28:25 +09:00
const refreshToken = body.refreshToken ?? req.cookies?.["refresh_token"];
Enhance AuditService request logging by adding IP and connection details. Remove deprecated getSubscriptionStats method from WhmcsService to streamline subscription handling. Update WhmcsInvoiceService imports for better organization. Refactor payment method checks in WhmcsOrderService for clarity and efficiency. Improve error handling in WhmcsPaymentService and WhmcsSubscriptionService. Adjust subscription statistics in SubscriptionsService to reflect completed status instead of suspended and pending. Update frontend components to align with new subscription status structure.
2025-10-03 11:29:59 +09:00
const rawUserAgent = req.headers["user-agent"];
const userAgent = typeof rawUserAgent === "string" ? rawUserAgent : undefined;
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
const result = await this.authOrchestrator.refreshTokens(refreshToken, {
feat: add eligibility check flow with form, OTP, and success steps - Implemented FormStep component for user input (name, email, address). - Created OtpStep component for OTP verification. - Developed SuccessStep component to display success messages based on account creation. - Introduced eligibility-check.store for managing state throughout the eligibility check process. - Added commitlint configuration for standardized commit messages. - Configured knip for workspace management and project structure.
2026-01-15 11:28:25 +09:00
deviceId: body.deviceId ?? undefined,
userAgent: userAgent ?? undefined,
Refactor authentication and billing components to streamline functionality and improve code organization. Remove deprecated files and consolidate loading states across the application. Update package configurations and enhance error handling in various services for better consistency and maintainability.
2025-09-20 11:35:40 +09:00
});
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
setAuthCookies(res, result.tokens);
return { user: result.user, session: buildSessionInfo(result.tokens) };
Refactor authentication and billing components to streamline functionality and improve code organization. Remove deprecated files and consolidate loading states across the application. Update package configurations and enhance error handling in various services for better consistency and maintainability.
2025-09-20 11:35:40 +09:00
}
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Public()
@Post("set-password")
Refactor rate limiting implementation and update package dependencies - Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility. - Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints. - Cleaned up unused throttler configuration files and guards to streamline the codebase. - Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
2025-12-11 11:25:23 +09:00
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 5, ttl: 600 }) // 5 attempts per 10 minutes per IP+UA (industry standard)
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
async setPassword(
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@Body() setPasswordData: SetPasswordRequestDto,
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
@Req() _req: Request,
@Res({ passthrough: true }) res: Response
) {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
const result = await this.passwordWorkflow.setPassword(
setPasswordData.email,
setPasswordData.password
);
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
setAuthCookies(res, result.tokens);
return { user: result.user, session: buildSessionInfo(result.tokens) };
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
@Public()
@Post("check-password-needed")
@HttpCode(200)
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@ZodResponse({
status: 200,
description: "Check if password is needed",
type: CheckPasswordNeededResponseDto,
})
async checkPasswordNeeded(@Body() data: CheckPasswordNeededRequestDto) {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
return this.passwordWorkflow.checkPasswordNeeded(data.email);
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
@Public()
@Post("request-password-reset")
Refactor rate limiting implementation and update package dependencies - Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility. - Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints. - Cleaned up unused throttler configuration files and guards to streamline the codebase. - Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
2025-12-11 11:25:23 +09:00
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 5, ttl: 900 }) // 5 attempts per 15 minutes (standard for password operations)
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
async requestPasswordReset(@Body() body: PasswordResetRequestDto, @Req() req: Request) {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
await this.passwordWorkflow.requestPasswordReset(body.email, req);
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
return { message: "If an account exists, a reset email has been sent" };
}
@Public()
@Post("reset-password")
Refactor ESLint configuration and TypeScript paths to remove deprecated contracts and schemas packages, enhancing type safety and maintainability. Update import paths across various modules to align with the new domain structure, ensuring consistent data handling. Introduce new request and response schemas in the authentication domain, improving validation and organization. Streamline Freebit and WHMCS integration services by utilizing updated provider methods and removing obsolete types.
2025-10-03 17:33:39 +09:00
@HttpCode(200)
Enhance authentication and CSRF protection mechanisms - Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation. - Updated CSRF middleware to streamline token validation and enhance security measures. - Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups. - Refactored CSRF controller and middleware to improve token handling and security checks. - Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController. - Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
2025-12-12 15:00:11 +09:00
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 5, ttl: 900 }) // 5 attempts per 15 minutes (standard for password operations)
Refactor mappers and services for improved type safety and code clarity - Updated export statements in user and mapping mappers for consistency. - Enhanced FreebitAuthService to explicitly define response types for better type inference. - Refactored various services to improve error handling and response structure. - Cleaned up unused code and comments across multiple files to enhance readability. - Improved type annotations in invoice and subscription services for better validation and consistency.
2025-10-22 10:58:16 +09:00
async resetPassword(
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@Body() body: ResetPasswordRequestDto,
Refactor mappers and services for improved type safety and code clarity - Updated export statements in user and mapping mappers for consistency. - Enhanced FreebitAuthService to explicitly define response types for better type inference. - Refactored various services to improve error handling and response structure. - Cleaned up unused code and comments across multiple files to enhance readability. - Improved type annotations in invoice and subscription services for better validation and consistency.
2025-10-22 10:58:16 +09:00
@Res({ passthrough: true }) res: Response
) {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
await this.passwordWorkflow.resetPassword(body.token, body.password);
Refactor ESLint configuration and TypeScript paths to remove deprecated contracts and schemas packages, enhancing type safety and maintainability. Update import paths across various modules to align with the new domain structure, ensuring consistent data handling. Introduce new request and response schemas in the authentication domain, improving validation and organization. Streamline Freebit and WHMCS integration services by utilizing updated provider methods and removing obsolete types.
2025-10-03 17:33:39 +09:00
// Clear auth cookies after password reset to force re-login
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
clearAuthCookies(res);
Refactor ESLint configuration and TypeScript paths to remove deprecated contracts and schemas packages, enhancing type safety and maintainability. Update import paths across various modules to align with the new domain structure, ensuring consistent data handling. Introduce new request and response schemas in the authentication domain, improving validation and organization. Streamline Freebit and WHMCS integration services by utilizing updated provider methods and removing obsolete types.
2025-10-03 17:33:39 +09:00
return { message: "Password reset successful" };
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
@Post("change-password")
Refactor rate limiting implementation and update package dependencies - Removed the @nestjs/throttler package and replaced it with a custom rate limiting solution using rate-limiter-flexible for enhanced control and flexibility. - Updated relevant controllers and services to utilize the new rate limiting approach, ensuring consistent request handling across authentication and catalog endpoints. - Cleaned up unused throttler configuration files and guards to streamline the codebase. - Updated package.json and pnpm-lock.yaml to reflect the removal of outdated dependencies and improve overall package management.
2025-12-11 11:25:23 +09:00
@UseGuards(RateLimitGuard)
@RateLimit({ limit: 5, ttl: 300 }) // 5 attempts per 5 minutes
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
async changePassword(
@Req() req: Request & { user: { id: string } },
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@Body() body: ChangePasswordRequestDto,
Update .gitignore to exclude package-lock.json and remove eslint-report.json. Refactor package.json scripts for build and dev processes, and update dependencies for uuid and @types/uuid. Enhance BFF module structure by adding SecurityModule and QueueModule, and improve error handling in GlobalExceptionFilter. Streamline Salesforce and WHMCS integrations with updated service methods and type definitions for better maintainability. Adjust API paths in portal components for consistency and clarity.
2025-09-26 15:51:07 +09:00
@Res({ passthrough: true }) res: Response
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
) {
refactor: streamline authentication workflows and remove deprecated services - Removed WhmcsLinkWorkflowService and integrated its functionality into new AccountCreationWorkflowService and AccountMigrationWorkflowService. - Introduced OtpEmailService for sending OTP emails, enhancing email handling in LoginOtpWorkflowService and VerificationWorkflowService. - Replaced NewCustomerSignupWorkflowService and SfCompletionWorkflowService with AccountCreationWorkflowService, consolidating account creation logic. - Updated GetStartedCoordinator to utilize new workflow services, improving clarity and maintainability of the authentication process. - Enhanced error handling and logging across workflows to provide better feedback during account creation and migration.
2026-03-03 18:34:04 +09:00
const result = await this.passwordWorkflow.changePassword(req.user.id, body, req);
feat(auth): implement permission-based access control and centralized error handling - Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
2026-01-19 10:40:50 +09:00
setAuthCookies(res, result.tokens);
return { user: result.user, session: buildSessionInfo(result.tokens) };
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
feat(address): integrate AddressModule and optimize Japan address form handling
2026-01-14 13:54:01 +09:00
/**
* GET /auth/me - Check authentication status
*
* Uses @OptionalAuth: returns isAuthenticated: false if not logged in,
* 401 only if session cookie is present but expired/invalid
*/
@OptionalAuth()
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
@Get("me")
feat(address): integrate AddressModule and optimize Japan address form handling
2026-01-14 13:54:01 +09:00
getAuthStatus(@Req() req: Request & { user?: UserAuth }) {
if (!req.user) {
return { isAuthenticated: false };
}
Enhance authentication and CSRF protection mechanisms - Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation. - Updated CSRF middleware to streamline token validation and enhance security measures. - Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups. - Refactored CSRF controller and middleware to improve token handling and security checks. - Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController. - Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
2025-12-12 15:00:11 +09:00
return { isAuthenticated: true, user: req.user };
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
@Post("sso-link")
async createSsoLink(
Update TypeScript configuration to include scripts directory, clean up unused lines in various files, and refactor error handling in cache service. Enhance logging for database and Redis connections, and streamline order processing logic in the orders module. Improve validation schemas and ensure consistent import/export practices across modules.
2025-09-25 11:44:10 +09:00
@Req() req: Request & { user: { id: string } },
Implement Zod DTOs for Request Validation and Enhance ESLint Rules - Introduced Zod DTOs for request validation across multiple controllers, replacing inline validation with structured classes for improved maintainability and clarity. - Updated ESLint configuration to enforce a rule against importing Zod directly in BFF controllers, promoting the use of shared domain schemas for request validation. - Removed the SecureErrorMapperService to streamline the security module, as its functionality was deemed unnecessary. - Enhanced various controllers to utilize the new DTOs, ensuring consistent validation and response handling across the application.
2025-12-26 13:04:15 +09:00
@Body() body: SsoLinkRequestDto
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
) {
const destination = body?.destination;
feat: Implement Me Status Aggregator to consolidate user status data feat: Add Fulfillment Side Effects Service for order processing notifications and cache management feat: Create base validation interfaces and implement various order validators feat: Develop Internet Order Validator to check eligibility and prevent duplicate services feat: Implement SIM Order Validator to ensure residence card verification and activation fee presence feat: Create SKU Validator to validate product SKUs against the Salesforce pricebook feat: Implement User Mapping Validator to ensure necessary account mappings exist before ordering feat: Enhance Users Service with methods for user profile management and summary retrieval
2026-01-19 11:25:30 +09:00
return this.authOrchestrator.createSsoLink(req.user.id, destination);
Enhance memory management and refactor components for improved performance - Updated package.json scripts to optimize memory usage during type-checking and building processes. - Refactored BFF application scripts to include memory management options for build, dev, and test commands. - Introduced new type-check scripts for better memory handling in the BFF application. - Reorganized imports and components in the portal application for better structure and maintainability. - Replaced large component files with dedicated view components to streamline rendering and improve load times.
2025-09-18 12:34:26 +09:00
}
}
Reference in New Issue Copy Permalink