Assist_Design/apps/bff/src/users/users.controller.ts

import {
  Controller,
  Get,
  Patch,
  Body,
  Req,
  UseInterceptors,
  ClassSerializerInterceptor,
} from "@nestjs/common";
import { UsersService } from "./users.service";
import { ApiTags, ApiOperation, ApiResponse, ApiBearerAuth } from "@nestjs/swagger";
import * as UserDto from "./dto/update-user.dto";
// import * as BillingDto from "./dto/update-billing.dto"; // No longer exposed as an endpoint
import { UpdateAddressDto } from "./dto/update-address.dto";
import type { RequestWithUser } from "../auth/auth.types";

@ApiTags("users")
@Controller("me")
@ApiBearerAuth()
@UseInterceptors(ClassSerializerInterceptor)
export class UsersController {
  constructor(private usersService: UsersService) {}

  @Get()
  @ApiOperation({ summary: "Get current user profile" })
  @ApiResponse({ status: 200, description: "User profile retrieved successfully" })
  @ApiResponse({ status: 401, description: "Unauthorized" })
  async getProfile(@Req() req: RequestWithUser) {
    return this.usersService.findById(req.user.id);
  }

  @Get("summary")
  @ApiOperation({ summary: "Get user dashboard summary" })
  @ApiResponse({ status: 200, description: "User summary retrieved successfully" })
  @ApiResponse({ status: 401, description: "Unauthorized" })
  async getSummary(@Req() req: RequestWithUser) {
    return this.usersService.getUserSummary(req.user.id);
  }

  @Patch()
  @ApiOperation({ summary: "Update user profile" })
  @ApiResponse({ status: 200, description: "Profile updated successfully" })
  @ApiResponse({ status: 400, description: "Invalid input data" })
  @ApiResponse({ status: 401, description: "Unauthorized" })
  async updateProfile(@Req() req: RequestWithUser, @Body() updateData: UserDto.UpdateUserDto) {
    return this.usersService.update(req.user.id, updateData);
  }

  @Get("billing")
  @ApiOperation({ summary: "Get billing information" })
  @ApiResponse({ status: 200, description: "Billing information retrieved successfully" })
  @ApiResponse({ status: 401, description: "Unauthorized" })
  async getBilling(@Req() req: RequestWithUser) {
    return this.usersService.getBillingInfo(req.user.id);
  }

  // Removed PATCH /me/billing in favor of PATCH /me/address to keep address updates explicit.

  @Patch("address")
  @ApiOperation({ summary: "Update mailing address" })
  @ApiResponse({ status: 200, description: "Address updated successfully" })
  @ApiResponse({ status: 400, description: "Invalid input data" })
  @ApiResponse({ status: 401, description: "Unauthorized" })
  async updateAddress(@Req() req: RequestWithUser, @Body() address: UpdateAddressDto) {
    await this.usersService.updateAddress(req.user.id, address);
    // Return fresh billing info snapshot (source of truth from WHMCS)
    return this.usersService.getBillingInfo(req.user.id);
  }
}