d3b94b1ed3
- Introduced PermissionsGuard to enforce permission checks on routes. - Added RequirePermissions decorator for specifying required permissions on handlers. - Created AUTH_ERRORS constants for consistent error messages across the auth module. - Updated CsrfService to reduce CSRF token expiry time for enhanced security. - Refactored auth cookie handling into utility functions for better maintainability. - Enhanced TokenBlacklistService to default to fail-closed in production environments. - Updated various DTOs and schemas for consistency and clarity. - Removed legacy code and types related to SIM requests. - Improved logging and error handling in GlobalAuthGuard. - Added middleware for public path checks and optimistic authentication.
72 lines
2.3 KiB
TypeScript
72 lines
2.3 KiB
TypeScript
/**
|
|
* Customer Domain
|
|
*
|
|
* Main exports:
|
|
* - User: API response type
|
|
* - UserAuth: Portal DB auth state
|
|
* - Address: Address structure (follows billing/subscriptions pattern)
|
|
*
|
|
* Pattern matches billing and subscriptions domains.
|
|
*
|
|
* Types are derived from Zod schemas (Schema-First Approach)
|
|
*/
|
|
|
|
// ============================================================================
|
|
// Constants
|
|
// ============================================================================
|
|
|
|
export { USER_ROLE, type UserRoleValue } from "./contract.js";
|
|
|
|
// ============================================================================
|
|
// Domain Types (Clean Names - Public API)
|
|
// ============================================================================
|
|
|
|
export type {
|
|
User, // API response type (normalized camelCase)
|
|
UserAuth, // Portal DB auth state
|
|
UserRole, // "USER" | "ADMIN"
|
|
Address, // Address structure (not "CustomerAddress")
|
|
AddressFormData, // Address form validation
|
|
ProfileEditFormData, // Profile edit form data
|
|
ResidenceCardVerificationStatus,
|
|
ResidenceCardVerification,
|
|
UserProfile, // Alias for User
|
|
AuthenticatedUser, // Alias for authenticated user
|
|
WhmcsClient, // Provider-normalized WHMCS client shape
|
|
} from "./schema.js";
|
|
|
|
// ============================================================================
|
|
// Schemas
|
|
// ============================================================================
|
|
|
|
export {
|
|
userSchema,
|
|
userAuthSchema,
|
|
addressSchema,
|
|
addressFormSchema,
|
|
profileEditFormSchema,
|
|
residenceCardVerificationStatusSchema,
|
|
residenceCardVerificationSchema,
|
|
|
|
// Helper functions
|
|
combineToUser, // Domain helper: UserAuth + WhmcsClient → User
|
|
addressFormToRequest,
|
|
profileFormToRequest,
|
|
} from "./schema.js";
|
|
|
|
// ============================================================================
|
|
// Provider Namespace
|
|
// ============================================================================
|
|
|
|
/**
|
|
* Providers namespace contains provider-specific implementations
|
|
*
|
|
* Access as:
|
|
* - Providers.Whmcs.Client (full WHMCS type)
|
|
* - Providers.Whmcs.transformWhmcsClientResponse()
|
|
* - Providers.Portal.mapPrismaUserToUserAuth()
|
|
*/
|
|
// NOTE: Provider adapters and provider-specific types are intentionally not exported
|
|
// from the module root. Import BFF-only provider APIs from:
|
|
// @customer-portal/domain/customer/providers
|