From 118e271d43556ac76cdc7aed3260f7bd8cac39e7 Mon Sep 17 00:00:00 2001
From: portable <emmanueltemitopedorcas20@gmail.com>
Date: Fri, 26 Jun 2026 16:56:27 +0100
Subject: [PATCH] feat: add @ApiTags and @ApiQuery decorators to key
 controllers (#771 #772) fix: parallelize bcrypt compares in password reset
 (#762)

---
 src/admin/admin.controller.ts           |  2 ++
 src/auth/auth.service.ts                | 14 +++++++-------
 src/properties/properties.controller.ts |  2 ++
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/src/admin/admin.controller.ts b/src/admin/admin.controller.ts
index d143bd3..38f2c70 100644
--- a/src/admin/admin.controller.ts
+++ b/src/admin/admin.controller.ts
@@ -15,6 +15,7 @@ import {
   HttpStatus,
 } from '@nestjs/common';
 import { Response } from 'express';
+import { ApiTags, ApiOperation, ApiQuery } from '@nestjs/swagger';
 import { CurrentUser } from '../auth/decorators/current-user.decorator';
 import { Roles } from '../auth/decorators/roles.decorator';
 import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
@@ -38,6 +39,7 @@ import {
 } from './dto/admin.dto';
 import { RestoreBackupDto, UpdateBackupScheduleDto } from '../backup/dto/backup.dto';
 
+@ApiTags('Admin')
 @Controller('admin')
 @UseGuards(JwtAuthGuard, RolesGuard)
 @Roles(UserRole.ADMIN)
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index 7df0cb8..3f460b2 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -1310,13 +1310,13 @@ export class AuthService {
       take: passwordHistoryLimit,
     });
 
-    for (const historyEntry of recentPasswords) {
-      const isReused = await comparePassword(data.newPassword, historyEntry.passwordHash);
-      if (isReused) {
-        throw new BadRequestException(
-          `Password reuse is not allowed for the last ${passwordHistoryLimit} passwords`,
-        );
-      }
+    const reuseResults = await Promise.all(
+      recentPasswords.map((entry) => comparePassword(data.newPassword, entry.passwordHash)),
+    );
+    if (reuseResults.some(Boolean)) {
+      throw new BadRequestException(
+        `Password reuse is not allowed for the last ${passwordHistoryLimit} passwords`,
+      );
     }
 
     const newPasswordHash = await hashPassword(data.newPassword, this.bcryptRounds);
diff --git a/src/properties/properties.controller.ts b/src/properties/properties.controller.ts
index a436127..237cbb9 100644
--- a/src/properties/properties.controller.ts
+++ b/src/properties/properties.controller.ts
@@ -33,7 +33,9 @@ import {
 import { CreateAmenityDto, UpdateAmenityDto } from './dto/amenity.dto';
 import { PropertyReportService } from './report/property-report.service';
 import { Response } from 'express';
+import { ApiTags, ApiOperation, ApiQuery } from '@nestjs/swagger';
 
+@ApiTags('Properties')
 @Controller('properties')
 export class PropertiesController {
   constructor(