feat(auth): ✨ add update user

Author: lehuygiang28

libs/common/src/utils/common.util.ts

@@ -8,3 +8,13 @@ export function convertToObjectId(
     }
     return new Types.ObjectId(input);
 }
+
+/**
+ *
+ * @param stringValue The string value to check if it is true
+ * @returns true if the string value is true, otherwise false
+ * @description true value: true
+ */
+export function isTrueSet(stringValue: string | boolean) {
+    return !!stringValue && String(stringValue)?.toLowerCase()?.trim() === 'true';
+}

src/modules/auth/auth.controller.ts

@@ -7,7 +7,7 @@ import {
     SerializeOptions,
     Req,
     Get,
-    UseGuards,
+    Patch,
 } from '@nestjs/common';
 import { ApiOkResponse, ApiTags } from '@nestjs/swagger';
 import { NullableType } from '~/common/types';
@@ -22,10 +22,10 @@ import {
     AuthConfirmEmailDto,
     AuthForgotPasswordDto,
     AuthResetPasswordDto,
+    AuthUpdateDto,
 } from './dtos';
 import { AuthRoles } from './guards';
-import { AuthGuard } from '@nestjs/passport';
-import { JwtRefreshPayloadType } from './strategies/types';
+import { JwtPayloadType, JwtRefreshPayloadType } from './strategies/types';
 import { Types } from 'mongoose';
 
 @ApiTags('auth')
@@ -78,19 +78,6 @@ export class AuthController {
     @SerializeOptions({
         groups: ['me'],
     })
-    @Get('me')
-    @HttpCode(HttpStatus.OK)
-    @ApiOkResponse({
-        type: User,
-    })
-    public me(@Req() request: { user: { userId: string } }): Promise<NullableType<User>> {
-        return this.authService.me(request.user.userId);
-    }
-
-    @UseGuards(AuthGuard('jwt-refresh'))
-    @SerializeOptions({
-        groups: ['me'],
-    })
     @Post('refresh')
     @HttpCode(HttpStatus.OK)
     @ApiOkResponse({ type: RefreshTokenResponseDto })
@@ -111,4 +98,30 @@ export class AuthController {
     resetPassword(@Body() resetPasswordDto: AuthResetPasswordDto): Promise<void> {
         return this.authService.resetPassword(resetPasswordDto.hash, resetPasswordDto.password);
     }
+
+    @AuthRoles()
+    @SerializeOptions({
+        groups: ['me'],
+    })
+    @Get('me')
+    @HttpCode(HttpStatus.OK)
+    @ApiOkResponse({
+        type: User,
+    })
+    public me(@Req() request: { user: { userId: string } }): Promise<NullableType<User>> {
+        return this.authService.me(request.user.userId);
+    }
+
+    @AuthRoles()
+    @SerializeOptions({
+        groups: ['me'],
+    })
+    @Patch('me')
+    @HttpCode(HttpStatus.OK)
+    public update(
+        @Req() request: { user: JwtPayloadType },
+        @Body() userDto: AuthUpdateDto,
+    ): Promise<NullableType<User>> {
+        return this.authService.update(request.user, userDto);
+    }
 }

src/modules/auth/auth.module.ts

@@ -8,6 +8,7 @@ import { JwtStrategy, AnonymousStrategy, JwtRefreshStrategy } from './strategies
 import { RedisModule } from '~/common/redis';
 import { SessionModule } from '~/modules/session';
 import { MailModule } from '../mail';
+import { GhnModule } from '~/third-party';
 
 @Module({
     imports: [
@@ -17,6 +18,12 @@ import { MailModule } from '../mail';
         SessionModule,
         UsersModule,
         RedisModule,
+        GhnModule.forRoot({
+            host: process.env.GHN_URL ?? '',
+            token: process.env.GHN_API_TOKEN ?? '',
+            shopId: +process.env.GHN_SHOP_ID! ?? 0,
+            testMode: true,
+        }),
     ],
     controllers: [AuthController],
     providers: [AuthService, AnonymousStrategy, JwtStrategy, JwtRefreshStrategy],

src/modules/auth/auth.service.ts

@@ -12,13 +12,14 @@ import { faker } from '@faker-js/faker';
 import * as crypto from 'crypto';
 import { v4 as uuid } from 'uuid';
 import * as bcrypt from 'bcryptjs';
-import { AuthEmailLoginDto, LoginResponseDto } from './dtos';
+import { AuthEmailLoginDto, AuthUpdateDto, LoginResponseDto } from './dtos';
 import { convertTimeString } from 'convert-time-string';
 import { RedisService } from '~/common/redis';
 import { PREFIX_REVOKE_ACCESS_TOKEN, PREFIX_REVOKE_REFRESH_TOKEN } from './auth.constant';
 import { JwtPayloadType, JwtRefreshPayloadType } from './strategies/types';
 import { Session, SessionService } from '~/modules/session';
 import { MailService } from '~/modules/mail';
+import { GhnService } from '~/third-party';
 
 @Injectable()
 export class AuthService {
@@ -30,6 +31,7 @@ export class AuthService {
         private readonly mailService: MailService,
         private readonly redisService: RedisService,
         private readonly sessionService: SessionService,
+        private readonly ghnService: GhnService,
     ) {}
 
     async register(dto: AuthSignupDto): Promise<void> {
@@ -512,6 +514,120 @@ export class AuthService {
         ]);
     }
 
+    async update(
+        userJwtPayload: JwtPayloadType,
+        userDto: AuthUpdateDto,
+    ): Promise<NullableType<User>> {
+        const userData = userDto;
+        if (userData?.userName) {
+            const user = await this.usersService.findByUserName(userData.userName);
+            if (user) {
+                throw new HttpException(
+                    {
+                        status: HttpStatus.UNPROCESSABLE_ENTITY,
+                        errors: {
+                            userName: 'userNameAlreadyExists',
+                        },
+                    },
+                    HttpStatus.UNPROCESSABLE_ENTITY,
+                );
+            }
+        }
+
+        if (userData.password) {
+            if (!userData.oldPassword) {
+                throw new HttpException(
+                    {
+                        status: HttpStatus.UNPROCESSABLE_ENTITY,
+                        errors: {
+                            oldPassword: 'missingOldPassword',
+                        },
+                    },
+                    HttpStatus.UNPROCESSABLE_ENTITY,
+                );
+            }
+
+            const currentUser = await this.usersService.findById(userJwtPayload.userId);
+
+            if (!currentUser) {
+                throw new HttpException(
+                    {
+                        status: HttpStatus.UNPROCESSABLE_ENTITY,
+                        errors: {
+                            user: 'userNotFound',
+                        },
+                    },
+                    HttpStatus.UNPROCESSABLE_ENTITY,
+                );
+            }
+
+            if (!currentUser.password) {
+                throw new HttpException(
+                    {
+                        status: HttpStatus.UNPROCESSABLE_ENTITY,
+                        errors: {
+                            oldPassword: 'incorrectOldPassword',
+                        },
+                    },
+                    HttpStatus.UNPROCESSABLE_ENTITY,
+                );
+            }
+
+            const isValidOldPassword = await bcrypt.compare(
+                userData.oldPassword,
+                currentUser.password,
+            );
+
+            if (!isValidOldPassword) {
+                throw new HttpException(
+                    {
+                        status: HttpStatus.UNPROCESSABLE_ENTITY,
+                        errors: {
+                            oldPassword: 'incorrectOldPassword',
+                        },
+                    },
+                    HttpStatus.UNPROCESSABLE_ENTITY,
+                );
+            } else {
+                await this.sessionService.softDelete({
+                    user: {
+                        _id: currentUser._id,
+                    },
+                    excludeId: userJwtPayload.sessionId,
+                });
+            }
+        }
+
+        if (userData?.address !== null || userData?.address !== undefined) {
+            if (userData.address?.length === 0) {
+                userData.address = [];
+            } else {
+                const addressPromises = userData.address?.map((address) =>
+                    this.ghnService.getSelectedAddress(address),
+                );
+
+                try {
+                    await Promise.all(addressPromises ?? []);
+                } catch (error) {
+                    throw new HttpException(
+                        {
+                            status: HttpStatus.UNPROCESSABLE_ENTITY,
+                            errors: {
+                                address: 'invalidAddress',
+                                message: error.message,
+                            },
+                        },
+                        HttpStatus.UNPROCESSABLE_ENTITY,
+                    );
+                }
+            }
+        }
+
+        await this.usersService.update(userJwtPayload.userId, userData);
+
+        return new User(await this.usersService.findById(userJwtPayload.userId));
+    }
+
     private async getTokensData(data: {
         userId: User['_id'];
         role: User['role'];

src/modules/auth/dtos/auth-update.dto.ts

@@ -0,0 +1,129 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Transform, Type } from 'class-transformer';
+import {
+    IsBoolean,
+    IsEnum,
+    IsNotEmpty,
+    IsNumber,
+    IsObject,
+    IsOptional,
+    IsPhoneNumber,
+    IsString,
+    MinLength,
+    ValidateNested,
+} from 'class-validator';
+import { isTrueSet } from '~/common/utils';
+import { UserAddressSchema } from '~/modules/users';
+import { AddressType } from '~/modules/users/enums';
+
+class ProvinceSchemaDTO {
+    @ApiProperty({ description: 'The id of province', example: 201 })
+    @IsNotEmpty()
+    @IsNumber()
+    @Type(() => Number)
+    provinceId: number;
+}
+
+class DistrictSchemaDTO {
+    @ApiProperty({ description: 'The id of district', example: 1490 })
+    @IsNotEmpty()
+    @IsNumber()
+    @Type(() => Number)
+    districtId: number;
+}
+
+class WardSchemaDTO {
+    @ApiProperty({ description: 'The code of ward', example: '1A0807' })
+    @IsNotEmpty()
+    @IsString()
+    wardCode: string;
+}
+
+export class AddressSchemaDTO implements UserAddressSchema {
+    constructor(address: AddressSchemaDTO) {
+        Object.assign(this, address);
+    }
+
+    @ApiProperty({
+        description: 'The name type of address',
+        enum: AddressType,
+        example: AddressType.Home,
+    })
+    @IsEnum(AddressType)
+    @IsNotEmpty()
+    type: string;
+
+    @ApiProperty({ description: 'The name of customer', example: 'John Doe' })
+    @IsString()
+    @IsNotEmpty()
+    customerName: string;
+
+    @ApiProperty({ description: 'The phone number of customer', example: '0123456789' })
+    @IsPhoneNumber('VN')
+    @IsNotEmpty()
+    phoneNumbers: string;
+
+    @ApiProperty({ description: 'The province level address', type: ProvinceSchemaDTO })
+    @IsObject()
+    @ValidateNested()
+    @Type(() => ProvinceSchemaDTO)
+    provinceLevel: ProvinceSchemaDTO;
+
+    @ApiProperty({ description: 'The district level address', type: DistrictSchemaDTO })
+    @IsObject()
+    @ValidateNested()
+    @Type(() => DistrictSchemaDTO)
+    districtLevel: DistrictSchemaDTO;
+
+    @ApiProperty({ description: 'The ward level address', type: WardSchemaDTO })
+    @IsObject()
+    @ValidateNested()
+    @Type(() => WardSchemaDTO)
+    wardLevel: WardSchemaDTO;
+
+    @ApiProperty({ description: 'The detailed address', example: '18 Tam Trinh' })
+    @IsString()
+    @IsNotEmpty()
+    detail: string;
+
+    @ApiPropertyOptional({
+        description: 'The boolean value to check if this address is default or not',
+    })
+    @IsOptional()
+    @IsBoolean()
+    @Transform(({ value }) => isTrueSet(value))
+    isDefault: boolean;
+}
+
+export class AuthUpdateDto {
+    @ApiPropertyOptional({ example: 'JohnDoe' })
+    @IsOptional()
+    @IsNotEmpty({ message: 'mustBeNotEmpty' })
+    userName?: string;
+
+    @ApiPropertyOptional({ example: 'John' })
+    @IsOptional()
+    @IsNotEmpty({ message: 'mustBeNotEmpty' })
+    firstName?: string;
+
+    @ApiPropertyOptional({ example: 'Doe' })
+    @IsOptional()
+    @IsNotEmpty({ message: 'mustBeNotEmpty' })
+    lastName?: string;
+
+    @ApiPropertyOptional()
+    @IsOptional()
+    @IsNotEmpty()
+    @MinLength(6)
+    password?: string;
+
+    @ApiPropertyOptional()
+    @IsOptional()
+    @IsNotEmpty({ message: 'mustBeNotEmpty' })
+    oldPassword?: string;
+
+    @ApiPropertyOptional({ type: [AddressSchemaDTO] })
+    @IsOptional()
+    @Type(() => AddressSchemaDTO)
+    address?: AddressSchemaDTO[];
+}

src/modules/auth/dtos/index.ts

@@ -6,3 +6,4 @@ export * from './auth-resend-confirm-email.dto';
 export * from './auth-confirm-email.dto';
 export * from './auth-forgot-password.dto';
 export * from './auth-reset-password.dto';
+export * from './auth-update.dto';

src/modules/auth/strategies/jwt.strategy.ts

@@ -21,7 +21,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
     // Why we don't check if the user exists in the database:
     // https://github.com/brocoders/nestjs-boilerplate/blob/main/docs/auth.md#about-jwt-strategy
     public async validate(payload: JwtPayloadType): Promise<OrNeverType<JwtPayloadType>> {
-        if (!payload.userId || !payload.hash) {
+        if (!payload.userId || !payload.sessionId) {
             throw new HttpException(
                 {
                     status: HttpStatus.UNAUTHORIZED,