diff --git a/backend/src/core/api/auth/auth.controller.js b/backend/src/core/api/auth/auth.controller.js index 6b36f6a..a7f2d79 100644 --- a/backend/src/core/api/auth/auth.controller.js +++ b/backend/src/core/api/auth/auth.controller.js @@ -43,10 +43,11 @@ class Controller { } refreshToken = async req => { - const data = await this.service.refreshToken(RefreshTokenDto(req.body), req.user.payload.id); + const data = await this.service.refreshToken(RefreshTokenDto(req.body)); return ValidHttpResponse.toOkResponse(data); } + logout = async req => { const data = await this.service.logout(LogoutDto(req.body)); return ValidHttpResponse.toOkResponse(data); diff --git a/backend/src/core/api/auth/auth.resolver.js b/backend/src/core/api/auth/auth.resolver.js index 52be7de..7fdb300 100644 --- a/backend/src/core/api/auth/auth.resolver.js +++ b/backend/src/core/api/auth/auth.resolver.js @@ -76,11 +76,10 @@ export const AuthResolver = Module.builder() route: '/refresh-token', method: 'post', interceptors: [RefreshTokenInterceptor], - middleware: [authMiddleware], body: 'RefreshTokenDto', controller: AuthController.refreshToken, - preAuthorization: true, }, + { route: '/logout', method: 'post', diff --git a/backend/src/core/modules/auth/auth.repository.js b/backend/src/core/modules/auth/auth.repository.js index 4896184..1df2139 100644 --- a/backend/src/core/modules/auth/auth.repository.js +++ b/backend/src/core/modules/auth/auth.repository.js @@ -11,9 +11,15 @@ const PROFILE_SELECT = { subscriptions: { select: { plan_name: true }, }, + roles: { + select: { name: true }, + }, + banned_by: true, + is_email_confirmed: true, created_at: true, }; + const ROLE_SELECT = { roles: { select: { name: true }, diff --git a/backend/src/core/modules/auth/service/auth.service.js b/backend/src/core/modules/auth/service/auth.service.js index 425190a..fb44310 100644 --- a/backend/src/core/modules/auth/service/auth.service.js +++ b/backend/src/core/modules/auth/service/auth.service.js @@ -238,7 +238,7 @@ class Service { }; } - async refreshToken(refreshTokenDto, userId) { + async refreshToken(refreshTokenDto) { const result = await this.repository.findRefreshToken(refreshTokenDto.refresh_token); if (!result) { throw new UnAuthorizedException('Invalid or expired refresh token'); @@ -247,6 +247,7 @@ class Service { throw new UnAuthorizedException('Invalid or expired refresh token'); } + const userId = result.user_id; const roleNames = await this.#getRoleNames(userId); const { accessToken, refreshToken } = await this.#issueTokens(userId, roleNames); @@ -316,6 +317,13 @@ class Service { } #mapProfile(user) { + let status = 'ACTIVE'; + if (user.banned_by) { + status = 'BANNED'; + } else if (!user.is_email_confirmed) { + status = 'INACTIVE'; + } + return { id: user.id, avatarUrl: user.avatar_url ?? null, @@ -324,6 +332,8 @@ class Service { phone: user.phone ?? null, dateOfBirth: user.date_of_birth ?? null, location: user.location ?? null, + roleName: user.roles?.name ? user.roles.name.toUpperCase() : null, + status, subscriptions: user.subscriptions ? { planName: user.subscriptions.plan_name ?? null } : undefined,