src/auth/auth.controller.ts
api/v1/auth
Methods |
|
| Async allowInvestor | |||||||||
allowInvestor(req: AuthRequest, disableEnableUser: AllowDisallowDto)
|
|||||||||
Decorators :
@ApiOperation({summary: 'Allow/Disallow investor'})
|
|||||||||
|
Defined in src/auth/auth.controller.ts:214
|
|||||||||
|
Parameters :
Returns :
unknown
|
| Async changePassword | ||||||
changePassword(authChangePasswordUserDto: AuthChangePasswordUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:177
|
||||||
|
Parameters :
Returns :
unknown
|
| Async confirmPassword | ||||||
confirmPassword(authConfirmPasswordUserDto: AuthConfirmPasswordUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:199
|
||||||
|
Parameters :
Returns :
unknown
|
| Async forgotPassword | ||||||
forgotPassword(authForgotPasswordUserDto: AuthForgotPasswordUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:191
|
||||||
|
Parameters :
Returns :
unknown
|
| Async getSession | ||||||
getSession(authLoginUserDto: AuthLoginUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:171
|
||||||
|
Parameters :
Returns :
unknown
|
| Async login | ||||||
login(authLoginUserDto: AuthLoginUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:128
|
||||||
|
Parameters :
Returns :
unknown
|
| Async loginMfa | ||||||
loginMfa(authLoginUserDto: AuthLoginUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:145
|
||||||
|
Parameters :
Returns :
unknown
|
| Async loginWithNewPassword | ||||||
loginWithNewPassword(authChangePasswordUserDto: AuthChangePasswordUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:156
|
||||||
|
Parameters :
Returns :
unknown
|
| Async mfaEnable | |||||||||
mfaEnable(req: AuthRequest, mfaEnableUserDto: MfaEnableUserDto)
|
|||||||||
Decorators :
@UseGuards(undefined)
|
|||||||||
|
Defined in src/auth/auth.controller.ts:97
|
|||||||||
|
Parameters :
Returns :
unknown
|
| Async mfaValidate | ||||||
mfaValidate(mfaValidateUserDto: MfaValidateUserDto)
|
||||||
Decorators :
@ApiBody({type: undefined})
|
||||||
|
Defined in src/auth/auth.controller.ts:114
|
||||||
|
Parameters :
Returns :
unknown
|
| Async register | |||||||||
register(req: AuthRequest, authRegisterUserDto: AuthRegisterUserDto)
|
|||||||||
Decorators :
@ApiOperation({summary: 'Create end user by the admin'})
|
|||||||||
|
Defined in src/auth/auth.controller.ts:45
|
|||||||||
|
Parameters :
Returns :
unknown
|
| Async registerInvestor | ||||||
registerInvestor(authRegisterInvestorDto: AuthRegisterInvestorDto)
|
||||||
Decorators :
@ApiOperation({summary: 'Investor self sign Up'})
|
||||||
|
Defined in src/auth/auth.controller.ts:75
|
||||||
|
Parameters :
Returns :
unknown
|
import {
Body,
Controller,
Get,
Post,
UseGuards,
Request,
BadRequestException,
UnauthorizedException,
Inject,
ServiceUnavailableException,
} from "@nestjs/common";
import { ApiBearerAuth, ApiBody, ApiOperation } from "@nestjs/swagger";
import { AuthRequest, EndUserRoles } from "src/common/interfaces";
import { AuthService } from "./auth.service";
import { AuthChangePasswordUserDto } from "./dtos/auth-change-password-user.dto";
import { AuthConfirmPasswordUserDto } from "./dtos/auth-confirm-password-user.dto";
import { AuthForgotPasswordUserDto } from "./dtos/auth-forgot-password-user.dto";
import { AuthLoginUserDto } from "./dtos/auth-login-user.dto";
import { AuthRegisterUserDto } from "./dtos/auth-register-user.dto";
import { RolesAuthGuard } from "./guards/roles-auth.guard";
import { MfaValidateUserDto } from "./dtos/mfa-validate-user.dto";
import { MfaEnableUserDto } from "./dtos/mfa-enable-user.dto";
import { AuthGuard } from "@nestjs/passport";
import { AllowDisallowDto } from "./dtos/auth-status-user.dto";
import { UserService } from "src/user/user.service";
import { DEFAULT_LIBRE_DEALER } from "src/common/constants";
import { AuthRegisterInvestorDto } from "./dtos/auth-register-investor.dto";
@Controller("api/v1/auth")
export class AuthController {
@Inject(UserService)
private readonly userService: UserService;
constructor(private authService: AuthService) {}
@ApiOperation({
summary: "Create end user by the admin",
})
@ApiBody({ type: [AuthRegisterUserDto] })
@ApiBearerAuth()
@UseGuards(new RolesAuthGuard(["admin", "dealer"]))
@Post("/register")
async register(
@Request() req: AuthRequest,
@Body() authRegisterUserDto: AuthRegisterUserDto,
) {
if (
authRegisterUserDto.endUserRole === EndUserRoles.investor &&
(!authRegisterUserDto.onChainFields ||
authRegisterUserDto.onChainFields.length === 0)
) {
throw new BadRequestException("Investor onchain fields are missing");
}
if (
authRegisterUserDto.endUserRole === EndUserRoles.investor &&
!authRegisterUserDto.dealerId &&
req.user.role === "admin"
) {
throw new BadRequestException(
"Investor should been boarded with a dealer",
);
}
return await this.authService.registerUser(authRegisterUserDto, req.user);
}
@ApiOperation({
summary: "Investor self sign Up",
})
@ApiBody({ type: [AuthRegisterUserDto] })
@ApiBearerAuth()
@Post("/register/investor")
async registerInvestor(
@Body() authRegisterInvestorDto: AuthRegisterInvestorDto,
) {
return await this.authService.registerUser(
{
...authRegisterInvestorDto,
onChainFields: [],
subscribedFunds: [],
subscribedBonds: [],
endUserRole: EndUserRoles.investor,
},
{
idUser: "",
email: DEFAULT_LIBRE_DEALER,
role: EndUserRoles.dealer,
},
);
}
@UseGuards(AuthGuard("jwt"))
@ApiBody({ type: [MfaEnableUserDto] })
@Post("/mfa/enable")
async mfaEnable(
@Request() req: AuthRequest,
@Body() mfaEnableUserDto: MfaEnableUserDto,
) {
try {
if (req.user.email !== mfaEnableUserDto.email) {
throw new UnauthorizedException("The user can enable himself only");
}
return await this.authService.enableMFA(mfaEnableUserDto.email);
} catch (error) {
console.log(error);
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [MfaValidateUserDto] })
@Post("/mfa/validate")
async mfaValidate(@Body() mfaValidateUserDto: MfaValidateUserDto) {
try {
return await this.authService.validateMFA(
mfaValidateUserDto.userCode,
mfaValidateUserDto.sessionToken,
);
} catch (error) {
console.log(error);
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [AuthLoginUserDto] })
@Post("/login")
async login(@Body() authLoginUserDto: AuthLoginUserDto) {
try {
return await this.authService.signIn(
authLoginUserDto.email,
authLoginUserDto.password,
);
} catch (error) {
console.log(error);
if (error.statusCode === 400) {
throw new BadRequestException(error);
}
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [AuthLoginUserDto] })
@Post("/login/mfa")
async loginMfa(@Body() authLoginUserDto: AuthLoginUserDto) {
try {
return await this.authService.authenticateUserWithMfa(authLoginUserDto);
} catch (error) {
console.log(error);
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [AuthChangePasswordUserDto] })
@Post("/login/temp")
async loginWithNewPassword(
@Body() authChangePasswordUserDto: AuthChangePasswordUserDto,
) {
try {
return await this.authService.authenticateUserAndChangeTempPswd(
authChangePasswordUserDto,
);
} catch (error) {
console.log(error);
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [AuthLoginUserDto] })
@Get("/session")
async getSession(@Body() authLoginUserDto: AuthLoginUserDto) {
return await this.authService.getCognitoUser(authLoginUserDto.email);
}
@ApiBody({ type: [AuthChangePasswordUserDto] })
@Post("/change-password")
async changePassword(
@Body() authChangePasswordUserDto: AuthChangePasswordUserDto,
) {
try {
await this.authService.changeUserPassword(authChangePasswordUserDto);
return { status: "success" };
} catch (error) {
console.log(error);
throw new UnauthorizedException(error);
}
}
@ApiBody({ type: [AuthForgotPasswordUserDto] })
@Post("/forgot-password")
async forgotPassword(
@Body() authForgotPasswordUserDto: AuthForgotPasswordUserDto,
) {
return await this.authService.forgotUserPassword(authForgotPasswordUserDto);
}
@ApiBody({ type: [AuthConfirmPasswordUserDto] })
@Post("/confirm-password")
async confirmPassword(
@Body() authConfirmPasswordUserDto: AuthConfirmPasswordUserDto,
) {
return await this.authService.confirmUserPassword(
authConfirmPasswordUserDto,
);
}
@ApiOperation({
summary: "Allow/Disallow investor",
})
@ApiBody({ type: [AllowDisallowDto] })
@ApiBearerAuth()
@UseGuards(new RolesAuthGuard(["admin", "dealer"]))
@Post("/access")
async allowInvestor(
@Request() req: AuthRequest,
@Body() disableEnableUser: AllowDisallowDto,
) {
try {
if (req.user.role !== "admin") {
const investor = await this.userService.findUserByProperty({
email: disableEnableUser.email,
});
const isDealerAllowed = await this.userService.isDealerAllowed({
investorId: investor._id.toString(),
dealerEmail: req.user.email,
});
if (!isDealerAllowed) {
throw new UnauthorizedException(
"Dealer is not allowed to handle this user.",
);
}
}
return await this.authService.disableEnableUser(disableEnableUser);
} catch (error) {
if (error.status === 401) {
throw new UnauthorizedException(error);
}
console.error(error);
throw new ServiceUnavailableException(error);
}
}
}