4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
lecoffre-back/src/app/api/idnot/UserController.ts
Vins cd4c32702e logs
2024-04-24 10:32:26 +02:00

188 lines
6.0 KiB
TypeScript
Raw Blame History

import { Response, Request } from "express";
import { Controller, Post } from "@ControllerPattern/index";
import ApiController from "@Common/system/controller-pattern/ApiController";
import { Service } from "typedi";
import AuthService, { IUserJwtPayload } from "@Services/common/AuthService/AuthService";
import IdNotService from "@Services/common/IdNotService/IdNotService";
import User, { RulesGroup } from "le-coffre-resources/dist/Admin";
import UsersService from "@Services/super-admin/UsersService/UsersService";
import SubscriptionsService from "@Services/admin/SubscriptionsService/SubscriptionsService.ts";
import { ESubscriptionStatus } from "@prisma/client";
import SeatsService from "@Services/admin/SeatsService/SeatsService";
import { EType } from "le-coffre-resources/dist/Admin/Subscription";
import RulesGroupsService from "@Services/admin/RulesGroupsService/RulesGroupsService";
@Controller()
@Service()
export default class UserController extends ApiController {
constructor(
private authService: AuthService,
private idNotService: IdNotService,
private userService: UsersService,
private subscriptionsService: SubscriptionsService,
private seatsService: SeatsService,
private rulesGroupsService: RulesGroupsService
) {
super();
}
/**
* @description Get user created from IdNot authentification
* @todo Used for test, should be removed
* @returns User
*/
@Post("/api/v1/idnot/user/:code")
protected async getUserInfosFromIdnot(req: Request, response: Response) {
try {
const code = req.params["code"];
if (!code) throw new Error("code is required");
const idNotToken = await this.idNotService.getIdNotToken(code);
if (!idNotToken) {
this.httpValidationError(response, "IdNot token undefined");
return;
}
const user = await this.idNotService.getOrCreateUser(idNotToken);
if (!user) {
this.httpUnauthorized(response, "User not found");
return;
}
await this.idNotService.updateUser(user.uid);
//Whitelist feature
//Get user with contact
const prismaUser = await this.userService.getByUid(user.uid, { contact: true, role: true });
if (!prismaUser) {
this.httpNotFoundRequest(response, "user not found");
return;
}
//Hydrate user to be able to use his contact
const userHydrated = User.hydrate<User>(prismaUser, { strategy: "excludeAll" });
if (!userHydrated.contact?.email || userHydrated.contact?.email === "") {
this.httpUnauthorized(response, "Email not found");
return;
}
let isSubscribed = false;
const subscriptions = await this.subscriptionsService.get({ where: { office_uid: userHydrated.office_membership?.uid } });
if (!subscriptions || subscriptions.length === 0 || subscriptions[0]?.status === ESubscriptionStatus.INACTIVE) {
isSubscribed = false;
}
else if (subscriptions[0]?.type === EType.Unlimited) {
isSubscribed = true;
} else {
const hasSeat = await this.subscriptionsService.get({
where: { status: ESubscriptionStatus.ACTIVE, seats: { some: { user_uid: userHydrated.uid } } },
});
if (hasSeat && hasSeat.length > 0) {
isSubscribed = true;
} else {
const nbMaxSeats = subscriptions[0]!.nb_seats;
const nbCurrentSeats = await this.seatsService.get({ where: { subscription_uid: subscriptions[0]!.uid } });
//if nbMaxSeats < nbCurrentSeats, create a new seat for the user
if (nbMaxSeats > nbCurrentSeats.length) {
const seatAdded = await this.seatsService.create(user.uid, subscriptions[0]!.uid);
if (seatAdded) {
isSubscribed = true;
}
}
}
}
//Check if user is whitelisted
// const isWhitelisted = await this.whitelistService.getByEmail(userHydrated.contact!.email);
//When we'll switch to idNotId whitelisting
// const isWhitelisted = await this.userWhitelistService.getByIdNotId(user.idNot);
//If not whitelisted, return 409 Not whitelisted
// if (!isWhitelisted || isWhitelisted.length === 0) {
// this.httpNotWhitelisted(response);
// return;
// }
await this.idNotService.updateOffice(user.office_uid);
const payload = await this.authService.getUserJwtPayload(user.idNot);
if(!payload) return;
console.log(isSubscribed, userHydrated.role?.name);
if(!isSubscribed && userHydrated.role?.name === "admin" || userHydrated.role?.name === "super-admin"){
const manageSubscriptionRulesEntity = await this.rulesGroupsService.get({ where: { uid: "94343601-04c8-44ef-afb9-3047597528a9" }, include: { rules: true } });
console.log(manageSubscriptionRulesEntity);
const manageSubscriptionRules = RulesGroup.hydrateArray<RulesGroup>(manageSubscriptionRulesEntity, { strategy: "excludeAll" });
if(!manageSubscriptionRules[0]) return;
payload.rules = manageSubscriptionRules[0].rules!.map((rule) => rule.name) || [];
console.log(payload);
isSubscribed = true;
}
if (!isSubscribed) {
this.httpUnauthorized(response, "User not subscribed");
return;
}
const accessToken = this.authService.generateAccessToken(payload);
const refreshToken = this.authService.generateRefreshToken(payload);
this.httpSuccess(response, { accessToken, refreshToken });
} catch (error) {
console.log(error);
this.httpInternalError(response);
return;
}
}
@Post("/api/v1/idnot/user/auth/refresh-token")
protected async refreshToken(req: Request, response: Response) {
try {
const authHeader = req.headers["authorization"];
const token = authHeader && authHeader.split(" ")[1];
if (!token) {
this.httpBadRequest(response);
return;
}
let accessToken;
this.authService.verifyRefreshToken(token, (err, userPayload) => {
if (err) {
console.log(err);
this.httpUnauthorized(response);
return;
}
const user = userPayload as IUserJwtPayload;
delete user.iat;
delete user.exp;
accessToken = this.authService.generateAccessToken(user);
});
//success
this.httpSuccess(response, { accessToken });
} catch (error) {
console.log(error);
this.httpInternalError(response);
return;
}
}
}
Reference in New Issue View Git Blame Copy Permalink