import { Body, Controller, Delete, Get, Param, Post, Query, Req, Request, UseGuards } from '@nestjs/common'; import { ApiBearerAuth, ApiOperation, ApiParam, ApiResponse } from '@nestjs/swagger'; import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard'; import { PasswordChangeDto } from './dto/change-password.dto'; import { EmailChangeDto } from './dto/change-email.dto'; import { CreateUserDto } from './dto/create-user.dto'; import { PasswordResetApplyDto } from './dto/reset-password-apply.dto'; import { PasswordResetDto } from './dto/reset-password.dto'; import { UsersService } from './users.service'; import { StructuresService } from '../structures/services/structures.service'; import { TempUserService } from '../temp-user/temp-user.service'; import { RolesGuard } from './guards/roles.guard'; import { Roles } from './decorators/roles.decorator'; @Controller('users') export class UsersController { constructor( private usersService: UsersService, private structureService: StructuresService, private tempUserService: TempUserService ) {} @UseGuards(JwtAuthGuard) @ApiBearerAuth('JWT') @ApiOperation({ description: 'Get user profile' }) @ApiResponse({ status: 200, description: 'Return user profil' }) @ApiResponse({ status: 401, description: 'User does not have sufficient rights' }) @Get('profile') public getProfile(@Request() req) { return req.user; } @Post() @ApiResponse({ status: 201, description: 'User created' }) public async create(@Body() createUserDto: CreateUserDto) { // remove structureId for creation and add structure after let structureId = null; if (createUserDto.pendingStructuresLink.length > 0) { structureId = createUserDto.pendingStructuresLink[0]; delete createUserDto.pendingStructuresLink; } const user = await this.usersService.create(createUserDto); if (structureId) { this.usersService.updateStructureLinkedClaim(createUserDto.email, structureId); } // Remove temp user if exist const tempUser = await this.tempUserService.findOne(createUserDto.email); if (tempUser) { this.tempUserService.delete(createUserDto.email); } return user; } @Post('verify/:id') @ApiParam({ name: 'id', type: String, required: true }) @ApiResponse({ status: 201, description: 'User verified' }) @ApiResponse({ status: 401, description: "This token does'nt exist or is not associate to this user." }) public async validateUser(@Param() params, @Query('token') token: string) { return this.usersService.validateUser(params.id, token); } @UseGuards(JwtAuthGuard) @Post('change-password') @ApiResponse({ status: 201, description: 'Password changed' }) @ApiResponse({ status: 401, description: 'Invalid password' }) @ApiResponse({ status: 422, description: 'Weak password' }) public async changePassword(@Request() req, @Body() passwordChangeDto: PasswordChangeDto) { return this.usersService.changeUserPassword( req.user._id, passwordChangeDto.oldPassword, passwordChangeDto.newPassword ); } @UseGuards(JwtAuthGuard) @Post('change-email') @ApiResponse({ status: 201, description: 'Email confirmation send' }) @ApiResponse({ status: 401, description: 'Invalid Email' }) public async changeEmail(@Request() req, @Body() emailChangeDto: EmailChangeDto) { return this.usersService.changeUserEmail(emailChangeDto); } @UseGuards(JwtAuthGuard) @Post('verify-change-email') @ApiResponse({ status: 201, description: 'Email changed' }) @ApiResponse({ status: 401, description: 'Invalid Token' }) public async verifyAndUpdateEmail(@Request() req, @Query('token') token: string) { return this.usersService.verifyAndUpdateUserEmail(token); } @Post('reset-password') @ApiResponse({ status: 200, description: 'Email sent if account exist' }) public async resetPassword(@Body() passwordReset: PasswordResetDto) { return this.usersService.sendResetPasswordEmail(passwordReset.email); } @Post('reset-password/apply') @ApiResponse({ status: 200, description: 'Email sent if account exist' }) public async resetPasswordApply(@Body() passwordResetApplyDto: PasswordResetApplyDto) { return this.usersService.validatePasswordResetToken(passwordResetApplyDto.password, passwordResetApplyDto.token); } @Post('verify-exist-user') public async verifyUserExist(@Request() req, @Body() email: { newMail: string }) { return this.usersService.verifyUserExist(email.newMail); } @Delete() @UseGuards(JwtAuthGuard) public async delete(@Req() req) { const user = await this.usersService.deleteOne(req.user.email); user.structuresLink.forEach((structureId) => { this.usersService.isStructureClaimed(structureId.toString()).then((userFound) => { if (!userFound) { this.structureService.deleteOne(structureId.toString()); } }); }); return user; } }