Skip to content
Snippets Groups Projects
Select Git revision
  • f079234e3c2081f2e51342049a9945b92a688342
  • master default protected
  • improved-skeleton
  • xsrf-token
4 results

webapp-auth.md

Blame
    • users.controller.ts 2.55 KiB 
    import { Body, Controller, Get, Param, Post, Query, Request, UseGuards } from '@nestjs/common';
import { ApiOperation, ApiParam, ApiResponse } from '@nestjs/swagger';
import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
import { PasswordChangeDto } from './change-password.dto';
import { EmailChangeDto } from './change-email.dto';
import { CreateUserDto } from './create-user.dto';
import { UsersService } from './users.service';

@Controller('users')
export class UsersController {
  constructor(private usersService: UsersService) {}

  @UseGuards(JwtAuthGuard)
  @ApiOperation({ description: 'Get user profile' })
  @ApiResponse({ status: 200, description: 'Return user profil' })
  @ApiResponse({ status: 401, description: 'User does not have sufficient rights' })
  @Get('profile')
  public getProfile(@Request() req) {
    return req.user;
  }

  @Post()
  @ApiResponse({ status: 201, description: 'User created' })
  public async create(@Body() createUserDto: CreateUserDto) {
    return this.usersService.create(createUserDto);
  }

  @Post('verify/:id')
  @ApiParam({ name: 'id', type: String, required: true })
  @ApiResponse({ status: 201, description: 'User verified' })
  @ApiResponse({ status: 401, description: "This token does'nt exist or is not associate to this user." })
  public async validateUser(@Param() params, @Query('token') token: string) {
    return this.usersService.validateUser(params.id, token);
  }

  @UseGuards(JwtAuthGuard)
  @Post('change-password')
  @ApiResponse({ status: 201, description: 'Password changed' })
  @ApiResponse({ status: 401, description: 'Invalid password' })
  @ApiResponse({ status: 422, description: 'Weak password' })
  public async changePassword(@Request() req, @Body() passwordChangeDto: PasswordChangeDto) {
    return this.usersService.changeUserPassword(
      req.user._id,
      passwordChangeDto.oldPassword,
      passwordChangeDto.newPassword
    );
  }

  @UseGuards(JwtAuthGuard)
  @Post('change-email')
  @ApiResponse({ status: 201, description: 'Email confirmation send' })
  @ApiResponse({ status: 401, description: 'Invalid Email' })
  public async changeEmail(@Request() req, @Body() emailChangeDto: EmailChangeDto) {
    return this.usersService.changeUserEmail(emailChangeDto);
  }

  @UseGuards(JwtAuthGuard)
  @Post('verify-change-email')
  @ApiResponse({ status: 201, description: 'Email changed' })
  @ApiResponse({ status: 401, description: 'Invalid Token' })
  public async verifyAndUpdateEmail(@Request() req, @Query('token') token: string) {
    return this.usersService.verifyAndUpdateUserEmail(token);
  }
}