admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): implement Auth module with register, login, JWT, guards, and CQRS

Browse Source 
- Add RefreshToken and OAuthAccount models to Prisma schema
- Implement clean architecture: domain (entities, VOs, events, repo interfaces),
  infrastructure (Prisma repos, Passport strategies, token service),
  application (CQRS command/query handlers), presentation (controller, guards, DTOs)
- Endpoints: POST /auth/register, /auth/login, /auth/refresh, GET /auth/profile,
  GET /auth/profile/agent, PATCH /auth/kyc
- JWT access + refresh token rotation with family-based revocation
- Role-based guards (BUYER, SELLER, AGENT, ADMIN)
- 16 unit tests (value objects, entity) + integration test suite
- All 80 tests passing, clean TypeScript build

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-08 00:24:42 +07:00
parent c981bff771
commit 391c040100
63 changed files with 2194 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
apps/api/src/modules/auth/infrastructure/strategies/local.strategy.ts Normal file
View File

@@ -0,0 +1,38 @@
import { Inject, Injectable, UnauthorizedException } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { Strategy } from 'passport-local';
import { USER_REPOSITORY, type IUserRepository } from '../../domain/repositories/user.repository';
import { normalizeVietnamPhone } from '@modules/shared/utils/vietnam-phone.validator';
@Injectable()
export class LocalStrategy extends PassportStrategy(Strategy) {
constructor(
@Inject(USER_REPOSITORY)
private readonly userRepo: IUserRepository,
) {
super({ usernameField: 'phone', passwordField: 'password' });
}
async validate(phone: string, password: string): Promise<{ id: string; phone: string; role: string }> {
const normalizedPhone = normalizeVietnamPhone(phone);
if (!normalizedPhone) {
throw new UnauthorizedException('Số điện thoại không hợp lệ');
}
const user = await this.userRepo.findByPhone(normalizedPhone);
if (!user || !user.passwordHash) {
throw new UnauthorizedException('Số điện thoại hoặc mật khẩu không đúng');
}
if (!user.isActive) {
throw new UnauthorizedException('Tài khoản đã bị vô hiệu hóa');
}
const isValid = await user.passwordHash.compare(password);
if (!isValid) {
throw new UnauthorizedException('Số điện thoại hoặc mật khẩu không đúng');
}
return { id: user.id, phone: user.phone.value, role: user.role };
}
}