feat(auth): implement Auth module with register, login, JWT, guards, and CQRS

- Add RefreshToken and OAuthAccount models to Prisma schema - Implement clean architecture: domain (entities, VOs, events, repo interfaces), infrastructure (Prisma repos, Passport strategies, token service), application (CQRS command/query handlers), presentation (controller, guards, DTOs) - Endpoints: POST /auth/register, /auth/login, /auth/refresh, GET /auth/profile, GET /auth/profile/agent, PATCH /auth/kyc - JWT access + refresh token rotation with family-based revocation - Role-based guards (BUYER, SELLER, AGENT, ADMIN) - 16 unit tests (value objects, entity) + integration test suite - All 80 tests passing, clean TypeScript build Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-08 00:24:42 +07:00
parent c981bff771
commit 391c040100
63 changed files with 2194 additions and 33 deletions
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -46,18 +46,57 @@ model User {
  createdAt    DateTime  @default(now())
  updatedAt    DateTime  @updatedAt

-  agent         Agent?
-  listings      Listing[]
-  savedSearches SavedSearch[]
-  subscription  Subscription?
-  payments      Payment[]
-  reviews       Review[]
-  inquiriesSent Inquiry[]
+  agent          Agent?
+  listings       Listing[]
+  savedSearches  SavedSearch[]
+  subscription   Subscription?
+  payments       Payment[]
+  reviews        Review[]
+  inquiriesSent  Inquiry[]
+  refreshTokens  RefreshToken[]
+  oauthAccounts  OAuthAccount[]

  @@index([phone])
  @@index([role])
 }

+enum OAuthProvider {
+  GOOGLE
+  ZALO
+}
+
+model RefreshToken {
+  id        String   @id @default(cuid())
+  userId    String
+  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+  token     String   @unique
+  family    String
+  expiresAt DateTime
+  revokedAt DateTime?
+  createdAt DateTime @default(now())
+
+  @@index([userId])
+  @@index([family])
+  @@index([expiresAt])
+}
+
+model OAuthAccount {
+  id             String        @id @default(cuid())
+  userId         String
+  user           User          @relation(fields: [userId], references: [id], onDelete: Cascade)
+  provider       OAuthProvider
+  providerUserId String
+  accessToken    String?
+  refreshToken   String?
+  expiresAt      DateTime?
+  profile        Json?
+  createdAt      DateTime      @default(now())
+  updatedAt      DateTime      @updatedAt
+
+  @@unique([provider, providerUserId])
+  @@index([userId])
+}
+
 model Agent {
  id              String   @id @default(cuid())
  userId          String   @unique