admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(auth): add OTP verification for email changes on profile update

Browse Source 
Email changes via PATCH /api/v1/auth/profile now require OTP verification
instead of updating immediately. A 6-digit code is sent to the new email
address and must be confirmed via POST /api/v1/auth/profile/verify-email
within 10 minutes. Also fixes pre-existing web valuation test failures
(formatPrice output format, removed comparables section, missing
QueryClientProvider wrapper).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-16 04:23:06 +07:00
parent baaeb56849
commit 43f9e23b28
19 changed files with 429 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
apps/api/src/modules/auth/presentation/controllers/auth.controller.ts
View File

@@ -32,6 +32,8 @@ import { type KycUploadUrlResult } from '../../application/commands/generate-kyc
import { SubmitKycCommand } from '../../application/commands/submit-kyc/submit-kyc.command';
import { UpdateProfileCommand } from '../../application/commands/update-profile/update-profile.command';
import { type UpdateProfileResultDto } from '../../application/commands/update-profile/update-profile.handler';
import { VerifyEmailChangeCommand } from '../../application/commands/verify-email-change/verify-email-change.command';
import { type VerifyEmailChangeResultDto } from '../../application/commands/verify-email-change/verify-email-change.handler';
import { VerifyKycCommand } from '../../application/commands/verify-kyc/verify-kyc.command';
import { type AgentDto } from '../../application/queries/get-agent-by-user-id/get-agent-by-user-id.handler';
import { GetAgentByUserIdQuery } from '../../application/queries/get-agent-by-user-id/get-agent-by-user-id.query';
@@ -46,6 +48,7 @@ import { type RefreshTokenDto } from '../dto/refresh-token.dto';
import { type RegisterDto } from '../dto/register.dto';
import { type VerifyKycDto } from '../dto/verify-kyc.dto';
import { UpdateProfileDto } from '../dto/update-profile.dto';
import { VerifyEmailChangeDto } from '../dto/verify-email-change.dto';
import { JwtAuthGuard } from '../guards/jwt-auth.guard';
import { LocalAuthGuard } from '../guards/local-auth.guard';
import { RolesGuard } from '../guards/roles.guard';
@@ -235,6 +238,24 @@ export class AuthController {
return { message: 'Cập nhật hồ sơ thành công', data: result };
}
@UseGuards(JwtAuthGuard)
@Post('profile/verify-email')
@ApiBearerAuth('JWT')
@ApiOperation({ summary: 'Verify email change with OTP code' })
@ApiResponse({ status: 201, description: 'Email changed successfully' })
@ApiResponse({ status: 400, description: 'Invalid or expired OTP code' })
@ApiResponse({ status: 401, description: 'Unauthorized' })
@ApiResponse({ status: 409, description: 'Email already in use' })
async verifyEmailChange(
@CurrentUser() user: JwtPayload,
@Body() dto: VerifyEmailChangeDto,
): Promise<{ message: string; data: VerifyEmailChangeResultDto }> {
const result: VerifyEmailChangeResultDto = await this.commandBus.execute(
new VerifyEmailChangeCommand(user.sub, dto.code),
);
return { message: 'Email đã được cập nhật thành công', data: result };
}
@UseGuards(JwtAuthGuard)
@Get('profile/agent')
@ApiBearerAuth('JWT')