LocalStrategy.validate lacked a try-catch, so infrastructure errors
(DB timeouts, bcrypt failures, null/undefined phone) escaped as raw
Error instances. LocalAuthGuard.handleRequest blindly re-threw them,
causing GlobalExceptionFilter to map them to 500 Internal Server Error
instead of 401 Unauthorized.
Changes:
- Add null/falsy guard for phone and password in LocalStrategy.validate
- Wrap validate body in try-catch; re-throw DomainExceptions, wrap
unexpected errors as UnauthorizedException (401)
- Add error type-checking in LocalAuthGuard.handleRequest: re-throw
HttpException subclasses directly, wrap other errors as 401
- Add @IsNotEmpty() validators to LoginDto for Swagger accuracy
- Add 5 new test cases covering undefined/null/empty inputs, DB
errors, and bcrypt failures
- Update guard tests for the new type-checking behaviour
Resolves TEC-1841
Co-Authored-By: Paperclip <noreply@paperclip.ing>
LocalStrategy and auth controllers were importing UnauthorizedException
from @nestjs/common instead of @modules/shared. While both return 401,
only the custom DomainException-based version produces the structured
error format (errorCode, correlationId, timestamp) expected by the
GlobalExceptionFilter's primary code path.
Also adds handleRequest() override to LocalAuthGuard to ensure custom
exceptions from the strategy propagate directly without Passport
transforming them.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Add unit tests for get-profile, get-agent-by-user-id, and verify-kyc handlers.
Improve OAuth service, local strategy, and repository implementations with
proper ConfigService injection and error handling.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
