From 7888930c5ef57695a4c710b6c73c8ac1161eacd6 Mon Sep 17 00:00:00 2001 From: alexeh Date: Mon, 14 Oct 2024 11:11:05 +0200 Subject: [PATCH] remove origin header constraint, return updated user --- api/src/modules/auth/authentication.controller.ts | 4 ++-- api/src/modules/auth/authentication.service.ts | 4 ++-- api/test/e2e/features/validate-token.feature | 2 +- api/test/integration/users/users-email-update.spec.ts | 10 +++------- shared/contracts/auth.contract.ts | 7 +++---- shared/contracts/users.contract.ts | 1 - 6 files changed, 11 insertions(+), 17 deletions(-) diff --git a/api/src/modules/auth/authentication.controller.ts b/api/src/modules/auth/authentication.controller.ts index a86609a8..9c82b1fd 100644 --- a/api/src/modules/auth/authentication.controller.ts +++ b/api/src/modules/auth/authentication.controller.ts @@ -93,9 +93,9 @@ export class AuthenticationController { return tsRestHandler( authContract.confirmEmail, async ({ body: { newEmail } }) => { - await this.authService.confirmEmail(user, newEmail); + const updatedUser = await this.authService.confirmEmail(user, newEmail); return { - body: null, + body: { data: updatedUser }, status: HttpStatus.OK, }; }, diff --git a/api/src/modules/auth/authentication.service.ts b/api/src/modules/auth/authentication.service.ts index 45d484fb..ac30d85b 100644 --- a/api/src/modules/auth/authentication.service.ts +++ b/api/src/modules/auth/authentication.service.ts @@ -134,12 +134,12 @@ export class AuthenticationService { ); } - async confirmEmail(user: User, newEmail: string): Promise { + async confirmEmail(user: User, newEmail: string): Promise { const existingUser = await this.usersService.findByEmail(newEmail); if (existingUser) { throw new ConflictException(`Email already in use`); } user.email = newEmail; - await this.usersService.saveUser(user); + return this.usersService.saveUser(user); } } diff --git a/api/test/e2e/features/validate-token.feature b/api/test/e2e/features/validate-token.feature index 81298249..0c004419 100644 --- a/api/test/e2e/features/validate-token.feature +++ b/api/test/e2e/features/validate-token.feature @@ -56,7 +56,7 @@ Feature: Validate Token Scenario: Validating a token without providing the Authorization header When the user attempts to validate a token without providing the Authorization header - Then the user should receive a 400 status code + Then the user should receive a 401 status code diff --git a/api/test/integration/users/users-email-update.spec.ts b/api/test/integration/users/users-email-update.spec.ts index 84eb1060..67496964 100644 --- a/api/test/integration/users/users-email-update.spec.ts +++ b/api/test/integration/users/users-email-update.spec.ts @@ -6,7 +6,6 @@ import { ROLES } from '@shared/entities/users/roles.enum'; import { MockEmailService } from '../../utils/mocks/mock-email.service'; import { IEmailServiceToken } from '@api/modules/notifications/email/email-service.interface'; import { JwtManager } from '@api/modules/auth/services/jwt.manager'; -import { User } from '@shared/entities/users/user.entity'; import { authContract } from '@shared/contracts/auth.contract'; describe('Users ME (e2e)', () => { @@ -71,7 +70,7 @@ describe('Users ME (e2e)', () => { }); }); describe('Confirm email update', () => { - it('should update the email', async () => { + it('should update the email and return the updated user', async () => { const user = await testManager .mocks() .createUser({ email: 'test@test.com', role: ROLES.PARTNER }); @@ -85,11 +84,8 @@ describe('Users ME (e2e)', () => { .set('Authorization', `Bearer ${emailUpdateToken}`); expect(response.status).toBe(200); - const userWithUpdatedEmail = await testManager - .getDataSource() - .getRepository(User) - .findOneBy({ email: newEmail }); - expect(userWithUpdatedEmail.id).toEqual(user.id); + expect(response.body.data.email).toBe(newEmail); + expect(response.body.data.id).toBe(user.id); }); it('should fail if the new email is already in use', async () => { const user = await createUser(testManager.getDataSource(), { diff --git a/shared/contracts/auth.contract.ts b/shared/contracts/auth.contract.ts index a251c426..80990837 100644 --- a/shared/contracts/auth.contract.ts +++ b/shared/contracts/auth.contract.ts @@ -1,12 +1,12 @@ import { initContract } from "@ts-rest/core"; import { LogInSchema } from "@shared/schemas/auth/login.schema"; -import { UserWithAccessToken } from "@shared/dtos/users/user.dto"; +import { UserDto, UserWithAccessToken } from "@shared/dtos/users/user.dto"; import { TokenTypeSchema } from "@shared/schemas/auth/token-type.schema"; import { z } from "zod"; import { BearerTokenSchema } from "@shared/schemas/auth/bearer-token.schema"; import { SignUpSchema } from "@shared/schemas/auth/sign-up.schema"; -import { EmailConfirmation } from "@api/modules/auth/strategies/email-update.strategy"; import { RequestEmailUpdateSchema } from "@shared/schemas/users/request-email-update.schema"; +import { ApiResponse } from "@shared/dtos/global/api-response.dto"; // TODO: This is a scaffold. We need to define types for responses, zod schemas for body and query param validation etc. @@ -48,7 +48,6 @@ export const authContract = contract.router({ requestPasswordRecovery: { method: "POST", path: "/authentication/recover-password", - headers: z.object({ origin: z.string().url() }), responses: { 201: null, }, @@ -59,7 +58,7 @@ export const authContract = contract.router({ method: "PATCH", path: "/authentication/confirm-email", responses: { - 200: null, + 200: contract.type>(), }, body: RequestEmailUpdateSchema, }, diff --git a/shared/contracts/users.contract.ts b/shared/contracts/users.contract.ts index 47d50dc6..fe2db709 100644 --- a/shared/contracts/users.contract.ts +++ b/shared/contracts/users.contract.ts @@ -43,7 +43,6 @@ export const usersContract = contract.router({ requestEmailUpdate: { method: "PATCH", path: "/users/me/email", - headers: z.object({ origin: z.string().url() }), responses: { 200: contract.type(), },