feat: remove OTP gate from transactions, fix categories auth, add implementation plan

- Remove OtpGateGuard from transactions controller (OTP verified at login) - Fix categories controller to use authenticated user instead of TEMP_USER_ID - Add comprehensive implementation plan document - Update .env.example with WEB_APP_URL - Prepare for admin dashboard development
2025-10-11 14:00:11 +07:00
parent 0da6071eb3
commit 249f3a9d7d
159 changed files with 13748 additions and 3369 deletions
--- a/apps/api/dist/auth/auth.service.d.ts
+++ b/apps/api/dist/auth/auth.service.d.ts
@@ -0,0 +1,93 @@
+import { JwtService } from '@nestjs/jwt';
+import { PrismaService } from '../prisma/prisma.service';
+import { OtpService } from '../otp/otp.service';
+export declare class AuthService {
+    private readonly prisma;
+    private readonly jwtService;
+    private readonly otpService;
+    constructor(prisma: PrismaService, jwtService: JwtService, otpService: OtpService);
+    register(email: string, password: string, name?: string): Promise<{
+        user: {
+            id: string;
+            email: string;
+            name: string | null;
+            avatarUrl: string | null;
+            emailVerified: boolean;
+        };
+        token: string;
+    }>;
+    login(email: string, password: string): Promise<{
+        requiresOtp: boolean;
+        availableMethods: {
+            email: boolean;
+            whatsapp: boolean;
+            totp: boolean;
+        };
+        tempToken: string;
+        user?: undefined;
+        token?: undefined;
+    } | {
+        user: {
+            id: string;
+            email: string;
+            name: string | null;
+            avatarUrl: string | null;
+            emailVerified: boolean;
+        };
+        token: string;
+        requiresOtp?: undefined;
+        availableMethods?: undefined;
+        tempToken?: undefined;
+    }>;
+    googleLogin(googleProfile: {
+        googleId: string;
+        email: string;
+        name: string;
+        avatarUrl?: string;
+    }): Promise<{
+        requiresOtp: boolean;
+        availableMethods: {
+            email: boolean;
+            whatsapp: boolean;
+            totp: boolean;
+        };
+        tempToken: string;
+        user?: undefined;
+        token?: undefined;
+    } | {
+        user: {
+            id: string;
+            email: string;
+            name: string | null;
+            avatarUrl: string | null;
+            emailVerified: boolean;
+        };
+        token: string;
+        requiresOtp?: undefined;
+        availableMethods?: undefined;
+        tempToken?: undefined;
+    }>;
+    verifyOtpAndLogin(tempToken: string, otpCode: string, method: 'email' | 'whatsapp' | 'totp'): Promise<{
+        user: {
+            id: string;
+            email: string;
+            name: string | null;
+            avatarUrl: string | null;
+            emailVerified: boolean;
+        };
+        token: string;
+    }>;
+    private generateToken;
+    private generateTempToken;
+    getUserProfile(userId: string): Promise<{
+        id: string;
+        email: string;
+        emailVerified: boolean;
+        name: string | null;
+        avatarUrl: string | null;
+    }>;
+    changePassword(userId: string, currentPassword: string, newPassword: string, isSettingPassword?: boolean): Promise<{
+        message: string;
+    }>;
+    private downloadAndStoreAvatar;
+}