dwindown/tabungin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove OTP gate from transactions, fix categories auth, add implementation plan

Browse Source 
- Remove OtpGateGuard from transactions controller (OTP verified at login)
- Fix categories controller to use authenticated user instead of TEMP_USER_ID
- Add comprehensive implementation plan document
- Update .env.example with WEB_APP_URL
- Prepare for admin dashboard development
This commit is contained in:
dwindown
2025-10-11 14:00:11 +07:00
parent 0da6071eb3
commit 249f3a9d7d
159 changed files with 13748 additions and 3369 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
apps/api/dist/transactions/transactions.controller.js vendored
View File

@@ -14,6 +14,7 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
Object.defineProperty(exports, "__esModule", { value: true });
exports.TransactionsController = void 0;
const common_1 = require("@nestjs/common");
const auth_guard_1 = require("../auth/auth.guard");
const transactions_service_1 = require("./transactions.service");
const transaction_dto_1 = require("./transaction.dto");
let TransactionsController = class TransactionsController {
@@ -21,14 +22,19 @@ let TransactionsController = class TransactionsController {
constructor(tx) {
this.tx = tx;
}
list(walletId) {
return this.tx.list(walletId);
list(req, walletId) {
return this.tx.list(req.user.userId, walletId);
}
create(walletId, body) {
return this.tx.create(walletId, body);
create(req, walletId, body) {
return this.tx.create(req.user.userId, walletId, body);
}
async exportCsv(walletId, from, to, category, direction, res) {
const rows = await this.tx.listWithFilters(walletId, { from, to, category, direction });
async exportCsv(req, walletId, from, to, category, direction, res) {
const rows = await this.tx.listWithFilters(req.user.userId, walletId, {
from,
to,
category,
direction,
});
res.setHeader('Content-Type', 'text/csv; charset=utf-8');
res.setHeader('Content-Disposition', `attachment; filename="transactions_${walletId}.csv"`);
res.write(`date,category,memo,direction,amount\n`);
@@ -50,66 +56,73 @@ let TransactionsController = class TransactionsController {
}
res.end();
}
async update(walletId, id, body) {
async update(req, walletId, id, body) {
try {
const parsed = transaction_dto_1.TransactionUpdateSchema.parse(body);
return this.tx.update(walletId, id, parsed);
return this.tx.update(req.user.userId, walletId, id, parsed);
}
catch (e) {
throw new common_1.BadRequestException(e?.errors ?? 'Invalid payload');
const error = e;
throw new common_1.BadRequestException(error?.errors ?? 'Invalid payload');
}
}
delete(walletId, id) {
return this.tx.delete(walletId, id);
delete(req, walletId, id) {
return this.tx.delete(req.user.userId, walletId, id);
}
};
exports.TransactionsController = TransactionsController;
__decorate([
(0, common_1.Get)(),
__param(0, (0, common_1.Param)('walletId')),
__param(0, (0, common_1.Req)()),
__param(1, (0, common_1.Param)('walletId')),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String]),
__metadata("design:paramtypes", [Object, String]),
__metadata("design:returntype", void 0)
], TransactionsController.prototype, "list", null);
__decorate([
(0, common_1.Post)(),
__param(0, (0, common_1.Param)('walletId')),
__param(1, (0, common_1.Body)()),
__param(0, (0, common_1.Req)()),
__param(1, (0, common_1.Param)('walletId')),
__param(2, (0, common_1.Body)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:paramtypes", [Object, String, Object]),
__metadata("design:returntype", void 0)
], TransactionsController.prototype, "create", null);
__decorate([
(0, common_1.Get)('export.csv'),
__param(0, (0, common_1.Param)('walletId')),
__param(1, (0, common_1.Query)('from')),
__param(2, (0, common_1.Query)('to')),
__param(3, (0, common_1.Query)('category')),
__param(4, (0, common_1.Query)('direction')),
__param(5, (0, common_1.Res)()),
__param(0, (0, common_1.Req)()),
__param(1, (0, common_1.Param)('walletId')),
__param(2, (0, common_1.Query)('from')),
__param(3, (0, common_1.Query)('to')),
__param(4, (0, common_1.Query)('category')),
__param(5, (0, common_1.Query)('direction')),
__param(6, (0, common_1.Res)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object, Object, Object, Object, Object]),
__metadata("design:paramtypes", [Object, String, Object, Object, Object, Object, Object]),
__metadata("design:returntype", Promise)
], TransactionsController.prototype, "exportCsv", null);
__decorate([
(0, common_1.Put)(':id'),
__param(0, (0, common_1.Param)('walletId')),
__param(1, (0, common_1.Param)('id')),
__param(2, (0, common_1.Body)()),
__param(0, (0, common_1.Req)()),
__param(1, (0, common_1.Param)('walletId')),
__param(2, (0, common_1.Param)('id')),
__param(3, (0, common_1.Body)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, String, Object]),
__metadata("design:paramtypes", [Object, String, String, Object]),
__metadata("design:returntype", Promise)
], TransactionsController.prototype, "update", null);
__decorate([
(0, common_1.Delete)(':id'),
__param(0, (0, common_1.Param)('walletId')),
__param(1, (0, common_1.Param)('id')),
__param(0, (0, common_1.Req)()),
__param(1, (0, common_1.Param)('walletId')),
__param(2, (0, common_1.Param)('id')),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, String]),
__metadata("design:paramtypes", [Object, String, String]),
__metadata("design:returntype", void 0)
], TransactionsController.prototype, "delete", null);
exports.TransactionsController = TransactionsController = __decorate([
(0, common_1.Controller)('wallets/:walletId/transactions'),
(0, common_1.UseGuards)(auth_guard_1.AuthGuard),
__metadata("design:paramtypes", [transactions_service_1.TransactionsService])
], TransactionsController);
//# sourceMappingURL=transactions.controller.js.map