feat: remove OTP gate from transactions, fix categories auth, add implementation plan

- Remove OtpGateGuard from transactions controller (OTP verified at login) - Fix categories controller to use authenticated user instead of TEMP_USER_ID - Add comprehensive implementation plan document - Update .env.example with WEB_APP_URL - Prepare for admin dashboard development
2025-10-11 14:00:11 +07:00
parent 0da6071eb3
commit 249f3a9d7d
159 changed files with 13748 additions and 3369 deletions
--- a/apps/api/dist/transactions/transactions.service.js
+++ b/apps/api/dist/transactions/transactions.service.js
@@ -12,32 +12,28 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.TransactionsService = void 0;
 const common_1 = require("@nestjs/common");
 const prisma_service_1 = require("../prisma/prisma.service");
-const user_util_1 = require("../common/user.util");
 let TransactionsService = class TransactionsService {
    prisma;
    constructor(prisma) {
        this.prisma = prisma;
    }
-    userId() {
-        return (0, user_util_1.getTempUserId)();
-    }
-    list(walletId) {
+    list(userId, walletId) {
        return this.prisma.transaction.findMany({
-            where: { userId: this.userId(), walletId },
+            where: { userId, walletId },
            orderBy: { date: 'desc' },
            take: 200,
        });
    }
-    listAll() {
+    listAll(userId) {
        return this.prisma.transaction.findMany({
-            where: { userId: this.userId() },
+            where: { userId },
            orderBy: { date: 'desc' },
            take: 1000,
        });
    }
-    listWithFilters(walletId, filters) {
+    listWithFilters(userId, walletId, filters) {
        const where = {
-            userId: (0, user_util_1.getTempUserId)(),
+            userId,
            walletId,
        };
        if (filters.direction)
@@ -56,20 +52,20 @@ let TransactionsService = class TransactionsService {
            orderBy: { date: 'desc' },
        });
    }
-    async create(walletId, input) {
+    async create(userId, walletId, input) {
        const amountNum = typeof input.amount === 'string' ? Number(input.amount) : input.amount;
        if (!Number.isFinite(amountNum))
            throw new Error('amount must be a number');
        const date = input.date ? new Date(input.date) : new Date();
        const wallet = await this.prisma.wallet.findFirst({
-            where: { id: walletId, userId: this.userId(), deletedAt: null },
+            where: { id: walletId, userId, deletedAt: null },
            select: { id: true },
        });
        if (!wallet)
            throw new Error('wallet not found');
        return this.prisma.transaction.create({
            data: {
-                userId: this.userId(),
+                userId,
                walletId,
                amount: amountNum,
                direction: input.direction,
@@ -79,9 +75,9 @@ let TransactionsService = class TransactionsService {
            },
        });
    }
-    async update(walletId, id, dto) {
+    async update(userId, walletId, id, dto) {
        const existing = await this.prisma.transaction.findFirst({
-            where: { id, walletId, userId: this.userId() },
+            where: { id, walletId, userId },
        });
        if (!existing)
            throw new Error('transaction not found');
@@ -101,9 +97,9 @@ let TransactionsService = class TransactionsService {
            data,
        });
    }
-    async delete(walletId, id) {
+    async delete(userId, walletId, id) {
        const existing = await this.prisma.transaction.findFirst({
-            where: { id, walletId, userId: this.userId() },
+            where: { id, walletId, userId },
        });
        if (!existing)
            throw new Error('transaction not found');