auth auth.service.ts

100% Statements 14/14
100% Branches 4/4
100% Functions 6/6
100% Lines 14/14
Press n or j to go to the next uncovered block, b, p or k for the previous block.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88  
 
 
 
 
 
 
 
 
21x
21x
21x
21x
 
 
 
3x
 
 
 
6x
 
 
 
 
 
 
 
 
 
 
6x
3x
 
 
 
 
 
 
3x
 
 
 
2x
 
 
 
 
2x
 
 
 
 
 
 
 
 
 
 
2x
 
 
 
 
 
2x
 
 
 
 
 
 
 
 
 
 
 
 
 
3x
 
 
 
 
 
 
 
  import { Injectable, Inject } from '@nestjs/common'
import { JwtService } from '@nestjs/jwt'
import { ConfigService } from '@nestjs/config'
import { PrismaService } from '../../database/prisma.service'
import type { AuthProvider, AuthUser } from './providers/auth-provider.interface'
 
@Injectable()
export class AuthService {
    constructor(
        private jwtService: JwtService,
        private configService: ConfigService, // Keeping if needed for future
        private prisma: PrismaService,
        @Inject('AUTH_PROVIDER') private authProvider: AuthProvider,
    ) {}
 
    async validateUser(email: string, pass: string): Promise<AuthUser | null> {
        return this.authProvider.verify({ email, password: pass })
    }
 
    async validateStaff(code: string, eventId: string): Promise<AuthUser | null> {
        const staff = await this.prisma.staffMember.findUnique({
            where: { code },
            include: {
                events: {
                    where: {
                        OR: [{ id: eventId }, { slug: eventId }],
                    },
                },
            },
        })
 
        if (staff && staff.events.length > 0) {
            return {
                id: staff.id,
                name: staff.name,
                role: 'STAFF',
                eventId: staff.events[0].id,
            }
        }
        return null
    }
 
    login(user: AuthUser) {
        const payload = {
            sub: user.id,
            email: user.email,
            role: user.role, // Use generic role
        }
        return {
            accessToken: this.jwtService.sign(payload),
            user: {
                id: user.id,
                email: user.email,
                role: user.role,
            },
        }
    }
 
    loginStaff(staff: AuthUser) {
        const payload = {
            sub: staff.id,
            name: staff.name,
            role: staff.role,
            eventId: staff.eventId,
        }
        return {
            accessToken: this.jwtService.sign(payload),
            user: staff,
        }
    }
 
    async validateGoogleUser(details: {
        email: string
        firstName: string
        lastName: string
        picture?: string
    }) {
        // Delegate to the active provider to decide if this external user is allowed
        // For LocalProvider, it checks if email matches env var
        return this.authProvider.verify({
            email: details.email,
            name: `${details.firstName} ${details.lastName}`,
            picture: details.picture,
            isTrusted: true,
        })
    }
}