feat(SPG-1236): setup otp checker guard

2025-06-19 15:55:01 +07:00 · 2025-06-19 15:55:01 +07:00 · de43f0f28b
parent afad02ba52
commit de43f0f28b
6 changed files with 63 additions and 3 deletions
--- a/src/app.module.ts
+++ b/src/app.module.ts
@ -106,6 +106,7 @@ import { OtpVerificationModule } from './modules/configuration/otp-verification/
 import { OtpVerificationModel } from './modules/configuration/otp-verification/data/models/otp-verification.model';
 import { OtpVerifierModel } from './modules/configuration/otp-verification/data/models/otp-verifier.model';
 import { RescheduleVerificationModel } from './modules/booking-online/order/data/models/reschedule-verification.model';
+import { OtpCheckerGuard } from './core/guards/domain/otp-checker.guard';

@Module({
  imports: [
@ -246,6 +247,8 @@ import { RescheduleVerificationModel } from './modules/booking-online/order/data
  providers: [
    AuthService,
    PrivilegeService,
+    OtpCheckerGuard,
+
    /**
     * By default all request from client will protect by JWT
     * if there is some endpoint/function that does'nt require authentication
--- a/src/core/guards/domain/otp-checker.guard.ts
+++ b/src/core/guards/domain/otp-checker.guard.ts
@ -0,0 +1,57 @@
+import {
+  CanActivate,
+  ExecutionContext,
+  Injectable,
+  UnprocessableEntityException,
+} from '@nestjs/common';
+import { InjectDataSource } from '@nestjs/typeorm';
+import { CONNECTION_NAME } from 'src/core/strings/constants/base.constants';
+import { OtpVerificationModel } from 'src/modules/configuration/otp-verification/data/models/otp-verification.model';
+import { OtpVerificationEntity } from 'src/modules/configuration/otp-verification/domain/entities/otp-verification.entity';
+import { DataSource } from 'typeorm';
+
+@Injectable()
+export class OtpCheckerGuard implements CanActivate {
+  constructor(
+    @InjectDataSource(CONNECTION_NAME.DEFAULT)
+    protected readonly dataSource: DataSource,
+  ) {}
+
+  get otpRepository() {
+    return this.dataSource.getRepository(OtpVerificationModel);
+  }
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const verificationCode = request.headers['x-verification-code'];
+    console.log({ verificationCode });
+
+    if (verificationCode) {
+      const decoded = Buffer.from(verificationCode, 'base64').toString('ascii');
+      const [dataIdentity, otpCode] = decoded.split('|');
+
+      let otpData: OtpVerificationEntity;
+
+      otpData = await this.otpRepository.findOne({
+        where: {
+          otp_code: otpCode,
+          target_id: dataIdentity,
+        },
+      });
+
+      if (!otpData) {
+        otpData = await this.otpRepository.findOne({
+          where: {
+            otp_code: otpCode,
+            reference: dataIdentity,
+          },
+        });
+      }
+
+      if (otpData && otpData?.verified_at) return true;
+      console.log({ dataIdentity, otpCode, otpData });
+    }
+
+    throw new UnprocessableEntityException('OTP not verified.');
+  }
+}
--- a/src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard.ts
+++ b/src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard.ts
--- a/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts
+++ b/src/modules/configuration/otp-verification/infrastructure/otp-verification-data.controller.ts
@ -16,7 +16,7 @@ import {
  OtpVerifierCreateDto,
  OtpVerifyDto,
 } from './dto/otp-verification.dto';
-import { OtpAuthGuard } from './guards/otp-auth-guard';
+import { OtpAuthGuard } from './guards/otp-auth.guard';
 import { OtpVerifierService } from '../data/services/otp-verifier.service';

@ApiTags(`${MODULE_NAME.OTP_VERIFICATIONS.split('-').join(' ')} - data`)
--- a/src/modules/configuration/otp-verification/otp-verification.module.ts
+++ b/src/modules/configuration/otp-verification/otp-verification.module.ts
@ -10,7 +10,7 @@ import {
 } from './infrastructure/otp-verification-data.controller';
 import { OtpVerificationService } from './data/services/otp-verification.service';
 import { OtpVerifierModel } from './data/models/otp-verifier.model';
-import { OtpAuthGuard } from './infrastructure/guards/otp-auth-guard';
+import { OtpAuthGuard } from './infrastructure/guards/otp-auth.guard';

 import { JwtModule } from '@nestjs/jwt';
 import { JWT_EXPIRED } from 'src/core/sessions/constants';
--- a/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts
+++ b/src/modules/transaction/transaction/infrastructure/transaction-data.controller.ts
@ -20,7 +20,7 @@ import { BatchResult } from 'src/core/response/domain/ok-response.interface';
 import { BatchIdsDto } from 'src/core/modules/infrastructure/dto/base-batch.dto';
 import { Public } from 'src/core/guards';
 import { DownloadPdfDto } from './dto/donwload-pdf.dto';
-import { OtpAuthGuard } from 'src/modules/configuration/otp-verification/infrastructure/guards/otp-auth-guard';
+import { OtpAuthGuard } from 'src/modules/configuration/otp-verification/infrastructure/guards/otp-auth.guard';

@ApiTags(`${MODULE_NAME.TRANSACTION.split('-').join(' ')} - data`)
@Controller(`v1/${MODULE_NAME.TRANSACTION}`)