feat(profile): v3

* feat(profile): profile posts tabs endpoints

* fix(profile): fix update user response

* fix(profile): return user birthdate in profile response

* fix(profile): clean unused files after update profile

* refactor(profile): convert sql posts query to typeorm

* feat(profile): add user data to user posts view

* fix(profile): remove reply from user posts + fix repost type

* feat(profile): add quote parent data in user posts

* feat(profile): apply cursor pagination to profile endpoints

* fix(profile): fix get media + liked posts

* refactor(profile): change response pagination schema

* docs(profile): edit swagger documentation for pagination

* fix(profile): fix cursor pagination and created_at timezone

* fix(profile): replace location with country in update user

* fix(profile): delete profile, cover images after delete account

* feat(user): get username recommendations

* fix(auth): fix refresh token

* feat(auth): confirm password

---------

Co-authored-by: Amira Khalid <149877108+AmiraKhalid04@users.noreply.github.com>
Co-authored-by: Mario Raafat <136023677+MarioRaafat@users.noreply.github.com>

Author: 3 people

src/auth/auth.controller.ts

@@ -62,6 +62,7 @@ import {
     captcha_swagger,
     change_password_swagger,
     check_identifier_swagger,
+    confirm_password_swagger,
     facebook_callback_swagger,
     facebook_oauth_swagger,
     forget_password_swagger,
@@ -89,6 +90,7 @@ import {
     verify_reset_otp_swagger,
     verify_update_email_swagger,
 } from './auth.swagger';
+import { ConfirmPasswordDto } from './dto/confirm-password.dto';
 
 @ApiTags('Authentication')
 @Controller('auth')
@@ -100,7 +102,7 @@ export class AuthController {
 
         response.cookie('refresh_token', refresh, {
             httpOnly: true,
-            secure: is_production,
+            secure: true,
             sameSite: is_production ? 'strict' : 'none',
             maxAge: 7 * 24 * 60 * 60 * 1000,
         });
@@ -263,7 +265,6 @@ export class AuthController {
         return await this.auth_service.logoutAll(refresh_token, response);
     }
 
-    @ApiCookieAuth('refresh_token')
     @ApiOperation(refresh_token_swagger.operation)
     @ApiOkResponse(refresh_token_swagger.responses.success)
     @ApiBadRequestErrorResponse(ERROR_MESSAGES.NO_REFRESH_TOKEN_PROVIDED)
@@ -609,4 +610,21 @@ export class AuthController {
         this.httpOnlyRefreshToken(response, refresh_token);
         return { access_token, user };
     }
+
+    @ApiBearerAuth('JWT-auth')
+    @UseGuards(JwtAuthGuard)
+    @ApiOperation(confirm_password_swagger.operation)
+    @ApiBody({ type: ConfirmPasswordDto })
+    @ApiOkResponse(confirm_password_swagger.responses.success)
+    @ApiUnauthorizedErrorResponse(ERROR_MESSAGES.WRONG_PASSWORD)
+    @ApiUnauthorizedErrorResponse(ERROR_MESSAGES.SOCIAL_LOGIN_REQUIRED)
+    @ApiNotFoundErrorResponse(ERROR_MESSAGES.USER_NOT_FOUND)
+    @ResponseMessage(SUCCESS_MESSAGES.PASSWORD_CONFIRMED)
+    @Post('confirm-password')
+    async confirmPassword(
+        @Body() confirm_password_dto: ConfirmPasswordDto,
+        @GetUserId() user_id: string
+    ) {
+        return this.auth_service.confirmPassword(confirm_password_dto, user_id);
+    }
 }

src/auth/auth.module.ts

@@ -22,6 +22,7 @@ import { FacebookStrategy } from './strategies/facebook.strategy';
 import { UserRepository } from 'src/user/user.repository';
 import { BackgroundJobsModule } from 'src/background-jobs/background-jobs.module';
 import { BackgroundJobsService } from 'src/background-jobs/background-jobs.service';
+import { PaginationService } from 'src/shared/services/pagination/pagination.service';
 
 @Module({
     imports: [
@@ -57,6 +58,7 @@ import { BackgroundJobsService } from 'src/background-jobs/background-jobs.servi
         UsernameService,
         GoogleStrategy,
         FacebookStrategy,
+        PaginationService,
     ],
 })
 export class AuthModule {}

src/auth/auth.service.ts

@@ -46,6 +46,7 @@ import { StringValue } from 'ms'; // Add this import
 import { OAuth2Client } from 'google-auth-library';
 import axios from 'axios';
 import { UserRepository } from 'src/user/user.repository';
+import { ConfirmPasswordDto } from './dto/confirm-password.dto';
 
 @Injectable()
 export class AuthService {
@@ -92,19 +93,6 @@ export class AuthService {
         };
     }
 
-    async getRecommendedUsernames(name: string): Promise<string[]> {
-        const name_parts = name.split(' ');
-        const first_name = name_parts[0];
-        const last_name = name_parts.length > 1 ? name_parts.slice(1).join(' ') : '';
-
-        const recommendations = await this.username_service.generateUsernameRecommendations(
-            first_name,
-            last_name
-        );
-
-        return recommendations;
-    }
-
     async validateUser(identifier: string, password: string, type: string): Promise<string> {
         const user =
             type === 'email'
@@ -207,7 +195,10 @@ export class AuthService {
         );
 
         // generate username recommendations for step 3
-        const recommendations = await this.getRecommendedUsernames(signup_session.name);
+        const recommendations =
+            await this.username_service.generateUsernameRecommendationsSingleName(
+                signup_session.name
+            );
 
         return {
             isVerified: true,
@@ -978,7 +969,8 @@ export class AuthService {
             updated_session_data.ttl
         );
 
-        const recommendations = await this.getRecommendedUsernames(user_data.name);
+        const recommendations =
+            await this.username_service.generateUsernameRecommendationsSingleName(user_data.name);
 
         return {
             usernames: recommendations,
@@ -1029,4 +1021,22 @@ export class AuthService {
             refresh_token,
         };
     }
+
+    async confirmPassword(confirm_password_dto: ConfirmPasswordDto, user_id: string) {
+        const user = await this.user_repository.findById(user_id);
+
+        if (!user) throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);
+
+        if (user.password) {
+            const is_password_valid = await bcrypt.compare(
+                confirm_password_dto.password,
+                user.password
+            );
+            if (!is_password_valid) throw new UnauthorizedException(ERROR_MESSAGES.WRONG_PASSWORD);
+        } else {
+            throw new UnauthorizedException(ERROR_MESSAGES.SOCIAL_LOGIN_REQUIRED);
+        }
+
+        return { valid: true };
+    }
 }

src/auth/auth.swagger.ts

@@ -1140,3 +1140,25 @@ export const verify_update_email_swagger = {
         },
     },
 };
+
+export const confirm_password_swagger = {
+    operation: {
+        summary: 'Confirm password',
+        description: 'Confirm that the password is valid',
+    },
+
+    responses: {
+        success: {
+            description: 'Password confirmed successfully',
+            schema: {
+                example: {
+                    data: {
+                        valid: true,
+                    },
+                    count: 1,
+                    message: SUCCESS_MESSAGES.PASSWORD_CONFIRMED,
+                },
+            },
+        },
+    },
+};

src/auth/dto/confirm-password.dto.ts

@@ -0,0 +1,15 @@
+import { IsNotEmpty, Matches, MaxLength, MinLength } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+import { STRING_MAX_LENGTH } from 'src/constants/variables';
+
+export class ConfirmPasswordDto {
+    @ApiProperty({
+        description: 'User password',
+        example: 'Mario0o0o!#$@2252004',
+        minLength: 8,
+    })
+    @IsNotEmpty()
+    @MinLength(8)
+    @MaxLength(STRING_MAX_LENGTH)
+    password: string;
+}

src/auth/username.service.ts

@@ -5,6 +5,16 @@ import { UserRepository } from 'src/user/user.repository';
 export class UsernameService {
     constructor(private readonly user_repository: UserRepository) {}
 
+    async generateUsernameRecommendationsSingleName(name: string): Promise<string[]> {
+        const name_parts = name.split(' ');
+        const first_name = name_parts[0];
+        const last_name = name_parts.length > 1 ? name_parts.slice(1).join(' ') : '';
+
+        const recommendations = await this.generateUsernameRecommendations(first_name, last_name);
+
+        return recommendations;
+    }
+
     async generateUsernameRecommendations(
         first_name: string,
         last_name: string

src/constants/swagger-messages.ts

@@ -134,6 +134,7 @@ export const SUCCESS_MESSAGES = {
     USERNAME_UPDATED: 'Username updated successfully',
     EMAIL_UPDATE_INITIATED: 'Email update process initiated. Check your new email for verification',
     EMAIL_UPDATED: 'Email updated successfully',
+    PASSWORD_CONFIRMED: 'Password confirmed successfully',
 
     // OAuth completion
     BIRTH_DATE_SET: 'Birth date set successfully',
@@ -182,6 +183,7 @@ export const SUCCESS_MESSAGES = {
     COVER_DELETED: 'Cover deleted successfully',
     INTERESTS_ASSIGNED: 'Interests assigned successfully',
     LANGUAGE_CHANGED: 'Language changed successfully',
+    USERNAME_RECOMMENDATIONS_RETRIEVED: 'Username recommendations retrieved successfully',
 
     // search
     SUGGESTIONS_RETRIEVED: 'Search suggestions retrieved successfully',

src/constants/variables.ts

@@ -2,7 +2,7 @@ export const Y_LOGO_URL = 'https://iili.io/KUhrEyN.png';
 export const Y_LOGO_HOST_URL = 'https://freeimage.host/';
 
 export const STRING_MAX_LENGTH = 100;
-export const LARGE_MAX_LENGTH = 1500;
+export const LARGE_MAX_LENGTH = 3000;
 export const POST_CONTENT_LENGTH = 280;
 export const MESSAGE_CONTENT_LENGTH = 300;
 export const OTP_LENGTH = 6;

src/main.ts

@@ -12,7 +12,7 @@ async function bootstrap() {
             transform: true,
             transformOptions: {
                 exposeDefaultValues: true,
-                enableImplicitConversion: true,
+                enableImplicitConversion: true, // should be removed
             },
         })
     );