feat: add req body validation & swagger docs to sessions routes

Author: ocsoares

src/sessions/dtos/LoginSessionDTO.ts

@@ -0,0 +1,14 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class LoginSessionDTO {
+  @ApiProperty({ type: 'string', example: 'John' })
+  @IsNotEmpty()
+  @IsString()
+  readonly login = '';
+
+  @ApiProperty({ type: 'string', example: 'john123' })
+  @IsNotEmpty()
+  @IsString()
+  readonly password = '';
+}

src/sessions/sessions.controller.ts

@@ -10,11 +10,19 @@ import {
   Request,
   UseGuards,
 } from '@nestjs/common';
-import { ApiTags } from '@nestjs/swagger';
+import {
+  ApiBadRequestResponse,
+  ApiBearerAuth,
+  ApiInternalServerErrorResponse,
+  ApiOkResponse,
+  ApiTags,
+  ApiUnauthorizedResponse,
+} from '@nestjs/swagger';
 
 import { UserGuard } from '@/guards/user.guard';
 import { ServerResponse } from '../utils';
 import { SessionsService } from './sessions.service';
+import { LoginSessionDTO } from './dtos/LoginSessionDTO';
 
 @ApiTags('Sessões')
 @Controller('sessions')
@@ -23,14 +31,17 @@ export class SessionsController {
 
   constructor(private readonly sessionService: SessionsService) {}
 
+  @ApiBadRequestResponse()
+  @ApiInternalServerErrorResponse()
+  @ApiOkResponse()
   @Post('')
   async login(
-    @Body() body,
+    @Body() body: LoginSessionDTO,
     @Headers('x-real-ip') ip: string,
     @Headers('user-agent') userAgent: string,
   ) {
     try {
-      const data = await this.sessionService.login({ ...body, ip, userAgent });
+      const data = await this.sessionService.login(body, ip, userAgent);
       return new ServerResponse(200, 'Successfully logged in', data);
     } catch (err: any) {
       this.logger.error(`Failed to login ${err}`);
@@ -41,6 +52,10 @@ export class SessionsController {
     }
   }
 
+  @ApiBearerAuth()
+  @ApiUnauthorizedResponse()
+  @ApiInternalServerErrorResponse()
+  @ApiOkResponse()
   @Get('')
   @UseGuards(UserGuard)
   async show(@Request() req) {
@@ -54,6 +69,10 @@ export class SessionsController {
     }
   }
 
+  @ApiBearerAuth()
+  @ApiUnauthorizedResponse()
+  @ApiInternalServerErrorResponse()
+  @ApiOkResponse()
   @Delete('')
   @UseGuards(UserGuard)
   async delete(@Request() req) {

src/sessions/sessions.service.ts

@@ -4,6 +4,7 @@ import * as bcrypt from 'bcrypt';
 
 import { PrismaService } from '../prisma/prisma.service';
 import { LoginSchema, TokenPayload } from './types';
+import { LoginSessionDTO } from './dtos/LoginSessionDTO';
 
 @Injectable()
 export class SessionsService {
@@ -12,8 +13,16 @@ export class SessionsService {
     private readonly jwtService: JwtService,
   ) {}
 
-  async login(body: any) {
-    const { login, password, ip, userAgent } = LoginSchema.parse(body);
+  async login(
+    body: LoginSessionDTO,
+    ipHeaders: string,
+    userAgentHeaders: string,
+  ) {
+    const { login, password, ip, userAgent } = LoginSchema.parse({
+      ...body,
+      ipHeaders,
+      userAgentHeaders,
+    });
     const user = await this.prismaService.user.findUnique({
       where: { login },
     });