"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.AuthController = void 0; const common_1 = require("@nestjs/common"); const swagger_1 = require("@nestjs/swagger"); const auth_service_1 = require("./services/auth.service"); const dto_1 = require("./dto"); const jwt_auth_guard_1 = require("./guards/jwt-auth.guard"); const public_decorator_1 = require("./decorators/public.decorator"); const current_user_decorator_1 = require("./decorators/current-user.decorator"); const tenant_decorator_1 = require("./decorators/tenant.decorator"); let AuthController = class AuthController { constructor(authService) { this.authService = authService; } async register(dto, tenantId, req) { if (!tenantId) { throw new common_1.BadRequestException('Tenant ID es requerido'); } return this.authService.register(dto, tenantId, req.ip, req.headers['user-agent']); } async login(dto, tenantId, req) { if (!tenantId) { throw new common_1.BadRequestException('Tenant ID es requerido'); } return this.authService.login(dto, tenantId, req.ip, req.headers['user-agent']); } async logout(user, sessionToken) { await this.authService.logout(user.id, sessionToken); return { message: 'SesiĆ³n cerrada correctamente' }; } async logoutAll(user) { await this.authService.logoutAll(user.id); return { message: 'Todas las sesiones cerradas' }; } async refresh(refreshToken, req) { return this.authService.refreshToken(refreshToken, req.ip, req.headers['user-agent']); } async requestPasswordReset(dto, tenantId) { if (!tenantId) { throw new common_1.BadRequestException('Tenant ID es requerido'); } return this.authService.requestPasswordReset(dto.email, tenantId); } async resetPassword(dto, tenantId) { if (!tenantId) { throw new common_1.BadRequestException('Tenant ID es requerido'); } return this.authService.resetPassword(dto.token, dto.password, tenantId); } async changePassword(user, dto) { return this.authService.changePassword(user.id, dto); } async verifyEmail(token, tenantId) { if (!tenantId) { throw new common_1.BadRequestException('Tenant ID es requerido'); } return this.authService.verifyEmail(token, tenantId); } async getProfile(user) { return this.authService.getProfile(user.id); } }; exports.AuthController = AuthController; __decorate([ (0, common_1.Post)('register'), (0, public_decorator_1.Public)(), (0, swagger_1.ApiOperation)({ summary: 'Register new user' }), (0, swagger_1.ApiHeader)({ name: 'x-tenant-id', required: true, description: 'Tenant ID' }), (0, swagger_1.ApiResponse)({ status: 201, description: 'User registered successfully' }), (0, swagger_1.ApiResponse)({ status: 400, description: 'Bad request' }), (0, swagger_1.ApiResponse)({ status: 409, description: 'Email already exists' }), __param(0, (0, common_1.Body)()), __param(1, (0, tenant_decorator_1.CurrentTenant)()), __param(2, (0, common_1.Req)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.RegisterDto, String, Object]), __metadata("design:returntype", Promise) ], AuthController.prototype, "register", null); __decorate([ (0, common_1.Post)('login'), (0, public_decorator_1.Public)(), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Login user' }), (0, swagger_1.ApiHeader)({ name: 'x-tenant-id', required: true, description: 'Tenant ID' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Login successful' }), (0, swagger_1.ApiResponse)({ status: 401, description: 'Invalid credentials' }), __param(0, (0, common_1.Body)()), __param(1, (0, tenant_decorator_1.CurrentTenant)()), __param(2, (0, common_1.Req)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.LoginDto, String, Object]), __metadata("design:returntype", Promise) ], AuthController.prototype, "login", null); __decorate([ (0, common_1.Post)('logout'), (0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiOperation)({ summary: 'Logout user' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Logout successful' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __param(1, (0, common_1.Body)('sessionToken')), __metadata("design:type", Function), __metadata("design:paramtypes", [Object, String]), __metadata("design:returntype", Promise) ], AuthController.prototype, "logout", null); __decorate([ (0, common_1.Post)('logout-all'), (0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiOperation)({ summary: 'Logout all sessions' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'All sessions closed' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object]), __metadata("design:returntype", Promise) ], AuthController.prototype, "logoutAll", null); __decorate([ (0, common_1.Post)('refresh'), (0, public_decorator_1.Public)(), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Refresh access token' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Token refreshed' }), (0, swagger_1.ApiResponse)({ status: 401, description: 'Invalid refresh token' }), __param(0, (0, common_1.Body)('refreshToken')), __param(1, (0, common_1.Req)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], AuthController.prototype, "refresh", null); __decorate([ (0, common_1.Post)('password/request-reset'), (0, public_decorator_1.Public)(), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Request password reset' }), (0, swagger_1.ApiHeader)({ name: 'x-tenant-id', required: true, description: 'Tenant ID' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Reset email sent if user exists' }), __param(0, (0, common_1.Body)()), __param(1, (0, tenant_decorator_1.CurrentTenant)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.RequestPasswordResetDto, String]), __metadata("design:returntype", Promise) ], AuthController.prototype, "requestPasswordReset", null); __decorate([ (0, common_1.Post)('password/reset'), (0, public_decorator_1.Public)(), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Reset password with token' }), (0, swagger_1.ApiHeader)({ name: 'x-tenant-id', required: true, description: 'Tenant ID' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Password reset successful' }), (0, swagger_1.ApiResponse)({ status: 400, description: 'Invalid or expired token' }), __param(0, (0, common_1.Body)()), __param(1, (0, tenant_decorator_1.CurrentTenant)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.ResetPasswordDto, String]), __metadata("design:returntype", Promise) ], AuthController.prototype, "resetPassword", null); __decorate([ (0, common_1.Post)('password/change'), (0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiOperation)({ summary: 'Change password' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Password changed' }), (0, swagger_1.ApiResponse)({ status: 400, description: 'Invalid current password' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __param(1, (0, common_1.Body)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object, dto_1.ChangePasswordDto]), __metadata("design:returntype", Promise) ], AuthController.prototype, "changePassword", null); __decorate([ (0, common_1.Post)('verify-email'), (0, public_decorator_1.Public)(), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Verify email with token' }), (0, swagger_1.ApiHeader)({ name: 'x-tenant-id', required: true, description: 'Tenant ID' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Email verified' }), (0, swagger_1.ApiResponse)({ status: 400, description: 'Invalid or expired token' }), __param(0, (0, common_1.Body)('token')), __param(1, (0, tenant_decorator_1.CurrentTenant)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, String]), __metadata("design:returntype", Promise) ], AuthController.prototype, "verifyEmail", null); __decorate([ (0, common_1.Get)('me'), (0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard), (0, swagger_1.ApiBearerAuth)(), (0, swagger_1.ApiOperation)({ summary: 'Get current user profile' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Current user profile' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object]), __metadata("design:returntype", Promise) ], AuthController.prototype, "getProfile", null); exports.AuthController = AuthController = __decorate([ (0, swagger_1.ApiTags)('auth'), (0, common_1.Controller)('auth'), __metadata("design:paramtypes", [auth_service_1.AuthService]) ], AuthController); //# sourceMappingURL=auth.controller.js.map