kyle/vip-coordinator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1e162b4f7ca9f9ac86b9c962bd9a0c37f5cd71a5
vip-coordinator/backend/src/auth/auth.service.ts
kyle 689b89ea83 fix: improve first-user auto-approve logic 
- Remove hardcoded test@test.com auto-approval
- Count approved users instead of total users
- Only first user gets auto-approved as ADMINISTRATOR
- Subsequent users default to DRIVER role and require approval

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-31 20:07:30 +01:00

71 lines
2.1 KiB
TypeScript
Raw Blame History

import { Injectable, Logger } from '@nestjs/common';
import { PrismaService } from '../prisma/prisma.service';
import { Role } from '@prisma/client';
@Injectable()
export class AuthService {
private readonly logger = new Logger(AuthService.name);
constructor(private prisma: PrismaService) {}
/**
* Validate and get/create user from Auth0 token payload
*/
async validateUser(payload: any) {
const namespace = 'https://vip-coordinator-api';
const auth0Id = payload.sub;
const email = payload[`${namespace}/email`] || payload.email || `${auth0Id}@auth0.local`;
const name = payload[`${namespace}/name`] || payload.name || 'Unknown User';
const picture = payload[`${namespace}/picture`] || payload.picture;
// Check if user exists
let user = await this.prisma.user.findUnique({
where: { auth0Id },
include: { driver: true },
});
if (!user) {
// Check if this is the first user (auto-approve as admin)
const approvedUserCount = await this.prisma.user.count({
where: { isApproved: true, deletedAt: null },
});
const isFirstUser = approvedUserCount === 0;
this.logger.log(
`Creating new user: ${email} (approvedUserCount: ${approvedUserCount}, isFirstUser: ${isFirstUser})`,
);
// Create new user
// First user is auto-approved as ADMINISTRATOR
// Subsequent users default to DRIVER and require approval
user = await this.prisma.user.create({
data: {
auth0Id,
email,
name,
picture,
role: isFirstUser ? Role.ADMINISTRATOR : Role.DRIVER,
isApproved: isFirstUser, // Auto-approve first user only
},
include: { driver: true },
});
this.logger.log(
`User created: ${user.email} with role ${user.role} (approved: ${user.isApproved})`,
);
}
return user;
}
/**
* Get current user profile
*/
async getCurrentUser(auth0Id: string) {
return this.prisma.user.findUnique({
where: { auth0Id },
include: { driver: true },
});
}
}
Reference in New Issue View Git Blame Copy Permalink