refactor(server): user endpoints (#9730)

* refactor(server): user endpoints

* fix repos

* fix unit tests

---------

Co-authored-by: Daniel Dietzler <mail@ddietzler.dev>
Co-authored-by: Alex <alex.tran1502@gmail.com>

server/src/services/auth.service.ts

@@ -11,7 +11,7 @@ import { DateTime } from 'luxon';
 import { IncomingHttpHeaders } from 'node:http';
 import { ClientMetadata, Issuer, UserinfoResponse, custom, generators } from 'openid-client';
 import { SystemConfig } from 'src/config';
-import { AuthType, LOGIN_URL, MOBILE_REDIRECT } from 'src/constants';
+import { AuthType, LOGIN_URL, MOBILE_REDIRECT, SALT_ROUNDS } from 'src/constants';
 import { SystemConfigCore } from 'src/cores/system-config.core';
 import { UserCore } from 'src/cores/user.core';
 import {
@@ -27,7 +27,7 @@ import {
   SignUpDto,
   mapLoginResponse,
 } from 'src/dtos/auth.dto';
-import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
+import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
 import { UserEntity } from 'src/entities/user.entity';
 import { IKeyRepository } from 'src/interfaces/api-key.interface';
 import { ICryptoRepository } from 'src/interfaces/crypto.interface';
@@ -109,7 +109,7 @@ export class AuthService {
     };
   }
 
-  async changePassword(auth: AuthDto, dto: ChangePasswordDto) {
+  async changePassword(auth: AuthDto, dto: ChangePasswordDto): Promise<UserAdminResponseDto> {
     const { password, newPassword } = dto;
     const user = await this.userRepository.getByEmail(auth.user.email, true);
     if (!user) {
@@ -121,10 +121,14 @@ export class AuthService {
       throw new BadRequestException('Wrong password');
     }
 
-    return this.userCore.updateUser(auth.user, auth.user.id, { password: newPassword });
+    const hashedPassword = await this.cryptoRepository.hashBcrypt(newPassword, SALT_ROUNDS);
+
+    const updatedUser = await this.userRepository.update(user.id, { password: hashedPassword });
+
+    return mapUserAdmin(updatedUser);
   }
 
-  async adminSignUp(dto: SignUpDto): Promise<UserResponseDto> {
+  async adminSignUp(dto: SignUpDto): Promise<UserAdminResponseDto> {
     const adminUser = await this.userRepository.getAdmin();
     if (adminUser) {
       throw new BadRequestException('The server already has an admin');
@@ -138,7 +142,7 @@ export class AuthService {
       storageLabel: 'admin',
     });
 
-    return mapUser(admin);
+    return mapUserAdmin(admin);
   }
 
   async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthDto> {
@@ -237,7 +241,7 @@ export class AuthService {
     return this.createLoginResponse(user, loginDetails);
   }
 
-  async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserResponseDto> {
+  async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserAdminResponseDto> {
     const config = await this.configCore.getConfig();
     const { sub: oauthId } = await this.getOAuthProfile(config, dto.url);
     const duplicate = await this.userRepository.getByOAuthId(oauthId);
@@ -245,11 +249,14 @@ export class AuthService {
       this.logger.warn(`OAuth link account failed: sub is already linked to another user (${duplicate.email}).`);
       throw new BadRequestException('This OAuth account has already been linked to another user.');
     }
-    return mapUser(await this.userRepository.update(auth.user.id, { oauthId }));
+
+    const user = await this.userRepository.update(auth.user.id, { oauthId });
+    return mapUserAdmin(user);
   }
 
-  async unlink(auth: AuthDto): Promise<UserResponseDto> {
-    return mapUser(await this.userRepository.update(auth.user.id, { oauthId: '' }));
+  async unlink(auth: AuthDto): Promise<UserAdminResponseDto> {
+    const user = await this.userRepository.update(auth.user.id, { oauthId: '' });
+    return mapUserAdmin(user);
   }
 
   private async getLogoutEndpoint(authType: AuthType): Promise<string> {