diff --git a/src/shared/auth/jwt.strategy.ts b/src/shared/auth/jwt.strategy.ts index 7187632884..fa4380c1da 100644 --- a/src/shared/auth/jwt.strategy.ts +++ b/src/shared/auth/jwt.strategy.ts @@ -22,6 +22,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) { break; case UserRole.KYC_CLIENT_COMPANY: + case UserRole.CLIENT_COMPANY: if (!address || !user) throw new UnauthorizedException(); break; diff --git a/src/shared/auth/role.guard.ts b/src/shared/auth/role.guard.ts index 8bdaf9a6b4..16c2b53c14 100644 --- a/src/shared/auth/role.guard.ts +++ b/src/shared/auth/role.guard.ts @@ -20,6 +20,7 @@ class RoleGuardClass implements CanActivate { [UserRole.BANKING_BOT]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], [UserRole.ADMIN]: [UserRole.SUPER_ADMIN], [UserRole.DEBUG]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], + [UserRole.CLIENT_COMPANY]: [UserRole.KYC_CLIENT_COMPANY], }; constructor(private readonly entryRole: UserRole) {} diff --git a/src/shared/auth/user-role.enum.ts b/src/shared/auth/user-role.enum.ts index db5c9b4dea..5ccc54cebf 100644 --- a/src/shared/auth/user-role.enum.ts +++ b/src/shared/auth/user-role.enum.ts @@ -14,6 +14,7 @@ export enum UserRole { // service roles BANKING_BOT = 'BankingBot', - // external kyc client company roles + // external client company roles KYC_CLIENT_COMPANY = 'KycClientCompany', + CLIENT_COMPANY = 'ClientCompany', } diff --git a/src/subdomains/generic/kyc/controllers/kyc-client.controller.ts b/src/subdomains/generic/kyc/controllers/kyc-client.controller.ts index 4b4de85657..e46bae79b2 100644 --- a/src/subdomains/generic/kyc/controllers/kyc-client.controller.ts +++ b/src/subdomains/generic/kyc/controllers/kyc-client.controller.ts @@ -25,7 +25,7 @@ export class KycClientController { @Get('payments') @ApiBearerAuth() - @UseGuards(AuthGuard(), RoleGuard(UserRole.KYC_CLIENT_COMPANY)) + @UseGuards(AuthGuard(), RoleGuard(UserRole.CLIENT_COMPANY)) @ApiOkResponse({ type: PaymentWebhookData, isArray: true }) async getAllPayments( @GetJwt() jwt: JwtPayload, diff --git a/src/subdomains/generic/user/models/auth/auth.service.ts b/src/subdomains/generic/user/models/auth/auth.service.ts index cbc95ff3c1..0781b5432b 100644 --- a/src/subdomains/generic/user/models/auth/auth.service.ts +++ b/src/subdomains/generic/user/models/auth/auth.service.ts @@ -338,7 +338,7 @@ export class AuthService { private async companySignIn(dto: SignInDto, ip: string): Promise { const wallet = await this.walletService.getByAddress(dto.address); - if (!wallet?.isKycClient) throw new NotFoundException('Wallet not found'); + if (!wallet) throw new NotFoundException('Wallet not found'); if (!(await this.verifyCompanySignature(dto.address, dto.signature, dto.key))) throw new UnauthorizedException('Invalid credentials'); @@ -348,7 +348,7 @@ export class AuthService { async getCompanyChallenge(address: string): Promise { const wallet = await this.walletService.getByAddress(address); - if (!wallet?.isKycClient) throw new BadRequestException('Wallet not found/invalid'); + if (!wallet) throw new BadRequestException('Wallet not found/invalid'); const challenge = randomUUID(); @@ -502,7 +502,7 @@ export class AuthService { const payload: JwtPayload = { user: wallet.id, address: wallet.address, - role: UserRole.KYC_CLIENT_COMPANY, + role: wallet.isKycClient ? UserRole.KYC_CLIENT_COMPANY : UserRole.CLIENT_COMPANY, ip, }; return this.jwtService.sign(payload, { expiresIn: Config.auth.company.signOptions.expiresIn });