Umstellung auf firebase

bizmatch-server/.vscode/launch.json

@@ -13,7 +13,10 @@
       "stopOnEntry": false,
       "console": "integratedTerminal",
       "env": {
-        "HOST_NAME": "localhost"
+        "HOST_NAME": "localhost",
+        "FIREBASE_PROJECT_ID": "bizmatch-net",
+        "FIREBASE_CLIENT_EMAIL": "firebase-adminsdk-fbsvc@bizmatch-net.iam.gserviceaccount.com",
+        "FIREBASE_PRIVATE_KEY": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCsOlDmhG0zi1zh\nlvobM8yAmLDR3P0F7mHcLyAga2rZm9MnPiGcmkoqRtDnxpZXio36PiyEgdKyhJFK\nP+jPJx1Zo/Ko9vb983oCGcz6MWgRKFXwLT4UJXjwjBdNDe/gcl52c+JJtZJR4bwD\n/bBgkoLzU9lF97pJoQypkSXytyxea6yrS2oEDs7SjW7z9JGFsoxFrt7zbMRb8tIs\nyCWe4I9YSgjSrwOw2uXpdrV0qjDkjx1TokuVJHDH9Vi8XhXDBx9y87Ja0hBoYDE9\nJJRLAa70qHQ9ytfdH/H0kucptC1JkdYGmLQHbohoPDuTU/C85JZvqIitwJ4YEH6Y\nfd+gEe5TAgMBAAECggEALrKDI/WNDFhBn1MJzl1dmhKMguKJ4lVPyF0ot1GYv5bu\nCipg/66f5FWeJ/Hi6qqBM3QvKuBuagPixwCMFbrTzO3UijaoIpQlJTOsrbu+rURE\nBOKnfdvpLkO1v6lDPJaWAUULepPWMAhmK6jZ7V1cTzCRbVSteHBH2CQoZ2Z+C71w\nyvzAIr6JRSg4mYbtHrQCXx9odPCRTdiRvxu5QtihiZGFSXnkTfhDNL1DKff7XHKF\nbOaDPumGtE7ypXr+0qyefg8xeTmXxdI4lPdqxd8XTpLFdMU8nW+/sEjdR40G8ikf\nt6nwyMh01YMMNi88t7ZoDvhpLALb4OqHBhDmyMdOWQKBgQDm5I0cqYX18jypC32G\nUhOdOou6IaZlVDNztZUhFPHPrP0P5Qg1PE5E5YybV7GVNXWiNwI/MPPF0JBce/Ie\ngJoXnuQ9kLh7cNZ432Jhz/Nmhytr6RGxoykAMT1fCuVLsTCfuK4e/aDAgVFJ84gS\nsB3TA62t2hak2MMntKoAQeDwWwKBgQC+9K+MRI/Vj1Xl7jwJ+adRQIvOssVz74ZE\nRYwIDZNRdk/c7c63WVHXASCRZbroGvqJgVfnmtwR6XJTnW3tkYqKUl5W9E+FSVbf\ng4aZs1oaVMA/IirVlRbJ4oCT+nDxPPuJ3ceJ4mBcODO82zXaC6pSFCvkpz9k9lc3\nUPlTLk1baQKBgFMbLqODbSFSeH0MErlXL5InMYXkeMT+IqriT/QhWsw6Yrfm4yZu\nN2nbCdocHWIsZNPnYtql3whzgpKXVlWeSlh4K4TxY0WjHr9RAFNeiyh7PKjRsjmz\nFZ3pG0LrZA7zjyHeUmX7OnIv2bd5fZ/kXkfGiiwKVJ4vG0deYtZG4BUDAoGBAJbI\nFRn4RW8HiHdPv37M8E5bXknvpbRfDTE5jVIKjioD9xnneZQTZmkUjcfhgU2nh+8t\n/+B0ypMmN81IgTXW94MzeSTGM0h22a8SZyVUlrA1/bucWiBeYik1vfubBLWoRqLd\nSaNZ6mbHRis5GPO8xFedb+9UFN2/Gq0mNkl1RUYJAoGBALqTxfdr4MXnG6Nhy22V\nWqui9nsHE5RMIvGYBnnq9Kqt8tUEkxB52YkBilx43q/TY4DRMDOeJk2krEbSN3AO\nguTE6BmZacamrt1HIdSAmJ1RktlVDRgIHXMBkBIumCsTCuXaZ+aEjuLOXJDIsIHZ\nEA9ftLrt1h1u+7QPI+E11Fmx\n-----END PRIVATE KEY-----"
       }
       // "preLaunchTask": "Start Stripe Listener"
     },

bizmatch-server/package.json

@@ -41,6 +41,8 @@
     "dotenv": "^16.4.5",
     "dotenv-flow": "^4.1.0",
     "drizzle-orm": "^0.32.0",
+    "firebase": "^11.3.1",
+    "firebase-admin": "^13.1.0",
     "fs-extra": "^11.2.0",
     "groq-sdk": "^0.5.0",
     "handlebars": "^4.7.8",
@@ -53,10 +55,6 @@
     "nodemailer": "^6.9.10",
     "nodemailer-smtp-transport": "^2.7.4",
     "openai": "^4.52.6",
-    "passport": "^0.7.0",
-    "passport-google-oauth20": "^2.0.0",
-    "passport-jwt": "^4.0.1",
-    "passport-local": "^1.0.0",
     "pg": "^8.11.5",
     "pgvector": "^0.2.0",
     "reflect-metadata": "^0.2.0",

bizmatch-server/src/app.controller.ts

@@ -1,7 +1,7 @@
 import { Controller, Get, Request, UseGuards } from '@nestjs/common';
 import { AppService } from './app.service';
 import { AuthService } from './auth/auth.service';
-import { JwtAuthGuard } from './jwt-auth/jwt-auth.guard';
+import { AuthGuard } from './jwt-auth/auth.guard';
 
 @Controller()
 export class AppController {
@@ -10,7 +10,7 @@ export class AppController {
     private authService: AuthService,
   ) {}
 
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Get()
   getHello(@Request() req): string {
     return req.user;

bizmatch-server/src/app.module.ts

@@ -1,6 +1,5 @@
 import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
-import { PassportModule } from '@nestjs/passport';
 import { utilities as nestWinstonModuleUtilities, WinstonModule } from 'nest-winston';
 import * as winston from 'winston';
 import { AiModule } from './ai/ai.module';
@@ -16,7 +15,6 @@ import { LogModule } from './log/log.module';
 
 import dotenvFlow from 'dotenv-flow';
 import { EventModule } from './event/event.module';
-import { JwtStrategy } from './jwt.strategy';
 import { MailModule } from './mail/mail.module';
 
 import { APP_INTERCEPTOR } from '@nestjs/core';
@@ -66,7 +64,6 @@ console.log(JSON.stringify(process.env, null, 2));
     ListingsModule,
     SelectOptionsModule,
     ImageModule,
-    PassportModule,
     AiModule,
     LogModule,
     // PaymentModule,
@@ -76,7 +73,6 @@ console.log(JSON.stringify(process.env, null, 2));
   providers: [
     AppService,
     FileService,
-    JwtStrategy,
     {
       provide: APP_INTERCEPTOR,
       useClass: UserInterceptor, // Registriere den Interceptor global

bizmatch-server/src/auth/auth.controller.ts

@@ -1,35 +1,62 @@
-import { Body, Controller, Get, Param, Put, UseGuards } from '@nestjs/common';
-import { JwtAuthGuard } from 'src/jwt-auth/jwt-auth.guard';
+import { Body, Controller, Get, HttpException, HttpStatus, Param, Post, Put, UseGuards } from '@nestjs/common';
+import { AuthGuard } from 'src/jwt-auth/auth.guard';
+import admin from 'src/jwt-auth/firebase-admin';
 import { KeycloakUser } from 'src/models/main.model';
-import { AdminAuthGuard } from '../jwt-auth/admin-auth.guard';
 import { AuthService } from './auth.service';
 
 @Controller('auth')
 export class AuthController {
   constructor(private readonly authService: AuthService) {}
 
-  @UseGuards(AdminAuthGuard)
-  @Get()
-  async getAccessToken(): Promise<any> {
-    return await this.authService.getAccessToken();
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get()
+  // async getAccessToken(): Promise<any> {
+  //   return await this.authService.getAccessToken();
+  // }
 
-  @UseGuards(AdminAuthGuard)
-  @Get('user/all')
-  async getUsers(): Promise<any> {
-    return await this.authService.getUsers();
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get('user/all')
+  // async getUsers(): Promise<any> {
+  //   return await this.authService.getUsers();
+  // }
 
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Get('users/:userid')
   async getUser(@Param('userid') userId: string): Promise<any> {
     return await this.authService.getUser(userId);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Put('users/:userid')
   async updateKeycloakUser(@Body() keycloakUser: KeycloakUser): Promise<any> {
     return await this.authService.updateKeycloakUser(keycloakUser);
   }
+
+  @Post('verify-email')
+  async verifyEmail(@Body('oobCode') oobCode: string, @Body('email') email: string) {
+    if (!oobCode || !email) {
+      throw new HttpException('oobCode and email are required', HttpStatus.BAD_REQUEST);
+    }
+
+    try {
+      // Schritt 1: Hole den Benutzer anhand der E-Mail-Adresse
+      const userRecord = await admin.auth().getUserByEmail(email);
+
+      if (userRecord.emailVerified) {
+        return { message: 'Email is already verified' };
+      }
+
+      // Schritt 2: Aktualisiere den Benutzerstatus
+      // Hinweis: Wir können den oobCode nicht serverseitig validieren.
+      // Wir nehmen an, dass der oobCode korrekt ist, da er von Firebase generiert wurde.
+      await admin.auth().updateUser(userRecord.uid, {
+        emailVerified: true,
+      });
+
+      return { message: 'Email successfully verified' };
+    } catch (error) {
+      throw new HttpException(error.message || 'Failed to verify email', HttpStatus.BAD_REQUEST);
+    }
+  }
   // @UseGuards(AdminAuthGuard)
   // @Get('user/:userid/lastlogin') //e0811669-c7eb-4e5e-a699-e8334d5c5b01 -> aknuth
   // getLastLogin(@Param('userid') userId: string): any {

bizmatch-server/src/event/event.controller.ts

@@ -1,6 +1,6 @@
 import { Body, Controller, Headers, Post, UseGuards } from '@nestjs/common';
 import { RealIp } from 'src/decorators/real-ip.decorator';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { ListingEvent } from 'src/models/db.model';
 import { RealIpInfo } from 'src/models/main.model';
 import { EventService } from './event.service';
@@ -9,7 +9,7 @@ import { EventService } from './event.service';
 export class EventController {
   constructor(private eventService: EventService) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   async createEvent(
     @Body() event: ListingEvent, // Struktur des Body-Objekts entsprechend anpassen

bizmatch-server/src/geo/geo.controller.ts

@@ -1,6 +1,6 @@
 import { Body, Controller, Get, Param, Post, UseGuards } from '@nestjs/common';
 import { RealIp } from 'src/decorators/real-ip.decorator';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { RealIpInfo } from 'src/models/main.model';
 import { CountyRequest } from 'src/models/server.model';
 import { GeoService } from './geo.service';
@@ -9,31 +9,31 @@ import { GeoService } from './geo.service';
 export class GeoController {
   constructor(private geoService: GeoService) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':prefix')
   findByPrefix(@Param('prefix') prefix: string): any {
     return this.geoService.findCitiesStartingWith(prefix);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get('citiesandstates/:prefix')
   findByCitiesAndStatesByPrefix(@Param('prefix') prefix: string): any {
     return this.geoService.findCitiesAndStatesStartingWith(prefix);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':prefix/:state')
   findByPrefixAndState(@Param('prefix') prefix: string, @Param('state') state: string): any {
     return this.geoService.findCitiesStartingWith(prefix, state);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('counties')
   findByPrefixAndStates(@Body() countyRequest: CountyRequest): any {
     return this.geoService.findCountiesStartingWith(countyRequest.prefix, countyRequest.states);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get('ipinfo/georesult/wysiwyg')
   async fetchIpAndGeoLocation(@RealIp() ipInfo: RealIpInfo): Promise<any> {
     return await this.geoService.fetchIpAndGeoLocation(ipInfo);

bizmatch-server/src/image/image.controller.ts

@@ -1,7 +1,7 @@
 import { Controller, Delete, Inject, Param, Post, UploadedFile, UseGuards, UseInterceptors } from '@nestjs/common';
 import { FileInterceptor } from '@nestjs/platform-express';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
-import { JwtAuthGuard } from 'src/jwt-auth/jwt-auth.guard';
+import { AuthGuard } from 'src/jwt-auth/auth.guard';
 import { Logger } from 'winston';
 import { FileService } from '../file/file.service';
 import { CommercialPropertyService } from '../listings/commercial-property.service';
@@ -18,14 +18,14 @@ export class ImageController {
   // ############
   // Property
   // ############
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Post('uploadPropertyPicture/:imagePath/:serial')
   @UseInterceptors(FileInterceptor('file'))
   async uploadPropertyPicture(@UploadedFile() file: Express.Multer.File, @Param('imagePath') imagePath: string, @Param('serial') serial: string) {
     const imagename = await this.fileService.storePropertyPicture(file, imagePath, serial);
     await this.listingService.addImage(imagePath, serial, imagename);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Delete('propertyPicture/:imagePath/:serial/:imagename')
   async deletePropertyImagesById(@Param('imagePath') imagePath: string, @Param('serial') serial: string, @Param('imagename') imagename: string): Promise<any> {
     this.fileService.deleteImage(`pictures/property/${imagePath}/${serial}/${imagename}`);
@@ -34,13 +34,13 @@ export class ImageController {
   // ############
   // Profile
   // ############
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Post('uploadProfile/:email')
   @UseInterceptors(FileInterceptor('file'))
   async uploadProfile(@UploadedFile() file: Express.Multer.File, @Param('email') adjustedEmail: string) {
     await this.fileService.storeProfilePicture(file, adjustedEmail);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Delete('profile/:email/')
   async deleteProfileImagesById(@Param('email') email: string): Promise<any> {
     this.fileService.deleteImage(`pictures/profile/${email}.avif`);
@@ -48,13 +48,13 @@ export class ImageController {
   // ############
   // Logo
   // ############
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Post('uploadCompanyLogo/:email')
   @UseInterceptors(FileInterceptor('file'))
   async uploadCompanyLogo(@UploadedFile() file: Express.Multer.File, @Param('email') adjustedEmail: string) {
     await this.fileService.storeCompanyLogo(file, adjustedEmail);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Delete('logo/:email/')
   async deleteLogoImagesById(@Param('email') adjustedEmail: string): Promise<any> {
     this.fileService.deleteImage(`pictures/logo/${adjustedEmail}.avif`);

bizmatch-server/src/jwt-auth/admin-auth.guard.ts

@@ -1,18 +0,0 @@
-import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-
-@Injectable()
-export class AdminAuthGuard extends AuthGuard('jwt') implements CanActivate {
-  canActivate(context: ExecutionContext) {
-    // Add your custom authentication logic here
-    // for example, call super.logIn(request) to establish a session.
-    return super.canActivate(context);
-  }
-  handleRequest(err, user, info) {
-    // You can throw an exception based on either "info" or "err" arguments
-    if (err || !user || !user.roles.includes('ADMIN')) {
-      throw err || new UnauthorizedException(info);
-    }
-    return user;
-  }
-}

bizmatch-server/src/jwt-auth/auth.guard.ts

@@ -0,0 +1,27 @@
+import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
+import admin from './firebase-admin';
+
+@Injectable()
+export class AuthGuard implements CanActivate {
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest<Request>();
+    const token = this.extractTokenFromHeader(request);
+
+    if (!token) {
+      throw new UnauthorizedException('No token provided');
+    }
+
+    try {
+      const decodedToken = await admin.auth().verifyIdToken(token);
+      request['user'] = decodedToken; // Fügen Sie die Benutzerdaten dem Request-Objekt hinzu
+      return true;
+    } catch (error) {
+      throw new UnauthorizedException('Invalid token');
+    }
+  }
+
+  private extractTokenFromHeader(request: Request): string | undefined {
+    const [type, token] = request.headers['authorization']?.split(' ') ?? [];
+    return type === 'Bearer' ? token : undefined;
+  }
+}

bizmatch-server/src/jwt-auth/firebase-admin.ts

@@ -0,0 +1,16 @@
+import * as admin from 'firebase-admin';
+import { ServiceAccount } from 'firebase-admin';
+
+const serviceAccount: ServiceAccount = {
+  projectId: process.env['FIREBASE_PROJECT_ID'],
+  clientEmail: process.env['FIREBASE_CLIENT_EMAIL'],
+  privateKey: process.env['FIREBASE_PRIVATE_KEY']?.replace(/\\n/g, '\n'), // Ersetzen Sie escaped newlines
+};
+
+if (!admin.apps.length) {
+  admin.initializeApp({
+    credential: admin.credential.cert(serviceAccount),
+  });
+}
+
+export default admin;

bizmatch-server/src/jwt-auth/jwt-auth.guard.ts

@@ -1,18 +0,0 @@
-import { CanActivate, ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-
-@Injectable()
-export class JwtAuthGuard extends AuthGuard('jwt') implements CanActivate {
-  canActivate(context: ExecutionContext) {
-    // Add your custom authentication logic here
-    // for example, call super.logIn(request) to establish a session.
-    return super.canActivate(context);
-  }
-  handleRequest(err, user, info) {
-    // You can throw an exception based on either "info" or "err" arguments
-    if (err || !user) {
-      throw err || new UnauthorizedException(info);
-    }
-    return user;
-  }
-}

bizmatch-server/src/jwt-auth/optional-auth.guard.ts

@@ -0,0 +1,29 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import admin from './firebase-admin';
+
+@Injectable()
+export class OptionalAuthGuard implements CanActivate {
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest<Request>();
+    const token = this.extractTokenFromHeader(request);
+
+    if (!token) {
+      return true; // Kein Token vorhanden, aber Zugriff erlaubt
+    }
+
+    try {
+      const decodedToken = await admin.auth().verifyIdToken(token);
+      request['user'] = decodedToken; // Benutzerdaten zum Request hinzufügen, wenn Token gültig
+    } catch (error) {
+      // Bei ungültigem Token wird kein Fehler geworfen, sondern einfach kein User gesetzt
+      request['user'] = null;
+    }
+
+    return true; // Zugriff wird immer erlaubt
+  }
+
+  private extractTokenFromHeader(request: Request): string | undefined {
+    const [type, token] = request.headers['authorization']?.split(' ') ?? [];
+    return type === 'Bearer' ? token : undefined;
+  }
+}

bizmatch-server/src/jwt-auth/optional-jwt-auth.guard.ts

@@ -1,13 +0,0 @@
-import { Injectable } from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-
-@Injectable()
-export class OptionalJwtAuthGuard extends AuthGuard('jwt') {
-  handleRequest(err, user, info) {
-    // Wenn der Benutzer nicht authentifiziert ist, aber kein Fehler vorliegt, geben Sie null zurück
-    if (err || !user) {
-      return null;
-    }
-    return user;
-  }
-}

bizmatch-server/src/listings/broker-listings.controller.ts

@@ -1,6 +1,6 @@
 import { Body, Controller, Inject, Post, UseGuards } from '@nestjs/common';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { UserListingCriteria } from 'src/models/main.model';
 import { Logger } from 'winston';
 import { UserService } from '../user/user.service';
@@ -12,7 +12,7 @@ export class BrokerListingsController {
     @Inject(WINSTON_MODULE_PROVIDER) private readonly logger: Logger,
   ) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('search')
   async find(@Body() criteria: UserListingCriteria): Promise<any> {
     return await this.userService.searchUserListings(criteria);

bizmatch-server/src/listings/business-listings.controller.ts

@@ -1,8 +1,9 @@
 import { Body, Controller, Delete, Get, Inject, Param, Post, Put, Request, UseGuards } from '@nestjs/common';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
+import { AuthGuard } from 'src/jwt-auth/auth.guard';
 import { Logger } from 'winston';
-import { JwtAuthGuard } from '../jwt-auth/jwt-auth.guard';
-import { OptionalJwtAuthGuard } from '../jwt-auth/optional-jwt-auth.guard';
+
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { BusinessListing } from '../models/db.model';
 import { BusinessListingCriteria, JwtUser } from '../models/main.model';
 import { BusinessListingService } from './business-listing.service';
@@ -14,52 +15,52 @@ export class BusinessListingsController {
     @Inject(WINSTON_MODULE_PROVIDER) private readonly logger: Logger,
   ) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':id')
   async findById(@Request() req, @Param('id') id: string): Promise<any> {
     return await this.listingsService.findBusinessesById(id, req.user as JwtUser);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Get('favorites/all')
   async findFavorites(@Request() req): Promise<any> {
     return await this.listingsService.findFavoriteListings(req.user as JwtUser);
   }
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get('user/:userid')
   async findByUserId(@Request() req, @Param('userid') userid: string): Promise<BusinessListing[]> {
     return await this.listingsService.findBusinessesByEmail(userid, req.user as JwtUser);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('find')
   async find(@Request() req, @Body() criteria: BusinessListingCriteria): Promise<any> {
     return await this.listingsService.searchBusinessListings(criteria, req.user as JwtUser);
   }
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('findTotal')
   async findTotal(@Request() req, @Body() criteria: BusinessListingCriteria): Promise<number> {
     return await this.listingsService.getBusinessListingsCount(criteria, req.user as JwtUser);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   async create(@Body() listing: any) {
     return await this.listingsService.createListing(listing);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Put()
   async update(@Body() listing: any) {
     return await this.listingsService.updateBusinessListing(listing.id, listing);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Delete('listing/:id')
   async deleteById(@Param('id') id: string) {
     await this.listingsService.deleteListing(id);
   }
 
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Delete('favorite/:id')
   async deleteFavorite(@Request() req, @Param('id') id: string) {
     await this.listingsService.deleteFavorite(id, req.user as JwtUser);

bizmatch-server/src/listings/commercial-property-listings.controller.ts

@@ -2,8 +2,9 @@ import { Body, Controller, Delete, Get, Inject, Param, Post, Put, Request, UseGu
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
 import { Logger } from 'winston';
 import { FileService } from '../file/file.service';
-import { JwtAuthGuard } from '../jwt-auth/jwt-auth.guard';
-import { OptionalJwtAuthGuard } from '../jwt-auth/optional-jwt-auth.guard';
+
+import { AuthGuard } from 'src/jwt-auth/auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { CommercialPropertyListing } from '../models/db.model';
 import { CommercialPropertyListingCriteria, JwtUser } from '../models/main.model';
 import { CommercialPropertyService } from './commercial-property.service';
@@ -16,54 +17,54 @@ export class CommercialPropertyListingsController {
     @Inject(WINSTON_MODULE_PROVIDER) private readonly logger: Logger,
   ) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':id')
   async findById(@Request() req, @Param('id') id: string): Promise<any> {
     return await this.listingsService.findCommercialPropertiesById(id, req.user as JwtUser);
   }
 
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Get('favorites/all')
   async findFavorites(@Request() req): Promise<any> {
     return await this.listingsService.findFavoriteListings(req.user as JwtUser);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get('user/:email')
   async findByEmail(@Request() req, @Param('email') email: string): Promise<CommercialPropertyListing[]> {
     return await this.listingsService.findCommercialPropertiesByEmail(email, req.user as JwtUser);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('find')
   async find(@Request() req, @Body() criteria: CommercialPropertyListingCriteria): Promise<any> {
     return await this.listingsService.searchCommercialProperties(criteria, req.user as JwtUser);
   }
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('findTotal')
   async findTotal(@Request() req, @Body() criteria: CommercialPropertyListingCriteria): Promise<number> {
     return await this.listingsService.getCommercialPropertiesCount(criteria, req.user as JwtUser);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   async create(@Body() listing: any) {
     return await this.listingsService.createListing(listing);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Put()
   async update(@Body() listing: any) {
     return await this.listingsService.updateCommercialPropertyListing(listing.id, listing);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Delete('listing/:id/:imagePath')
   async deleteById(@Param('id') id: string, @Param('imagePath') imagePath: string) {
     await this.listingsService.deleteListing(id);
     this.fileService.deleteDirectoryIfExists(imagePath);
   }
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Delete('favorite/:id')
   async deleteFavorite(@Request() req, @Param('id') id: string) {
     await this.listingsService.deleteFavorite(id, req.user as JwtUser);

bizmatch-server/src/listings/unknown-listings.controller.ts

@@ -1,7 +1,7 @@
 import { Controller, Get, Inject, Param, Request, UseGuards } from '@nestjs/common';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { Logger } from 'winston';
-import { OptionalJwtAuthGuard } from '../jwt-auth/optional-jwt-auth.guard';
 import { BusinessListingService } from './business-listing.service';
 import { CommercialPropertyService } from './commercial-property.service';
 
@@ -13,7 +13,7 @@ export class UnknownListingsController {
     private readonly propertyListingsService: CommercialPropertyService,
   ) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':id')
   async findById(@Request() req, @Param('id') id: string): Promise<any> {
     try {

bizmatch-server/src/log/log.controller.ts

@@ -1,13 +1,13 @@
 import { Body, Controller, Inject, Post, Request, UseGuards } from '@nestjs/common';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { Logger } from 'winston';
-import { OptionalJwtAuthGuard } from '../jwt-auth/optional-jwt-auth.guard';
 import { LogMessage } from '../models/main.model';
 @Controller('log')
 export class LogController {
   constructor(@Inject(WINSTON_MODULE_PROVIDER) private readonly logger: Logger) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   log(@Request() req, @Body() message: LogMessage) {
     if (message.severity === 'info') {

bizmatch-server/src/mail/mail.controller.ts

@@ -1,5 +1,6 @@
 import { Body, Controller, Post, UseGuards } from '@nestjs/common';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { ShareByEMail, User } from 'src/models/db.model';
 import { ErrorResponse, MailInfo } from '../models/main.model';
 import { MailService } from './mail.service';
@@ -8,7 +9,7 @@ import { MailService } from './mail.service';
 export class MailController {
   constructor(private mailService: MailService) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   async sendEMail(@Body() mailInfo: MailInfo): Promise<void | ErrorResponse> {
     if (mailInfo.listing) {
@@ -18,13 +19,13 @@ export class MailController {
     }
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('subscriptionConfirmation')
   async sendSubscriptionConfirmation(@Body() user: User): Promise<void | ErrorResponse> {
     return await this.mailService.sendSubscriptionConfirmation(user);
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('send2Friend')
   async send2Friend(@Body() shareByEMail: ShareByEMail): Promise<void | ErrorResponse> {
     return await this.mailService.send2Friend(shareByEMail);

bizmatch-server/src/payment/payment.controller.ts

@@ -1,7 +1,6 @@
-import { Body, Controller, Delete, Get, HttpCode, HttpException, HttpStatus, Param, Post, Req, Res, UseGuards } from '@nestjs/common';
+import { Body, Controller, Get, HttpException, HttpStatus, Param, Post, Req, Res, UseGuards } from '@nestjs/common';
 import { Request, Response } from 'express';
-import { AdminAuthGuard } from 'src/jwt-auth/admin-auth.guard';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { Checkout } from 'src/models/main.model';
 import Stripe from 'stripe';
 import { PaymentService } from './payment.service';
@@ -15,25 +14,25 @@ export class PaymentController {
   //   return this.paymentService.createSubscription(subscriptionData);
   // }
 
-  @UseGuards(AdminAuthGuard)
-  @Get('user/all')
-  async getAllStripeCustomer(): Promise<Stripe.Customer[]> {
-    return await this.paymentService.getAllStripeCustomer();
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get('user/all')
+  // async getAllStripeCustomer(): Promise<Stripe.Customer[]> {
+  //   return await this.paymentService.getAllStripeCustomer();
+  // }
 
-  @UseGuards(AdminAuthGuard)
-  @Get('subscription/all')
-  async getAllStripeSubscriptions(): Promise<Stripe.Subscription[]> {
-    return await this.paymentService.getAllStripeSubscriptions();
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get('subscription/all')
+  // async getAllStripeSubscriptions(): Promise<Stripe.Subscription[]> {
+  //   return await this.paymentService.getAllStripeSubscriptions();
+  // }
 
-  @UseGuards(AdminAuthGuard)
-  @Get('paymentmethod/:email')
-  async getStripePaymentMethods(@Param('email') email: string): Promise<Stripe.PaymentMethod[]> {
-    return await this.paymentService.getStripePaymentMethod(email);
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get('paymentmethod/:email')
+  // async getStripePaymentMethods(@Param('email') email: string): Promise<Stripe.PaymentMethod[]> {
+  //   return await this.paymentService.getStripePaymentMethod(email);
+  // }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('create-checkout-session')
   async createCheckoutSession(@Body() checkout: Checkout) {
     return await this.paymentService.createCheckoutSession(checkout);
@@ -59,7 +58,7 @@ export class PaymentController {
     }
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get('subscriptions/:email')
   async findSubscriptionsById(@Param('email') email: string): Promise<any> {
     return await this.paymentService.getSubscription(email);
@@ -68,10 +67,10 @@ export class PaymentController {
    * Endpoint zum Löschen eines Stripe-Kunden.
    * Beispiel: DELETE /stripe/customer/cus_12345
    */
-  @UseGuards(AdminAuthGuard)
-  @Delete('customer/:id')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  async deleteCustomer(@Param('id') customerId: string): Promise<void> {
-    await this.paymentService.deleteCustomerCompletely(customerId);
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Delete('customer/:id')
+  // @HttpCode(HttpStatus.NO_CONTENT)
+  // async deleteCustomer(@Param('id') customerId: string): Promise<void> {
+  //   await this.paymentService.deleteCustomerCompletely(customerId);
+  // }
 }

bizmatch-server/src/select-options/select-options.controller.ts

@@ -1,12 +1,12 @@
 import { Controller, Get, UseGuards } from '@nestjs/common';
-import { OptionalJwtAuthGuard } from 'src/jwt-auth/optional-jwt-auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { SelectOptionsService } from './select-options.service';
 
 @Controller('select-options')
 export class SelectOptionsController {
   constructor(private selectOptionsService: SelectOptionsService) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get()
   getSelectOption(): any {
     return {

bizmatch-server/src/user/user.controller.ts

@@ -1,11 +1,11 @@
 import { BadRequestException, Body, Controller, Get, Inject, Param, Post, Query, Request, UseGuards } from '@nestjs/common';
 import { WINSTON_MODULE_PROVIDER } from 'nest-winston';
-import { AdminAuthGuard } from 'src/jwt-auth/admin-auth.guard';
 import { Logger } from 'winston';
 import { ZodError } from 'zod';
 import { FileService } from '../file/file.service';
-import { JwtAuthGuard } from '../jwt-auth/jwt-auth.guard';
-import { OptionalJwtAuthGuard } from '../jwt-auth/optional-jwt-auth.guard';
+
+import { AuthGuard } from 'src/jwt-auth/auth.guard';
+import { OptionalAuthGuard } from 'src/jwt-auth/optional-auth.guard';
 import { User } from '../models/db.model';
 import { JwtUser, Subscription, UserListingCriteria } from '../models/main.model';
 import { UserService } from './user.service';
@@ -18,26 +18,26 @@ export class UserController {
     @Inject(WINSTON_MODULE_PROVIDER) private readonly logger: Logger,
   ) {}
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get()
   async findByMail(@Request() req, @Query('mail') mail: string): Promise<User> {
     const user = await this.userService.getUserByMail(mail, req.user as JwtUser);
     return user;
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Get(':id')
   async findById(@Param('id') id: string): Promise<User> {
     const user = await this.userService.getUserById(id);
     return user;
   }
-  @UseGuards(AdminAuthGuard)
-  @Get('user/all')
-  async getAllUser(): Promise<User[]> {
-    return await this.userService.getAllUser();
-  }
+  // @UseGuards(AdminAuthGuard)
+  // @Get('user/all')
+  // async getAllUser(): Promise<User[]> {
+  //   return await this.userService.getAllUser();
+  // }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post()
   async save(@Body() user: any): Promise<User> {
     try {
@@ -57,27 +57,27 @@ export class UserController {
     }
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('guaranteed')
   async saveGuaranteed(@Body() user: any): Promise<User> {
     const savedUser = await this.userService.saveUser(user, false);
     return savedUser;
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('search')
   async find(@Body() criteria: UserListingCriteria): Promise<{ results: User[]; totalCount: number }> {
     const foundUsers = await this.userService.searchUserListings(criteria);
     return foundUsers;
   }
 
-  @UseGuards(OptionalJwtAuthGuard)
+  @UseGuards(OptionalAuthGuard)
   @Post('findTotal')
   async findTotal(@Body() criteria: UserListingCriteria): Promise<number> {
     return await this.userService.getUserListingsCount(criteria);
   }
 
-  @UseGuards(JwtAuthGuard)
+  @UseGuards(AuthGuard)
   @Get('subscriptions/:id')
   async findSubscriptionsById(@Param('id') id: string): Promise<Subscription[]> {
     const subscriptions = [];

bizmatch-server/src/user/user.service.ts

@@ -106,7 +106,7 @@ export class UserService {
       .from(schema.users)
       .where(sql`email = ${email}`)) as User[];
     if (users.length === 0) {
-      const user: User = { id: undefined, customerType: 'buyer', ...createDefaultUser(email, jwtuser.firstname, jwtuser.lastname, null) };
+      const user: User = { id: undefined, customerType: 'professional', ...createDefaultUser(email, jwtuser.firstname ? jwtuser.firstname : '', jwtuser.lastname ? jwtuser.lastname : '', null) };
       const u = await this.saveUser(user, false);
       return u;
     } else {