feat: user export service. bug and UX fixes. Complete minus outstanding email template fixes.

2025-12-26 14:06:03 -06:00
parent 8c13dc0a55
commit fb52ce398b
35 changed files with 1686 additions and 118 deletions
--- a/backend/src/features/auth/domain/auth.service.ts
+++ b/backend/src/features/auth/domain/auth.service.ts
@@ -11,6 +11,8 @@ import {
  SignupResponse,
  VerifyStatusResponse,
  ResendVerificationResponse,
+  SecurityStatusResponse,
+  PasswordResetResponse,
 } from './auth.types';

 export class AuthService {
@@ -210,4 +212,61 @@ export class AuthService {
      throw error;
    }
  }
+
+  /**
+   * Get security status for the user
+   * Returns email verification status and passkey info
+   */
+  async getSecurityStatus(auth0Sub: string): Promise<SecurityStatusResponse> {
+    try {
+      // Get user details from Auth0
+      const auth0User = await auth0ManagementClient.getUser(auth0Sub);
+
+      logger.info('Retrieved security status', {
+        auth0Sub: auth0Sub.substring(0, 8) + '...',
+        emailVerified: auth0User.emailVerified,
+      });
+
+      return {
+        emailVerified: auth0User.emailVerified,
+        email: auth0User.email,
+        // Passkeys are enabled at the Auth0 connection level, not per-user
+        // This is informational - actual passkey enrollment happens in Auth0 Universal Login
+        passkeysEnabled: true,
+        // Auth0 doesn't expose password last changed date via Management API
+        // Would require Auth0 Logs API or user_metadata to track this
+        passwordLastChanged: null,
+      };
+    } catch (error) {
+      logger.error('Failed to get security status', { auth0Sub, error });
+      throw error;
+    }
+  }
+
+  /**
+   * Request password reset email
+   * Triggers Auth0 to send password reset email to user
+   */
+  async requestPasswordReset(auth0Sub: string): Promise<PasswordResetResponse> {
+    try {
+      // Get user email from Auth0
+      const auth0User = await auth0ManagementClient.getUser(auth0Sub);
+
+      // Send password reset email via Auth0
+      await auth0ManagementClient.sendPasswordResetEmail(auth0User.email);
+
+      logger.info('Password reset email requested', {
+        auth0Sub: auth0Sub.substring(0, 8) + '...',
+        email: auth0User.email.substring(0, 3) + '***',
+      });
+
+      return {
+        message: 'Password reset email sent. Please check your inbox.',
+        success: true,
+      };
+    } catch (error) {
+      logger.error('Failed to request password reset', { auth0Sub, error });
+      throw error;
+    }
+  }
 }