To keep the createdAt date stable, even when the revisions are dropped,
this adds a separate column
to store this data separately from revisions.
Signed-off-by: David Mehren <git@herrmehren.de>
The primary address is never null.
If no alias is set, the id is returned.
To still easily get the primary alias, the complete Alias DTOs
are now included in the metadata.
Signed-off-by: David Mehren <git@herrmehren.de>
This renames the argument in the POST /profile route to `displayName`
to be more consistent with the UserDTO.
It also adds OpenAPI docs.
Signed-off-by: David Mehren <git@herrmehren.de>
This information is supposed to be used by the frontend
to identify the login method that was used.
The used login method is saved as a string into the session data
and extracted via a new SessionAuthProvider decorator.
Signed-off-by: David Mehren <git@herrmehren.de>
For reasons, during testing, reflect-metadata might not be imported.
This causes the `@Type` annotation to crash the test with a TypeError.
Signed-off-by: David Mehren <git@herrmehren.de>
MariaDB does not support `connect-typeorm`s subqueries,
so they need to be disabled if this dialect is used.
Signed-off-by: David Mehren <git@herrmehren.de>
Previously, the `logout` method immediately returned and did not wait
for the possible error callback.
This wraps the call to `session.destroy` into a promise,
so the error can be properly handled.
Signed-off-by: David Mehren <git@herrmehren.de>
The `validUntil` parameter for `createTokenForUser` may be undefined
in some usages.
As it is easy to add handling for that here, this commit implements it.
Signed-off-by: David Mehren <git@herrmehren.de>
This allows us to handle the possible errors due to non-integer numbers with joi and return more precise error messages.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
validate HD_DOMAIN and HD_RENDERER_ORIGIN with the uri validator of Joi. This should prevent the problem described in #2150.
Fixes#2150
See also: https://joi.dev/api/#stringurioptions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The email address should only be available
in /me routes.
This commit splits the email address into a new FullUserInfoDto.
Signed-off-by: David Mehren <git@herrmehren.de>
This now correctly returns the dto if it is provided. Previously it would return () => undefined, when the dto was not defined, which crashed some internal logic in nestjs.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This decorator gets a list of http codes and possible descriptions and adds all necessary decorator internally to the method or the class. This will prevent long OpenApi annotations and keep the controllers shorter.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The constructor of an exception filter must be given
an instance of HttpAdapterHost, otherwise it will crash at runtime.
This can be reproduced by GETing /.
Reference: https://docs.nestjs.com/exception-filters#inheritance
Signed-off-by: David Mehren <git@herrmehren.de>
With these additional annotations the openapi docs under `/apidoc` and `/private/apidoc` will be improved by adding errors that the requests can return
Signed-off-by: Philip Molares <philip.molares@udo.edu>
