From f95061737202df7507a71c423754123517205925 Mon Sep 17 00:00:00 2001
From: louiscklaw <louiscklaw@users.noreply.github.com>
Date: Wed, 18 Jun 2025 12:43:03 +0800
Subject: [PATCH] feat: extend auth endpoint to support both User and PartyUser
 models with fallback retrieval logic

---
 .../cms_backend/src/app/api/auth/me/route.ts  | 28 +++++++++++++++----
 .../cms_backend/src/app/api/auth/me/test.http | 21 ++++++++++++--
 .../src/app/api/party-user-auth/me/test.http  |  4 +--
 .../app/api/party-user-auth/sign-in/test.http |  9 ++++--
 4 files changed, 51 insertions(+), 11 deletions(-)

diff --git a/03_source/cms_backend/src/app/api/auth/me/route.ts b/03_source/cms_backend/src/app/api/auth/me/route.ts
index ce056b1..9c24677 100644
--- a/03_source/cms_backend/src/app/api/auth/me/route.ts
+++ b/03_source/cms_backend/src/app/api/auth/me/route.ts
@@ -1,4 +1,13 @@
-import type { User } from '@prisma/client';
+// src/app/api/auth/me/route.ts
+//
+// PURPOSE:
+// - T.B.A.
+//
+// RULES:
+// - T.B.A.
+//
+
+import type { PartyUser, User } from '@prisma/client';
 import type { NextRequest } from 'next/server';
 
 import { headers } from 'next/headers';
@@ -11,9 +20,11 @@ import { getUserById } from 'src/app/services/user.service';
 import { createAccessLog } from 'src/app/services/access-log.service';
 
 import { flattenNextjsRequest } from '../sign-in/flattenNextjsRequest';
+import { getPartyUserById } from 'src/app/services/party-user.service';
 
 // ----------------------------------------------------------------------
 
+// NOTE: keep this comment to let prisma running on nextjs
 // export const runtime = 'edge';
 
 /**
@@ -43,12 +54,19 @@ export async function GET(req: NextRequest) {
 
     const accessToken = `${authorization}`.split(' ')[1];
     const data = await verify(accessToken, JWT_SECRET);
-    console.log(data.userId);
+
+    console.log({ data });
 
     if (data.userId) {
-      // TODO: remove me
-      // const currentUser = _users.find((user) => user.id === data.userId);
-      const currentUser: User | null = await getUserById(data.userId);
+      const { userId } = data;
+
+      let currentUser: User | PartyUser | null = null;
+
+      currentUser = await getPartyUserById(userId);
+
+      if (!currentUser) {
+        currentUser = await getUserById(userId);
+      }
 
       if (!currentUser) {
         createAccessLog('', USER_TOKEN_CHECK_FAILED, debug);
diff --git a/03_source/cms_backend/src/app/api/auth/me/test.http b/03_source/cms_backend/src/app/api/auth/me/test.http
index 4bcb1a1..1c2b0d4 100644
--- a/03_source/cms_backend/src/app/api/auth/me/test.http
+++ b/03_source/cms_backend/src/app/api/auth/me/test.http
@@ -1,11 +1,26 @@
 ###
+
 # username and password ok
-GET http://localhost:7272/api/auth/me
-Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJjbWJnbnUyengwMDBjaHEzaGZ3dmtjejlvIiwiaWF0IjoxNzQ4OTY0ODkyLCJleHAiOjE3NTAxNzQ0OTJ9.lo04laCxtm0IVeYaETEV3hXKyDmXPEn7SyWtY2VR4dI
 
+GET http://localhost:7272/api/auth/me
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJjbWMwdWo4aXgwMDBqM2Y1eWhxc29xMW9wIiwiaWF0IjoxNzUwMjE5NTYyLCJleHAiOjE3NTE0MjkxNjJ9.8gKM2oMquccM_HDEfBAgtapCGf3M1eIp6SZ_knx7d1g
 
 ###
+
+# username and password ok
+
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Minimal"
+}
+
+###
+
 # There is no user corresponding to the email address.
+
 POST http://localhost:7272/api/auth/sign-in
 content-type: application/json
 
@@ -15,7 +30,9 @@ content-type: application/json
 }
 
 ###
+
 # Wrong password
+
 POST http://localhost:7272/api/auth/sign-in
 content-type: application/json
 
diff --git a/03_source/cms_backend/src/app/api/party-user-auth/me/test.http b/03_source/cms_backend/src/app/api/party-user-auth/me/test.http
index d53182f..3184120 100644
--- a/03_source/cms_backend/src/app/api/party-user-auth/me/test.http
+++ b/03_source/cms_backend/src/app/api/party-user-auth/me/test.http
@@ -21,8 +21,8 @@ POST http://localhost:7272/api/party-user-auth/sign-in
 content-type: application/json
 
 {
-    "email": "demo@minimals.cc",
-    "password": "@2Minimal"
+    "email": "party_user0@prisma.io",
+    "password": "Aa12345678"
 }
 
 ###
diff --git a/03_source/cms_backend/src/app/api/party-user-auth/sign-in/test.http b/03_source/cms_backend/src/app/api/party-user-auth/sign-in/test.http
index 7f29a33..8aa0cd9 100644
--- a/03_source/cms_backend/src/app/api/party-user-auth/sign-in/test.http
+++ b/03_source/cms_backend/src/app/api/party-user-auth/sign-in/test.http
@@ -2,14 +2,19 @@
 
 ###
 
+GET http://localhost:7272/api/auth/me
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJjbWMwdWo4bGwwMDByM2Y1eXhob3JuMW1hIiwiaWF0IjoxNzUwMjE5NTgwLCJleHAiOjE3NTE0MjkxODB9.7BtuIKEvwDcHc5j9JYX0Eb1uB37kFH1Ksx4MTDTtEWQ
+
+###
+
 # username and password ok
 
 POST http://localhost:7272/api/party-user-auth/sign-in
 content-type: application/json
 
 {
-    "email": "demo@minimals.cc",
-    "password": "@2Minimal"
+    "email": "party_user0@prisma.io",
+    "password": "Aa12345678"
 }
 
 ###