npm - @bpinhosilva/agent-orchestrator - Versions diffs - 1.0.0-alpha.24 → 1.0.0-alpha.26 - Mend

@bpinhosilva/agent-orchestrator 1.0.0-alpha.24 → 1.0.0-alpha.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (258) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,19 @@
+# [1.0.0-alpha.26](https://github.com/bpinhosilva/agent-orchestrator/compare/v1.0.0-alpha.25...v1.0.0-alpha.26) (2026-04-04)
+### Features
+* add AGENTS.md file ([51c706f](https://github.com/bpinhosilva/agent-orchestrator/commit/51c706f8784dd354280d853f605bb8c69e53175c))
+* implement containerization, add health check endpoint, and update RBAC ([17149d3](https://github.com/bpinhosilva/agent-orchestrator/commit/17149d32a623f532308ba0f415a4b2ba332ec794))
+* **refactor:** project terminology and update UI components ([47e5cb4](https://github.com/bpinhosilva/agent-orchestrator/commit/47e5cb4d45c05f893ebdd898f02ceeadcd213652))
+# [1.0.0-alpha.25](https://github.com/bpinhosilva/agent-orchestrator/compare/v1.0.0-alpha.24...v1.0.0-alpha.25) (2026-04-03)
+### Features
+* **cli:** enhance setup command with detailed configuration options and improved process ([2b7f51d](https://github.com/bpinhosilva/agent-orchestrator/commit/2b7f51d16e8f1949e222c03968d925030e4b0574))
 # [1.0.0-alpha.24](https://github.com/bpinhosilva/agent-orchestrator/compare/v1.0.0-alpha.23...v1.0.0-alpha.24) (2026-04-02)

package/README.md CHANGED Viewed

@@ -24,21 +24,53 @@ Agent Orchestrator is an open-source project designed to manage and orchestrate
 - **Architecture**: 3-Tier (Controller → Service → Repository)
 ## Prerequisites
-- [Node.js](https://nodejs.org/) (v18+)
-- [Docker](https://www.docker.com/) and Docker Compose (optional, for PostgreSQL)
+- [Node.js](https://nodejs.org/) (v24+)
+- [Docker](https://www.docker.com/) and Docker Compose (optional, for the containerized stack)
 - A [Google Gemini API Key](https://aistudio.google.com/) or [Anthropic API Key](https://console.anthropic.com/)
 ## Quick Start
-### 1. Install Dependencies
+### 1. Choose an installation path
+**Option A: install the packaged CLI**
+```bash
+npm install -g @bpinhosilva/agent-orchestrator
+agent-orchestrator --help
+```
+**Option B: run from a source checkout**
 ```bash
+git clone <repo> && cd agent-orchestrator
 npm install
+npm rebuild
+npm run build:all
 ```
-> **Note**: The project uses `ignore-scripts=true` in `.npmrc` for supply chain security. After installing, run `npm rebuild` to compile native modules (bcrypt, sqlite3).
+> **Note**: The project uses `ignore-scripts=true` in `.npmrc` for supply chain security. After installing dependencies from source, run `npm rebuild` to compile native modules (bcrypt, sqlite3).
+### 2. Configure the runtime
-### 2. Configure Environment
+**CLI-driven setup (recommended for local/runtime installs)**
+```bash
+agent-orchestrator setup
+```
+The CLI writes `${AGENT_ORCHESTRATOR_HOME}/.env` with user-only permissions (`0600`), can run migrations, and can seed an admin user. It also supports non-interactive setup:
+```bash
+agent-orchestrator setup \
+  --yes \
+  --db-type postgres \
+  --database-url postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator \
+  --provider gemini \
+  --gemini-key your-gemini-api-key \
+  --skip-admin-setup
+```
+**Manual `.env` setup**
 Create a `.env` file in the project root (or set `AGENT_ORCHESTRATOR_HOME` to point to a directory containing `.env`):
@@ -57,6 +89,8 @@ DATABASE_URL=                       # PostgreSQL connection string (omit for SQL
 ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
 SCHEDULER_ENABLED=true              # Enable/disable task scheduler CRON
 DB_LOGGING=false                    # Enable TypeORM query logging
+SERVE_STATIC_UI=true                # Set false when the UI is served by a separate container/proxy
+CHECK_PENDING_MIGRATIONS_ON_STARTUP=false
 ```
 ### 3. Set Up the Database
@@ -65,11 +99,11 @@ DB_LOGGING=false                    # Enable TypeORM query logging
 SQLite is used automatically when `DATABASE_URL` is not set. The database file is created at `local.sqlite` in the project root (or `$AGENT_ORCHESTRATOR_HOME/local.sqlite`).
-**Option B: PostgreSQL (Production)**
+**Option B: PostgreSQL (Production / Docker)**
 ```bash
-# Start PostgreSQL via Docker Compose
-docker compose up -d
+# Start only PostgreSQL
+docker compose up -d db
 # Set the connection string
 export DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator"
@@ -88,6 +122,12 @@ npm run seed:admin
 ### 4. Run the Application
 ```bash
+# Packaged/runtime CLI
+agent-orchestrator run
+agent-orchestrator status
+agent-orchestrator logs --lines 50
+agent-orchestrator stop
 # Development (API + UI with hot reload)
 npm run dev
@@ -101,6 +141,100 @@ npm run start:prod
 The dashboard is available at `http://localhost:3000` and the API at `http://localhost:3000/api/v1/`.
+### 5. Run with Docker
+The repository now includes three compose entrypoints:
+- `docker-compose.yml` — production-like stack with **PostgreSQL + distroless API + Caddy UI**
+- `docker-compose.dev.yml` — development stack with hot reload for API and UI
+- `docker-compose-test.yml` — containerized integration stack for migration, CLI, API, and UI checks
+All Docker entrypoints read from the repository-root `.env` file. For the Docker flows, the most relevant variables are:
+```bash
+JWT_SECRET="at-least-32-characters-long-secret-key"
+POSTGRES_USER=orchestrator
+POSTGRES_PASSWORD=orchestrator_password
+POSTGRES_DB=agent_orchestrator
+POSTGRES_PORT=5433
+POSTGRES_TEST_DB=agent_orchestrator_test
+POSTGRES_TEST_PORT=5434
+GEMINI_API_KEY=
+ANTHROPIC_API_KEY=
+```
+#### Production-like Docker stack
+```bash
+# Build and start PostgreSQL + API + UI
+npm run docker:up
+# The API will refuse to start until migrations are applied
+docker compose run --rm api dist/cli/index.js migrate --yes
+# Stop the stack
+npm run docker:down
+```
+- UI: `https://localhost` or `https://agent-orchestrator.localhost`
+- API: `http://localhost:3000/api/v1`
+The API container does **not** serve the SPA in Docker mode. The UI is served by **Caddy**, which also proxies `/api/*` traffic to the API container so the browser can use the same origin for UI + API.
+The UI container uses **Caddy** with `tls internal`, so HTTPS works locally without an external CA. Browsers will still warn until you trust Caddy's local root certificate on your host machine. You can copy it out of the container with:
+```bash
+docker compose cp ui:/data/caddy/pki/authorities/local/root.crt ./caddy-local-root.crt
+```
+After trusting that certificate in your OS/browser trust store, local HTTPS becomes trusted as well.
+#### Development Docker stack
+```bash
+npm run docker:dev
+# Stop the dev stack
+docker compose -f docker-compose.dev.yml down
+```
+- UI dev server: `http://localhost:5173`
+- API: `http://localhost:3000/api/v1`
+- PostgreSQL: `localhost:5433`
+The dev stack disables bundled UI serving in the API container and points the Vite dev proxy at the `api` service over the Docker network.
+#### Docker integration / end-to-end stack
+Use the test compose file when you want to exercise migration behavior, CLI commands, API startup, and the UI together:
+```bash
+# Start only the database first
+docker compose -f docker-compose-test.yml up -d db
+# Verify pending migrations block API startup
+docker compose -f docker-compose-test.yml up api
+# Apply migrations with the packaged CLI runtime
+docker compose -f docker-compose-test.yml run --rm migrate
+# Then bring up the full app stack
+docker compose -f docker-compose-test.yml up ui api
+# Run ad hoc CLI checks
+docker compose -f docker-compose-test.yml run --rm cli dist/cli/index.js status
+# Tear the test stack down
+docker compose -f docker-compose-test.yml down -v
+```
+The test stack is designed for:
+- verifying that pending migrations block API startup,
+- applying migrations through the packaged CLI/runtime path,
+- checking UI reachability through Caddy,
+- exercising future CLI-driven Docker behaviors without depending on the local SQLite test path.
 ## Database Management
 The project uses [TypeORM](https://typeorm.io/) migrations to manage schema changes. **Never rely on `synchronize: true`** — it is disabled in all environments.
@@ -154,18 +288,20 @@ This creates a user with the `admin` role. All subsequent users registered via `
 ### Docker
 ```bash
-# Build and run with Docker Compose (includes PostgreSQL)
-docker compose up -d
+# Production-like stack
+npm run docker:up
-# Apply migrations
-DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator" \
-  npm run migration:run
+# Apply migrations with the packaged runtime inside the API container
+docker compose run --rm api dist/cli/index.js migrate --yes
-# Seed admin
-DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator" \
-  npm run seed:admin
+# Stop the stack
+npm run docker:down
 ```
+The API container is configured to **fail fast when migrations are pending**. This keeps schema changes explicit instead of silently mutating the database during startup.
+This behavior is controlled by `CHECK_PENDING_MIGRATIONS_ON_STARTUP=true` in the Docker API service. Docker mode also sets `SERVE_STATIC_UI=false` so the backend does not try to serve bundled frontend assets.
 ### Updating an Existing Deployment
 1. Pull the latest code

package/dist/agents/agents.controller.js CHANGED Viewed

@@ -114,4 +114,3 @@ exports.AgentsController = AgentsController = __decorate([
     (0, common_1.Controller)('agents'),
     __metadata("design:paramtypes", [agents_service_1.AgentsService])
 ], AgentsController);
-//# sourceMappingURL=agents.controller.js.map

package/dist/agents/agents.module.js CHANGED Viewed

@@ -25,4 +25,3 @@ exports.AgentsModule = AgentsModule = __decorate([
         exports: [agents_service_1.AgentsService],
     })
 ], AgentsModule);
-//# sourceMappingURL=agents.module.js.map

package/dist/agents/agents.service.js CHANGED Viewed

@@ -190,4 +190,3 @@ exports.AgentsService = AgentsService = AgentsService_1 = __decorate([
     __metadata("design:paramtypes", [typeorm_2.Repository,
         core_1.ModuleRef])
 ], AgentsService);
-//# sourceMappingURL=agents.service.js.map

package/dist/agents/dto/agent-request.dto.js CHANGED Viewed

@@ -31,4 +31,3 @@ __decorate([
     (0, class_validator_1.MaxLength)(50000),
     __metadata("design:type", String)
 ], AgentRequestDto.prototype, "input", void 0);
-//# sourceMappingURL=agent-request.dto.js.map

package/dist/agents/dto/create-agent.dto.js CHANGED Viewed

@@ -65,4 +65,3 @@ __decorate([
     (0, class_validator_1.IsNotEmpty)(),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "providerId", void 0);
-//# sourceMappingURL=create-agent.dto.js.map

package/dist/agents/dto/update-agent.dto.js CHANGED Viewed

@@ -10,4 +10,3 @@ class UpdateAgentDto extends (0, mapped_types_1.PartialType)(create_agent_dto_1.
     }
 }
 exports.UpdateAgentDto = UpdateAgentDto;
-//# sourceMappingURL=update-agent.dto.js.map

package/dist/agents/entities/agent.entity.js CHANGED Viewed

@@ -84,4 +84,3 @@ __decorate([
 exports.AgentEntity = AgentEntity = __decorate([
     (0, typeorm_1.Entity)('agents')
 ], AgentEntity);
-//# sourceMappingURL=agent.entity.js.map

package/dist/agents/enums/provider.enum.js CHANGED Viewed

@@ -6,4 +6,3 @@ var Provider;
     Provider["GOOGLE"] = "google";
     Provider["ANTHROPIC"] = "anthropic";
 })(Provider || (exports.Provider = Provider = {}));
-//# sourceMappingURL=provider.enum.js.map

package/dist/agents/implementations/claude.agent.js CHANGED Viewed

@@ -145,4 +145,3 @@ exports.ClaudeAgent = ClaudeAgent = ClaudeAgent_1 = __decorate([
     __param(1, (0, common_1.Optional)()),
     __metadata("design:paramtypes", [config_1.ConfigService, String])
 ], ClaudeAgent);
-//# sourceMappingURL=claude.agent.js.map

package/dist/agents/implementations/gemini.agent.js CHANGED Viewed

@@ -191,4 +191,3 @@ exports.GeminiAgent = GeminiAgent = GeminiAgent_1 = __decorate([
     __param(1, (0, common_1.Optional)()),
     __metadata("design:paramtypes", [config_1.ConfigService, String])
 ], GeminiAgent);
-//# sourceMappingURL=gemini.agent.js.map

package/dist/agents/interfaces/agent.interface.js CHANGED Viewed

@@ -1,3 +1,2 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=agent.interface.js.map

package/dist/agents/registry/agent.registry.js CHANGED Viewed

@@ -12,4 +12,3 @@ function RegisterAgent(provider) {
 function getAgentImplementation(provider) {
     return exports.AGENT_REGISTRY.get(provider);
 }
-//# sourceMappingURL=agent.registry.js.map

package/dist/app.controller.d.ts CHANGED Viewed

@@ -3,4 +3,7 @@ export declare class AppController {
     private readonly appService;
     constructor(appService: AppService);
     getHello(): string;
+    getHealth(): {
+        status: string;
+    };
 }

package/dist/app.controller.js CHANGED Viewed

@@ -13,6 +13,7 @@ exports.AppController = void 0;
 const openapi = require("@nestjs/swagger");
 const common_1 = require("@nestjs/common");
 const app_service_1 = require("./app.service");
+const public_decorator_1 = require("./auth/decorators/public.decorator");
 let AppController = class AppController {
     appService;
     constructor(appService) {
@@ -21,6 +22,9 @@ let AppController = class AppController {
     getHello() {
         return this.appService.getHello();
     }
+    getHealth() {
+        return this.appService.getHealth();
+    }
 };
 exports.AppController = AppController;
 __decorate([
@@ -30,8 +34,15 @@ __decorate([
     __metadata("design:paramtypes", []),
     __metadata("design:returntype", String)
 ], AppController.prototype, "getHello", null);
+__decorate([
+    (0, public_decorator_1.Public)(),
+    (0, common_1.Get)('health'),
+    openapi.ApiResponse({ status: 200 }),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", []),
+    __metadata("design:returntype", Object)
+], AppController.prototype, "getHealth", null);
 exports.AppController = AppController = __decorate([
     (0, common_1.Controller)(),
     __metadata("design:paramtypes", [app_service_1.AppService])
 ], AppController);
-//# sourceMappingURL=app.controller.js.map

package/dist/app.module.js CHANGED Viewed

@@ -30,8 +30,10 @@ const auth_module_1 = require("./auth/auth.module");
 const jwt_auth_guard_1 = require("./auth/guards/jwt-auth.guard");
 const roles_guard_1 = require("./auth/guards/roles.guard");
 const typeorm_2 = require("./config/typeorm");
-const APP_HOME = process.env.AGENT_ORCHESTRATOR_HOME;
-const ENV_PATH = APP_HOME ? (0, path_1.join)(APP_HOME, '.env') : '.env';
+const runtime_paths_1 = require("./config/runtime-paths");
+(0, runtime_paths_1.loadRuntimeEnv)();
+const ENV_PATH = (0, runtime_paths_1.getRuntimeEnvPath)();
+const shouldServeStaticUi = (0, runtime_paths_1.isEnvEnabled)('SERVE_STATIC_UI', true);
 let AppModule = class AppModule {
 };
 exports.AppModule = AppModule;
@@ -68,11 +70,15 @@ exports.AppModule = AppModule = __decorate([
                     };
                 },
             }),
-            serve_static_1.ServeStaticModule.forRoot({
-                rootPath: process.env.NODE_ENV === 'production'
-                    ? (0, path_1.join)(__dirname, 'ui')
-                    : (0, path_1.join)(__dirname, '..', 'ui', 'dist'),
-            }),
+            ...(shouldServeStaticUi
+                ? [
+                    serve_static_1.ServeStaticModule.forRoot({
+                        rootPath: process.env.NODE_ENV === 'production'
+                            ? (0, path_1.join)(__dirname, 'ui')
+                            : (0, path_1.join)(__dirname, '..', 'ui', 'dist'),
+                    }),
+                ]
+                : []),
             common_module_1.CommonModule,
             uploads_module_1.UploadsModule,
             agents_module_1.AgentsModule,
@@ -101,4 +107,3 @@ exports.AppModule = AppModule = __decorate([
         ],
     })
 ], AppModule);
-//# sourceMappingURL=app.module.js.map

package/dist/app.service.d.ts CHANGED Viewed

@@ -1,3 +1,6 @@
 export declare class AppService {
     getHello(): string;
+    getHealth(): {
+        status: string;
+    };
 }

package/dist/app.service.js CHANGED Viewed

@@ -12,9 +12,11 @@ let AppService = class AppService {
     getHello() {
         return 'Hello World!';
     }
+    getHealth() {
+        return { status: 'ok' };
+    }
 };
 exports.AppService = AppService;
 exports.AppService = AppService = __decorate([
     (0, common_1.Injectable)()
 ], AppService);
-//# sourceMappingURL=app.service.js.map

package/dist/auth/auth.controller.d.ts CHANGED Viewed

@@ -2,25 +2,23 @@ import { ConfigService } from '@nestjs/config';
 import { AuthService } from './auth.service';
 import { RegisterDto } from './dto/register.dto';
 import { LoginDto } from './dto/login.dto';
-import { UserRole } from '../users/entities/user.entity';
+import { UpdateProfileDto } from './dto/update-profile.dto';
 import type { Response as ExpressResponse, Request as ExpressRequest } from 'express';
 export declare class AuthController {
     private readonly authService;
     private readonly configService;
     private readonly isProduction;
     constructor(authService: AuthService, configService: ConfigService);
-    register(registerDto: RegisterDto): Promise<{
-        id: string;
-        name: string;
-        email: string;
-        role: UserRole;
-        createdAt: Date;
-        updatedAt: Date;
-    }>;
+    register(registerDto: RegisterDto): Promise<import("../users/avatar.constants").SerializedUser>;
     login(loginDto: LoginDto, res: ExpressResponse): Promise<void>;
     refresh(req: ExpressRequest, res: ExpressResponse): Promise<ExpressResponse<any, Record<string, any>>>;
     getMe(req: {
         user: unknown;
     }): unknown;
+    updateMe(req: {
+        user: {
+            id: string;
+        };
+    }, dto: UpdateProfileDto): Promise<import("../users/avatar.constants").SerializedUser>;
     logout(req: ExpressRequest, res: ExpressResponse): Promise<void>;
 }

package/dist/auth/auth.controller.js CHANGED Viewed

@@ -23,6 +23,7 @@ const login_dto_1 = require("./dto/login.dto");
 const public_decorator_1 = require("./decorators/public.decorator");
 const roles_decorator_1 = require("./decorators/roles.decorator");
 const user_entity_1 = require("../users/entities/user.entity");
+const update_profile_dto_1 = require("./dto/update-profile.dto");
 const swagger_1 = require("@nestjs/swagger");
 let AuthController = class AuthController {
     authService;
@@ -95,6 +96,9 @@ let AuthController = class AuthController {
     getMe(req) {
         return req.user;
     }
+    updateMe(req, dto) {
+        return this.authService.updateProfile(req.user.id, dto);
+    }
     async logout(req, res) {
         const refreshToken = req.cookies?.refresh_token;
         if (refreshToken) {
@@ -110,7 +114,7 @@ __decorate([
     (0, roles_decorator_1.Roles)(user_entity_1.UserRole.ADMIN),
     (0, throttler_1.Throttle)({ default: { limit: 5, ttl: 60000 } }),
     (0, common_1.Post)('register'),
-    openapi.ApiResponse({ status: 201 }),
+    openapi.ApiResponse({ status: 201, type: Object }),
     __param(0, (0, common_1.Body)()),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [register_dto_1.RegisterDto]),
@@ -148,6 +152,15 @@ __decorate([
     __metadata("design:paramtypes", [Object]),
     __metadata("design:returntype", void 0)
 ], AuthController.prototype, "getMe", null);
+__decorate([
+    (0, common_1.Patch)('me'),
+    openapi.ApiResponse({ status: 200, type: Object }),
+    __param(0, (0, common_1.Request)()),
+    __param(1, (0, common_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [Object, update_profile_dto_1.UpdateProfileDto]),
+    __metadata("design:returntype", void 0)
+], AuthController.prototype, "updateMe", null);
 __decorate([
     (0, common_1.Post)('logout'),
     openapi.ApiResponse({ status: 201 }),
@@ -163,4 +176,3 @@ exports.AuthController = AuthController = __decorate([
     __metadata("design:paramtypes", [auth_service_1.AuthService,
         config_1.ConfigService])
 ], AuthController);
-//# sourceMappingURL=auth.controller.js.map

package/dist/auth/auth.module.js CHANGED Viewed

@@ -40,4 +40,3 @@ exports.AuthModule = AuthModule = __decorate([
         exports: [auth_service_1.AuthService],
     })
 ], AuthModule);
-//# sourceMappingURL=auth.module.js.map

package/dist/auth/auth.service.d.ts CHANGED Viewed

@@ -4,8 +4,9 @@ import { Repository } from 'typeorm';
 import { UsersService } from '../users/users.service';
 import { RegisterDto } from './dto/register.dto';
 import { LoginDto } from './dto/login.dto';
+import { UpdateProfileDto } from './dto/update-profile.dto';
 import { RefreshToken } from './entities/refresh-token.entity';
-import { User } from '../users/entities/user.entity';
+import { type SerializedUser } from '../users/avatar.constants';
 export declare class AuthService {
     private usersService;
     private jwtService;
@@ -15,18 +16,11 @@ export declare class AuthService {
     private readonly refreshTokenExpiresIn;
     private readonly absoluteMaxExpiresIn;
     constructor(usersService: UsersService, jwtService: JwtService, configService: ConfigService, refreshTokenRepository: Repository<RefreshToken>);
-    validateUser(userId: string): Promise<Omit<User, 'password'> | null>;
+    validateUser(userId: string): Promise<SerializedUser | null>;
     private generateAccessToken;
     private generateRefreshToken;
     validateRefreshToken(token: string): Promise<string | null>;
-    register(registerDto: RegisterDto): Promise<{
-        id: string;
-        name: string;
-        email: string;
-        role: import("../users/entities/user.entity").UserRole;
-        createdAt: Date;
-        updatedAt: Date;
-    }>;
+    register(registerDto: RegisterDto): Promise<SerializedUser>;
     login(loginDto: LoginDto): Promise<{
         access_token: string;
         refresh_token: string;
@@ -42,5 +36,6 @@ export declare class AuthService {
         refresh_expires_in: number;
         token_type: string;
     }>;
+    updateProfile(userId: string, dto: UpdateProfileDto): Promise<SerializedUser>;
     revokeRefreshToken(token: string): Promise<void>;
 }

package/dist/auth/auth.service.js CHANGED Viewed

@@ -72,8 +72,7 @@ let AuthService = class AuthService {
         try {
             const user = await this.usersService.findOne(userId);
             if (user) {
-                const { password, ...result } = user;
-                return result;
+                return this.usersService.serializeUser(user);
             }
         }
         catch {
@@ -162,8 +161,7 @@ let AuthService = class AuthService {
             ...registerDto,
             password: hashedPassword,
         });
-        const { password, ...result } = user;
-        return result;
+        return this.usersService.serializeUser(user);
     }
     async login(loginDto) {
         const user = await this.usersService.findByEmail(loginDto.email);
@@ -210,6 +208,39 @@ let AuthService = class AuthService {
             token_type: 'Bearer',
         };
     }
+    async updateProfile(userId, dto) {
+        const user = await this.usersService.findOne(userId);
+        if (dto.newPassword && dto.currentPassword) {
+            const userWithPassword = await this.usersService.findByEmail(user.email);
+            if (!userWithPassword?.password) {
+                throw new common_1.UnauthorizedException('Cannot verify credentials');
+            }
+            const isMatch = await bcrypt.compare(dto.currentPassword, userWithPassword.password);
+            if (!isMatch) {
+                throw new common_1.UnauthorizedException('Current password is incorrect');
+            }
+        }
+        if (dto.email && dto.email !== user.email) {
+            const existing = await this.usersService.findByEmail(dto.email);
+            if (existing) {
+                throw new common_1.ConflictException('Email already in use');
+            }
+        }
+        const updateData = {};
+        if (dto.name !== undefined)
+            updateData.name = dto.name;
+        if (dto.last_name !== undefined)
+            updateData.last_name = dto.last_name;
+        if (dto.email !== undefined)
+            updateData.email = dto.email;
+        if (dto.avatar !== undefined)
+            updateData.avatar = dto.avatar;
+        if (dto.newPassword) {
+            updateData.password = await bcrypt.hash(dto.newPassword, 10);
+        }
+        const updated = await this.usersService.update(userId, updateData);
+        return this.usersService.serializeUser(updated);
+    }
     async revokeRefreshToken(token) {
         try {
             const payload = this.jwtService.verify(token, {
@@ -236,4 +267,3 @@ exports.AuthService = AuthService = __decorate([
         config_1.ConfigService,
         typeorm_1.Repository])
 ], AuthService);
-//# sourceMappingURL=auth.service.js.map

package/dist/auth/decorators/current-user.decorator.js CHANGED Viewed

@@ -6,4 +6,3 @@ exports.CurrentUser = (0, common_1.createParamDecorator)((data, ctx) => {
     const request = ctx.switchToHttp().getRequest();
     return request.user;
 });
-//# sourceMappingURL=current-user.decorator.js.map

package/dist/auth/decorators/public.decorator.js CHANGED Viewed

@@ -5,4 +5,3 @@ const common_1 = require("@nestjs/common");
 exports.IS_PUBLIC_KEY = 'isPublic';
 const Public = () => (0, common_1.SetMetadata)(exports.IS_PUBLIC_KEY, true);
 exports.Public = Public;
-//# sourceMappingURL=public.decorator.js.map

package/dist/auth/decorators/roles.decorator.js CHANGED Viewed

@@ -5,4 +5,3 @@ const common_1 = require("@nestjs/common");
 exports.ROLES_KEY = 'roles';
 const Roles = (...roles) => (0, common_1.SetMetadata)(exports.ROLES_KEY, roles);
 exports.Roles = Roles;
-//# sourceMappingURL=roles.decorator.js.map

package/dist/auth/dto/login.dto.js CHANGED Viewed

@@ -31,4 +31,3 @@ __decorate([
     (0, class_validator_1.MaxLength)(72),
     __metadata("design:type", String)
 ], LoginDto.prototype, "password", void 0);
-//# sourceMappingURL=login.dto.js.map

package/dist/auth/dto/register.dto.d.ts CHANGED Viewed

@@ -1,5 +1,8 @@
+import { type UserAvatarKey } from '../../users/avatar.constants';
 export declare class RegisterDto {
     name: string;
+    last_name: string;
     email: string;
     password: string;
+    avatar?: UserAvatarKey;
 }