@skyapp-labs/blueprint-backend-core 1.8.1 → 1.9.0

package/CHANGELOG.md

@@ -1,9 +1,9 @@
-## [1.8.1](https://github.com/Skyapp-Labs/blueprint-backend-core/compare/v1.8.0...v1.8.1) (2026-06-22)
+# [1.9.0](https://github.com/Skyapp-Labs/blueprint-backend-core/compare/v1.8.1...v1.9.0) (2026-06-23)
 
 
-### Bug Fixes
+### Features
 
-* correct PIN hash loading on verify ([446a98d](https://github.com/Skyapp-Labs/blueprint-backend-core/commit/446a98d2cf4e58c0a79dde4240652af2dd5bc39d))
+* enhance authentication and OTP flow documentation ([01e5188](https://github.com/Skyapp-Labs/blueprint-backend-core/commit/01e5188a4915f6ab046d18303fd7107eab3f5aba))
 
 # Changelog
 
@@ -13,6 +13,32 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) and
 
 ---
 
+## [1.8.2] - 2026-06-23
+
+### Fixed
+
+- **PIN validation** — wired `ConfigAwareValidationPipe` on all PIN body endpoints (`set`, `change`, `verify`, `remove`) so `@IsConfiguredPinLength()` reads the runtime `pin.length` setting instead of the hardcoded default.
+- **Signup/register tokens** — clearer errors when `verifyPhoneVerifiedToken()` fails: **409** when an existing account’s login token is sent to `/auth/register`, and **401** guidance when `verificationId` is used instead of `verificationToken` or the token is expired/reused.
+
+### Changed
+
+- **Swagger documentation** — updated auth, OTP, PIN, session, and password controllers with step-by-step phone/email flows, request examples, and typed response schemas (`TokenResponseDto`, `OtpVerifyResponseDto`, etc.).
+
+### Removed
+
+- **Unused DTOs** — removed duplicate/legacy files: `login-phone`, `login-email`, `register-phone`, `register-email`, `refresh-token`, `forgot-password`, `invite`, and legacy `otp/dto/*` stubs superseded by `auth/dto/otp.dto.ts`.
+
+## [1.8.1] - 2026-06-22
+
+### Fixed
+
+- **PIN verify/change/remove** — fixed `loadPinRecord()` using `.addSelect('pin.pinHash')` instead of the DB column name `pin.pin_hash`, which left `record.pinHash` undefined and caused argon2 to throw `pchstr must be a non-empty string` on verify.
+- **PIN hash guard** — return a clear 400 when a PIN row exists but has no stored hash, instead of a 500 from argon2.
+
+### Changed
+
+- **PIN status responses** — `GET /auth/pin/status` and `GET /auth/pin/status/:type` now include a `length` field reflecting the configured `pin.length` setting so clients know how many digits to collect.
+
 ## [1.8.0] - 2026-06-19
 
 ### Fixed

package/dist/modules/auth/controllers/auth.controller.d.ts

@@ -13,7 +13,7 @@ export declare class AuthController {
         authMethod: "email" | "phone";
         passwordResetEnabled: boolean;
     };
-    login(body: LoginDto, req: Request): Promise<import("..").TokenResponse>;
-    register(body: RegisterDto, req: Request): Promise<import("..").TokenResponse>;
+    login(body: LoginDto, req: Request): Promise<import("../dto/token.dto").TokenResponse>;
+    register(body: RegisterDto, req: Request): Promise<import("../dto/token.dto").TokenResponse>;
 }
 //# sourceMappingURL=auth.controller.d.ts.map

package/dist/modules/auth/controllers/auth.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElD,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAG3E,qBAGa,cAAc;IAEzB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAFf,YAAY,EAAE,YAAY,EAC1B,mBAAmB,EAAE,mBAAmB,EACxC,eAAe,EAAE,eAAe;IAoBlD,SAAS;;;;IA2BT,KAAK,CAAkC,IAAI,EAAE,QAAQ,EAAS,GAAG,EAAE,OAAO;IAoB1E,QAAQ,CAAkC,IAAI,EAAE,WAAW,EAAS,GAAG,EAAE,OAAO;CAIhF"}
+{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAGlD,OAAO,EAAE,eAAe,EAAE,MAAM,0CAA0C,CAAC;AAG3E,qBAGa,cAAc;IAEzB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAFf,YAAY,EAAE,YAAY,EAC1B,mBAAmB,EAAE,mBAAmB,EACxC,eAAe,EAAE,eAAe;IAkBlD,SAAS;;;;IAuCT,KAAK,CAAkC,IAAI,EAAE,QAAQ,EAAS,GAAG,EAAE,OAAO;IA8C1E,QAAQ,CAAkC,IAAI,EAAE,WAAW,EAAS,GAAG,EAAE,OAAO;CAIhF"}

package/dist/modules/auth/controllers/auth.controller.js

@@ -22,6 +22,7 @@ const login_service_1 = require("../services/login.service");
 const registration_service_1 = require("../services/registration.service");
 const login_dto_1 = require("../dto/login.dto");
 const register_dto_1 = require("../dto/register.dto");
+const token_dto_1 = require("../dto/token.dto");
 const config_aware_validation_pipe_1 = require("../../../common/pipes/config-aware-validation.pipe");
 const settings_service_1 = require("../../settings/services/settings.service");
 const settings_keys_1 = require("../../settings/constants/settings.keys");
@@ -53,7 +54,7 @@ __decorate([
     (0, swagger_1.ApiOperation)({
         summary: 'Auth configuration',
         description: 'Returns the active authentication configuration. ' +
-            'Clients should call this on startup to determine which login/registration UI to present.',
+            'Call on app startup to determine which login/registration UI to present.',
     }),
     (0, swagger_1.ApiOkResponse)({
         schema: {
@@ -73,13 +74,26 @@ __decorate([
     (0, common_1.UseGuards)(guards_1.LoginIpRateLimitGuard),
     (0, swagger_1.ApiOperation)({
         summary: 'Login',
-        description: 'Login with phone or email and password.',
+        description: '**Phone auth (auth.method=phone):** complete OTP first, then send `{ verificationToken }` from verify-otp when hasAccount=true.\n\n' +
+            '**Email auth (auth.method=email):** send `{ email, password }`.',
     }),
-    (0, swagger_1.ApiBody)({ type: login_dto_1.LoginDto }),
-    (0, swagger_1.ApiOkResponse)({
-        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    (0, swagger_1.ApiBody)({
+        type: login_dto_1.LoginDto,
+        examples: {
+            phone: {
+                summary: 'Phone OTP login (hasAccount=true)',
+                value: { verificationToken: 'c498758c-eec1-4a3b-b496-a6eddf498d4c' },
+            },
+            email: {
+                summary: 'Email + password login',
+                value: { email: 'user@example.com', password: 'P@ssw0rd!' },
+            },
+        },
+    }),
+    (0, swagger_1.ApiOkResponse)({ type: token_dto_1.TokenResponseDto }),
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: 'Invalid or expired verificationToken (phone), or invalid credentials (email)',
     }),
-    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired temporary token' }),
     (0, swagger_1.ApiTooManyRequestsResponse)({
         description: 'Too many login attempts from this IP or identifier is locked',
     }),
@@ -94,14 +108,40 @@ __decorate([
     (0, common_1.HttpCode)(common_1.HttpStatus.CREATED),
     (0, swagger_1.ApiOperation)({
         summary: 'Register new account',
-        description: 'Create a new account using the phoneVerifiedToken from verify-otp. Issues access + refresh tokens immediately.',
+        description: '**Phone auth flow:**\n' +
+            '1. POST /auth/send-otp → `verificationId`\n' +
+            '2. POST /auth/verify-otp → `verificationToken` (when hasAccount=false)\n' +
+            '3. POST /auth/register → `{ verificationToken, profile }`\n\n' +
+            'Use **verificationToken** from step 2 — not verificationId. Token is single-use and expires per tokens.temporary_ttl_seconds.\n\n' +
+            '**Email auth:** send `{ email, password, profile }` — no OTP token required.',
+    }),
+    (0, swagger_1.ApiBody)({
+        type: register_dto_1.RegisterDto,
+        examples: {
+            phone: {
+                summary: 'Phone signup (after verify-otp, hasAccount=false)',
+                value: {
+                    verificationToken: 'c498758c-eec1-4a3b-b496-a6eddf498d4c',
+                    profile: { firstName: 'Ada', lastName: 'Lovelace' },
+                },
+            },
+            email: {
+                summary: 'Email + password signup',
+                value: {
+                    email: 'new.user@example.com',
+                    password: 'P@ssw0rd!',
+                    profile: { firstName: 'Ada', lastName: 'Lovelace' },
+                },
+            },
+        },
+    }),
+    (0, swagger_1.ApiCreatedResponse)({ type: token_dto_1.TokenResponseDto }),
+    (0, swagger_1.ApiConflictResponse)({
+        description: 'Phone or email already registered, or verificationToken belongs to an existing account (use /auth/login instead)',
     }),
-    (0, swagger_1.ApiBody)({ type: register_dto_1.RegisterDto }),
-    (0, swagger_1.ApiCreatedResponse)({
-        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: 'Invalid, expired, or already-used verificationToken. Use verificationToken from verify-otp (hasAccount=false), not verificationId.',
     }),
-    (0, swagger_1.ApiConflictResponse)({ description: 'Phone number or email already registered' }),
-    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired phone-verified token' }),
     __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __param(1, (0, common_1.Req)()),
     __metadata("design:type", Function),

package/dist/modules/auth/controllers/auth.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmG;AACnG,6CASyB;AAEzB,2DAAoD;AACpD,uEAAyE;AACzE,mDAA+D;AAC/D,6DAAyD;AACzD,2EAAuE;AACvE,gDAA4C;AAC5C,sDAAkD;AAClD,qGAA+F;AAC/F,+EAA2E;AAC3E,0EAAsE;AAK/D,IAAM,cAAc,GAApB,MAAM,cAAc;IAC1B,YACkB,YAA0B,EAC1B,mBAAwC,EACxC,eAAgC;QAFhC,iBAAY,GAAZ,YAAY,CAAc;QAC1B,wBAAmB,GAAnB,mBAAmB,CAAqB;QACxC,oBAAe,GAAf,eAAe,CAAiB;IAC/C,CAAC;IAmBJ,SAAS;QACR,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAS,4BAAY,CAAC,WAAW,CAElE,CAAC;QACX,OAAO;YACN,UAAU;YACV,oBAAoB,EAAE,UAAU,KAAK,OAAO;SAC5C,CAAC;IACH,CAAC;IAmBD,KAAK,CAAkC,IAAc,EAAS,GAAY;QACzE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IACtD,CAAC;IAiBD,QAAQ,CAAkC,IAAiB,EAAS,GAAY;QAC/E,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChE,CAAC;CACD,CAAA;AA3EY,wCAAc;AAwB1B;IAfC,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EACV,mDAAmD;YACnD,0FAA0F;KAC3F,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,UAAU,EAAE,OAAO;gBACnB,oBAAoB,EAAE,KAAK;aAC3B;SACD;KACD,CAAC;;;;+CASD;AAmBD;IAfC,IAAA,aAAI,EAAC,OAAO,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,yCAAyC;KACtD,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,oBAAQ,EAAE,CAAC;IAC3B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IAC9E,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,8DAA8D;KAC3E,CAAC;IACK,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAkB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAhB,oBAAQ;;2CAGpD;AAiBD;IAbC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,OAAO,CAAC;IAC5B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EACV,gHAAgH;KACjH,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,0BAAW,EAAE,CAAC;IAC9B,IAAA,4BAAkB,EAAC;QACnB,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;IAChF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAC1E,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAqB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAnB,0BAAW;;8CAG1D;yBA1EW,cAAc;IAH1B,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAGwB,4BAAY;QACL,0CAAmB;QACvB,kCAAe;GAJtC,cAAc,CA2E1B"}
+{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmG;AACnG,6CASyB;AAEzB,2DAAoD;AACpD,uEAAyE;AACzE,mDAA+D;AAC/D,6DAAyD;AACzD,2EAAuE;AACvE,gDAA4C;AAC5C,sDAAkD;AAClD,gDAAoD;AACpD,qGAA+F;AAC/F,+EAA2E;AAC3E,0EAAsE;AAK/D,IAAM,cAAc,GAApB,MAAM,cAAc;IAC1B,YACkB,YAA0B,EAC1B,mBAAwC,EACxC,eAAgC;QAFhC,iBAAY,GAAZ,YAAY,CAAc;QAC1B,wBAAmB,GAAnB,mBAAmB,CAAqB;QACxC,oBAAe,GAAf,eAAe,CAAiB;IAC/C,CAAC;IAiBJ,SAAS;QACR,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAS,4BAAY,CAAC,WAAW,CAElE,CAAC;QACX,OAAO;YACN,UAAU;YACV,oBAAoB,EAAE,UAAU,KAAK,OAAO;SAC5C,CAAC;IACH,CAAC;IA+BD,KAAK,CAAkC,IAAc,EAAS,GAAY;QACzE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IACtD,CAAC;IA2CD,QAAQ,CAAkC,IAAiB,EAAS,GAAY;QAC/E,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChE,CAAC;CACD,CAAA;AA/GY,wCAAc;AAsB1B;IAfC,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EACV,mDAAmD;YACnD,0EAA0E;KAC3E,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,UAAU,EAAE,OAAO;gBACnB,oBAAoB,EAAE,KAAK;aAC3B;SACD;KACD,CAAC;;;;+CASD;AA+BD;IA7BC,IAAA,aAAI,EAAC,OAAO,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,OAAO;QAChB,WAAW,EACV,qIAAqI;YACrI,iEAAiE;KAClE,CAAC;IACD,IAAA,iBAAO,EAAC;QACR,IAAI,EAAE,oBAAQ;QACd,QAAQ,EAAE;YACT,KAAK,EAAE;gBACN,OAAO,EAAE,mCAAmC;gBAC5C,KAAK,EAAE,EAAE,iBAAiB,EAAE,sCAAsC,EAAE;aACpE;YACD,KAAK,EAAE;gBACN,OAAO,EAAE,wBAAwB;gBACjC,KAAK,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE;aAC3D;SACD;KACD,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,4BAAgB,EAAE,CAAC;IACzC,IAAA,iCAAuB,EAAC;QACxB,WAAW,EAAE,8EAA8E;KAC3F,CAAC;IACD,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,8DAA8D;KAC3E,CAAC;IACK,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAkB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAhB,oBAAQ;;2CAGpD;AA2CD;IAzCC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,OAAO,CAAC;IAC5B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EACV,wBAAwB;YACxB,6CAA6C;YAC7C,0EAA0E;YAC1E,+DAA+D;YAC/D,mIAAmI;YACnI,8EAA8E;KAC/E,CAAC;IACD,IAAA,iBAAO,EAAC;QACR,IAAI,EAAE,0BAAW;QACjB,QAAQ,EAAE;YACT,KAAK,EAAE;gBACN,OAAO,EAAE,mDAAmD;gBAC5D,KAAK,EAAE;oBACN,iBAAiB,EAAE,sCAAsC;oBACzD,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE;iBACnD;aACD;YACD,KAAK,EAAE;gBACN,OAAO,EAAE,yBAAyB;gBAClC,KAAK,EAAE;oBACN,KAAK,EAAE,sBAAsB;oBAC7B,QAAQ,EAAE,WAAW;oBACrB,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE;iBACnD;aACD;SACD;KACD,CAAC;IACD,IAAA,4BAAkB,EAAC,EAAE,IAAI,EAAE,4BAAgB,EAAE,CAAC;IAC9C,IAAA,6BAAmB,EAAC;QACpB,WAAW,EACV,kHAAkH;KACnH,CAAC;IACD,IAAA,iCAAuB,EAAC;QACxB,WAAW,EACV,oIAAoI;KACrI,CAAC;IACQ,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;IAAqB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAnB,0BAAW;;8CAG1D;yBA9GW,cAAc;IAH1B,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAGwB,4BAAY;QACL,0CAAmB;QACvB,kCAAe;GAJtC,cAAc,CA+G1B"}

package/dist/modules/auth/controllers/forgot-password.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"forgot-password.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/forgot-password.controller.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,yBAAyB,EACzB,MAAM,qBAAqB,CAAC;AAE7B,qBAGa,wBAAwB;IACxB,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAAf,eAAe,EAAE,eAAe;IAe7D,cAAc,CAAS,IAAI,EAAE,iBAAiB;;;IAa9C,aAAa,CAAS,IAAI,EAAE,gBAAgB,EAAS,GAAG,EAAE,OAAO;;;IAejE,sBAAsB,CAAS,IAAI,EAAE,yBAAyB,EAAS,GAAG,EAAE,OAAO;;;CAInF"}
+{"version":3,"file":"forgot-password.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/forgot-password.controller.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EACN,iBAAiB,EACjB,gBAAgB,EAChB,yBAAyB,EACzB,MAAM,qBAAqB,CAAC;AAE7B,qBAGa,wBAAwB;IACxB,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAAf,eAAe,EAAE,eAAe;IAe7D,cAAc,CAAS,IAAI,EAAE,iBAAiB;;;IAa9C,aAAa,CAAS,IAAI,EAAE,gBAAgB,EAAS,GAAG,EAAE,OAAO;;;IAkBjE,sBAAsB,CAAS,IAAI,EAAE,yBAAyB,EAAS,GAAG,EAAE,OAAO;;;CAInF"}

package/dist/modules/auth/controllers/forgot-password.controller.js

@@ -79,7 +79,9 @@ __decorate([
     }),
     (0, swagger_1.ApiBody)({ type: password_dto_1.ResetPasswordWithPhoneDto }),
     (0, swagger_1.ApiOkResponse)({ schema: { example: { message: 'Password reset successfully.' } } }),
-    (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid or expired phone-verified token' }),
+    (0, swagger_1.ApiUnauthorizedResponse)({
+        description: 'Invalid or expired verificationToken, or token belongs to an existing account (use /auth/login)',
+    }),
     __param(0, (0, common_1.Body)()),
     __param(1, (0, common_1.Req)()),
     __metadata("design:type", Function),

package/dist/modules/auth/controllers/forgot-password.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"forgot-password.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/forgot-password.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,6CAMyB;AAEzB,2DAAoD;AACpD,uEAAyE;AACzE,mEAA+D;AAC/D,sDAI6B;AAKtB,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;IACpC,YAA6B,eAAgC;QAAhC,oBAAe,GAAf,eAAe,CAAiB;IAAG,CAAC;IAejE,cAAc,CAAS,IAAuB;QAC7C,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IAWD,aAAa,CAAS,IAAsB,EAAS,GAAY;QAChE,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IAYD,sBAAsB,CAAS,IAA+B,EAAS,GAAY;QAClF,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,sBAAsB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;CACD,CAAA;AAhDY,4DAAwB;AAgBpC;IAbC,IAAA,aAAI,EAAC,iBAAiB,CAAC;IACvB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,yBAAyB;QAClC,WAAW,EACV,0GAA0G;KAC3G,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,gCAAiB,EAAE,CAAC;IACpC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE,EAAE,OAAO,EAAE,0DAA0D,EAAE;SAChF;KACD,CAAC;IACc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAO,gCAAiB;;8DAE7C;AAWD;IATC,IAAA,aAAI,EAAC,gBAAgB,CAAC;IACtB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,8BAA8B;QACvC,WAAW,EAAE,+DAA+D;KAC5E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,+BAAgB,EAAE,CAAC;IACnC,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC5D,WAAA,IAAA,aAAI,GAAE,CAAA;IAA0B,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAxB,+BAAgB;;6DAG3C;AAYD;IAVC,IAAA,aAAI,EAAC,sBAAsB,CAAC;IAC5B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,4BAA4B;QACrC,WAAW,EACV,oGAAoG;KACrG,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,wCAAyB,EAAE,CAAC;IAC5C,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAC5D,WAAA,IAAA,aAAI,GAAE,CAAA;IAAmC,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAjC,wCAAyB;;sEAG7D;mCA/CW,wBAAwB;IAHpC,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAEsC,kCAAe;GADjD,wBAAwB,CAgDpC"}
+{"version":3,"file":"forgot-password.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/forgot-password.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAmF;AACnF,6CAMyB;AAEzB,2DAAoD;AACpD,uEAAyE;AACzE,mEAA+D;AAC/D,sDAI6B;AAKtB,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;IACpC,YAA6B,eAAgC;QAAhC,oBAAe,GAAf,eAAe,CAAiB;IAAG,CAAC;IAejE,cAAc,CAAS,IAAuB;QAC7C,OAAO,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IAWD,aAAa,CAAS,IAAsB,EAAS,GAAY;QAChE,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IAeD,sBAAsB,CAAS,IAA+B,EAAS,GAAY;QAClF,MAAM,EAAE,EAAE,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,eAAe,CAAC,sBAAsB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;CACD,CAAA;AAnDY,4DAAwB;AAgBpC;IAbC,IAAA,aAAI,EAAC,iBAAiB,CAAC;IACvB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,yBAAyB;QAClC,WAAW,EACV,0GAA0G;KAC3G,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,gCAAiB,EAAE,CAAC;IACpC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE,EAAE,OAAO,EAAE,0DAA0D,EAAE;SAChF;KACD,CAAC;IACc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAO,gCAAiB;;8DAE7C;AAWD;IATC,IAAA,aAAI,EAAC,gBAAgB,CAAC;IACtB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,8BAA8B;QACvC,WAAW,EAAE,+DAA+D;KAC5E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,+BAAgB,EAAE,CAAC;IACnC,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC5D,WAAA,IAAA,aAAI,GAAE,CAAA;IAA0B,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAxB,+BAAgB;;6DAG3C;AAeD;IAbC,IAAA,aAAI,EAAC,sBAAsB,CAAC;IAC5B,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,4BAA4B;QACrC,WAAW,EACV,oGAAoG;KACrG,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,wCAAyB,EAAE,CAAC;IAC5C,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACnF,IAAA,iCAAuB,EAAC;QACxB,WAAW,EACV,iGAAiG;KAClG,CAAC;IACsB,WAAA,IAAA,aAAI,GAAE,CAAA;IAAmC,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAjC,wCAAyB;;sEAG7D;mCAlDW,wBAAwB;IAHpC,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAEsC,kCAAe;GADjD,wBAAwB,CAmDpC"}

package/dist/modules/auth/controllers/otp.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"otp.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAkB,MAAM,gBAAgB,CAAC;AAExF,qBAGa,aAAa;IACb,OAAO,CAAC,QAAQ,CAAC,cAAc;gBAAd,cAAc,EAAE,cAAc;IAmD3D,OAAO,CAAkC,IAAI,EAAE,UAAU;IAkCzD,SAAS,CAAkC,IAAI,EAAE,YAAY;IA0B7D,SAAS,CAAkC,IAAI,EAAE,YAAY;CAG7D"}
+{"version":3,"file":"otp.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EACN,UAAU,EACV,YAAY,EACZ,YAAY,EAIZ,MAAM,gBAAgB,CAAC;AAExB,qBAGa,aAAa;IACb,OAAO,CAAC,QAAQ,CAAC,cAAc;gBAAd,cAAc,EAAE,cAAc;IA2C3D,OAAO,CAAkC,IAAI,EAAE,UAAU;IAwDzD,SAAS,CAAkC,IAAI,EAAE,YAAY;IAmB7D,SAAS,CAAkC,IAAI,EAAE,YAAY;CAG7D"}

package/dist/modules/auth/controllers/otp.controller.js

@@ -43,17 +43,19 @@ __decorate([
     (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
     (0, swagger_1.ApiOperation)({
         summary: 'Send OTP',
-        description: 'Generates an OTP using otp.code_length from settings (4–6 digits), delivers it via the requested channel (SMS or email), and returns an opaque verification ID. Test identifiers in test.otp_identifiers use their configured fixed code instead.',
+        description: 'Step 1 of phone/email verification. Generates an OTP (length from otp.code_length setting, 4–6 digits), ' +
+            'delivers it via SMS or email, and returns a **verificationId** for verify-otp/resend-otp. ' +
+            'Test identifiers in test.otp_identifiers use a fixed code in non-production environments.',
     }),
     (0, swagger_1.ApiBody)({
         type: otp_dto_1.SendOtpDto,
         examples: {
             sms_default: {
-                summary: 'Send via SMS (default when AUTH_METHOD=phone)',
+                summary: 'Send via SMS (default when auth.method=phone)',
                 value: { phone: '+2348012345678' },
             },
             email_default: {
-                summary: 'Send via email (default when AUTH_METHOD=email)',
+                summary: 'Send via email (default when auth.method=email)',
                 value: { email: 'user@example.com' },
             },
             sms_override: {
@@ -66,15 +68,7 @@ __decorate([
             },
         },
     }),
-    (0, swagger_1.ApiOkResponse)({
-        schema: {
-            example: {
-                success: true,
-                message: 'OTP generated successfully',
-                data: { verificationId: 'uuid-v4', expiresAt: 1700000300000, resendIn: 60000 },
-            },
-        },
-    }),
+    (0, swagger_1.ApiOkResponse)({ type: otp_dto_1.OtpGenerateResponseDto }),
     (0, swagger_1.ApiBadRequestResponse)({
         description: 'Invalid phone number or email format, or missing identifier for chosen channel',
     }),
@@ -93,20 +87,42 @@ __decorate([
     (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
     (0, swagger_1.ApiOperation)({
         summary: 'Verify OTP',
-        description: 'Verifies the OTP code. Returns a verificationToken (existing user → proceed to login) or a verificationToken seeded with the verified identifier (new user → proceed to /auth/register).',
+        description: 'Step 2 of phone/email verification. Submit the **verificationId** from send-otp/resend-otp and the OTP code.\n\n' +
+            'Returns a **verificationToken** for the next step:\n' +
+            '- `hasAccount: true` → POST /auth/login\n' +
+            '- `hasAccount: false` → POST /auth/register (phone auth)\n\n' +
+            'Do not confuse verificationId (input) with verificationToken (output).',
     }),
     (0, swagger_1.ApiBody)({ type: otp_dto_1.VerifyOtpDto }),
     (0, swagger_1.ApiOkResponse)({
-        schema: {
-            example: {
-                success: true,
-                message: 'OTP verified successfully',
-                data: {
-                    subject: '+2348012345678',
-                    channel: 'sms',
-                    verificationToken: 'uuid-v4',
-                    expiresAt: 1700000300000,
-                    hasAccount: true,
+        type: otp_dto_1.OtpVerifyResponseDto,
+        examples: {
+            existing_user: {
+                summary: 'Existing account — proceed to login',
+                value: {
+                    success: true,
+                    message: 'OTP verified successfully',
+                    data: {
+                        subject: '+2348012345678',
+                        channel: 'sms',
+                        verificationToken: 'e860bc81-245b-470b-9fac-a484cf93f457',
+                        expiresAt: 1782245811728,
+                        hasAccount: true,
+                    },
+                },
+            },
+            new_user: {
+                summary: 'New user — proceed to register',
+                value: {
+                    success: true,
+                    message: 'OTP verified successfully',
+                    data: {
+                        subject: '+2349023456789',
+                        channel: 'sms',
+                        verificationToken: 'c498758c-eec1-4a3b-b496-a6eddf498d4c',
+                        expiresAt: 1782245803859,
+                        hasAccount: false,
+                    },
                 },
             },
         },
@@ -126,21 +142,14 @@ __decorate([
     (0, common_1.UseGuards)(guards_1.OtpIpRateLimitGuard),
     (0, swagger_1.ApiOperation)({
         summary: 'Resend OTP',
-        description: 'Invalidates the current session and sends a new OTP. Subject to 60-second cooldown.',
+        description: 'Invalidates the current OTP session and sends a new code. Returns a new **verificationId**. ' +
+            'Subject to otp.resend_cooldown_seconds between resends.',
     }),
     (0, swagger_1.ApiBody)({ type: otp_dto_1.ResendOtpDto }),
-    (0, swagger_1.ApiOkResponse)({
-        schema: {
-            example: {
-                success: true,
-                message: 'OTP generated successfully',
-                data: { verificationId: 'new-uuid-v4', expiresAt: 1700000300000, resendIn: 60000 },
-            },
-        },
-    }),
-    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid or expired session token' }),
+    (0, swagger_1.ApiOkResponse)({ type: otp_dto_1.OtpGenerateResponseDto }),
+    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid or expired verificationId' }),
     (0, swagger_1.ApiTooManyRequestsResponse)({
-        description: 'Resend cooldown active — must wait 60 seconds between resends',
+        description: 'Resend cooldown active — wait before requesting another code',
     }),
     __param(0, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __metadata("design:type", Function),

package/dist/modules/auth/controllers/otp.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"otp.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyF;AACzF,6CAQyB;AACzB,2DAAoD;AACpD,mDAA6D;AAC7D,qGAA+F;AAC/F,mEAA8D;AAC9D,4CAAwF;AAKjF,IAAM,aAAa,GAAnB,MAAM,aAAa;IACzB,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAmD/D,OAAO,CAAkC,IAAgB;QACxD,MAAM,OAAO,GAAG,IAAA,wBAAc,EAAC,IAAI,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,OAAO,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC;QACjE,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACzD,CAAC;IA8BD,SAAS,CAAkC,IAAkB;QAC5D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACrE,CAAC;IAwBD,SAAS,CAAkC,IAAkB;QAC5D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3D,CAAC;CACD,CAAA;AAnHY,sCAAa;AAoDzB;IA/CC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,UAAU;QACnB,WAAW,EACV,mPAAmP;KACpP,CAAC;IACD,IAAA,iBAAO,EAAC;QACR,IAAI,EAAE,oBAAU;QAChB,QAAQ,EAAE;YACT,WAAW,EAAE;gBACZ,OAAO,EAAE,+CAA+C;gBACxD,KAAK,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClC;YACD,aAAa,EAAE;gBACd,OAAO,EAAE,iDAAiD;gBAC1D,KAAK,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACpC;YACD,YAAY,EAAE;gBACb,OAAO,EAAE,gDAAgD;gBACzD,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClD;YACD,cAAc,EAAE;gBACf,OAAO,EAAE,kDAAkD;gBAC3D,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACtD;SACD;KACD,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,EAAE,cAAc,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE;aAC9E;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC;QACtB,WAAW,EACV,gFAAgF;KACjF,CAAC;IACD,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EACV,mFAAmF;KACpF,CAAC;IACD,IAAA,uCAA6B,EAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;IAC/E,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,oBAAU;;4CAIxD;AA8BD;IA5BC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,0LAA0L;KAC3L,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,2BAA2B;gBACpC,IAAI,EAAE;oBACL,OAAO,EAAE,gBAAgB;oBACzB,OAAO,EAAE,KAAK;oBACd,iBAAiB,EAAE,SAAS;oBAC5B,SAAS,EAAE,aAAa;oBACxB,UAAU,EAAE,IAAI;iBAChB;aACD;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,kEAAkE;KAC/E,CAAC;IACD,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;IAC3D,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,sBAAY;;8CAE5D;AAwBD;IAtBC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,qFAAqF;KACtF,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B;gBACrC,IAAI,EAAE,EAAE,cAAc,EAAE,aAAa,EAAE,SAAS,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE;aAClF;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,kCAAkC,EAAE,CAAC;IAC1E,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,+DAA+D;KAC5E,CAAC;IACS,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,sBAAY;;8CAE5D;wBAlHW,aAAa;IAHzB,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAEqC,iCAAc;GAD/C,aAAa,CAmHzB"}
+{"version":3,"file":"otp.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/otp.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyF;AACzF,6CAQyB;AACzB,2DAAoD;AACpD,mDAA6D;AAC7D,qGAA+F;AAC/F,mEAA8D;AAC9D,4CAOwB;AAKjB,IAAM,aAAa,GAAnB,MAAM,aAAa;IACzB,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IA2C/D,OAAO,CAAkC,IAAgB;QACxD,MAAM,OAAO,GAAG,IAAA,wBAAc,EAAC,IAAI,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,OAAO,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAM,CAAC;QACjE,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACzD,CAAC;IAoDD,SAAS,CAAkC,IAAkB;QAC5D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACrE,CAAC;IAiBD,SAAS,CAAkC,IAAkB;QAC5D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3D,CAAC;CACD,CAAA;AA1HY,sCAAa;AA4CzB;IAzCC,IAAA,aAAI,EAAC,UAAU,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,UAAU;QACnB,WAAW,EACV,0GAA0G;YAC1G,4FAA4F;YAC5F,2FAA2F;KAC5F,CAAC;IACD,IAAA,iBAAO,EAAC;QACR,IAAI,EAAE,oBAAU;QAChB,QAAQ,EAAE;YACT,WAAW,EAAE;gBACZ,OAAO,EAAE,+CAA+C;gBACxD,KAAK,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClC;YACD,aAAa,EAAE;gBACd,OAAO,EAAE,iDAAiD;gBAC1D,KAAK,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACpC;YACD,YAAY,EAAE;gBACb,OAAO,EAAE,gDAAgD;gBACzD,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE;aAClD;YACD,cAAc,EAAE;gBACf,OAAO,EAAE,kDAAkD;gBAC3D,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE;aACtD;SACD;KACD,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,gCAAsB,EAAE,CAAC;IAC/C,IAAA,+BAAqB,EAAC;QACtB,WAAW,EACV,gFAAgF;KACjF,CAAC;IACD,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EACV,mFAAmF;KACpF,CAAC;IACD,IAAA,uCAA6B,EAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;IAC/E,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,oBAAU;;4CAIxD;AAoDD;IAlDC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,kHAAkH;YAClH,sDAAsD;YACtD,2CAA2C;YAC3C,8DAA8D;YAC9D,wEAAwE;KACzE,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,IAAI,EAAE,8BAAoB;QAC1B,QAAQ,EAAE;YACT,aAAa,EAAE;gBACd,OAAO,EAAE,qCAAqC;gBAC9C,KAAK,EAAE;oBACN,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE,2BAA2B;oBACpC,IAAI,EAAE;wBACL,OAAO,EAAE,gBAAgB;wBACzB,OAAO,EAAE,KAAK;wBACd,iBAAiB,EAAE,sCAAsC;wBACzD,SAAS,EAAE,aAAa;wBACxB,UAAU,EAAE,IAAI;qBAChB;iBACD;aACD;YACD,QAAQ,EAAE;gBACT,OAAO,EAAE,gCAAgC;gBACzC,KAAK,EAAE;oBACN,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE,2BAA2B;oBACpC,IAAI,EAAE;wBACL,OAAO,EAAE,gBAAgB;wBACzB,OAAO,EAAE,KAAK;wBACd,iBAAiB,EAAE,sCAAsC;wBACzD,SAAS,EAAE,aAAa;wBACxB,UAAU,EAAE,KAAK;qBACjB;iBACD;aACD;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,kEAAkE;KAC/E,CAAC;IACD,IAAA,oCAA0B,EAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;IAC3D,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,sBAAY;;8CAE5D;AAiBD;IAfC,IAAA,aAAI,EAAC,YAAY,CAAC;IAClB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,kBAAS,EAAC,4BAAmB,CAAC;IAC9B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,YAAY;QACrB,WAAW,EACV,8FAA8F;YAC9F,yDAAyD;KAC1D,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,gCAAsB,EAAE,CAAC;IAC/C,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE,CAAC;IAC3E,IAAA,oCAA0B,EAAC;QAC3B,WAAW,EAAE,8DAA8D;KAC3E,CAAC;IACS,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAO,sBAAY;;8CAE5D;wBAzHW,aAAa;IAHzB,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,mBAAM,GAAE;qCAEqC,iCAAc;GAD/C,aAAa,CA0HzB"}

package/dist/modules/auth/controllers/pin.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pin.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/pin.controller.ts"],"names":[],"mappings":"AA2BA,OAAO,EAAE,IAAI,EAAE,MAAM,kCAAkC,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEnG,qBAIa,aAAa;IACb,OAAO,CAAC,QAAQ,CAAC,cAAc;gBAAd,cAAc,EAAE,cAAc;IA4B3D,SAAS,CAAgB,IAAI,EAAE,IAAI;IA+BnC,gBAAgB,CAAgB,IAAI,EAAE,IAAI,EAAiB,IAAI,EAAE,MAAM;IAoBvE,MAAM,CAAgB,IAAI,EAAE,IAAI,EAAU,GAAG,EAAE,SAAS;;;IAkBxD,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAU,GAAG,EAAE,YAAY;;;IAuB9D,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAU,GAAG,EAAE,YAAY;;;IAoB9D,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAU,GAAG,EAAE,YAAY;;;CAG9D"}
+{"version":3,"file":"pin.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/pin.controller.ts"],"names":[],"mappings":"AA4BA,OAAO,EAAE,IAAI,EAAE,MAAM,kCAAkC,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEnG,qBAIa,aAAa;IACb,OAAO,CAAC,QAAQ,CAAC,cAAc;gBAAd,cAAc,EAAE,cAAc;IA4B3D,SAAS,CAAgB,IAAI,EAAE,IAAI;IA+BnC,gBAAgB,CAAgB,IAAI,EAAE,IAAI,EAAiB,IAAI,EAAE,MAAM;IAsBvE,MAAM,CAAgB,IAAI,EAAE,IAAI,EAAmC,GAAG,EAAE,SAAS;;;IAoBjF,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAmC,GAAG,EAAE,YAAY;;;IAyBvF,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAmC,GAAG,EAAE,YAAY;;;IAsBvF,SAAS,CAAgB,IAAI,EAAE,IAAI,EAAmC,GAAG,EAAE,YAAY;;;CAGvF"}

package/dist/modules/auth/controllers/pin.controller.js

@@ -17,6 +17,7 @@ const common_1 = require("@nestjs/common");
 const swagger_1 = require("@nestjs/swagger");
 const auth_guard_1 = require("../../../common/guards/auth.guard");
 const decorators_1 = require("../../../common/decorators");
+const config_aware_validation_pipe_1 = require("../../../common/pipes/config-aware-validation.pipe");
 const user_entity_1 = require("../../users/entities/user.entity");
 const pin_auth_service_1 = require("../services/pin-auth.service");
 const pin_dto_1 = require("../dto/pin.dto");
@@ -119,9 +120,11 @@ __decorate([
         schema: { example: { message: 'authentication PIN set successfully.' } },
     }),
     (0, swagger_1.ApiConflictResponse)({ description: 'A PIN for this type is already set' }),
-    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid PIN type or PIN format' }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid PIN type, or PIN length does not match pin.length setting',
+    }),
     __param(0, (0, decorators_1.CurrentUser)()),
-    __param(1, (0, common_1.Body)()),
+    __param(1, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [user_entity_1.User, pin_dto_1.SetPinDto]),
     __metadata("design:returntype", void 0)
@@ -138,9 +141,11 @@ __decorate([
     (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Current PIN is incorrect' }),
     (0, swagger_1.ApiForbiddenResponse)({ description: 'PIN is locked due to too many failed attempts' }),
     (0, swagger_1.ApiNotFoundResponse)({ description: 'No PIN found for this type — use /auth/pin/set first' }),
-    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid PIN type or PIN format' }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid PIN type, or PIN length does not match pin.length setting',
+    }),
     __param(0, (0, decorators_1.CurrentUser)()),
-    __param(1, (0, common_1.Body)()),
+    __param(1, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [user_entity_1.User, pin_dto_1.ChangePinDto]),
     __metadata("design:returntype", void 0)
@@ -161,9 +166,11 @@ __decorate([
     (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Incorrect PIN' }),
     (0, swagger_1.ApiForbiddenResponse)({ description: 'PIN is locked — too many wrong attempts' }),
     (0, swagger_1.ApiNotFoundResponse)({ description: 'No PIN found for this type' }),
-    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid PIN type or PIN format' }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid PIN type, or PIN length does not match pin.length setting',
+    }),
     __param(0, (0, decorators_1.CurrentUser)()),
-    __param(1, (0, common_1.Body)()),
+    __param(1, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [user_entity_1.User, pin_dto_1.VerifyPinDto]),
     __metadata("design:returntype", void 0)
@@ -181,9 +188,11 @@ __decorate([
     (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Current PIN is incorrect' }),
     (0, swagger_1.ApiForbiddenResponse)({ description: 'PIN is locked' }),
     (0, swagger_1.ApiNotFoundResponse)({ description: 'No PIN found for this type' }),
-    (0, swagger_1.ApiBadRequestResponse)({ description: 'Invalid PIN type or PIN format' }),
+    (0, swagger_1.ApiBadRequestResponse)({
+        description: 'Invalid PIN type, or PIN length does not match pin.length setting',
+    }),
     __param(0, (0, decorators_1.CurrentUser)()),
-    __param(1, (0, common_1.Body)()),
+    __param(1, (0, common_1.Body)(config_aware_validation_pipe_1.ConfigAwareValidationPipe)),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [user_entity_1.User, pin_dto_1.RemovePinDto]),
     __metadata("design:returntype", void 0)

package/dist/modules/auth/controllers/pin.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"pin.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/pin.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,6CAayB;AACzB,kEAAiE;AACjE,2DAAyD;AACzD,kEAAwD;AACxD,mEAA8D;AAC9D,4CAAmG;AAM5F,IAAM,aAAa,GAAnB,MAAM,aAAa;IACzB,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IA4B/D,SAAS,CAAgB,IAAU;QAClC,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC;IA6BD,gBAAgB,CAAgB,IAAU,EAAiB,IAAY;QACtE,OAAO,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC/D,CAAC;IAkBD,MAAM,CAAgB,IAAU,EAAU,GAAc;QACvD,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACjD,CAAC;IAgBD,SAAS,CAAgB,IAAU,EAAU,GAAiB;QAC7D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAqBD,SAAS,CAAgB,IAAU,EAAU,GAAiB;QAC7D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAkBD,SAAS,CAAgB,IAAU,EAAU,GAAiB;QAC7D,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;CACD,CAAA;AAhJY,sCAAa;AA6BzB;IAxBC,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gBAAgB;QACzB,WAAW,EACV,iFAAiF;YACjF,yFAAyF;KAC1F,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,IAAI,EAAE,sBAAY;QAClB,OAAO,EAAE,IAAI;QACb,MAAM,EAAE;YACP,OAAO,EAAE;gBACR;oBACC,IAAI,EAAE,gBAAgB;oBACtB,KAAK,EAAE,IAAI;oBACX,MAAM,EAAE,CAAC;oBACT,YAAY,EAAE,0BAA0B;oBACxC,cAAc,EAAE,0BAA0B;oBAC1C,QAAQ,EAAE,KAAK;iBACf;aACD;SACD;KACD,CAAC;IACS,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;8CAElC;AA6BD;IA3BC,IAAA,YAAG,EAAC,cAAc,CAAC;IACnB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gCAAgC;QACzC,WAAW,EACV,kFAAkF;YAClF,gDAAgD;KACjD,CAAC;IACD,IAAA,kBAAQ,EAAC;QACT,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,IAAI,EAAE,sBAAY;QAClB,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,CAAC;gBACT,YAAY,EAAE,0BAA0B;gBACxC,cAAc,EAAE,0BAA0B;gBAC1C,QAAQ,EAAE,KAAK;aACf;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;IACzC,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;;qCAApB,kBAAI;;qDAEzC;AAkBD;IAdC,IAAA,aAAI,EAAC,KAAK,CAAC;IACX,IAAA,iBAAQ,EAAC,mBAAU,CAAC,OAAO,CAAC;IAC5B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,wBAAwB;QACjC,WAAW,EACV,wCAAwC;YACxC,iGAAiG;KAClG,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,mBAAS,EAAE,CAAC;IAC5B,IAAA,4BAAkB,EAAC;QACnB,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,EAAE;KACxE,CAAC;IACD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IAC1E,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IACjE,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAe,mBAAS;;2CAEvD;AAgBD;IAZC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,wBAAwB;QACjC,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,0CAA0C,EAAE,EAAE,EAAE,CAAC;IAC/F,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACpE,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;IACtF,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,sDAAsD,EAAE,CAAC;IAC5F,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC9D,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAe,sBAAY;;8CAE7D;AAqBD;IAjBC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,cAAc;QACvB,WAAW,EACV,4EAA4E;YAC5E,gGAAgG;YAChG,2FAA2F;KAC5F,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,EAAE;KAC7E,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IACzD,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAChF,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAClE,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC9D,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAe,sBAAY;;8CAE7D;AAkBD;IAdC,IAAA,eAAM,EAAC,QAAQ,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,cAAc;QACvB,WAAW,EACV,kFAAkF;YAClF,4EAA4E;KAC7E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,0CAA0C,EAAE,EAAE,EAAE,CAAC;IAC/F,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACpE,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IACtD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAClE,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC9D,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAb,kBAAI,EAAe,sBAAY;;8CAE7D;wBA/IW,aAAa;IAJzB,IAAA,iBAAO,EAAC,KAAK,CAAC;IACd,IAAA,mBAAU,EAAC,UAAU,CAAC;IACtB,IAAA,kBAAS,EAAC,yBAAY,CAAC;IACvB,IAAA,uBAAa,GAAE;qCAE8B,iCAAc;GAD/C,aAAa,CAgJzB"}
+{"version":3,"file":"pin.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/pin.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,6CAayB;AACzB,kEAAiE;AACjE,2DAAyD;AACzD,qGAA+F;AAC/F,kEAAwD;AACxD,mEAA8D;AAC9D,4CAAmG;AAM5F,IAAM,aAAa,GAAnB,MAAM,aAAa;IACzB,YAA6B,cAA8B;QAA9B,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IA4B/D,SAAS,CAAgB,IAAU;QAClC,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC;IA6BD,gBAAgB,CAAgB,IAAU,EAAiB,IAAY;QACtE,OAAO,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC/D,CAAC;IAoBD,MAAM,CAAgB,IAAU,EAAmC,GAAc;QAChF,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACjD,CAAC;IAkBD,SAAS,CAAgB,IAAU,EAAmC,GAAiB;QACtF,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAuBD,SAAS,CAAgB,IAAU,EAAmC,GAAiB;QACtF,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAoBD,SAAS,CAAgB,IAAU,EAAmC,GAAiB;QACtF,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;CACD,CAAA;AAxJY,sCAAa;AA6BzB;IAxBC,IAAA,YAAG,EAAC,QAAQ,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gBAAgB;QACzB,WAAW,EACV,iFAAiF;YACjF,yFAAyF;KAC1F,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,IAAI,EAAE,sBAAY;QAClB,OAAO,EAAE,IAAI;QACb,MAAM,EAAE;YACP,OAAO,EAAE;gBACR;oBACC,IAAI,EAAE,gBAAgB;oBACtB,KAAK,EAAE,IAAI;oBACX,MAAM,EAAE,CAAC;oBACT,YAAY,EAAE,0BAA0B;oBACxC,cAAc,EAAE,0BAA0B;oBAC1C,QAAQ,EAAE,KAAK;iBACf;aACD;SACD;KACD,CAAC;IACS,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;8CAElC;AA6BD;IA3BC,IAAA,YAAG,EAAC,cAAc,CAAC;IACnB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gCAAgC;QACzC,WAAW,EACV,kFAAkF;YAClF,gDAAgD;KACjD,CAAC;IACD,IAAA,kBAAQ,EAAC;QACT,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,uBAAa,EAAC;QACd,IAAI,EAAE,sBAAY;QAClB,MAAM,EAAE;YACP,OAAO,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,CAAC;gBACT,YAAY,EAAE,0BAA0B;gBACxC,cAAc,EAAE,0BAA0B;gBAC1C,QAAQ,EAAE,KAAK;aACf;SACD;KACD,CAAC;IACD,IAAA,+BAAqB,EAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;IACzC,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;;qCAApB,kBAAI;;qDAEzC;AAoBD;IAhBC,IAAA,aAAI,EAAC,KAAK,CAAC;IACX,IAAA,iBAAQ,EAAC,mBAAU,CAAC,OAAO,CAAC;IAC5B,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,wBAAwB;QACjC,WAAW,EACV,wCAAwC;YACxC,iGAAiG;KAClG,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,mBAAS,EAAE,CAAC;IAC5B,IAAA,4BAAkB,EAAC;QACnB,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,sCAAsC,EAAE,EAAE;KACxE,CAAC;IACD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;IAC1E,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,mEAAmE;KAChF,CAAC;IACM,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAtC,kBAAI,EAAwC,mBAAS;;2CAEhF;AAkBD;IAdC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,wBAAwB;QACjC,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,0CAA0C,EAAE,EAAE,EAAE,CAAC;IAC/F,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACpE,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;IACtF,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,sDAAsD,EAAE,CAAC;IAC5F,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,mEAAmE;KAChF,CAAC;IACS,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAtC,kBAAI,EAAwC,sBAAY;;8CAEtF;AAuBD;IAnBC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,cAAc;QACvB,WAAW,EACV,4EAA4E;YAC5E,gGAAgG;YAChG,2FAA2F;KAC5F,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,2CAA2C,EAAE,EAAE;KAC7E,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IACzD,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,CAAC;IAChF,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAClE,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,mEAAmE;KAChF,CAAC;IACS,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAtC,kBAAI,EAAwC,sBAAY;;8CAEtF;AAoBD;IAhBC,IAAA,eAAM,EAAC,QAAQ,CAAC;IAChB,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,cAAc;QACvB,WAAW,EACV,kFAAkF;YAClF,4EAA4E;KAC7E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,sBAAY,EAAE,CAAC;IAC/B,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,0CAA0C,EAAE,EAAE,EAAE,CAAC;IAC/F,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACpE,IAAA,8BAAoB,EAAC,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IACtD,IAAA,6BAAmB,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAClE,IAAA,+BAAqB,EAAC;QACtB,WAAW,EAAE,mEAAmE;KAChF,CAAC;IACS,WAAA,IAAA,wBAAW,GAAE,CAAA;IAAc,WAAA,IAAA,aAAI,EAAC,wDAAyB,CAAC,CAAA;;qCAAtC,kBAAI,EAAwC,sBAAY;;8CAEtF;wBAvJW,aAAa;IAJzB,IAAA,iBAAO,EAAC,KAAK,CAAC;IACd,IAAA,mBAAU,EAAC,UAAU,CAAC;IACtB,IAAA,kBAAS,EAAC,yBAAY,CAAC;IACvB,IAAA,uBAAa,GAAE;qCAE8B,iCAAc;GAD/C,aAAa,CAwJzB"}

package/dist/modules/auth/controllers/session.controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/session.controller.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,IAAI,EAAE,MAAM,kCAAkC,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,qBAIa,iBAAiB;IAE5B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,YAAY;gBADZ,cAAc,EAAE,cAAc,EAC9B,YAAY,EAAE,YAAY;IAgB5C,YAAY,CAAS,IAAI,EAAE,eAAe,EAAS,GAAG,EAAE,OAAO;IAY/D,MAAM,CAAgB,IAAI,EAAE,IAAI;;;IAShC,iBAAiB,CAAgB,IAAI,EAAE,IAAI;IAW3C,aAAa,CAAoC,SAAS,EAAE,MAAM,EAAiB,IAAI,EAAE,IAAI;;;CAG7F"}
+{"version":3,"file":"session.controller.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/session.controller.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,IAAI,EAAE,MAAM,kCAAkC,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAoB,MAAM,kBAAkB,CAAC;AACrE,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,qBAIa,iBAAiB;IAE5B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,YAAY;gBADZ,cAAc,EAAE,cAAc,EAC9B,YAAY,EAAE,YAAY;IAc5C,YAAY,CAAS,IAAI,EAAE,eAAe,EAAS,GAAG,EAAE,OAAO;IAY/D,MAAM,CAAgB,IAAI,EAAE,IAAI;;;IAShC,iBAAiB,CAAgB,IAAI,EAAE,IAAI;IAW3C,aAAa,CAAoC,SAAS,EAAE,MAAM,EAAiB,IAAI,EAAE,IAAI;;;CAG7F"}

package/dist/modules/auth/controllers/session.controller.js

@@ -54,9 +54,7 @@ __decorate([
         description: 'Rotate refresh token and get a new access + refresh token pair.',
     }),
     (0, swagger_1.ApiBody)({ type: token_dto_1.RefreshTokenDto }),
-    (0, swagger_1.ApiOkResponse)({
-        schema: { example: { accessToken: 'jwt', refreshToken: 'id.secret', expiresIn: 900000 } },
-    }),
+    (0, swagger_1.ApiOkResponse)({ type: token_dto_1.TokenResponseDto }),
     (0, swagger_1.ApiUnauthorizedResponse)({ description: 'Invalid, expired, or reused refresh token' }),
     __param(0, (0, common_1.Body)()),
     __param(1, (0, common_2.Req)()),

package/dist/modules/auth/controllers/session.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"session.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/session.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,6CAOyB;AACzB,kEAAiE;AACjE,mDAA+D;AAC/D,2DAAiE;AACjE,kEAAwD;AACxD,iEAA6D;AAC7D,yEAAqE;AACrE,gDAAmD;AAEnD,2CAAqC;AACrC,uEAAyE;AAMlE,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC7B,YACkB,cAA8B,EAC9B,YAA0B;QAD1B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,iBAAY,GAAZ,YAAY,CAAc;IACzC,CAAC;IAeJ,YAAY,CAAS,IAAqB,EAAS,GAAY;QAC9D,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChF,CAAC;IASD,MAAM,CAAgB,IAAU;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAOD,iBAAiB,CAAgB,IAAU;QAC1C,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvD,CAAC;IASD,aAAa,CAAoC,SAAiB,EAAiB,IAAU;QAC5F,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC;CACD,CAAA;AAtDY,8CAAiB;AAmB7B;IAbC,IAAA,aAAI,EAAC,SAAS,CAAC;IACf,IAAA,mBAAM,GAAE;IACR,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,iEAAiE;KAC9E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,2BAAe,EAAE,CAAC;IAClC,IAAA,uBAAa,EAAC;QACd,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE;KACzF,CAAC;IACD,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;IACxE,WAAA,IAAA,aAAI,GAAE,CAAA;IAAyB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAvB,2BAAe;;qDAGzC;AASD;IAPC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,QAAQ;QACjB,WAAW,EAAE,kDAAkD;KAC/D,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,yBAAyB,EAAE,EAAE,EAAE,CAAC;IACvE,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;+CAE/B;AAOD;IALC,IAAA,YAAG,EAAC,UAAU,CAAC;IACf,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EAAE,uEAAuE;KACpF,CAAC;IACiB,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;0DAE1C;AASD;IAPC,IAAA,aAAI,EAAC,4BAA4B,CAAC;IAClC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,4CAA4C;KACzD,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACrE,WAAA,IAAA,cAAK,EAAC,WAAW,EAAE,sBAAa,CAAC,CAAA;IAAqB,WAAA,IAAA,wBAAW,GAAE,CAAA;;6CAAO,kBAAI;;sDAE5F;4BArDW,iBAAiB;IAJ7B,IAAA,iBAAO,EAAC,SAAS,CAAC;IAClB,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,kBAAS,EAAC,yBAAY,CAAC;IACvB,IAAA,uBAAa,GAAE;qCAGmB,gCAAc;QAChB,4BAAY;GAHhC,iBAAiB,CAsD7B"}
+{"version":3,"file":"session.controller.js","sourceRoot":"","sources":["../../../../src/modules/auth/controllers/session.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,6CAOyB;AACzB,kEAAiE;AACjE,mDAA+D;AAC/D,2DAAiE;AACjE,kEAAwD;AACxD,iEAA6D;AAC7D,yEAAqE;AACrE,gDAAqE;AAErE,2CAAqC;AACrC,uEAAyE;AAMlE,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC7B,YACkB,cAA8B,EAC9B,YAA0B;QAD1B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,iBAAY,GAAZ,YAAY,CAAc;IACzC,CAAC;IAaJ,YAAY,CAAS,IAAqB,EAAS,GAAY;QAC9D,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,IAAA,kCAAkB,EAAC,GAAG,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAChF,CAAC;IASD,MAAM,CAAgB,IAAU;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAOD,iBAAiB,CAAgB,IAAU;QAC1C,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvD,CAAC;IASD,aAAa,CAAoC,SAAiB,EAAiB,IAAU;QAC5F,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC;CACD,CAAA;AApDY,8CAAiB;AAiB7B;IAXC,IAAA,aAAI,EAAC,SAAS,CAAC;IACf,IAAA,mBAAM,GAAE;IACR,IAAA,kBAAS,EAAC,8BAAqB,CAAC;IAChC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,iEAAiE;KAC9E,CAAC;IACD,IAAA,iBAAO,EAAC,EAAE,IAAI,EAAE,2BAAe,EAAE,CAAC;IAClC,IAAA,uBAAa,EAAC,EAAE,IAAI,EAAE,4BAAgB,EAAE,CAAC;IACzC,IAAA,iCAAuB,EAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;IACxE,WAAA,IAAA,aAAI,GAAE,CAAA;IAAyB,WAAA,IAAA,YAAG,GAAE,CAAA;;qCAAvB,2BAAe;;qDAGzC;AASD;IAPC,IAAA,aAAI,EAAC,QAAQ,CAAC;IACd,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,QAAQ;QACjB,WAAW,EAAE,kDAAkD;KAC/D,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,yBAAyB,EAAE,EAAE,EAAE,CAAC;IACvE,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;+CAE/B;AAOD;IALC,IAAA,YAAG,EAAC,UAAU,CAAC;IACf,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EAAE,uEAAuE;KACpF,CAAC;IACiB,WAAA,IAAA,wBAAW,GAAE,CAAA;;qCAAO,kBAAI;;0DAE1C;AASD;IAPC,IAAA,aAAI,EAAC,4BAA4B,CAAC;IAClC,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,sBAAY,EAAC;QACb,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,4CAA4C;KACzD,CAAC;IACD,IAAA,uBAAa,EAAC,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;IACrE,WAAA,IAAA,cAAK,EAAC,WAAW,EAAE,sBAAa,CAAC,CAAA;IAAqB,WAAA,IAAA,wBAAW,GAAE,CAAA;;6CAAO,kBAAI;;sDAE5F;4BAnDW,iBAAiB;IAJ7B,IAAA,iBAAO,EAAC,SAAS,CAAC;IAClB,IAAA,mBAAU,EAAC,MAAM,CAAC;IAClB,IAAA,kBAAS,EAAC,yBAAY,CAAC;IACvB,IAAA,uBAAa,GAAE;qCAGmB,gCAAc;QAChB,4BAAY;GAHhC,iBAAiB,CAoD7B"}

package/dist/modules/auth/dto/index.d.ts

@@ -2,7 +2,6 @@ export * from './otp.dto';
 export * from './login.dto';
 export * from './register.dto';
 export * from './password.dto';
-export * from './invite.dto';
 export * from './token.dto';
 export * from './pin.dto';
 //# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/dto/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC"}

package/dist/modules/auth/dto/index.js

@@ -18,7 +18,6 @@ __exportStar(require("./otp.dto"), exports);
 __exportStar(require("./login.dto"), exports);
 __exportStar(require("./register.dto"), exports);
 __exportStar(require("./password.dto"), exports);
-__exportStar(require("./invite.dto"), exports);
 __exportStar(require("./token.dto"), exports);
 __exportStar(require("./pin.dto"), exports);
 //# sourceMappingURL=index.js.map

package/dist/modules/auth/dto/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/auth/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAA0B;AAC1B,8CAA4B;AAC5B,iDAA+B;AAC/B,iDAA+B;AAC/B,+CAA6B;AAC7B,8CAA4B;AAC5B,4CAA0B"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/auth/dto/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAA0B;AAC1B,8CAA4B;AAC5B,iDAA+B;AAC/B,iDAA+B;AAC/B,8CAA4B;AAC5B,4CAA0B"}

package/dist/modules/auth/dto/login.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"login.dto.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/login.dto.ts"],"names":[],"mappings":"AAIA,qBACa,QAAQ;IAEpB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAQhC,iBAAiB,EAAG,MAAM,CAAC;IAK3B,KAAK,EAAG,MAAM,CAAC;IAMf,QAAQ,EAAG,MAAM,CAAC;CAClB"}
+{"version":3,"file":"login.dto.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/login.dto.ts"],"names":[],"mappings":"AAUA,qBACa,QAAQ;IAEpB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAWhC,iBAAiB,EAAG,MAAM,CAAC;IAQ3B,KAAK,EAAG,MAAM,CAAC;IASf,QAAQ,EAAG,MAAM,CAAC;CAClB"}

package/dist/modules/auth/dto/login.dto.js

@@ -22,7 +22,9 @@ __decorate([
 ], LoginDto.prototype, "_authMethod", void 0);
 __decorate([
     (0, swagger_1.ApiPropertyOptional)({
-        description: 'Verification token returned by verify-otp (hasAccount=true)',
+        example: 'c498758c-eec1-4a3b-b496-a6eddf498d4c',
+        description: 'Required when auth.method=phone. Single-use token from POST /auth/verify-otp when hasAccount is true. ' +
+            'Do not use the verificationId from send-otp.',
     }),
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'phone'),
@@ -30,13 +32,19 @@ __decorate([
     __metadata("design:type", String)
 ], LoginDto.prototype, "verificationToken", void 0);
 __decorate([
-    (0, swagger_1.ApiPropertyOptional)({ example: 'user@example.com', description: 'Registered email address' }),
+    (0, swagger_1.ApiPropertyOptional)({
+        example: 'user@example.com',
+        description: 'Required when auth.method=email.',
+    }),
     (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'email'),
     (0, class_validator_1.IsEmail)(),
     __metadata("design:type", String)
 ], LoginDto.prototype, "email", void 0);
 __decorate([
-    (0, swagger_1.ApiPropertyOptional)({ example: 'P@ssw0rd!', description: 'Account password' }),
+    (0, swagger_1.ApiPropertyOptional)({
+        example: 'P@ssw0rd!',
+        description: 'Required when auth.method=email.',
+    }),
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.ValidateIf)((o) => o._authMethod === 'email'),
     (0, class_validator_1.IsNotEmpty)(),

package/dist/modules/auth/dto/login.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"login.dto.js","sourceRoot":"","sources":["../../../../src/modules/auth/dto/login.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAwF;AACxF,6CAAsD;AACtD,wGAAyF;AAGlF,IAAM,QAAQ,GAAd,MAAM,QAAQ;CAsBpB,CAAA;AAtBY,4BAAQ;AAEpB;IADC,IAAA,4BAAU,GAAE;;6CACmB;AAQhC;IANC,IAAA,6BAAmB,EAAC;QACpB,WAAW,EAAE,6DAA6D;KAC1E,CAAC;IACD,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;mDACc;AAK3B;IAHC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IAC7F,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,yBAAO,GAAE;;uCACK;AAMf;IAJC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;IAC9E,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;0CACK;mBArBN,QAAQ;IADpB,IAAA,6CAAe,GAAE;GACL,QAAQ,CAsBpB"}
+{"version":3,"file":"login.dto.js","sourceRoot":"","sources":["../../../../src/modules/auth/dto/login.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAwF;AACxF,6CAAsD;AACtD,wGAAyF;AASlF,IAAM,QAAQ,GAAd,MAAM,QAAQ;CA+BpB,CAAA;AA/BY,4BAAQ;AAEpB;IADC,IAAA,4BAAU,GAAE;;6CACmB;AAWhC;IATC,IAAA,6BAAmB,EAAC;QACpB,OAAO,EAAE,sCAAsC;QAC/C,WAAW,EACV,wGAAwG;YACxG,8CAA8C;KAC/C,CAAC;IACD,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;mDACc;AAQ3B;IANC,IAAA,6BAAmB,EAAC;QACpB,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,kCAAkC;KAC/C,CAAC;IACD,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,yBAAO,GAAE;;uCACK;AASf;IAPC,IAAA,6BAAmB,EAAC;QACpB,OAAO,EAAE,WAAW;QACpB,WAAW,EAAE,kCAAkC;KAC/C,CAAC;IACD,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,EAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC;IACtD,IAAA,4BAAU,GAAE;;0CACK;mBA9BN,QAAQ;IADpB,IAAA,6CAAe,GAAE;GACL,QAAQ,CA+BpB"}

package/dist/modules/auth/dto/otp.dto.d.ts

@@ -12,4 +12,26 @@ export declare class VerifyOtpDto {
 export declare class ResendOtpDto {
     verificationId: string;
 }
+export declare class OtpGenerateDataDto {
+    verificationId: string;
+    expiresAt: number;
+    resendIn: number;
+}
+export declare class OtpGenerateResponseDto {
+    success: boolean;
+    message: string;
+    data: OtpGenerateDataDto;
+}
+export declare class OtpVerifyDataDto {
+    subject: string;
+    channel: 'sms' | 'email';
+    verificationToken: string;
+    expiresAt: number;
+    hasAccount: boolean;
+}
+export declare class OtpVerifyResponseDto {
+    success: boolean;
+    message: string;
+    data: OtpVerifyDataDto;
+}
 //# sourceMappingURL=otp.dto.d.ts.map

package/dist/modules/auth/dto/otp.dto.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"otp.dto.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/otp.dto.ts"],"names":[],"mappings":"AAsBA,wBAAgB,cAAc,CAAC,CAAC,EAAE,UAAU,GAAG,KAAK,GAAG,OAAO,CAI7D;AAED,qBACa,UAAU;IAGtB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAUhC,OAAO,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC;IAQ1B,KAAK,CAAC,EAAE,MAAM,CAAC;IAQf,KAAK,CAAC,EAAE,MAAM,CAAC;CACf;AAED,qBAAa,YAAY;IAGxB,cAAc,EAAG,MAAM,CAAC;IASxB,GAAG,EAAG,MAAM,CAAC;CACb;AAED,qBAAa,YAAY;IAGxB,cAAc,EAAG,MAAM,CAAC;CACxB"}
+{"version":3,"file":"otp.dto.d.ts","sourceRoot":"","sources":["../../../../src/modules/auth/dto/otp.dto.ts"],"names":[],"mappings":"AAsBA,wBAAgB,cAAc,CAAC,CAAC,EAAE,UAAU,GAAG,KAAK,GAAG,OAAO,CAI7D;AAED,qBACa,UAAU;IAGtB,WAAW,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAUhC,OAAO,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC;IAQ1B,KAAK,CAAC,EAAE,MAAM,CAAC;IAQf,KAAK,CAAC,EAAE,MAAM,CAAC;CACf;AAED,qBAAa,YAAY;IAQxB,cAAc,EAAG,MAAM,CAAC;IASxB,GAAG,EAAG,MAAM,CAAC;CACb;AAED,qBAAa,YAAY;IAMxB,cAAc,EAAG,MAAM,CAAC;CACxB;AAID,qBAAa,kBAAkB;IAI9B,cAAc,EAAG,MAAM,CAAC;IAGxB,SAAS,EAAG,MAAM,CAAC;IAGnB,QAAQ,EAAG,MAAM,CAAC;CAClB;AAED,qBAAa,sBAAsB;IAElC,OAAO,EAAG,OAAO,CAAC;IAGlB,OAAO,EAAG,MAAM,CAAC;IAGjB,IAAI,EAAG,kBAAkB,CAAC;CAC1B;AAED,qBAAa,gBAAgB;IAK5B,OAAO,EAAG,MAAM,CAAC;IAGjB,OAAO,EAAG,KAAK,GAAG,OAAO,CAAC;IAQ1B,iBAAiB,EAAG,MAAM,CAAC;IAK3B,SAAS,EAAG,MAAM,CAAC;IAOnB,UAAU,EAAG,OAAO,CAAC;CACrB;AAED,qBAAa,oBAAoB;IAEhC,OAAO,EAAG,OAAO,CAAC;IAGlB,OAAO,EAAG,MAAM,CAAC;IAGjB,IAAI,EAAG,gBAAgB,CAAC;CACxB"}