order-management 0.0.39 → 0.0.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.medusa/server/src/api/store/guest-orders/[id]/cancel/route.js +5 -4
- package/.medusa/server/src/api/store/guest-orders/[id]/reorder/route.js +5 -4
- package/.medusa/server/src/api/store/guest-orders/[id]/route.js +5 -4
- package/.medusa/server/src/api/store/guest-orders/route.js +5 -4
- package/.medusa/server/src/api/store/orders/[order_id]/returns/route.js +13 -5
- package/.medusa/server/src/api/store/orders/[order_id]/swaps/route.js +29 -13
- package/.medusa/server/src/api/store/orders/cancel/[order_id]/route.js +12 -10
- package/.medusa/server/src/api/store/orders/reorder/[order_id]/route.js +11 -9
- package/.medusa/server/src/api/store/otp/verify/route.js +4 -4
- package/.medusa/server/src/api/store/returns/[id]/cancel/route.js +11 -4
- package/.medusa/server/src/api/store/returns/[id]/route.js +11 -4
- package/.medusa/server/src/api/store/returns/route.js +29 -15
- package/.medusa/server/src/api/store/swaps/[id]/cancel/route.js +12 -5
- package/.medusa/server/src/api/store/swaps/[id]/route.js +22 -8
- package/.medusa/server/src/api/store/swaps/route.js +24 -10
- package/.medusa/server/src/services/otp-service.js +3 -3
- package/package.json +1 -1
|
@@ -42,7 +42,8 @@ async function POST(req, res) {
|
|
|
42
42
|
res.status(401).json({ message: "Invalid token payload" });
|
|
43
43
|
return;
|
|
44
44
|
}
|
|
45
|
-
const
|
|
45
|
+
const guest_identifier = decoded.guest_identifier;
|
|
46
|
+
const actorId = decoded.actor_id ?? decoded.customer_id;
|
|
46
47
|
// Resolve Query to fetch order and verify ownership
|
|
47
48
|
const query = req.scope.resolve(utils_1.ContainerRegistrationKeys.QUERY);
|
|
48
49
|
// Fetch the specific order and include customer info
|
|
@@ -60,8 +61,8 @@ async function POST(req, res) {
|
|
|
60
61
|
res.status(404).json({ message: "Order not found or access denied" });
|
|
61
62
|
return;
|
|
62
63
|
}
|
|
63
|
-
// Use the customer_id from the order if available, otherwise from token
|
|
64
|
-
const orderCustomerId = order.customer_id ||
|
|
64
|
+
// Use the customer_id from the order if available, otherwise from token (actor_id)
|
|
65
|
+
const orderCustomerId = order.customer_id || actorId;
|
|
65
66
|
if (!orderCustomerId) {
|
|
66
67
|
res.status(400).json({
|
|
67
68
|
message: "Cannot cancel order: customer ID not found"
|
|
@@ -111,4 +112,4 @@ async function POST(req, res) {
|
|
|
111
112
|
});
|
|
112
113
|
}
|
|
113
114
|
}
|
|
114
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
115
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL2d1ZXN0LW9yZGVycy9baWRdL2NhbmNlbC9yb3V0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQVFBLG9CQStIQztBQXRJRCxxREFBcUU7QUFDckUscURBQXVEO0FBQ3ZELGdFQUE4QztBQUM5QyxrREFBcUU7QUFFckUsMEZBQW9GO0FBRTdFLEtBQUssVUFBVSxJQUFJLENBQ3RCLEdBQWtCLEVBQ2xCLEdBQW1CO0lBRW5CLE1BQU0sVUFBVSxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFBO0lBQzVDLE1BQU0sRUFBRSxFQUFFLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRXpCLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7UUFDbkQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUseUNBQXlDLEVBQUUsQ0FBQyxDQUFBO1FBQzVFLE9BQU07SUFDVixDQUFDO0lBRUQsSUFBSSxDQUFDLEVBQUUsRUFBRSxDQUFDO1FBQ04sR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsc0JBQXNCLEVBQUUsQ0FBQyxDQUFBO1FBQ3pELE9BQU07SUFDVixDQUFDO0lBRUQsTUFBTSxLQUFLLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUV0QywrQkFBK0I7SUFDL0IsSUFBSSxNQUFNLENBQUE7SUFDVixJQUFJLENBQUM7UUFDRCxNQUFNLFlBQVksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FDbEMsaUNBQXlCLENBQUMsYUFBYSxDQUMxQyxDQUFBO1FBQ0QsTUFBTSxHQUFHLElBQUEsc0NBQTZCLEVBQUMsWUFBWSxDQUFDLENBQUE7SUFDeEQsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDYixNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsT0FBTyxDQUFDLEtBQUssQ0FBQyxnREFBZ0QsRUFBRSxZQUFZLENBQUMsQ0FBQTtRQUM3RSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNqQixPQUFPLEVBQUUsd0NBQXdDO1lBQ2pELEtBQUssRUFBRSxZQUFZO1NBQ3RCLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDVixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0QsTUFBTSxPQUFPLEdBQUcsc0JBQUcsQ0FBQyxNQUFNLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxTQUFTLENBQWUsQ0FBQTtRQUVqRSxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDeEMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsdUJBQXVCLEVBQUUsQ0FBQyxDQUFBO1lBQzFELE9BQU07UUFDVixDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsZ0JBQWdCLENBQUE7UUFDakQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLFFBQVEsSUFBSyxPQUFvQyxDQUFDLFdBQVcsQ0FBQTtRQUVyRixvREFBb0Q7UUFDcEQsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsS0FBSyxDQUFDLENBQUE7UUFFaEUscURBQXFEO1FBQ3JELE1BQU0sRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDO1lBQ3ZDLE1BQU0sRUFBRSxPQUFPO1lBQ2YsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLGFBQWEsRUFBRSxzQkFBc0IsRUFBRSxPQUFPLENBQUM7WUFDOUQsT0FBTyxFQUFFO2dCQUNMLEVBQUUsRUFBRSxFQUFFO2dCQUNOLEtBQUssRUFBRSxnQkFBZ0I7YUFDMUI7U0FDSixDQUFDLENBQUE7UUFFRixNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFFdkIscUdBQXFHO1FBQ3JHLElBQUksQ0FBQyxLQUFLLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxJQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsV0FBVyxLQUFLLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDcEUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsa0NBQWtDLEVBQUUsQ0FBQyxDQUFBO1lBQ3JFLE9BQU07UUFDVixDQUFDO1FBRUQsbUZBQW1GO1FBQ25GLE1BQU0sZUFBZSxHQUFHLEtBQUssQ0FBQyxXQUFXLElBQUksT0FBTyxDQUFBO1FBRXBELElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztZQUNuQixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDakIsT0FBTyxFQUFFLDRDQUE0QzthQUN4RCxDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1YsQ0FBQztRQUVELGdDQUFnQztRQUNoQyxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLDJDQUFtQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDeEQsS0FBSyxFQUFFO2dCQUNILFFBQVEsRUFBRSxFQUFFO2dCQUNaLFdBQVcsRUFBRSxlQUFlO2FBQy9CO1NBQ0osQ0FBQyxDQUFBO1FBRUYsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxREFBcUQsRUFBRSxjQUFjLGdCQUFnQixFQUFFLENBQUMsQ0FBQTtRQUVwRyxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQTtJQUVoQyxDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNiLDBCQUEwQjtRQUMxQixPQUFPLENBQUMsS0FBSyxDQUFDLDZCQUE2QixFQUFFO1lBQ3pDLFFBQVEsRUFBRSxFQUFFO1lBQ1osS0FBSyxFQUFFLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUM7WUFDN0QsYUFBYSxFQUFFLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDO2dCQUNwQyxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7Z0JBQ2hCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDdEIsS0FBSyxFQUFFLEtBQUssQ0FBQyxLQUFLO2FBQ3JCLENBQUMsQ0FBQyxDQUFDLEtBQUs7U0FDWixDQUFDLENBQUE7UUFFRixJQUFJLEtBQUssWUFBWSxtQkFBVyxFQUFFLENBQUM7WUFDL0IsTUFBTSxVQUFVLEdBQ1osS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxTQUFTO2dCQUN0QyxDQUFDLENBQUMsR0FBRztnQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxXQUFXO29CQUM5QyxDQUFDLENBQUMsR0FBRztvQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZO3dCQUMvQyxDQUFDLENBQUMsR0FBRzt3QkFDTCxDQUFDLENBQUMsR0FBRyxDQUFBO1lBRWIsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ3hCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDdEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2FBQ25CLENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDVixDQUFDO1FBRUQsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsbUJBQW1CLENBQUE7UUFDakYsTUFBTSxVQUFVLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO1FBRW5FLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ2pCLE9BQU8sRUFBRSxZQUFZO1lBQ3JCLEdBQUcsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFFBQVEsS0FBSyxhQUFhLElBQUksRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFLENBQUM7U0FDdkUsQ0FBQyxDQUFBO0lBQ04sQ0FBQztBQUNMLENBQUMifQ==
|
|
@@ -42,7 +42,8 @@ async function POST(req, res) {
|
|
|
42
42
|
res.status(401).json({ message: "Invalid token payload" });
|
|
43
43
|
return;
|
|
44
44
|
}
|
|
45
|
-
const
|
|
45
|
+
const guest_identifier = decoded.guest_identifier;
|
|
46
|
+
const actorId = decoded.actor_id ?? decoded.customer_id;
|
|
46
47
|
// Resolve Query to fetch order and verify ownership
|
|
47
48
|
const query = req.scope.resolve(utils_1.ContainerRegistrationKeys.QUERY);
|
|
48
49
|
// Fetch the specific order and include customer info
|
|
@@ -60,8 +61,8 @@ async function POST(req, res) {
|
|
|
60
61
|
res.status(404).json({ message: "Order not found or access denied" });
|
|
61
62
|
return;
|
|
62
63
|
}
|
|
63
|
-
// Use the customer_id from the order if available, otherwise from token
|
|
64
|
-
const orderCustomerId = order.customer_id ||
|
|
64
|
+
// Use the customer_id from the order if available, otherwise from token (actor_id)
|
|
65
|
+
const orderCustomerId = order.customer_id || actorId;
|
|
65
66
|
if (!orderCustomerId) {
|
|
66
67
|
res.status(400).json({
|
|
67
68
|
message: "Cannot reorder: customer ID not found"
|
|
@@ -111,4 +112,4 @@ async function POST(req, res) {
|
|
|
111
112
|
});
|
|
112
113
|
}
|
|
113
114
|
}
|
|
114
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
115
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL2d1ZXN0LW9yZGVycy9baWRdL3Jlb3JkZXIvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFRQSxvQkErSEM7QUF0SUQscURBQXFFO0FBQ3JFLHFEQUF1RDtBQUN2RCxnRUFBOEM7QUFDOUMsa0RBQXFFO0FBRXJFLGdGQUEyRTtBQUVwRSxLQUFLLFVBQVUsSUFBSSxDQUN0QixHQUFrQixFQUNsQixHQUFtQjtJQUVuQixNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQTtJQUM1QyxNQUFNLEVBQUUsRUFBRSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUV6QixJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1FBQ25ELEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHlDQUF5QyxFQUFFLENBQUMsQ0FBQTtRQUM1RSxPQUFNO0lBQ1YsQ0FBQztJQUVELElBQUksQ0FBQyxFQUFFLEVBQUUsQ0FBQztRQUNOLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHNCQUFzQixFQUFFLENBQUMsQ0FBQTtRQUN6RCxPQUFNO0lBQ1YsQ0FBQztJQUVELE1BQU0sS0FBSyxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUE7SUFFdEMsK0JBQStCO0lBQy9CLElBQUksTUFBTSxDQUFBO0lBQ1YsSUFBSSxDQUFDO1FBQ0QsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQ2xDLGlDQUF5QixDQUFDLGFBQWEsQ0FDMUMsQ0FBQTtRQUNELE1BQU0sR0FBRyxJQUFBLHNDQUE2QixFQUFDLFlBQVksQ0FBQyxDQUFBO0lBQ3hELENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2IsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLE9BQU8sQ0FBQyxLQUFLLENBQUMsaURBQWlELEVBQUUsWUFBWSxDQUFDLENBQUE7UUFDOUUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDakIsT0FBTyxFQUFFLHdDQUF3QztZQUNqRCxLQUFLLEVBQUUsWUFBWTtTQUN0QixDQUFDLENBQUE7UUFDRixPQUFNO0lBQ1YsQ0FBQztJQUVELElBQUksQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFHLHNCQUFHLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsU0FBUyxDQUFlLENBQUE7UUFFakUsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3hDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHVCQUF1QixFQUFFLENBQUMsQ0FBQTtZQUMxRCxPQUFNO1FBQ1YsQ0FBQztRQUVELE1BQU0sZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLGdCQUFnQixDQUFBO1FBQ2pELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQyxRQUFRLElBQUssT0FBb0MsQ0FBQyxXQUFXLENBQUE7UUFFckYsb0RBQW9EO1FBQ3BELE1BQU0sS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLEtBQUssQ0FBQyxDQUFBO1FBRWhFLHFEQUFxRDtRQUNyRCxNQUFNLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sS0FBSyxDQUFDLEtBQUssQ0FBQztZQUN2QyxNQUFNLEVBQUUsT0FBTztZQUNmLE1BQU0sRUFBRSxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUUsc0JBQXNCLEVBQUUsT0FBTyxDQUFDO1lBQzlELE9BQU8sRUFBRTtnQkFDTCxFQUFFLEVBQUUsRUFBRTtnQkFDTixLQUFLLEVBQUUsZ0JBQWdCO2FBQzFCO1NBQ0osQ0FBQyxDQUFBO1FBRUYsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFBO1FBRXZCLHFHQUFxRztRQUNyRyxJQUFJLENBQUMsS0FBSyxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLFdBQVcsS0FBSyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQ3BFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLGtDQUFrQyxFQUFFLENBQUMsQ0FBQTtZQUNyRSxPQUFNO1FBQ1YsQ0FBQztRQUVELG1GQUFtRjtRQUNuRixNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsV0FBVyxJQUFJLE9BQU8sQ0FBQTtRQUVwRCxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDbkIsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ2pCLE9BQU8sRUFBRSx1Q0FBdUM7YUFDbkQsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNWLENBQUM7UUFFRCwyQkFBMkI7UUFDM0IsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBQSxrQ0FBZSxFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDcEQsS0FBSyxFQUFFO2dCQUNILFFBQVEsRUFBRSxFQUFFO2dCQUNaLFdBQVcsRUFBRSxlQUFlO2FBQy9CO1NBQ0osQ0FBQyxDQUFBO1FBRUYsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtREFBbUQsTUFBTSxDQUFDLE9BQU8sY0FBYyxnQkFBZ0IsRUFBRSxDQUFDLENBQUE7UUFFOUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUE7SUFFaEMsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDYiwwQkFBMEI7UUFDMUIsT0FBTyxDQUFDLEtBQUssQ0FBQyw4QkFBOEIsRUFBRTtZQUMxQyxRQUFRLEVBQUUsRUFBRTtZQUNaLEtBQUssRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDO1lBQzdELGFBQWEsRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDcEMsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2dCQUNoQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSzthQUNyQixDQUFDLENBQUMsQ0FBQyxLQUFLO1NBQ1osQ0FBQyxDQUFBO1FBRUYsSUFBSSxLQUFLLFlBQVksbUJBQVcsRUFBRSxDQUFDO1lBQy9CLE1BQU0sVUFBVSxHQUNaLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUztnQkFDdEMsQ0FBQyxDQUFDLEdBQUc7Z0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsV0FBVztvQkFDOUMsQ0FBQyxDQUFDLEdBQUc7b0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWTt3QkFDL0MsQ0FBQyxDQUFDLEdBQUc7d0JBQ0wsQ0FBQyxDQUFDLEdBQUcsQ0FBQTtZQUViLEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUN4QixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNuQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1YsQ0FBQztRQUVELE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLG1CQUFtQixDQUFBO1FBQ2pGLE1BQU0sVUFBVSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUVuRSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNqQixPQUFPLEVBQUUsWUFBWTtZQUNyQixHQUFHLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxRQUFRLEtBQUssYUFBYSxJQUFJLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRSxDQUFDO1NBQ3ZFLENBQUMsQ0FBQTtJQUNOLENBQUM7QUFDTCxDQUFDIn0=
|
|
@@ -36,7 +36,8 @@ async function GET(req, res) {
|
|
|
36
36
|
res.status(401).json({ message: "Invalid token payload" });
|
|
37
37
|
return;
|
|
38
38
|
}
|
|
39
|
-
const
|
|
39
|
+
const guest_identifier = decoded.guest_identifier;
|
|
40
|
+
const actorId = decoded.actor_id ?? decoded.customer_id;
|
|
40
41
|
// Resolve Query to fetch order
|
|
41
42
|
const query = req.scope.resolve(utils_1.ContainerRegistrationKeys.QUERY);
|
|
42
43
|
// Fetch the specific order and include customer info
|
|
@@ -57,8 +58,8 @@ async function GET(req, res) {
|
|
|
57
58
|
],
|
|
58
59
|
filters: {
|
|
59
60
|
id: id,
|
|
60
|
-
customer_id:
|
|
61
|
-
email: !
|
|
61
|
+
customer_id: actorId ? [actorId] : undefined,
|
|
62
|
+
email: !actorId ? guest_identifier : undefined
|
|
62
63
|
}
|
|
63
64
|
});
|
|
64
65
|
const order = orders[0];
|
|
@@ -76,4 +77,4 @@ async function GET(req, res) {
|
|
|
76
77
|
res.status(401).json({ message: "Unauthorized or invalid token", error: errorMessage });
|
|
77
78
|
}
|
|
78
79
|
}
|
|
79
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
80
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL2d1ZXN0LW9yZGVycy9baWRdL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBTUEsa0JBb0ZDO0FBekZELHFEQUFxRTtBQUNyRSxnRUFBOEM7QUFDOUMsK0NBQWtFO0FBRzNELEtBQUssVUFBVSxHQUFHLENBQ3JCLEdBQWtCLEVBQ2xCLEdBQW1CO0lBRW5CLE1BQU0sVUFBVSxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFBO0lBQzVDLE1BQU0sRUFBRSxFQUFFLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRXpCLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7UUFDbkQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUseUNBQXlDLEVBQUUsQ0FBQyxDQUFBO1FBQzVFLE9BQU07SUFDVixDQUFDO0lBRUQsTUFBTSxLQUFLLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQTtJQUV0QywrQkFBK0I7SUFDL0IsSUFBSSxNQUFNLENBQUE7SUFDVixJQUFJLENBQUM7UUFDRCxNQUFNLFlBQVksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FDbEMsaUNBQXlCLENBQUMsYUFBYSxDQUMxQyxDQUFBO1FBQ0QsTUFBTSxHQUFHLElBQUEsc0NBQTZCLEVBQUMsWUFBWSxDQUFDLENBQUE7SUFDeEQsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDYixNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsT0FBTyxDQUFDLEtBQUssQ0FBQyx5Q0FBeUMsRUFBRSxZQUFZLENBQUMsQ0FBQTtRQUN0RSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNqQixPQUFPLEVBQUUsd0NBQXdDO1lBQ2pELEtBQUssRUFBRSxZQUFZO1NBQ3RCLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDVixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0QsTUFBTSxPQUFPLEdBQUcsc0JBQUcsQ0FBQyxNQUFNLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxTQUFTLENBQWUsQ0FBQTtRQUVqRSxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDeEMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsdUJBQXVCLEVBQUUsQ0FBQyxDQUFBO1lBQzFELE9BQU07UUFDVixDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsZ0JBQWdCLENBQUE7UUFDakQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLFFBQVEsSUFBSyxPQUFvQyxDQUFDLFdBQVcsQ0FBQTtRQUVyRiwrQkFBK0I7UUFDL0IsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsS0FBSyxDQUFDLENBQUE7UUFFaEUscURBQXFEO1FBQ3JELE1BQU0sRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDO1lBQ3ZDLE1BQU0sRUFBRSxPQUFPO1lBQ2YsTUFBTSxFQUFFO2dCQUNKLEdBQUc7Z0JBQ0gsU0FBUztnQkFDVCxvQkFBb0I7Z0JBQ3BCLG1CQUFtQjtnQkFDbkIsb0JBQW9CO2dCQUNwQixnQkFBZ0I7Z0JBQ2hCLHNCQUFzQjtnQkFDdEIsWUFBWTtnQkFDWixPQUFPO2dCQUNQLGFBQWE7Z0JBQ2Isc0JBQXNCO2FBQ3pCO1lBQ0QsT0FBTyxFQUFFO2dCQUNMLEVBQUUsRUFBRSxFQUFFO2dCQUNOLFdBQVcsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLFNBQVM7Z0JBQzVDLEtBQUssRUFBRSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLFNBQVM7YUFDakQ7U0FDSixDQUFDLENBQUE7UUFFRixNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFFdkIscUdBQXFHO1FBQ3JHLElBQUksQ0FBQyxLQUFLLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxJQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsV0FBVyxLQUFLLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDcEUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsa0NBQWtDLEVBQUUsQ0FBQyxDQUFBO1lBQ3JFLE9BQU07UUFDVixDQUFDO1FBRUQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDakIsS0FBSztTQUNSLENBQUMsQ0FBQTtJQUVOLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2IsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLCtCQUErQixFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsQ0FBQyxDQUFBO0lBQzNGLENBQUM7QUFDTCxDQUFDIn0=
|
|
@@ -35,11 +35,12 @@ async function GET(req, res) {
|
|
|
35
35
|
res.status(401).json({ message: "Invalid token payload" });
|
|
36
36
|
return;
|
|
37
37
|
}
|
|
38
|
-
const
|
|
38
|
+
const guest_identifier = decoded.guest_identifier;
|
|
39
|
+
const actorId = decoded.actor_id ?? decoded.customer_id;
|
|
39
40
|
// Resolve Query to fetch orders
|
|
40
41
|
const query = req.scope.resolve(utils_1.ContainerRegistrationKeys.QUERY);
|
|
41
|
-
console.log(`[Guest Orders Debug] Fetching orders for: ${guest_identifier} (
|
|
42
|
-
let guestIds =
|
|
42
|
+
console.log(`[Guest Orders Debug] Fetching orders for: ${guest_identifier} (actor_id: ${actorId || 'N/A'})`);
|
|
43
|
+
let guestIds = actorId ? [actorId] : [];
|
|
43
44
|
// 1. Fallback: Fetch guest customers for this email if ID is missing from token
|
|
44
45
|
if (guestIds.length === 0) {
|
|
45
46
|
const { data: guestCustomers } = await query.graph({
|
|
@@ -91,4 +92,4 @@ async function GET(req, res) {
|
|
|
91
92
|
res.status(401).json({ message: "Unauthorized or invalid token", error: errorMessage });
|
|
92
93
|
}
|
|
93
94
|
}
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
95
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL2d1ZXN0LW9yZGVycy9yb3V0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQU1BLGtCQXVHQztBQTVHRCxxREFBcUU7QUFDckUsZ0VBQThDO0FBQzlDLDRDQUErRDtBQUd4RCxLQUFLLFVBQVUsR0FBRyxDQUNyQixHQUFrQixFQUNsQixHQUFtQjtJQUVuQixNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQTtJQUU1QyxJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1FBQ25ELEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHlDQUF5QyxFQUFFLENBQUMsQ0FBQTtRQUM1RSxPQUFNO0lBQ1YsQ0FBQztJQUVELE1BQU0sS0FBSyxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUE7SUFFdEMsK0JBQStCO0lBQy9CLElBQUksTUFBTSxDQUFBO0lBQ1YsSUFBSSxDQUFDO1FBQ0QsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQ2xDLGlDQUF5QixDQUFDLGFBQWEsQ0FDMUMsQ0FBQTtRQUNELE1BQU0sR0FBRyxJQUFBLHNDQUE2QixFQUFDLFlBQVksQ0FBQyxDQUFBO0lBQ3hELENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2IsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLE9BQU8sQ0FBQyxLQUFLLENBQUMsMENBQTBDLEVBQUUsWUFBWSxDQUFDLENBQUE7UUFDdkUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDakIsT0FBTyxFQUFFLHdDQUF3QztZQUNqRCxLQUFLLEVBQUUsWUFBWTtTQUN0QixDQUFDLENBQUE7UUFDRixPQUFNO0lBQ1YsQ0FBQztJQUVELElBQUksQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFHLHNCQUFHLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsU0FBUyxDQUFlLENBQUE7UUFFakUsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3hDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHVCQUF1QixFQUFFLENBQUMsQ0FBQTtZQUMxRCxPQUFNO1FBQ1YsQ0FBQztRQUVELE1BQU0sZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLGdCQUFnQixDQUFBO1FBQ2pELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQyxRQUFRLElBQUssT0FBb0MsQ0FBQyxXQUFXLENBQUE7UUFFckYsZ0NBQWdDO1FBQ2hDLE1BQU0sS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLEtBQUssQ0FBQyxDQUFBO1FBRWhFLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkNBQTZDLGdCQUFnQixlQUFlLE9BQU8sSUFBSSxLQUFLLEdBQUcsQ0FBQyxDQUFBO1FBRTVHLElBQUksUUFBUSxHQUFhLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFBO1FBRWpELGdGQUFnRjtRQUNoRixJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDeEIsTUFBTSxFQUFFLElBQUksRUFBRSxjQUFjLEVBQUUsR0FBRyxNQUFNLEtBQUssQ0FBQyxLQUFLLENBQUM7Z0JBQy9DLE1BQU0sRUFBRSxVQUFVO2dCQUNsQixNQUFNLEVBQUUsQ0FBQyxJQUFJLENBQUM7Z0JBQ2QsT0FBTyxFQUFFO29CQUNMLEtBQUssRUFBRSxnQkFBZ0I7b0JBQ3ZCLFdBQVcsRUFBRSxLQUFLO2lCQUNyQjthQUNKLENBQUMsQ0FBQTtZQUNGLFFBQVEsR0FBRyxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFBO1lBQ3hDLE9BQU8sQ0FBQyxHQUFHLENBQUMsbURBQW1ELFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFBO1FBQ3pGLENBQUM7UUFFRCxJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDeEIsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxNQUFNLEVBQUUsRUFBRSxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsZ0JBQWdCLEVBQUUsQ0FBQyxDQUFBO1lBQ2hFLE9BQU07UUFDVixDQUFDO1FBRUQsNERBQTREO1FBQzVELE1BQU0sRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDO1lBQ3ZDLE1BQU0sRUFBRSxPQUFPO1lBQ2YsTUFBTSxFQUFFO2dCQUNKLElBQUk7Z0JBQ0osWUFBWTtnQkFDWixPQUFPO2dCQUNQLGFBQWE7Z0JBQ2IsUUFBUTtnQkFDUixPQUFPO2dCQUNQLGVBQWU7Z0JBQ2YsWUFBWTtnQkFDWixTQUFTO2FBQ1o7WUFDRCxPQUFPLEVBQUU7Z0JBQ0wsV0FBVyxFQUFFLFFBQVE7YUFDeEI7WUFDRCxhQUFhO1lBQ2IsSUFBSSxFQUFFLENBQUMsYUFBYSxDQUFDO1NBQ3hCLENBQUMsQ0FBQTtRQUVGLHVDQUF1QztRQUN2QyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLE1BQU0sS0FBSyxVQUFVLENBQUMsQ0FBQTtRQUUvRCxPQUFPLENBQUMsR0FBRyxDQUFDLDhCQUE4QixXQUFXLENBQUMsTUFBTSxxQkFBcUIsQ0FBQyxDQUFBO1FBRWxGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ2pCLE1BQU0sRUFBRSxXQUFXLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsRUFBRSxxQkFBcUI7WUFDdkQsS0FBSyxFQUFFLFdBQVcsQ0FBQyxNQUFNO1lBQ3pCLGdCQUFnQjtTQUNuQixDQUFDLENBQUE7SUFFTixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNiLE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtRQUM3RSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSwrQkFBK0IsRUFBRSxLQUFLLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQTtJQUMzRixDQUFDO0FBQ0wsQ0FBQyJ9
|
|
@@ -22,8 +22,16 @@ const POST = async (req, res) => {
|
|
|
22
22
|
}
|
|
23
23
|
// Type-safe access to auth_context
|
|
24
24
|
const authContext = req.auth_context;
|
|
25
|
-
const
|
|
26
|
-
|
|
25
|
+
const actorId = authContext?.actor_id;
|
|
26
|
+
const actorType = authContext?.actor_type;
|
|
27
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
28
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
29
|
+
console.warn("[Order Management] Authentication failed:", {
|
|
30
|
+
order_id,
|
|
31
|
+
actor_id: actorId,
|
|
32
|
+
actor_type: actorType,
|
|
33
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
34
|
+
});
|
|
27
35
|
res.status(401).json({
|
|
28
36
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
29
37
|
});
|
|
@@ -47,7 +55,7 @@ const POST = async (req, res) => {
|
|
|
47
55
|
return_items: body.return_items,
|
|
48
56
|
reason: body.reason,
|
|
49
57
|
note: body.note,
|
|
50
|
-
customer_id:
|
|
58
|
+
customer_id: actorId
|
|
51
59
|
},
|
|
52
60
|
});
|
|
53
61
|
res.status(201).json(result);
|
|
@@ -76,7 +84,7 @@ const POST = async (req, res) => {
|
|
|
76
84
|
}
|
|
77
85
|
const errorMessage = error instanceof Error ? error.message : "Unknown error";
|
|
78
86
|
console.error("Failed to create return from order:", {
|
|
79
|
-
|
|
87
|
+
actor_id: actorId,
|
|
80
88
|
order_id,
|
|
81
89
|
error: errorMessage,
|
|
82
90
|
body: req.body,
|
|
@@ -88,4 +96,4 @@ const POST = async (req, res) => {
|
|
|
88
96
|
}
|
|
89
97
|
};
|
|
90
98
|
exports.POST = POST;
|
|
91
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
99
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL29yZGVycy9bb3JkZXJfaWRdL3JldHVybnMvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELG9HQUE4RjtBQUM5Riw2QkFBdUI7QUFFdkIsTUFBTSwyQkFBMkIsR0FBRyxPQUFDLENBQUMsTUFBTSxDQUFDO0lBQzNDLFlBQVksRUFBRSxPQUFDLENBQUMsS0FBSyxDQUNuQixPQUFDLENBQUMsTUFBTSxDQUFDO1FBQ1AsRUFBRSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7UUFDZCxRQUFRLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUMvQixNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUM3QixVQUFVLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtLQUNsQyxDQUFDLENBQ0g7SUFDRCxNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUM3QixJQUFJLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtDQUM1QixDQUFDLENBQUE7QUFFSyxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixNQUFNLEVBQUUsUUFBUSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUUvQixJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDZCxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSxzQkFBc0IsRUFBRSxDQUFDLENBQUE7UUFDekQsT0FBTTtJQUNSLENBQUM7SUFFRCxtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsMkNBQTJDLEVBQUU7WUFDeEQsUUFBUTtZQUNSLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLFVBQVUsRUFBRSxTQUFTO1lBQ3JCLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLG9CQUFvQjtTQUM3RCxDQUFDLENBQUE7UUFDRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsaUVBQWlFO1FBQ2pFLElBQUksV0FBVyxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUE7UUFDMUIsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxJQUFJLFdBQVcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDekQsV0FBVyxHQUFHLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUM5QixDQUFDO1FBRUQsd0JBQXdCO1FBQ3hCLE1BQU0sSUFBSSxHQUFHLDJCQUEyQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsQ0FBQTtRQUUzRCwrQkFBK0I7UUFDL0IsSUFBSSxDQUFDLDZDQUFvQixFQUFFLENBQUM7WUFDMUIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUNsQyxtRkFBbUYsQ0FDcEYsQ0FBQTtRQUNILENBQUM7UUFFRCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLDZDQUFvQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDM0QsS0FBSyxFQUFFO2dCQUNMLFFBQVE7Z0JBQ1IsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO2dCQUMvQixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07Z0JBQ25CLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtnQkFDZixXQUFXLEVBQUUsT0FBTzthQUNyQjtTQUNGLENBQUMsQ0FBQTtRQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQzlCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksT0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsc0JBQXNCO2dCQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07YUFDckIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxJQUFJLEtBQUssWUFBWSxtQkFBVyxFQUFFLENBQUM7WUFDakMsTUFBTSxVQUFVLEdBQ2QsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxTQUFTO2dCQUN4QyxDQUFDLENBQUMsR0FBRztnQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxXQUFXO29CQUM5QyxDQUFDLENBQUMsR0FBRztvQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZO3dCQUMvQyxDQUFDLENBQUMsR0FBRzt3QkFDTCxDQUFDLENBQUMsR0FBRyxDQUFBO1lBRVQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQzFCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDdEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2FBQ2pCLENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDUixDQUFDO1FBRUQsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLE9BQU8sQ0FBQyxLQUFLLENBQUMscUNBQXFDLEVBQUU7WUFDbkQsUUFBUSxFQUFFLE9BQU87WUFDakIsUUFBUTtZQUNSLEtBQUssRUFBRSxZQUFZO1lBQ25CLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTtTQUNmLENBQUMsQ0FBQTtRQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSxvQ0FBb0M7WUFDN0MsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQXRHWSxRQUFBLElBQUksUUFzR2hCIn0=
|
|
@@ -23,8 +23,16 @@ const GET = async (req, res) => {
|
|
|
23
23
|
const { order_id } = req.params;
|
|
24
24
|
// Type-safe access to auth_context
|
|
25
25
|
const authContext = req.auth_context;
|
|
26
|
-
const
|
|
27
|
-
|
|
26
|
+
const actorId = authContext?.actor_id;
|
|
27
|
+
const actorType = authContext?.actor_type;
|
|
28
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
29
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
30
|
+
console.warn("[Order Management] Authentication failed:", {
|
|
31
|
+
order_id,
|
|
32
|
+
actor_id: actorId,
|
|
33
|
+
actor_type: actorType,
|
|
34
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
35
|
+
});
|
|
28
36
|
res.status(401).json({
|
|
29
37
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
30
38
|
});
|
|
@@ -35,7 +43,7 @@ const GET = async (req, res) => {
|
|
|
35
43
|
// Always filter by authenticated customer_id for security
|
|
36
44
|
const swaps = await swapService.listSwaps({
|
|
37
45
|
order_id,
|
|
38
|
-
customer_id:
|
|
46
|
+
customer_id: actorId,
|
|
39
47
|
}, {
|
|
40
48
|
take: 100,
|
|
41
49
|
skip: 0,
|
|
@@ -57,8 +65,16 @@ const POST = async (req, res) => {
|
|
|
57
65
|
const { order_id } = req.params;
|
|
58
66
|
// Type-safe access to auth_context
|
|
59
67
|
const authContext = req.auth_context;
|
|
60
|
-
const
|
|
61
|
-
|
|
68
|
+
const actorId = authContext?.actor_id;
|
|
69
|
+
const actorType = authContext?.actor_type;
|
|
70
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
71
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
72
|
+
console.warn("[Order Management] Authentication failed:", {
|
|
73
|
+
order_id,
|
|
74
|
+
actor_id: actorId,
|
|
75
|
+
actor_type: actorType,
|
|
76
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
77
|
+
});
|
|
62
78
|
res.status(401).json({
|
|
63
79
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
64
80
|
});
|
|
@@ -77,7 +93,7 @@ const POST = async (req, res) => {
|
|
|
77
93
|
try {
|
|
78
94
|
console.log("Creating swap request:", {
|
|
79
95
|
order_id,
|
|
80
|
-
customer_id:
|
|
96
|
+
customer_id: actorId,
|
|
81
97
|
raw_body: req.body,
|
|
82
98
|
parsed_body: requestBody,
|
|
83
99
|
});
|
|
@@ -94,7 +110,7 @@ const POST = async (req, res) => {
|
|
|
94
110
|
new_items: body.new_items,
|
|
95
111
|
reason: body.reason,
|
|
96
112
|
note: body.note,
|
|
97
|
-
customer_id:
|
|
113
|
+
customer_id: actorId,
|
|
98
114
|
},
|
|
99
115
|
});
|
|
100
116
|
res.status(201).json(result);
|
|
@@ -103,7 +119,7 @@ const POST = async (req, res) => {
|
|
|
103
119
|
if (error instanceof zod_1.z.ZodError) {
|
|
104
120
|
console.error("Validation error:", {
|
|
105
121
|
order_id,
|
|
106
|
-
customer_id:
|
|
122
|
+
customer_id: actorId,
|
|
107
123
|
errors: error.errors,
|
|
108
124
|
body: requestBody,
|
|
109
125
|
});
|
|
@@ -123,7 +139,7 @@ const POST = async (req, res) => {
|
|
|
123
139
|
: 400;
|
|
124
140
|
console.error("Medusa error:", {
|
|
125
141
|
order_id,
|
|
126
|
-
customer_id:
|
|
142
|
+
customer_id: actorId,
|
|
127
143
|
error_type: error.type,
|
|
128
144
|
error_message: error.message,
|
|
129
145
|
body: requestBody,
|
|
@@ -143,7 +159,7 @@ const POST = async (req, res) => {
|
|
|
143
159
|
errorMessage.includes("createSwapWorkflow")) {
|
|
144
160
|
console.error("Workflow or service resolution error:", {
|
|
145
161
|
order_id,
|
|
146
|
-
customer_id:
|
|
162
|
+
customer_id: actorId,
|
|
147
163
|
error: errorMessage,
|
|
148
164
|
stack: errorStack,
|
|
149
165
|
body: req.body,
|
|
@@ -160,7 +176,7 @@ const POST = async (req, res) => {
|
|
|
160
176
|
if (errorMessage.includes("orderModuleService.list") || errorMessage.includes(".list is not a function")) {
|
|
161
177
|
console.error("Order service method error:", {
|
|
162
178
|
order_id,
|
|
163
|
-
customer_id:
|
|
179
|
+
customer_id: actorId,
|
|
164
180
|
error: errorMessage,
|
|
165
181
|
stack: errorStack,
|
|
166
182
|
body: req.body,
|
|
@@ -175,7 +191,7 @@ const POST = async (req, res) => {
|
|
|
175
191
|
}
|
|
176
192
|
console.error("Failed to create swap:", {
|
|
177
193
|
order_id,
|
|
178
|
-
customer_id:
|
|
194
|
+
customer_id: actorId,
|
|
179
195
|
error: errorMessage,
|
|
180
196
|
stack: errorStack,
|
|
181
197
|
body: req.body,
|
|
@@ -187,4 +203,4 @@ const POST = async (req, res) => {
|
|
|
187
203
|
}
|
|
188
204
|
};
|
|
189
205
|
exports.POST = POST;
|
|
190
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
206
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL29yZGVycy9bb3JkZXJfaWRdL3N3YXBzL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHFEQUF1RDtBQUN2RCw4RkFBd0Y7QUFDeEYsc0RBQXlEO0FBRXpELDZCQUF1QjtBQUV2QixNQUFNLGdCQUFnQixHQUFHLE9BQUMsQ0FBQyxNQUFNLENBQUM7SUFDaEMsWUFBWSxFQUFFLE9BQUMsQ0FBQyxLQUFLLENBQ25CLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRTtRQUNkLFFBQVEsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQy9CLE1BQU0sRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQzdCLFVBQVUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQUUsNkVBQTZFO0tBQ2pILENBQUMsQ0FDSDtJQUNELFNBQVMsRUFBRSxPQUFDLENBQUMsS0FBSyxDQUNoQixPQUFDLENBQUMsTUFBTSxDQUFDO1FBQ1AsVUFBVSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7UUFDdEIsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7S0FDaEMsQ0FBQyxDQUNIO0lBQ0QsTUFBTSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7SUFDN0IsSUFBSSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7Q0FDNUIsQ0FBQyxDQUFBO0FBRUssTUFBTSxHQUFHLEdBQUcsS0FBSyxFQUN0QixHQUFrQixFQUNsQixHQUFtQixFQUNKLEVBQUU7SUFDakIsTUFBTSxFQUFFLFFBQVEsRUFBRSxHQUFHLEdBQUcsQ0FBQyxNQUFNLENBQUE7SUFFL0IsbUNBQW1DO0lBQ25DLE1BQU0sV0FBVyxHQUFJLEdBRW5CLENBQUMsWUFBWSxDQUFBO0lBRWYsTUFBTSxPQUFPLEdBQUcsV0FBVyxFQUFFLFFBQVEsQ0FBQTtJQUNyQyxNQUFNLFNBQVMsR0FBRyxXQUFXLEVBQUUsVUFBVSxDQUFBO0lBQ3pDLE1BQU0saUJBQWlCLEdBQ3JCLFNBQVMsS0FBSyxVQUFVLElBQUksU0FBUyxLQUFLLE9BQU8sQ0FBQTtJQUVuRCxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUNuQyxPQUFPLENBQUMsSUFBSSxDQUFDLDJDQUEyQyxFQUFFO1lBQ3hELFFBQVE7WUFDUixRQUFRLEVBQUUsT0FBTztZQUNqQixVQUFVLEVBQUUsU0FBUztZQUNyQixNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGtCQUFrQixDQUFDLENBQUMsQ0FBQyxvQkFBb0I7U0FDN0QsQ0FBQyxDQUFBO1FBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLDREQUE0RDtTQUN0RSxDQUFDLENBQUE7UUFDRixPQUFNO0lBQ1IsQ0FBQztJQUVELElBQUksQ0FBQztRQUNILE1BQU0sV0FBVyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFjLGtCQUFXLENBQUMsQ0FBQTtRQUUvRCwwREFBMEQ7UUFDMUQsTUFBTSxLQUFLLEdBQUcsTUFBTSxXQUFXLENBQUMsU0FBUyxDQUN2QztZQUNFLFFBQVE7WUFDUixXQUFXLEVBQUUsT0FBTztTQUNyQixFQUNEO1lBQ0UsSUFBSSxFQUFFLEdBQUc7WUFDVCxJQUFJLEVBQUUsQ0FBQztTQUNSLENBQ0YsQ0FBQTtRQUVELEdBQUcsQ0FBQyxJQUFJLENBQUM7WUFDUCxLQUFLLEVBQUUsS0FBSyxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUU7U0FDM0QsQ0FBQyxDQUFBO0lBQ0osQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZixNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLDBCQUEwQjtZQUNuQyxLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBdERZLFFBQUEsR0FBRyxPQXNEZjtBQUVNLE1BQU0sSUFBSSxHQUFHLEtBQUssRUFDdkIsR0FBa0IsRUFDbEIsR0FBbUIsRUFDSixFQUFFO0lBQ2pCLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRS9CLG1DQUFtQztJQUNuQyxNQUFNLFdBQVcsR0FBSSxHQUVuQixDQUFDLFlBQVksQ0FBQTtJQUVmLE1BQU0sT0FBTyxHQUFHLFdBQVcsRUFBRSxRQUFRLENBQUE7SUFDckMsTUFBTSxTQUFTLEdBQUcsV0FBVyxFQUFFLFVBQVUsQ0FBQTtJQUN6QyxNQUFNLGlCQUFpQixHQUNyQixTQUFTLEtBQUssVUFBVSxJQUFJLFNBQVMsS0FBSyxPQUFPLENBQUE7SUFFbkQsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDbkMsT0FBTyxDQUFDLElBQUksQ0FBQywyQ0FBMkMsRUFBRTtZQUN4RCxRQUFRO1lBQ1IsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxpRUFBaUU7SUFDakUsSUFBSSxXQUFXLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQTtJQUMxQixJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLElBQUksV0FBVyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUN6RCxXQUFXLEdBQUcsV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFBO0lBQzlCLENBQUM7SUFFRCwrREFBK0Q7SUFDL0QsSUFBSSxXQUFXLElBQUksT0FBTyxXQUFXLEtBQUssUUFBUSxJQUFJLFVBQVUsSUFBSSxXQUFXLEVBQUUsQ0FBQztRQUNoRixNQUFNLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFBRSxHQUFHLElBQUksRUFBRSxHQUFHLFdBQTRELENBQUE7UUFDN0YsV0FBVyxHQUFHLElBQUksQ0FBQTtJQUNwQixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsT0FBTyxDQUFDLEdBQUcsQ0FBQyx3QkFBd0IsRUFBRTtZQUNwQyxRQUFRO1lBQ1IsV0FBVyxFQUFFLE9BQU87WUFDcEIsUUFBUSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ2xCLFdBQVcsRUFBRSxXQUFXO1NBQ3pCLENBQUMsQ0FBQTtRQUVGLHdCQUF3QjtRQUN4QixNQUFNLElBQUksR0FBRyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUE7UUFFaEQsK0JBQStCO1FBQy9CLElBQUksQ0FBQyx5Q0FBa0IsRUFBRSxDQUFDO1lBQ3hCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFDbEMsaUZBQWlGLENBQ2xGLENBQUE7UUFDSCxDQUFDO1FBRUQsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBQSx5Q0FBa0IsRUFBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDO1lBQ3pELEtBQUssRUFBRTtnQkFDTCxRQUFRO2dCQUNSLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWTtnQkFDL0IsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO2dCQUN6QixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07Z0JBQ25CLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtnQkFDZixXQUFXLEVBQUUsT0FBTzthQUNyQjtTQUNGLENBQUMsQ0FBQTtRQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQzlCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksT0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hDLE9BQU8sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLEVBQUU7Z0JBQ2pDLFFBQVE7Z0JBQ1IsV0FBVyxFQUFFLE9BQU87Z0JBQ3BCLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtnQkFDcEIsSUFBSSxFQUFFLFdBQVc7YUFDbEIsQ0FBQyxDQUFBO1lBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSxzQkFBc0I7Z0JBQy9CLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTthQUNyQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVM7Z0JBQ3hDLENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFdBQVc7b0JBQzlDLENBQUMsQ0FBQyxHQUFHO29CQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7d0JBQy9DLENBQUMsQ0FBQyxHQUFHO3dCQUNMLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFVCxPQUFPLENBQUMsS0FBSyxDQUFDLGVBQWUsRUFBRTtnQkFDN0IsUUFBUTtnQkFDUixXQUFXLEVBQUUsT0FBTztnQkFDcEIsVUFBVSxFQUFFLEtBQUssQ0FBQyxJQUFJO2dCQUN0QixhQUFhLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQzVCLElBQUksRUFBRSxXQUFXO2FBQ2xCLENBQUMsQ0FBQTtZQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUMxQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtRQUM3RSxNQUFNLFVBQVUsR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUE7UUFFbkUsdUNBQXVDO1FBQ3ZDLElBQ0UsWUFBWSxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQztZQUMxQyxZQUFZLENBQUMsUUFBUSxDQUFDLHdCQUF3QixDQUFDO1lBQy9DLFlBQVksQ0FBQyxRQUFRLENBQUMsb0JBQW9CLENBQUM7WUFDM0MsWUFBWSxDQUFDLFFBQVEsQ0FBQyxvQkFBb0IsQ0FBQyxFQUMzQyxDQUFDO1lBQ0QsT0FBTyxDQUFDLEtBQUssQ0FBQyx1Q0FBdUMsRUFBRTtnQkFDckQsUUFBUTtnQkFDUixXQUFXLEVBQUUsT0FBTztnQkFDcEIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLEtBQUssRUFBRSxVQUFVO2dCQUNqQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7Z0JBQ2QsSUFBSSxFQUFFLGlJQUFpSTthQUN4SSxDQUFDLENBQUE7WUFFRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDbkIsT0FBTyxFQUFFLG9DQUFvQztnQkFDN0MsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLElBQUksRUFBRSxpRkFBaUY7YUFDeEYsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCx5REFBeUQ7UUFDekQsSUFBSSxZQUFZLENBQUMsUUFBUSxDQUFDLHlCQUF5QixDQUFDLElBQUksWUFBWSxDQUFDLFFBQVEsQ0FBQyx5QkFBeUIsQ0FBQyxFQUFFLENBQUM7WUFDekcsT0FBTyxDQUFDLEtBQUssQ0FBQyw2QkFBNkIsRUFBRTtnQkFDM0MsUUFBUTtnQkFDUixXQUFXLEVBQUUsT0FBTztnQkFDcEIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLEtBQUssRUFBRSxVQUFVO2dCQUNqQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7Z0JBQ2QsSUFBSSxFQUFFLHNGQUFzRjthQUM3RixDQUFDLENBQUE7WUFFRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDbkIsT0FBTyxFQUFFLHdCQUF3QjtnQkFDakMsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLElBQUksRUFBRSw2RUFBNkU7YUFDcEYsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxPQUFPLENBQUMsS0FBSyxDQUFDLHdCQUF3QixFQUFFO1lBQ3RDLFFBQVE7WUFDUixXQUFXLEVBQUUsT0FBTztZQUNwQixLQUFLLEVBQUUsWUFBWTtZQUNuQixLQUFLLEVBQUUsVUFBVTtZQUNqQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7U0FDZixDQUFDLENBQUE7UUFFRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsdUJBQXVCO1lBQ2hDLEtBQUssRUFBRSxZQUFZO1NBQ3BCLENBQUMsQ0FBQTtJQUNKLENBQUM7QUFDSCxDQUFDLENBQUE7QUEzS1ksUUFBQSxJQUFJLFFBMktoQiJ9
|
|
@@ -13,21 +13,23 @@ const POST = async (req, res) => {
|
|
|
13
13
|
}
|
|
14
14
|
// Type-safe access to auth_context
|
|
15
15
|
const authContext = req.auth_context;
|
|
16
|
-
const
|
|
16
|
+
const actorId = authContext?.actor_id;
|
|
17
|
+
const actorType = authContext?.actor_type;
|
|
18
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
17
19
|
// Detailed logging: Authentication customer ID
|
|
18
20
|
console.log("[Order Management] Cancel order - Authentication check:", {
|
|
19
21
|
order_id,
|
|
20
|
-
|
|
21
|
-
auth_actor_type:
|
|
22
|
+
auth_actor_id: actorId,
|
|
23
|
+
auth_actor_type: actorType,
|
|
22
24
|
has_auth_context: !!authContext,
|
|
23
25
|
timestamp: new Date().toISOString(),
|
|
24
26
|
});
|
|
25
|
-
if (!
|
|
27
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
26
28
|
console.warn("[Order Management] Cancel order - Authentication failed:", {
|
|
27
29
|
order_id,
|
|
28
|
-
|
|
29
|
-
actor_type:
|
|
30
|
-
reason: !
|
|
30
|
+
actor_id: actorId,
|
|
31
|
+
actor_type: actorType,
|
|
32
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
31
33
|
});
|
|
32
34
|
res.status(401).json({
|
|
33
35
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
@@ -38,7 +40,7 @@ const POST = async (req, res) => {
|
|
|
38
40
|
const { result } = await (0, cancel_order_workflow_1.cancelOrderWorkflow)(req.scope).run({
|
|
39
41
|
input: {
|
|
40
42
|
order_id,
|
|
41
|
-
customer_id:
|
|
43
|
+
customer_id: actorId,
|
|
42
44
|
},
|
|
43
45
|
});
|
|
44
46
|
res.json(result);
|
|
@@ -47,7 +49,7 @@ const POST = async (req, res) => {
|
|
|
47
49
|
// Log error for debugging
|
|
48
50
|
console.error("[Order Management] Cancel order workflow error:", {
|
|
49
51
|
order_id,
|
|
50
|
-
|
|
52
|
+
actor_id: actorId,
|
|
51
53
|
error: error instanceof Error ? error.message : String(error),
|
|
52
54
|
error_details: error instanceof Error ? {
|
|
53
55
|
name: error.name,
|
|
@@ -80,4 +82,4 @@ const POST = async (req, res) => {
|
|
|
80
82
|
}
|
|
81
83
|
};
|
|
82
84
|
exports.POST = POST;
|
|
83
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
85
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL29yZGVycy9jYW5jZWwvW29yZGVyX2lkXS9yb3V0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSxxREFBdUQ7QUFDdkQsMEZBQW9GO0FBRTdFLE1BQU0sSUFBSSxHQUFHLEtBQUssRUFDdkIsR0FBa0IsRUFDbEIsR0FBbUIsRUFDbkIsRUFBRTtJQUNGLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRS9CLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUNkLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSx3Q0FBd0M7U0FDbEQsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELCtDQUErQztJQUMvQyxPQUFPLENBQUMsR0FBRyxDQUFDLHlEQUF5RCxFQUFFO1FBQ3JFLFFBQVE7UUFDUixhQUFhLEVBQUUsT0FBTztRQUN0QixlQUFlLEVBQUUsU0FBUztRQUMxQixnQkFBZ0IsRUFBRSxDQUFDLENBQUMsV0FBVztRQUMvQixTQUFTLEVBQUUsSUFBSSxJQUFJLEVBQUUsQ0FBQyxXQUFXLEVBQUU7S0FDcEMsQ0FBQyxDQUFBO0lBRUYsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDbkMsT0FBTyxDQUFDLElBQUksQ0FBQywwREFBMEQsRUFBRTtZQUN2RSxRQUFRO1lBQ1IsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLDJDQUFtQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDMUQsS0FBSyxFQUFFO2dCQUNMLFFBQVE7Z0JBQ1IsV0FBVyxFQUFFLE9BQU87YUFDckI7U0FDRixDQUFDLENBQUE7UUFFRixHQUFHLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQ2xCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsMEJBQTBCO1FBQzFCLE9BQU8sQ0FBQyxLQUFLLENBQUMsaURBQWlELEVBQUU7WUFDL0QsUUFBUTtZQUNSLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLEtBQUssRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDO1lBQzdELGFBQWEsRUFBRSxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQztnQkFDdEMsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2dCQUNoQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSzthQUNuQixDQUFDLENBQUMsQ0FBQyxLQUFLO1lBQ1QsV0FBVyxFQUFFLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDOUQsQ0FBQyxDQUFBO1FBRUYsSUFBSSxLQUFLLFlBQVksbUJBQVcsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sVUFBVSxHQUNkLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUztnQkFDeEMsQ0FBQyxDQUFDLEdBQUc7Z0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsV0FBVztvQkFDOUMsQ0FBQyxDQUFDLEdBQUc7b0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWTt3QkFDL0MsQ0FBQyxDQUFDLEdBQUc7d0JBQ0wsQ0FBQyxDQUFDLEdBQUcsQ0FBQTtZQUVULEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUMxQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELG9DQUFvQztRQUNwQyxNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxtQkFBbUIsQ0FBQTtRQUNqRixNQUFNLFVBQVUsR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUE7UUFFbkUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLFlBQVk7WUFDckIsR0FBRyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsUUFBUSxLQUFLLGFBQWEsSUFBSSxFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUUsQ0FBQztTQUNyRSxDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBOUZZLFFBQUEsSUFBSSxRQThGaEIifQ==
|
|
@@ -13,21 +13,23 @@ const POST = async (req, res) => {
|
|
|
13
13
|
}
|
|
14
14
|
// Type-safe access to auth_context
|
|
15
15
|
const authContext = req.auth_context;
|
|
16
|
-
const
|
|
16
|
+
const actorId = authContext?.actor_id;
|
|
17
|
+
const actorType = authContext?.actor_type;
|
|
18
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
17
19
|
// Detailed logging: Authentication customer ID
|
|
18
20
|
console.log("[Order Management] Authentication check:", {
|
|
19
21
|
order_id,
|
|
20
|
-
|
|
21
|
-
auth_actor_type:
|
|
22
|
+
auth_actor_id: actorId,
|
|
23
|
+
auth_actor_type: actorType,
|
|
22
24
|
has_auth_context: !!authContext,
|
|
23
25
|
timestamp: new Date().toISOString(),
|
|
24
26
|
});
|
|
25
|
-
if (!
|
|
27
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
26
28
|
console.warn("[Order Management] Authentication failed:", {
|
|
27
29
|
order_id,
|
|
28
|
-
|
|
29
|
-
actor_type:
|
|
30
|
-
reason: !
|
|
30
|
+
actor_id: actorId,
|
|
31
|
+
actor_type: actorType,
|
|
32
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
31
33
|
});
|
|
32
34
|
res.status(401).json({
|
|
33
35
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
@@ -38,7 +40,7 @@ const POST = async (req, res) => {
|
|
|
38
40
|
const { result } = await (0, reorder_workflow_1.reorderWorkflow)(req.scope).run({
|
|
39
41
|
input: {
|
|
40
42
|
order_id,
|
|
41
|
-
customer_id:
|
|
43
|
+
customer_id: actorId,
|
|
42
44
|
},
|
|
43
45
|
});
|
|
44
46
|
res.json(result);
|
|
@@ -63,4 +65,4 @@ const POST = async (req, res) => {
|
|
|
63
65
|
}
|
|
64
66
|
};
|
|
65
67
|
exports.POST = POST;
|
|
66
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
68
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL29yZGVycy9yZW9yZGVyL1tvcmRlcl9pZF0vcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELGdGQUEyRTtBQUVwRSxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ25CLEVBQUU7SUFDRixNQUFNLEVBQUUsUUFBUSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUUvQixJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDZCxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsd0NBQXdDO1NBQ2xELENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsbUNBQW1DO0lBQ25DLE1BQU0sV0FBVyxHQUFJLEdBRW5CLENBQUMsWUFBWSxDQUFBO0lBRWYsTUFBTSxPQUFPLEdBQUcsV0FBVyxFQUFFLFFBQVEsQ0FBQTtJQUNyQyxNQUFNLFNBQVMsR0FBRyxXQUFXLEVBQUUsVUFBVSxDQUFBO0lBQ3pDLE1BQU0saUJBQWlCLEdBQ3JCLFNBQVMsS0FBSyxVQUFVLElBQUksU0FBUyxLQUFLLE9BQU8sQ0FBQTtJQUVuRCwrQ0FBK0M7SUFDL0MsT0FBTyxDQUFDLEdBQUcsQ0FBQywwQ0FBMEMsRUFBRTtRQUN0RCxRQUFRO1FBQ1IsYUFBYSxFQUFFLE9BQU87UUFDdEIsZUFBZSxFQUFFLFNBQVM7UUFDMUIsZ0JBQWdCLEVBQUUsQ0FBQyxDQUFDLFdBQVc7UUFDL0IsU0FBUyxFQUFFLElBQUksSUFBSSxFQUFFLENBQUMsV0FBVyxFQUFFO0tBQ3BDLENBQUMsQ0FBQTtJQUVGLElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsMkNBQTJDLEVBQUU7WUFDeEQsUUFBUTtZQUNSLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLFVBQVUsRUFBRSxTQUFTO1lBQ3JCLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLG9CQUFvQjtTQUM3RCxDQUFDLENBQUE7UUFDRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBQSxrQ0FBZSxFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDdEQsS0FBSyxFQUFFO2dCQUNMLFFBQVE7Z0JBQ1IsV0FBVyxFQUFFLE9BQWlCO2FBQy9CO1NBQ0YsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQTtJQUNsQixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLDBCQUEwQjtRQUMxQixPQUFPLENBQUMsS0FBSyxDQUFDLHlCQUF5QixFQUFFLEtBQUssQ0FBQyxDQUFBO1FBRS9DLElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxHQUFHLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDdEUsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxvQ0FBb0M7UUFDcEMsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsbUJBQW1CLENBQUE7UUFDakYsTUFBTSxVQUFVLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO1FBRW5FLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSxZQUFZO1lBQ3JCLEdBQUcsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFFBQVEsS0FBSyxhQUFhLElBQUksRUFBRSxLQUFLLEVBQUUsVUFBVSxFQUFFLENBQUM7U0FDckUsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQTNFWSxRQUFBLElBQUksUUEyRWhCIn0=
|
|
@@ -32,7 +32,7 @@ async function POST(req, res) {
|
|
|
32
32
|
has_account: false
|
|
33
33
|
}
|
|
34
34
|
});
|
|
35
|
-
const
|
|
35
|
+
const actorId = customers.length > 0 ? customers[0].id : undefined;
|
|
36
36
|
// Resolve plugin configuration
|
|
37
37
|
let config;
|
|
38
38
|
try {
|
|
@@ -48,11 +48,11 @@ async function POST(req, res) {
|
|
|
48
48
|
});
|
|
49
49
|
return;
|
|
50
50
|
}
|
|
51
|
-
const token = otpService.generateToken(identifier,
|
|
51
|
+
const token = otpService.generateToken(identifier, actorId, config.jwtSecret);
|
|
52
52
|
res.status(200).json({
|
|
53
53
|
message: "OTP verified successfully",
|
|
54
54
|
token,
|
|
55
|
-
|
|
55
|
+
actor_id: actorId
|
|
56
56
|
});
|
|
57
57
|
}
|
|
58
58
|
catch (error) {
|
|
@@ -60,4 +60,4 @@ async function POST(req, res) {
|
|
|
60
60
|
res.status(500).json({ message: "Failed to verify OTP", error: errorMessage });
|
|
61
61
|
}
|
|
62
62
|
}
|
|
63
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
63
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL290cC92ZXJpZnkvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFRQSxvQkFtRUM7QUExRUQscURBQXFFO0FBQ3JFLGtFQUE2RDtBQUM3RCwrQ0FBa0U7QUFHbEUsTUFBTSxVQUFVLEdBQUcsSUFBSSx3QkFBVSxFQUFFLENBQUE7QUFFNUIsS0FBSyxVQUFVLElBQUksQ0FDdEIsR0FBa0IsRUFDbEIsR0FBbUI7SUFFbkIsTUFBTSxFQUFFLEtBQUssRUFBRSxLQUFLLEVBQUUsR0FBRyxFQUFFLEdBQUcsR0FBRyxDQUFDLElBQXVELENBQUE7SUFFekYsSUFBSSxDQUFDLENBQUMsS0FBSyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUM3QixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSxrQ0FBa0MsRUFBRSxDQUFDLENBQUE7UUFDckUsT0FBTTtJQUNWLENBQUM7SUFFRCxNQUFNLFVBQVUsR0FBRyxLQUFLLElBQUksS0FBSyxDQUFBO0lBRWpDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUNkLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLG9CQUFvQixFQUFFLENBQUMsQ0FBQTtRQUN2RCxPQUFNO0lBQ1YsQ0FBQztJQUVELElBQUksQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFHLE1BQU0sVUFBVSxDQUFDLE1BQU0sQ0FBQyxVQUFVLEVBQUUsR0FBRyxDQUFDLENBQUE7UUFFeEQsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ1gsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsd0JBQXdCLEVBQUUsQ0FBQyxDQUFBO1lBQzNELE9BQU07UUFDVixDQUFDO1FBRUQsc0RBQXNEO1FBQ3RELE1BQU0sS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGlDQUF5QixDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQ2hFLE1BQU0sRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFLEdBQUcsTUFBTSxLQUFLLENBQUMsS0FBSyxDQUFDO1lBQzFDLE1BQU0sRUFBRSxVQUFVO1lBQ2xCLE1BQU0sRUFBRSxDQUFDLElBQUksQ0FBQztZQUNkLE9BQU8sRUFBRTtnQkFDTCxLQUFLLEVBQUUsVUFBVTtnQkFDakIsV0FBVyxFQUFFLEtBQUs7YUFDckI7U0FDSixDQUFDLENBQUE7UUFFRixNQUFNLE9BQU8sR0FBRyxTQUFTLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO1FBRWxFLCtCQUErQjtRQUMvQixJQUFJLE1BQU0sQ0FBQTtRQUNWLElBQUksQ0FBQztZQUNELE1BQU0sWUFBWSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUNsQyxpQ0FBeUIsQ0FBQyxhQUFhLENBQzFDLENBQUE7WUFDRCxNQUFNLEdBQUcsSUFBQSxzQ0FBNkIsRUFBQyxZQUFZLENBQUMsQ0FBQTtRQUN4RCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNiLE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtZQUM3RSxPQUFPLENBQUMsS0FBSyxDQUFDLHdDQUF3QyxFQUFFLFlBQVksQ0FBQyxDQUFBO1lBQ3JFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNqQixPQUFPLEVBQUUsd0NBQXdDO2dCQUNqRCxLQUFLLEVBQUUsWUFBWTthQUN0QixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1YsQ0FBQztRQUVELE1BQU0sS0FBSyxHQUFHLFVBQVUsQ0FBQyxhQUFhLENBQUMsVUFBVSxFQUFFLE9BQU8sRUFBRSxNQUFNLENBQUMsU0FBUyxDQUFDLENBQUE7UUFFN0UsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDakIsT0FBTyxFQUFFLDJCQUEyQjtZQUNwQyxLQUFLO1lBQ0wsUUFBUSxFQUFFLE9BQU87U0FDcEIsQ0FBQyxDQUFBO0lBQ04sQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDYixNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsc0JBQXNCLEVBQUUsS0FBSyxFQUFFLFlBQVksRUFBRSxDQUFDLENBQUE7SUFDbEYsQ0FBQztBQUNMLENBQUMifQ==
|
|
@@ -11,8 +11,15 @@ const POST = async (req, res) => {
|
|
|
11
11
|
}
|
|
12
12
|
// Type-safe access to auth_context
|
|
13
13
|
const authContext = req.auth_context;
|
|
14
|
-
const
|
|
15
|
-
|
|
14
|
+
const actorId = authContext?.actor_id;
|
|
15
|
+
const actorType = authContext?.actor_type;
|
|
16
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
17
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
18
|
+
console.warn("[Returns] Authentication failed:", {
|
|
19
|
+
actor_id: actorId,
|
|
20
|
+
actor_type: actorType,
|
|
21
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
22
|
+
});
|
|
16
23
|
res.status(401).json({
|
|
17
24
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
18
25
|
});
|
|
@@ -21,7 +28,7 @@ const POST = async (req, res) => {
|
|
|
21
28
|
try {
|
|
22
29
|
const returnService = req.scope.resolve(return_1.RETURN_MODULE);
|
|
23
30
|
// Cancel return (service will verify ownership and status)
|
|
24
|
-
const returnOrder = await returnService.cancelReturn(id,
|
|
31
|
+
const returnOrder = await returnService.cancelReturn(id, actorId);
|
|
25
32
|
res.json({
|
|
26
33
|
return: returnOrder,
|
|
27
34
|
message: "Return cancelled successfully",
|
|
@@ -50,4 +57,4 @@ const POST = async (req, res) => {
|
|
|
50
57
|
}
|
|
51
58
|
};
|
|
52
59
|
exports.POST = POST;
|
|
53
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
60
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3JldHVybnMvW2lkXS9jYW5jZWwvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELDBEQUE2RDtBQUd0RCxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixNQUFNLEVBQUUsRUFBRSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUV6QixJQUFJLENBQUMsRUFBRSxFQUFFLENBQUM7UUFDUixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSx1QkFBdUIsRUFBRSxDQUFDLENBQUE7UUFDMUQsT0FBTTtJQUNSLENBQUM7SUFFRCxtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsa0NBQWtDLEVBQUU7WUFDL0MsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxNQUFNLGFBQWEsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBZ0Isc0JBQWEsQ0FBQyxDQUFBO1FBRXJFLDJEQUEyRDtRQUMzRCxNQUFNLFdBQVcsR0FBRyxNQUFNLGFBQWEsQ0FBQyxZQUFZLENBQUMsRUFBRSxFQUFFLE9BQU8sQ0FBQyxDQUFBO1FBRWpFLEdBQUcsQ0FBQyxJQUFJLENBQUM7WUFDUCxNQUFNLEVBQUUsV0FBVztZQUNuQixPQUFPLEVBQUUsK0JBQStCO1NBQ3pDLENBQUMsQ0FBQTtJQUNKLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksbUJBQVcsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sVUFBVSxHQUNkLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUztnQkFDeEMsQ0FBQyxDQUFDLEdBQUc7Z0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsV0FBVztvQkFDOUMsQ0FBQyxDQUFDLEdBQUc7b0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWTt3QkFDL0MsQ0FBQyxDQUFDLEdBQUc7d0JBQ0wsQ0FBQyxDQUFDLEdBQUcsQ0FBQTtZQUVULEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUMxQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtRQUM3RSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUseUJBQXlCO1lBQ2xDLEtBQUssRUFBRSxZQUFZO1NBQ3BCLENBQUMsQ0FBQTtJQUNKLENBQUM7QUFDSCxDQUFDLENBQUE7QUFuRVksUUFBQSxJQUFJLFFBbUVoQiJ9
|
|
@@ -11,8 +11,15 @@ const GET = async (req, res) => {
|
|
|
11
11
|
}
|
|
12
12
|
// Type-safe access to auth_context
|
|
13
13
|
const authContext = req.auth_context;
|
|
14
|
-
const
|
|
15
|
-
|
|
14
|
+
const actorId = authContext?.actor_id;
|
|
15
|
+
const actorType = authContext?.actor_type;
|
|
16
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
17
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
18
|
+
console.warn("[Returns] Authentication failed:", {
|
|
19
|
+
actor_id: actorId,
|
|
20
|
+
actor_type: actorType,
|
|
21
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
22
|
+
});
|
|
16
23
|
res.status(401).json({
|
|
17
24
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
18
25
|
});
|
|
@@ -25,7 +32,7 @@ const GET = async (req, res) => {
|
|
|
25
32
|
const returnOrder = await returnService.retrieveReturn(id);
|
|
26
33
|
const returnData = returnOrder;
|
|
27
34
|
// Verify ownership
|
|
28
|
-
if (returnData.customer_id !==
|
|
35
|
+
if (returnData.customer_id !== actorId) {
|
|
29
36
|
res.status(403).json({
|
|
30
37
|
message: "Forbidden: You can only view your own returns",
|
|
31
38
|
});
|
|
@@ -70,4 +77,4 @@ const GET = async (req, res) => {
|
|
|
70
77
|
}
|
|
71
78
|
};
|
|
72
79
|
exports.GET = GET;
|
|
73
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
80
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3JldHVybnMvW2lkXS9yb3V0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSxxREFBZ0U7QUFDaEUsdURBQTBEO0FBSW5ELE1BQU0sR0FBRyxHQUFHLEtBQUssRUFDdEIsR0FBa0IsRUFDbEIsR0FBbUIsRUFDSixFQUFFO0lBQ2pCLE1BQU0sRUFBRSxFQUFFLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRXpCLElBQUksQ0FBQyxFQUFFLEVBQUUsQ0FBQztRQUNSLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsT0FBTyxFQUFFLHVCQUF1QixFQUFFLENBQUMsQ0FBQTtRQUMxRCxPQUFNO0lBQ1IsQ0FBQztJQUVELG1DQUFtQztJQUNuQyxNQUFNLFdBQVcsR0FBSSxHQUVuQixDQUFDLFlBQVksQ0FBQTtJQUVmLE1BQU0sT0FBTyxHQUFHLFdBQVcsRUFBRSxRQUFRLENBQUE7SUFDckMsTUFBTSxTQUFTLEdBQUcsV0FBVyxFQUFFLFVBQVUsQ0FBQTtJQUN6QyxNQUFNLGlCQUFpQixHQUNyQixTQUFTLEtBQUssVUFBVSxJQUFJLFNBQVMsS0FBSyxPQUFPLENBQUE7SUFFbkQsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDbkMsT0FBTyxDQUFDLElBQUksQ0FBQyxrQ0FBa0MsRUFBRTtZQUMvQyxRQUFRLEVBQUUsT0FBTztZQUNqQixVQUFVLEVBQUUsU0FBUztZQUNyQixNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGtCQUFrQixDQUFDLENBQUMsQ0FBQyxvQkFBb0I7U0FDN0QsQ0FBQyxDQUFBO1FBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLDREQUE0RDtTQUN0RSxDQUFDLENBQUE7UUFDRixPQUFNO0lBQ1IsQ0FBQztJQUVELElBQUksQ0FBQztRQUNILE1BQU0sYUFBYSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFnQixzQkFBYSxDQUFDLENBQUE7UUFDckUsTUFBTSxrQkFBa0IsR0FDdEIsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQXNCLGVBQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUV2RCxrQkFBa0I7UUFDbEIsTUFBTSxXQUFXLEdBQUcsTUFBTSxhQUFhLENBQUMsY0FBYyxDQUFDLEVBQUUsQ0FBQyxDQUFBO1FBQzFELE1BQU0sVUFBVSxHQUFHLFdBSWxCLENBQUE7UUFFRCxtQkFBbUI7UUFDbkIsSUFBSSxVQUFVLENBQUMsV0FBVyxLQUFLLE9BQU8sRUFBRSxDQUFDO1lBQ3ZDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsK0NBQStDO2FBQ3pELENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDUixDQUFDO1FBRUQsaUNBQWlDO1FBQ2pDLElBQUksWUFBWSxHQUFZLElBQUksQ0FBQTtRQUNoQyxJQUFJLFVBQVUsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUN4QixJQUFJLENBQUM7Z0JBQ0gsTUFBTSxLQUFLLEdBQUcsTUFBTSxrQkFBa0IsQ0FBQyxhQUFhLENBQ2xELFVBQVUsQ0FBQyxRQUFRLEVBQ25CO29CQUNFLFNBQVMsRUFBRSxDQUFDLE9BQU8sRUFBRSxVQUFVLENBQUM7aUJBQ2pDLENBQ0YsQ0FBQTtnQkFDRCxZQUFZLEdBQUcsS0FBSyxDQUFBO1lBQ3RCLENBQUM7WUFBQyxPQUFPLFVBQVUsRUFBRSxDQUFDO2dCQUNwQixPQUFPLENBQUMsSUFBSSxDQUNWLDRDQUE0QyxFQUFFLEdBQUcsRUFDakQsVUFBVSxDQUNYLENBQUE7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELEdBQUcsQ0FBQyxJQUFJLENBQUM7WUFDUCxNQUFNLEVBQUUsV0FBVztZQUNuQixLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVM7Z0JBQ3hDLENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFdBQVc7b0JBQzlDLENBQUMsQ0FBQyxHQUFHO29CQUNMLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFVCxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDMUIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLDJCQUEyQjtZQUNwQyxLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBbkdZLFFBQUEsR0FBRyxPQW1HZiJ9
|
|
@@ -38,8 +38,15 @@ const CreateReturnSchema = zod_1.z.object({
|
|
|
38
38
|
const GET = async (req, res) => {
|
|
39
39
|
// Type-safe access to auth_context
|
|
40
40
|
const authContext = req.auth_context;
|
|
41
|
-
const
|
|
42
|
-
|
|
41
|
+
const actorId = authContext?.actor_id;
|
|
42
|
+
const actorType = authContext?.actor_type;
|
|
43
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
44
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
45
|
+
console.warn("[Returns] Authentication failed:", {
|
|
46
|
+
actor_id: actorId,
|
|
47
|
+
actor_type: actorType,
|
|
48
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
49
|
+
});
|
|
43
50
|
res.status(401).json({
|
|
44
51
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
45
52
|
});
|
|
@@ -57,7 +64,7 @@ const GET = async (req, res) => {
|
|
|
57
64
|
: 0;
|
|
58
65
|
// Always filter by authenticated customer_id for security
|
|
59
66
|
const filters = {
|
|
60
|
-
customer_id:
|
|
67
|
+
customer_id: actorId,
|
|
61
68
|
};
|
|
62
69
|
if (orderId) {
|
|
63
70
|
filters.order_id = orderId;
|
|
@@ -90,8 +97,15 @@ exports.GET = GET;
|
|
|
90
97
|
const POST = async (req, res) => {
|
|
91
98
|
// Type-safe access to auth_context
|
|
92
99
|
const authContext = req.auth_context;
|
|
93
|
-
const
|
|
94
|
-
|
|
100
|
+
const actorId = authContext?.actor_id;
|
|
101
|
+
const actorType = authContext?.actor_type;
|
|
102
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
103
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
104
|
+
console.warn("[Returns] Authentication failed:", {
|
|
105
|
+
actor_id: actorId,
|
|
106
|
+
actor_type: actorType,
|
|
107
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
108
|
+
});
|
|
95
109
|
res.status(401).json({
|
|
96
110
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
97
111
|
});
|
|
@@ -104,7 +118,7 @@ const POST = async (req, res) => {
|
|
|
104
118
|
requestBody = requestBody[0];
|
|
105
119
|
}
|
|
106
120
|
console.log("[Create Return] Request received:", {
|
|
107
|
-
customer_id:
|
|
121
|
+
customer_id: actorId,
|
|
108
122
|
body: requestBody,
|
|
109
123
|
items_detail: requestBody.items,
|
|
110
124
|
});
|
|
@@ -127,7 +141,7 @@ const POST = async (req, res) => {
|
|
|
127
141
|
// Validate we have return_items
|
|
128
142
|
if (!returnItems || returnItems.length === 0) {
|
|
129
143
|
console.error("[Create Return] No return items provided:", {
|
|
130
|
-
customer_id:
|
|
144
|
+
customer_id: actorId,
|
|
131
145
|
body: requestBody,
|
|
132
146
|
});
|
|
133
147
|
res.status(400).json({
|
|
@@ -147,7 +161,7 @@ const POST = async (req, res) => {
|
|
|
147
161
|
throw new utils_1.MedusaError(utils_1.MedusaError.Types.UNEXPECTED_STATE, "Return workflow is not available. Please ensure the plugin is properly installed.");
|
|
148
162
|
}
|
|
149
163
|
console.log("[Create Return] Creating return with workflow:", {
|
|
150
|
-
customer_id:
|
|
164
|
+
customer_id: actorId,
|
|
151
165
|
order_id: body.order_id,
|
|
152
166
|
return_items_count: returnItems.length,
|
|
153
167
|
return_items: returnItems,
|
|
@@ -160,13 +174,13 @@ const POST = async (req, res) => {
|
|
|
160
174
|
return_items: returnItems,
|
|
161
175
|
reason: body.reason,
|
|
162
176
|
note: body.note,
|
|
163
|
-
customer_id:
|
|
177
|
+
customer_id: actorId,
|
|
164
178
|
},
|
|
165
179
|
});
|
|
166
180
|
}
|
|
167
181
|
catch (workflowError) {
|
|
168
182
|
console.error("[Create Return] Workflow execution error:", {
|
|
169
|
-
customer_id:
|
|
183
|
+
customer_id: actorId,
|
|
170
184
|
error: workflowError,
|
|
171
185
|
errorType: typeof workflowError,
|
|
172
186
|
errorMessage: workflowError?.message,
|
|
@@ -184,7 +198,7 @@ const POST = async (req, res) => {
|
|
|
184
198
|
}
|
|
185
199
|
const { result } = workflowResult;
|
|
186
200
|
console.log("[Create Return] Workflow completed successfully:", {
|
|
187
|
-
customer_id:
|
|
201
|
+
customer_id: actorId,
|
|
188
202
|
return_id: result?.return?.id,
|
|
189
203
|
});
|
|
190
204
|
res.status(201).json(result);
|
|
@@ -192,7 +206,7 @@ const POST = async (req, res) => {
|
|
|
192
206
|
catch (error) {
|
|
193
207
|
if (error instanceof zod_1.z.ZodError) {
|
|
194
208
|
console.error("[Create Return] Validation error:", {
|
|
195
|
-
customer_id:
|
|
209
|
+
customer_id: actorId,
|
|
196
210
|
errors: error.errors,
|
|
197
211
|
body: req.body,
|
|
198
212
|
});
|
|
@@ -204,7 +218,7 @@ const POST = async (req, res) => {
|
|
|
204
218
|
}
|
|
205
219
|
if (error instanceof utils_1.MedusaError) {
|
|
206
220
|
console.error("[Create Return] MedusaError:", {
|
|
207
|
-
customer_id:
|
|
221
|
+
customer_id: actorId,
|
|
208
222
|
type: error.type,
|
|
209
223
|
message: error.message,
|
|
210
224
|
body: req.body,
|
|
@@ -225,7 +239,7 @@ const POST = async (req, res) => {
|
|
|
225
239
|
const errorMessage = error instanceof Error ? error.message : "Unknown error";
|
|
226
240
|
const errorStack = error instanceof Error ? error.stack : undefined;
|
|
227
241
|
console.error("Failed to create return:", {
|
|
228
|
-
customer_id:
|
|
242
|
+
customer_id: actorId,
|
|
229
243
|
error: errorMessage,
|
|
230
244
|
stack: errorStack,
|
|
231
245
|
body: req.body,
|
|
@@ -237,4 +251,4 @@ const POST = async (req, res) => {
|
|
|
237
251
|
}
|
|
238
252
|
};
|
|
239
253
|
exports.POST = POST;
|
|
240
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3JldHVybnMvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELDhGQUF3RjtBQUN4RixvREFBdUQ7QUFFdkQsNkJBQXVCO0FBRXZCLHFEQUFxRDtBQUNyRCxNQUFNLGtCQUFrQixHQUFHLE9BQUMsQ0FBQyxNQUFNLENBQUM7SUFDbEMsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7SUFDcEIsdUVBQXVFO0lBQ3ZFLFlBQVksRUFBRSxPQUFDO1NBQ1osS0FBSyxDQUNKLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRTtRQUNkLFFBQVEsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQy9CLE1BQU0sRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQzdCLFVBQVUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO0tBQ2xDLENBQUMsQ0FDSDtTQUNBLFFBQVEsRUFBRTtJQUNiLEtBQUssRUFBRSxPQUFDO1NBQ0wsS0FBSyxDQUNKLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxPQUFPLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUM5QixFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUFFLDZCQUE2QjtRQUN4RCxRQUFRLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUMvQixTQUFTLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUNoQyxNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtLQUM5QixDQUFDLENBQ0g7U0FDQSxRQUFRLEVBQUU7SUFDYixNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUM3QixJQUFJLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUMzQixlQUFlLEVBQUUsT0FBQztTQUNmLE1BQU0sQ0FBQztRQUNOLFNBQVMsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO0tBQ2pDLENBQUM7U0FDRCxRQUFRLEVBQUU7SUFDYixXQUFXLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtDQUNuQyxDQUFDLENBQUE7QUFFSyxNQUFNLEdBQUcsR0FBRyxLQUFLLEVBQ3RCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLFVBQVUsR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBRXhDLElBQUksQ0FBQyxVQUFVLElBQUksV0FBVyxFQUFFLFVBQVUsS0FBSyxVQUFVLElBQUksV0FBVyxFQUFFLFVBQVUsS0FBSyxPQUFPLEVBQUUsQ0FBQztRQUNqRyxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxhQUFhLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQWdCLHNCQUFhLENBQUMsQ0FBQTtRQUVyRSx1QkFBdUI7UUFDdkIsTUFBTSxPQUFPLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxRQUE4QixDQUFBO1FBQ3hELE1BQU0sS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSztZQUMzQixDQUFDLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBZSxFQUFFLEVBQUUsQ0FBQztZQUN6QyxDQUFDLENBQUMsR0FBRyxDQUFBO1FBQ1AsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxNQUFNO1lBQzdCLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxNQUFnQixFQUFFLEVBQUUsQ0FBQztZQUMxQyxDQUFDLENBQUMsQ0FBQyxDQUFBO1FBRUwsMERBQTBEO1FBQzFELE1BQU0sT0FBTyxHQUE0QjtZQUN2QyxXQUFXLEVBQUUsVUFBVTtTQUN4QixDQUFBO1FBQ0QsSUFBSSxPQUFPLEVBQUUsQ0FBQztZQUNaLE9BQU8sQ0FBQyxRQUFRLEdBQUcsT0FBTyxDQUFBO1FBQzVCLENBQUM7UUFFRCxNQUFNLE9BQU8sR0FBRyxNQUFNLGFBQWEsQ0FBQyxXQUFXLENBQUMsT0FBTyxFQUFFO1lBQ3ZELElBQUksRUFBRSxLQUFLO1lBQ1gsSUFBSSxFQUFFLE1BQU07U0FDYixDQUFDLENBQUE7UUFFRixNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQztZQUN6QyxDQUFDLENBQUMsT0FBTztZQUNULENBQUMsQ0FBQyxPQUFPO2dCQUNULENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQztnQkFDWCxDQUFDLENBQUMsRUFBRSxDQUFBO1FBRU4sR0FBRyxDQUFDLElBQUksQ0FBQztZQUNQLE9BQU8sRUFBRSxZQUFZO1lBQ3JCLEtBQUssRUFBRSxZQUFZLENBQUMsTUFBTTtZQUMxQixLQUFLO1lBQ0wsTUFBTTtTQUNQLENBQUMsQ0FBQTtJQUNKLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0QkFBNEI7WUFDckMsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQTlEWSxRQUFBLEdBQUcsT0E4RGY7QUFFTSxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLFVBQVUsR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBRXhDLElBQUksQ0FBQyxVQUFVLElBQUksV0FBVyxFQUFFLFVBQVUsS0FBSyxVQUFVLElBQUksV0FBVyxFQUFFLFVBQVUsS0FBSyxPQUFPLEVBQUUsQ0FBQztRQUNqRyxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsaUVBQWlFO1FBQ2pFLElBQUksV0FBVyxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUE7UUFDMUIsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxJQUFJLFdBQVcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDekQsV0FBVyxHQUFHLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUM5QixDQUFDO1FBRUQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQ0FBbUMsRUFBRTtZQUMvQyxXQUFXLEVBQUUsVUFBVTtZQUN2QixJQUFJLEVBQUUsV0FBVztZQUNqQixZQUFZLEVBQUcsV0FBcUMsQ0FBQyxLQUFLO1NBQzNELENBQUMsQ0FBQTtRQUVGLHdCQUF3QjtRQUN4QixNQUFNLElBQUksR0FBRyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLENBQUE7UUFFbEQsNENBQTRDO1FBQzVDLElBQUksV0FBVyxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUE7UUFDbkMsSUFBSSxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDL0Isc0NBQXNDO1lBQ3RDLFdBQVcsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztnQkFDdEMsRUFBRSxFQUFFLElBQUksQ0FBQyxPQUFPLElBQUksSUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFO2dCQUNqQyxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7Z0JBQ3ZCLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxNQUFNO2FBQ3RDLENBQUMsQ0FBQyxDQUFBO1lBRUgsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrREFBa0QsRUFBRTtnQkFDOUQsUUFBUSxFQUFFLElBQUksQ0FBQyxLQUFLO2dCQUNwQixNQUFNLEVBQUUsV0FBVzthQUNwQixDQUFDLENBQUE7UUFDSixDQUFDO1FBRUQsZ0NBQWdDO1FBQ2hDLElBQUksQ0FBQyxXQUFXLElBQUksV0FBVyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUM3QyxPQUFPLENBQUMsS0FBSyxDQUFDLDJDQUEyQyxFQUFFO2dCQUN6RCxXQUFXLEVBQUUsVUFBVTtnQkFDdkIsSUFBSSxFQUFFLFdBQVc7YUFDbEIsQ0FBQyxDQUFBO1lBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSxzQkFBc0I7Z0JBQy9CLE1BQU0sRUFBRTtvQkFDTjt3QkFDRSxJQUFJLEVBQUUsY0FBYzt3QkFDcEIsSUFBSSxFQUFFLENBQUMsY0FBYyxDQUFDO3dCQUN0QixPQUFPLEVBQUUseUNBQXlDO3FCQUNuRDtpQkFDRjthQUNGLENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDUixDQUFDO1FBRUQsK0JBQStCO1FBQy9CLElBQUksQ0FBQyw2Q0FBb0IsRUFBRSxDQUFDO1lBQzFCLE1BQU0sSUFBSSxtQkFBVyxDQUNuQixtQkFBVyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFDbEMsbUZBQW1GLENBQ3BGLENBQUE7UUFDSCxDQUFDO1FBRUQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxnREFBZ0QsRUFBRTtZQUM1RCxXQUFXLEVBQUUsVUFBVTtZQUN2QixRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDdkIsa0JBQWtCLEVBQUUsV0FBVyxDQUFDLE1BQU07WUFDdEMsWUFBWSxFQUFFLFdBQVc7U0FDMUIsQ0FBQyxDQUFBO1FBRUYsSUFBSSxjQUFjLENBQUE7UUFDbEIsSUFBSSxDQUFDO1lBQ0gsY0FBYyxHQUFHLE1BQU0sSUFBQSw2Q0FBb0IsRUFBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDO2dCQUN6RCxLQUFLLEVBQUU7b0JBQ0wsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO29CQUN2QixZQUFZLEVBQUUsV0FBVztvQkFDekIsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO29CQUNuQixJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7b0JBQ2YsV0FBVyxFQUFFLFVBQVU7aUJBQ3hCO2FBQ0YsQ0FBQyxDQUFBO1FBQ0osQ0FBQztRQUFDLE9BQU8sYUFBYSxFQUFFLENBQUM7WUFDdkIsT0FBTyxDQUFDLEtBQUssQ0FBQywyQ0FBMkMsRUFBRTtnQkFDekQsV0FBVyxFQUFFLFVBQVU7Z0JBQ3ZCLEtBQUssRUFBRSxhQUFhO2dCQUNwQixTQUFTLEVBQUUsT0FBTyxhQUFhO2dCQUMvQixZQUFZLEVBQUcsYUFBc0MsRUFBRSxPQUFPO2dCQUM5RCxTQUFTLEVBQUcsYUFBbUMsRUFBRSxJQUFJO2dCQUNyRCxhQUFhLEVBQUcsYUFBK0MsRUFBRSxlQUFlO2dCQUNoRixlQUFlLEVBQUcsYUFBbUMsRUFBRSxJQUFJO2FBQzVELENBQUMsQ0FBQTtZQUVGLDBEQUEwRDtZQUMxRCxNQUFNLFFBQVEsR0FBRyxhQUloQixDQUFBO1lBRUQsSUFBSSxRQUFRLENBQUMsZUFBZSxJQUFJLFFBQVEsQ0FBQyxJQUFJLElBQUksUUFBUSxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUNsRSx3Q0FBd0M7Z0JBQ3hDLE1BQU0sSUFBSSxtQkFBVyxDQUFDLFFBQVEsQ0FBQyxJQUFXLEVBQUUsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFBO1lBQy9ELENBQUM7WUFFRCxNQUFNLGFBQWEsQ0FBQTtRQUNyQixDQUFDO1FBRUQsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLGNBQWMsQ0FBQTtRQUVqQyxPQUFPLENBQUMsR0FBRyxDQUFDLGtEQUFrRCxFQUFFO1lBQzlELFdBQVcsRUFBRSxVQUFVO1lBQ3ZCLFNBQVMsRUFBRyxNQUFNLEVBQUUsTUFBMEIsRUFBRSxFQUFFO1NBQ25ELENBQUMsQ0FBQTtRQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQzlCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksT0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hDLE9BQU8sQ0FBQyxLQUFLLENBQUMsbUNBQW1DLEVBQUU7Z0JBQ2pELFdBQVcsRUFBRSxVQUFVO2dCQUN2QixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07Z0JBQ3BCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTthQUNmLENBQUMsQ0FBQTtZQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsc0JBQXNCO2dCQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07YUFDckIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxJQUFJLEtBQUssWUFBWSxtQkFBVyxFQUFFLENBQUM7WUFDakMsT0FBTyxDQUFDLEtBQUssQ0FBQyw4QkFBOEIsRUFBRTtnQkFDNUMsV0FBVyxFQUFFLFVBQVU7Z0JBQ3ZCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtnQkFDaEIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7YUFDZixDQUFDLENBQUE7WUFFRixNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVM7Z0JBQ3hDLENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFdBQVc7b0JBQzlDLENBQUMsQ0FBQyxHQUFHO29CQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7d0JBQy9DLENBQUMsQ0FBQyxHQUFHO3dCQUNMLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFVCxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDMUIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsTUFBTSxVQUFVLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO1FBRW5FLE9BQU8sQ0FBQyxLQUFLLENBQUMsMEJBQTBCLEVBQUU7WUFDeEMsV0FBVyxFQUFFLFVBQVU7WUFDdkIsS0FBSyxFQUFFLFlBQVk7WUFDbkIsS0FBSyxFQUFFLFVBQVU7WUFDakIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1NBQ2YsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLHlCQUF5QjtZQUNsQyxLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBdExZLFFBQUEsSUFBSSxRQXNMaEIifQ==
|
|
254
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3JldHVybnMvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELDhGQUF3RjtBQUN4RixvREFBdUQ7QUFFdkQsNkJBQXVCO0FBRXZCLHFEQUFxRDtBQUNyRCxNQUFNLGtCQUFrQixHQUFHLE9BQUMsQ0FBQyxNQUFNLENBQUM7SUFDbEMsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7SUFDcEIsdUVBQXVFO0lBQ3ZFLFlBQVksRUFBRSxPQUFDO1NBQ1osS0FBSyxDQUNKLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRTtRQUNkLFFBQVEsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQy9CLE1BQU0sRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQzdCLFVBQVUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO0tBQ2xDLENBQUMsQ0FDSDtTQUNBLFFBQVEsRUFBRTtJQUNiLEtBQUssRUFBRSxPQUFDO1NBQ0wsS0FBSyxDQUNKLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxPQUFPLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUM5QixFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUFFLDZCQUE2QjtRQUN4RCxRQUFRLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUMvQixTQUFTLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUNoQyxNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtLQUM5QixDQUFDLENBQ0g7U0FDQSxRQUFRLEVBQUU7SUFDYixNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUM3QixJQUFJLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUMzQixlQUFlLEVBQUUsT0FBQztTQUNmLE1BQU0sQ0FBQztRQUNOLFNBQVMsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO0tBQ2pDLENBQUM7U0FDRCxRQUFRLEVBQUU7SUFDYixXQUFXLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtDQUNuQyxDQUFDLENBQUE7QUFFSyxNQUFNLEdBQUcsR0FBRyxLQUFLLEVBQ3RCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsa0NBQWtDLEVBQUU7WUFDL0MsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxNQUFNLGFBQWEsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBZ0Isc0JBQWEsQ0FBQyxDQUFBO1FBRXJFLHVCQUF1QjtRQUN2QixNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLFFBQThCLENBQUE7UUFDeEQsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLO1lBQzNCLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFlLEVBQUUsRUFBRSxDQUFDO1lBQ3pDLENBQUMsQ0FBQyxHQUFHLENBQUE7UUFDUCxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE1BQU07WUFDN0IsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLE1BQWdCLEVBQUUsRUFBRSxDQUFDO1lBQzFDLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFFTCwwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQTRCO1lBQ3ZDLFdBQVcsRUFBRSxPQUFpQjtTQUMvQixDQUFBO1FBQ0QsSUFBSSxPQUFPLEVBQUUsQ0FBQztZQUNaLE9BQU8sQ0FBQyxRQUFRLEdBQUcsT0FBTyxDQUFBO1FBQzVCLENBQUM7UUFFRCxNQUFNLE9BQU8sR0FBRyxNQUFNLGFBQWEsQ0FBQyxXQUFXLENBQUMsT0FBTyxFQUFFO1lBQ3ZELElBQUksRUFBRSxLQUFLO1lBQ1gsSUFBSSxFQUFFLE1BQU07U0FDYixDQUFDLENBQUE7UUFFRixNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQztZQUN6QyxDQUFDLENBQUMsT0FBTztZQUNULENBQUMsQ0FBQyxPQUFPO2dCQUNULENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQztnQkFDWCxDQUFDLENBQUMsRUFBRSxDQUFBO1FBRU4sR0FBRyxDQUFDLElBQUksQ0FBQztZQUNQLE9BQU8sRUFBRSxZQUFZO1lBQ3JCLEtBQUssRUFBRSxZQUFZLENBQUMsTUFBTTtZQUMxQixLQUFLO1lBQ0wsTUFBTTtTQUNQLENBQUMsQ0FBQTtJQUNKLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0QkFBNEI7WUFDckMsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQXRFWSxRQUFBLEdBQUcsT0FzRWY7QUFFTSxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsa0NBQWtDLEVBQUU7WUFDL0MsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxpRUFBaUU7UUFDakUsSUFBSSxXQUFXLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQTtRQUMxQixJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLElBQUksV0FBVyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUN6RCxXQUFXLEdBQUcsV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFBO1FBQzlCLENBQUM7UUFFRCxPQUFPLENBQUMsR0FBRyxDQUFDLG1DQUFtQyxFQUFFO1lBQy9DLFdBQVcsRUFBRSxPQUFPO1lBQ3BCLElBQUksRUFBRSxXQUFXO1lBQ2pCLFlBQVksRUFBRyxXQUFxQyxDQUFDLEtBQUs7U0FDM0QsQ0FBQyxDQUFBO1FBRUYsd0JBQXdCO1FBQ3hCLE1BQU0sSUFBSSxHQUFHLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsQ0FBQTtRQUVsRCw0Q0FBNEM7UUFDNUMsSUFBSSxXQUFXLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQTtRQUNuQyxJQUFJLENBQUMsV0FBVyxJQUFJLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUMvQixzQ0FBc0M7WUFDdEMsV0FBVyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUN0QyxFQUFFLEVBQUUsSUFBSSxDQUFDLE9BQU8sSUFBSSxJQUFJLENBQUMsRUFBRSxJQUFJLEVBQUU7Z0JBQ2pDLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtnQkFDdkIsTUFBTSxFQUFFLElBQUksQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLE1BQU07YUFDdEMsQ0FBQyxDQUFDLENBQUE7WUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLGtEQUFrRCxFQUFFO2dCQUM5RCxRQUFRLEVBQUUsSUFBSSxDQUFDLEtBQUs7Z0JBQ3BCLE1BQU0sRUFBRSxXQUFXO2FBQ3BCLENBQUMsQ0FBQTtRQUNKLENBQUM7UUFFRCxnQ0FBZ0M7UUFDaEMsSUFBSSxDQUFDLFdBQVcsSUFBSSxXQUFXLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQzdDLE9BQU8sQ0FBQyxLQUFLLENBQUMsMkNBQTJDLEVBQUU7Z0JBQ3pELFdBQVcsRUFBRSxPQUFPO2dCQUNwQixJQUFJLEVBQUUsV0FBVzthQUNsQixDQUFDLENBQUE7WUFDRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDbkIsT0FBTyxFQUFFLHNCQUFzQjtnQkFDL0IsTUFBTSxFQUFFO29CQUNOO3dCQUNFLElBQUksRUFBRSxjQUFjO3dCQUNwQixJQUFJLEVBQUUsQ0FBQyxjQUFjLENBQUM7d0JBQ3RCLE9BQU8sRUFBRSx5Q0FBeUM7cUJBQ25EO2lCQUNGO2FBQ0YsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCwrQkFBK0I7UUFDL0IsSUFBSSxDQUFDLDZDQUFvQixFQUFFLENBQUM7WUFDMUIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUNsQyxtRkFBbUYsQ0FDcEYsQ0FBQTtRQUNILENBQUM7UUFFRCxPQUFPLENBQUMsR0FBRyxDQUFDLGdEQUFnRCxFQUFFO1lBQzVELFdBQVcsRUFBRSxPQUFPO1lBQ3BCLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixrQkFBa0IsRUFBRSxXQUFXLENBQUMsTUFBTTtZQUN0QyxZQUFZLEVBQUUsV0FBVztTQUMxQixDQUFDLENBQUE7UUFFRixJQUFJLGNBQWMsQ0FBQTtRQUNsQixJQUFJLENBQUM7WUFDSCxjQUFjLEdBQUcsTUFBTSxJQUFBLDZDQUFvQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7Z0JBQ3pELEtBQUssRUFBRTtvQkFDTCxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7b0JBQ3ZCLFlBQVksRUFBRSxXQUFXO29CQUN6QixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07b0JBQ25CLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtvQkFDZixXQUFXLEVBQUUsT0FBTztpQkFDckI7YUFDRixDQUFDLENBQUE7UUFDSixDQUFDO1FBQUMsT0FBTyxhQUFhLEVBQUUsQ0FBQztZQUN2QixPQUFPLENBQUMsS0FBSyxDQUFDLDJDQUEyQyxFQUFFO2dCQUN6RCxXQUFXLEVBQUUsT0FBTztnQkFDcEIsS0FBSyxFQUFFLGFBQWE7Z0JBQ3BCLFNBQVMsRUFBRSxPQUFPLGFBQWE7Z0JBQy9CLFlBQVksRUFBRyxhQUFzQyxFQUFFLE9BQU87Z0JBQzlELFNBQVMsRUFBRyxhQUFtQyxFQUFFLElBQUk7Z0JBQ3JELGFBQWEsRUFBRyxhQUErQyxFQUFFLGVBQWU7Z0JBQ2hGLGVBQWUsRUFBRyxhQUFtQyxFQUFFLElBQUk7YUFDNUQsQ0FBQyxDQUFBO1lBRUYsMERBQTBEO1lBQzFELE1BQU0sUUFBUSxHQUFHLGFBSWhCLENBQUE7WUFFRCxJQUFJLFFBQVEsQ0FBQyxlQUFlLElBQUksUUFBUSxDQUFDLElBQUksSUFBSSxRQUFRLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQ2xFLHdDQUF3QztnQkFDeEMsTUFBTSxJQUFJLG1CQUFXLENBQUMsUUFBUSxDQUFDLElBQVcsRUFBRSxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDL0QsQ0FBQztZQUVELE1BQU0sYUFBYSxDQUFBO1FBQ3JCLENBQUM7UUFFRCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsY0FBYyxDQUFBO1FBRWpDLE9BQU8sQ0FBQyxHQUFHLENBQUMsa0RBQWtELEVBQUU7WUFDOUQsV0FBVyxFQUFFLE9BQU87WUFDcEIsU0FBUyxFQUFHLE1BQU0sRUFBRSxNQUEwQixFQUFFLEVBQUU7U0FDbkQsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUE7SUFDOUIsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZixJQUFJLEtBQUssWUFBWSxPQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDaEMsT0FBTyxDQUFDLEtBQUssQ0FBQyxtQ0FBbUMsRUFBRTtnQkFDakQsV0FBVyxFQUFFLE9BQU87Z0JBQ3BCLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTtnQkFDcEIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO2FBQ2YsQ0FBQyxDQUFBO1lBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSxzQkFBc0I7Z0JBQy9CLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTthQUNyQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxPQUFPLENBQUMsS0FBSyxDQUFDLDhCQUE4QixFQUFFO2dCQUM1QyxXQUFXLEVBQUUsT0FBTztnQkFDcEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2dCQUNoQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTthQUNmLENBQUMsQ0FBQTtZQUVGLE1BQU0sVUFBVSxHQUNkLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUztnQkFDeEMsQ0FBQyxDQUFDLEdBQUc7Z0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsV0FBVztvQkFDOUMsQ0FBQyxDQUFDLEdBQUc7b0JBQ0wsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWTt3QkFDL0MsQ0FBQyxDQUFDLEdBQUc7d0JBQ0wsQ0FBQyxDQUFDLEdBQUcsQ0FBQTtZQUVULEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUMxQixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87Z0JBQ3RCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtRQUM3RSxNQUFNLFVBQVUsR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUE7UUFFbkUsT0FBTyxDQUFDLEtBQUssQ0FBQywwQkFBMEIsRUFBRTtZQUN4QyxXQUFXLEVBQUUsT0FBTztZQUNwQixLQUFLLEVBQUUsWUFBWTtZQUNuQixLQUFLLEVBQUUsVUFBVTtZQUNqQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7U0FDZixDQUFDLENBQUE7UUFFRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUseUJBQXlCO1lBQ2xDLEtBQUssRUFBRSxZQUFZO1NBQ3BCLENBQUMsQ0FBQTtJQUNKLENBQUM7QUFDSCxDQUFDLENBQUE7QUE5TFksUUFBQSxJQUFJLFFBOExoQiJ9
|
|
@@ -8,8 +8,15 @@ const POST = async (req, res) => {
|
|
|
8
8
|
const { id } = req.params;
|
|
9
9
|
// Type-safe access to auth_context
|
|
10
10
|
const authContext = req.auth_context;
|
|
11
|
-
const
|
|
12
|
-
|
|
11
|
+
const actorId = authContext?.actor_id;
|
|
12
|
+
const actorType = authContext?.actor_type;
|
|
13
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
14
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
15
|
+
console.warn("[Swaps] Authentication failed:", {
|
|
16
|
+
actor_id: actorId,
|
|
17
|
+
actor_type: actorType,
|
|
18
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
19
|
+
});
|
|
13
20
|
res.status(401).json({
|
|
14
21
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
15
22
|
});
|
|
@@ -21,7 +28,7 @@ const POST = async (req, res) => {
|
|
|
21
28
|
const swap = await swapService.retrieveSwap(id);
|
|
22
29
|
const swapData = swap;
|
|
23
30
|
// Verify swap belongs to authenticated customer
|
|
24
|
-
if (!swapData.customer_id || swapData.customer_id !==
|
|
31
|
+
if (!swapData.customer_id || swapData.customer_id !== actorId) {
|
|
25
32
|
res.status(403).json({
|
|
26
33
|
message: "Forbidden: You can only cancel your own swap requests",
|
|
27
34
|
});
|
|
@@ -41,7 +48,7 @@ const POST = async (req, res) => {
|
|
|
41
48
|
status: "cancelled",
|
|
42
49
|
metadata: {
|
|
43
50
|
cancelled_at: new Date().toISOString(),
|
|
44
|
-
cancelled_by:
|
|
51
|
+
cancelled_by: actorId,
|
|
45
52
|
},
|
|
46
53
|
},
|
|
47
54
|
});
|
|
@@ -68,4 +75,4 @@ const POST = async (req, res) => {
|
|
|
68
75
|
}
|
|
69
76
|
};
|
|
70
77
|
exports.POST = POST;
|
|
71
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
78
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3N3YXBzL1tpZF0vY2FuY2VsL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHFEQUF1RDtBQUN2RCw0R0FBcUc7QUFDckcsc0RBQXlEO0FBR2xELE1BQU0sSUFBSSxHQUFHLEtBQUssRUFDdkIsR0FBa0IsRUFDbEIsR0FBbUIsRUFDSixFQUFFO0lBQ2pCLE1BQU0sRUFBRSxFQUFFLEVBQUUsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFBO0lBRXpCLG1DQUFtQztJQUNuQyxNQUFNLFdBQVcsR0FBSSxHQUVuQixDQUFDLFlBQVksQ0FBQTtJQUVmLE1BQU0sT0FBTyxHQUFHLFdBQVcsRUFBRSxRQUFRLENBQUE7SUFDckMsTUFBTSxTQUFTLEdBQUcsV0FBVyxFQUFFLFVBQVUsQ0FBQTtJQUN6QyxNQUFNLGlCQUFpQixHQUNyQixTQUFTLEtBQUssVUFBVSxJQUFJLFNBQVMsS0FBSyxPQUFPLENBQUE7SUFFbkQsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDbkMsT0FBTyxDQUFDLElBQUksQ0FBQyxnQ0FBZ0MsRUFBRTtZQUM3QyxRQUFRLEVBQUUsT0FBTztZQUNqQixVQUFVLEVBQUUsU0FBUztZQUNyQixNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGtCQUFrQixDQUFDLENBQUMsQ0FBQyxvQkFBb0I7U0FDN0QsQ0FBQyxDQUFBO1FBQ0YsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLDREQUE0RDtTQUN0RSxDQUFDLENBQUE7UUFDRixPQUFNO0lBQ1IsQ0FBQztJQUVELElBQUksQ0FBQztRQUNILE1BQU0sV0FBVyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFjLGtCQUFXLENBQUMsQ0FBQTtRQUUvRCx1QkFBdUI7UUFDdkIsTUFBTSxJQUFJLEdBQUcsTUFBTSxXQUFXLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxDQUFBO1FBQy9DLE1BQU0sUUFBUSxHQUFHLElBQWdELENBQUE7UUFFakUsZ0RBQWdEO1FBQ2hELElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEtBQUssT0FBTyxFQUFFLENBQUM7WUFDOUQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSx1REFBdUQ7YUFDakUsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxtREFBbUQ7UUFDbkQsSUFBSSxRQUFRLENBQUMsTUFBTSxLQUFLLFdBQVcsRUFBRSxDQUFDO1lBQ3BDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsNEZBQTRGLFFBQVEsQ0FBQyxNQUFNLEVBQUU7YUFDdkgsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCw2QkFBNkI7UUFDN0IsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBQSxzREFBd0IsRUFBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDO1lBQy9ELEtBQUssRUFBRTtnQkFDTCxPQUFPLEVBQUUsRUFBRTtnQkFDWCxNQUFNLEVBQUUsV0FBVztnQkFDbkIsUUFBUSxFQUFFO29CQUNSLFlBQVksRUFBRSxJQUFJLElBQUksRUFBRSxDQUFDLFdBQVcsRUFBRTtvQkFDdEMsWUFBWSxFQUFFLE9BQWlCO2lCQUNoQzthQUNGO1NBQ0YsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQTtJQUNsQixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVM7Z0JBQ3hDLENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7b0JBQy9DLENBQUMsQ0FBQyxHQUFHO29CQUNMLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFVCxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDMUIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLHVCQUF1QjtZQUNoQyxLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBdEZZLFFBQUEsSUFBSSxRQXNGaEIifQ==
|
|
@@ -23,8 +23,15 @@ const GET = async (req, res) => {
|
|
|
23
23
|
const { id } = req.params;
|
|
24
24
|
// Type-safe access to auth_context
|
|
25
25
|
const authContext = req.auth_context;
|
|
26
|
-
const
|
|
27
|
-
|
|
26
|
+
const actorId = authContext?.actor_id;
|
|
27
|
+
const actorType = authContext?.actor_type;
|
|
28
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
29
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
30
|
+
console.warn("[Swaps] Authentication failed:", {
|
|
31
|
+
actor_id: actorId,
|
|
32
|
+
actor_type: actorType,
|
|
33
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
34
|
+
});
|
|
28
35
|
res.status(401).json({
|
|
29
36
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
30
37
|
});
|
|
@@ -35,7 +42,7 @@ const GET = async (req, res) => {
|
|
|
35
42
|
const swap = await swapService.retrieveSwap(id);
|
|
36
43
|
const swapData = swap;
|
|
37
44
|
// Verify swap belongs to authenticated customer
|
|
38
|
-
if (!swapData.customer_id || swapData.customer_id !==
|
|
45
|
+
if (!swapData.customer_id || swapData.customer_id !== actorId) {
|
|
39
46
|
res.status(403).json({
|
|
40
47
|
message: "Forbidden: You can only access your own swap requests",
|
|
41
48
|
});
|
|
@@ -64,8 +71,15 @@ const PATCH = async (req, res) => {
|
|
|
64
71
|
const { id } = req.params;
|
|
65
72
|
// Type-safe access to auth_context
|
|
66
73
|
const authContext = req.auth_context;
|
|
67
|
-
const
|
|
68
|
-
|
|
74
|
+
const actorId = authContext?.actor_id;
|
|
75
|
+
const actorType = authContext?.actor_type;
|
|
76
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
77
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
78
|
+
console.warn("[Swaps] Authentication failed:", {
|
|
79
|
+
actor_id: actorId,
|
|
80
|
+
actor_type: actorType,
|
|
81
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
82
|
+
});
|
|
69
83
|
res.status(401).json({
|
|
70
84
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
71
85
|
});
|
|
@@ -94,7 +108,7 @@ const PATCH = async (req, res) => {
|
|
|
94
108
|
const { result } = await (0, update_swap_workflow_1.updateSwapWorkflow)(req.scope).run({
|
|
95
109
|
input: {
|
|
96
110
|
swap_id: id,
|
|
97
|
-
customer_id:
|
|
111
|
+
customer_id: actorId,
|
|
98
112
|
return_items: body.return_items,
|
|
99
113
|
new_items: body.new_items,
|
|
100
114
|
reason: body.reason,
|
|
@@ -129,7 +143,7 @@ const PATCH = async (req, res) => {
|
|
|
129
143
|
const errorStack = error instanceof Error ? error.stack : undefined;
|
|
130
144
|
console.error("Failed to update swap:", {
|
|
131
145
|
swap_id: id,
|
|
132
|
-
customer_id:
|
|
146
|
+
customer_id: actorId,
|
|
133
147
|
error: errorMessage,
|
|
134
148
|
stack: errorStack,
|
|
135
149
|
body: req.body,
|
|
@@ -141,4 +155,4 @@ const PATCH = async (req, res) => {
|
|
|
141
155
|
}
|
|
142
156
|
};
|
|
143
157
|
exports.PATCH = PATCH;
|
|
144
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
158
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3N3YXBzL1tpZF0vcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQXVEO0FBQ3ZELG1EQUFzRDtBQUV0RCwyRkFBcUY7QUFDckYsNkJBQXVCO0FBRXZCLE1BQU0sZ0JBQWdCLEdBQUcsT0FBQyxDQUFDLE1BQU0sQ0FBQztJQUNoQyxZQUFZLEVBQUUsT0FBQyxDQUFDLEtBQUssQ0FDbkIsT0FBQyxDQUFDLE1BQU0sQ0FBQztRQUNQLEVBQUUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFO1FBQ2QsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7UUFDL0IsTUFBTSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7UUFDN0IsVUFBVSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7S0FDbEMsQ0FBQyxDQUNILENBQUMsUUFBUSxFQUFFO0lBQ1osU0FBUyxFQUFFLE9BQUMsQ0FBQyxLQUFLLENBQ2hCLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxVQUFVLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRTtRQUN0QixRQUFRLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtLQUNoQyxDQUFDLENBQ0gsQ0FBQyxRQUFRLEVBQUU7SUFDWixNQUFNLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtJQUM3QixJQUFJLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQVEsRUFBRTtDQUM1QixDQUFDLENBQUE7QUFFSyxNQUFNLEdBQUcsR0FBRyxLQUFLLEVBQ3RCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixNQUFNLEVBQUUsRUFBRSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUV6QixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsZ0NBQWdDLEVBQUU7WUFDN0MsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxNQUFNLFdBQVcsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBYyxrQkFBVyxDQUFDLENBQUE7UUFFL0QsTUFBTSxJQUFJLEdBQUcsTUFBTSxXQUFXLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxDQUFBO1FBQy9DLE1BQU0sUUFBUSxHQUFHLElBQWdDLENBQUE7UUFFakQsZ0RBQWdEO1FBQ2hELElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEtBQUssT0FBTyxFQUFFLENBQUM7WUFDOUQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSx1REFBdUQ7YUFDakUsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQTtJQUNwQixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFeEQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQzFCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDdEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2FBQ2pCLENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDUixDQUFDO1FBRUQsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSx5QkFBeUI7WUFDbEMsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQTdEWSxRQUFBLEdBQUcsT0E2RGY7QUFFTSxNQUFNLEtBQUssR0FBRyxLQUFLLEVBQ3hCLEdBQWtCLEVBQ2xCLEdBQW1CLEVBQ0osRUFBRTtJQUNqQixNQUFNLEVBQUUsRUFBRSxFQUFFLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQTtJQUV6QixtQ0FBbUM7SUFDbkMsTUFBTSxXQUFXLEdBQUksR0FFbkIsQ0FBQyxZQUFZLENBQUE7SUFFZixNQUFNLE9BQU8sR0FBRyxXQUFXLEVBQUUsUUFBUSxDQUFBO0lBQ3JDLE1BQU0sU0FBUyxHQUFHLFdBQVcsRUFBRSxVQUFVLENBQUE7SUFDekMsTUFBTSxpQkFBaUIsR0FDckIsU0FBUyxLQUFLLFVBQVUsSUFBSSxTQUFTLEtBQUssT0FBTyxDQUFBO0lBRW5ELElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ25DLE9BQU8sQ0FBQyxJQUFJLENBQUMsZ0NBQWdDLEVBQUU7WUFDN0MsUUFBUSxFQUFFLE9BQU87WUFDakIsVUFBVSxFQUFFLFNBQVM7WUFDckIsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsb0JBQW9CO1NBQzdELENBQUMsQ0FBQTtRQUNGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSw0REFBNEQ7U0FDdEUsQ0FBQyxDQUFBO1FBQ0YsT0FBTTtJQUNSLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSCxpRUFBaUU7UUFDakUsSUFBSSxXQUFXLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQTtRQUMxQixJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLElBQUksV0FBVyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUN6RCxXQUFXLEdBQUcsV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFBO1FBQzlCLENBQUM7UUFFRCx3QkFBd0I7UUFDeEIsTUFBTSxJQUFJLEdBQUcsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFBO1FBRWhELCtDQUErQztRQUMvQyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSyxTQUFTLElBQUksSUFBSSxDQUFDLElBQUksS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUNsRyxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDbkIsT0FBTyxFQUFFLHdEQUF3RDthQUNsRSxDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELCtCQUErQjtRQUMvQixJQUFJLENBQUMseUNBQWtCLEVBQUUsQ0FBQztZQUN4QixNQUFNLElBQUksbUJBQVcsQ0FDbkIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLEVBQ2xDLHdGQUF3RixDQUN6RixDQUFBO1FBQ0gsQ0FBQztRQUVELDBCQUEwQjtRQUMxQixNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLHlDQUFrQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDekQsS0FBSyxFQUFFO2dCQUNMLE9BQU8sRUFBRSxFQUFFO2dCQUNYLFdBQVcsRUFBRSxPQUFPO2dCQUNwQixZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7Z0JBQy9CLFNBQVMsRUFBRSxJQUFJLENBQUMsU0FBUztnQkFDekIsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7YUFDaEI7U0FDRixDQUFDLENBQUE7UUFFRixHQUFHLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQ2xCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksT0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsc0JBQXNCO2dCQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU07YUFDckIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxJQUFJLEtBQUssWUFBWSxtQkFBVyxFQUFFLENBQUM7WUFDakMsTUFBTSxVQUFVLEdBQ2QsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxTQUFTO2dCQUN4QyxDQUFDLENBQUMsR0FBRztnQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxXQUFXO29CQUM5QyxDQUFDLENBQUMsR0FBRztvQkFDTCxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksS0FBSyxtQkFBVyxDQUFDLEtBQUssQ0FBQyxZQUFZO3dCQUMvQyxDQUFDLENBQUMsR0FBRzt3QkFDTCxDQUFDLENBQUMsR0FBRyxDQUFBO1lBRVQsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQzFCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDdEIsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2FBQ2pCLENBQUMsQ0FBQTtZQUNGLE9BQU07UUFDUixDQUFDO1FBRUQsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFBO1FBQzdFLE1BQU0sVUFBVSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQTtRQUVuRSxPQUFPLENBQUMsS0FBSyxDQUFDLHdCQUF3QixFQUFFO1lBQ3RDLE9BQU8sRUFBRSxFQUFFO1lBQ1QsV0FBVyxFQUFFLE9BQU87WUFDdEIsS0FBSyxFQUFFLFlBQVk7WUFDbkIsS0FBSyxFQUFFLFVBQVU7WUFDakIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1NBQ2YsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDbkIsT0FBTyxFQUFFLHVCQUF1QjtZQUNoQyxLQUFLLEVBQUUsWUFBWTtTQUNwQixDQUFDLENBQUE7SUFDSixDQUFDO0FBQ0gsQ0FBQyxDQUFBO0FBN0dZLFFBQUEsS0FBSyxTQTZHakIifQ==
|
|
@@ -23,8 +23,15 @@ const CreateSwapSchema = zod_1.z.object({
|
|
|
23
23
|
const GET = async (req, res) => {
|
|
24
24
|
// Type-safe access to auth_context
|
|
25
25
|
const authContext = req.auth_context;
|
|
26
|
-
const
|
|
27
|
-
|
|
26
|
+
const actorId = authContext?.actor_id;
|
|
27
|
+
const actorType = authContext?.actor_type;
|
|
28
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
29
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
30
|
+
console.warn("[Swaps] Authentication failed:", {
|
|
31
|
+
actor_id: actorId,
|
|
32
|
+
actor_type: actorType,
|
|
33
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
34
|
+
});
|
|
28
35
|
res.status(401).json({
|
|
29
36
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
30
37
|
});
|
|
@@ -38,7 +45,7 @@ const GET = async (req, res) => {
|
|
|
38
45
|
const offset = req.query.offset ? parseInt(req.query.offset, 10) : 0;
|
|
39
46
|
// Always filter by authenticated customer_id for security
|
|
40
47
|
const filters = {
|
|
41
|
-
customer_id:
|
|
48
|
+
customer_id: actorId,
|
|
42
49
|
};
|
|
43
50
|
if (orderId) {
|
|
44
51
|
filters.order_id = orderId;
|
|
@@ -67,8 +74,15 @@ exports.GET = GET;
|
|
|
67
74
|
const POST = async (req, res) => {
|
|
68
75
|
// Type-safe access to auth_context
|
|
69
76
|
const authContext = req.auth_context;
|
|
70
|
-
const
|
|
71
|
-
|
|
77
|
+
const actorId = authContext?.actor_id;
|
|
78
|
+
const actorType = authContext?.actor_type;
|
|
79
|
+
const isCustomerOrGuest = actorType === "customer" || actorType === "guest";
|
|
80
|
+
if (!actorId || !isCustomerOrGuest) {
|
|
81
|
+
console.warn("[Swaps] Authentication failed:", {
|
|
82
|
+
actor_id: actorId,
|
|
83
|
+
actor_type: actorType,
|
|
84
|
+
reason: !actorId ? "Missing actor_id" : "Invalid actor_type",
|
|
85
|
+
});
|
|
72
86
|
res.status(401).json({
|
|
73
87
|
message: "Unauthorized: Customer or guest authentication is required",
|
|
74
88
|
});
|
|
@@ -93,7 +107,7 @@ const POST = async (req, res) => {
|
|
|
93
107
|
new_items: body.new_items,
|
|
94
108
|
reason: body.reason,
|
|
95
109
|
note: body.note,
|
|
96
|
-
customer_id:
|
|
110
|
+
customer_id: actorId,
|
|
97
111
|
},
|
|
98
112
|
});
|
|
99
113
|
res.status(201).json(result);
|
|
@@ -128,7 +142,7 @@ const POST = async (req, res) => {
|
|
|
128
142
|
errorMessage.includes("orderModuleService") ||
|
|
129
143
|
errorMessage.includes("createSwapWorkflow")) {
|
|
130
144
|
console.error("Workflow or service resolution error:", {
|
|
131
|
-
customer_id:
|
|
145
|
+
customer_id: actorId,
|
|
132
146
|
error: errorMessage,
|
|
133
147
|
stack: errorStack,
|
|
134
148
|
body: req.body,
|
|
@@ -144,7 +158,7 @@ const POST = async (req, res) => {
|
|
|
144
158
|
// Check for specific error about orderModuleService.list
|
|
145
159
|
if (errorMessage.includes("orderModuleService.list") || errorMessage.includes(".list is not a function")) {
|
|
146
160
|
console.error("Order service method error:", {
|
|
147
|
-
customer_id:
|
|
161
|
+
customer_id: actorId,
|
|
148
162
|
error: errorMessage,
|
|
149
163
|
stack: errorStack,
|
|
150
164
|
body: req.body,
|
|
@@ -158,7 +172,7 @@ const POST = async (req, res) => {
|
|
|
158
172
|
return;
|
|
159
173
|
}
|
|
160
174
|
console.error("Failed to create swap:", {
|
|
161
|
-
customer_id:
|
|
175
|
+
customer_id: actorId,
|
|
162
176
|
error: errorMessage,
|
|
163
177
|
stack: errorStack,
|
|
164
178
|
body: req.body,
|
|
@@ -170,4 +184,4 @@ const POST = async (req, res) => {
|
|
|
170
184
|
}
|
|
171
185
|
};
|
|
172
186
|
exports.POST = POST;
|
|
173
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
187
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL3N0b3JlL3N3YXBzL3JvdXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHFEQUF1RDtBQUN2RCx3RkFBa0Y7QUFDbEYsZ0RBQW1EO0FBRW5ELDZCQUF1QjtBQUV2QixNQUFNLGdCQUFnQixHQUFHLE9BQUMsQ0FBQyxNQUFNLENBQUM7SUFDaEMsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7SUFDcEIsWUFBWSxFQUFFLE9BQUMsQ0FBQyxLQUFLLENBQ25CLE9BQUMsQ0FBQyxNQUFNLENBQUM7UUFDUCxFQUFFLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRTtRQUNkLFFBQVEsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQy9CLE1BQU0sRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQzdCLFVBQVUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQUUsNkVBQTZFO0tBQ2pILENBQUMsQ0FDSDtJQUNELFNBQVMsRUFBRSxPQUFDLENBQUMsS0FBSyxDQUNoQixPQUFDLENBQUMsTUFBTSxDQUFDO1FBQ1AsVUFBVSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUU7UUFDdEIsUUFBUSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7S0FDaEMsQ0FBQyxDQUNIO0lBQ0QsTUFBTSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7SUFDN0IsSUFBSSxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUU7Q0FDNUIsQ0FBQyxDQUFBO0FBRUssTUFBTSxHQUFHLEdBQUcsS0FBSyxFQUN0QixHQUFrQixFQUNsQixHQUFtQixFQUNKLEVBQUU7SUFDakIsbUNBQW1DO0lBQ25DLE1BQU0sV0FBVyxHQUFJLEdBRW5CLENBQUMsWUFBWSxDQUFBO0lBRWYsTUFBTSxPQUFPLEdBQUcsV0FBVyxFQUFFLFFBQVEsQ0FBQTtJQUNyQyxNQUFNLFNBQVMsR0FBRyxXQUFXLEVBQUUsVUFBVSxDQUFBO0lBQ3pDLE1BQU0saUJBQWlCLEdBQ3JCLFNBQVMsS0FBSyxVQUFVLElBQUksU0FBUyxLQUFLLE9BQU8sQ0FBQTtJQUVuRCxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUNuQyxPQUFPLENBQUMsSUFBSSxDQUFDLGdDQUFnQyxFQUFFO1lBQzdDLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLFVBQVUsRUFBRSxTQUFTO1lBQ3JCLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLG9CQUFvQjtTQUM3RCxDQUFDLENBQUE7UUFDRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxXQUFXLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQWMsa0JBQVcsQ0FBQyxDQUFBO1FBRS9ELHVCQUF1QjtRQUN2QixNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLFFBQThCLENBQUE7UUFDeEQsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEtBQWUsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFBO1FBQzdFLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxNQUFnQixFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUE7UUFFOUUsMERBQTBEO1FBQzFELE1BQU0sT0FBTyxHQUE0QjtZQUN2QyxXQUFXLEVBQUUsT0FBTztTQUNyQixDQUFBO1FBQ0QsSUFBSSxPQUFPLEVBQUUsQ0FBQztZQUNaLE9BQU8sQ0FBQyxRQUFRLEdBQUcsT0FBTyxDQUFBO1FBQzVCLENBQUM7UUFFRCxNQUFNLEtBQUssR0FBRyxNQUFNLFdBQVcsQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFO1lBQ2pELElBQUksRUFBRSxLQUFLO1lBQ1gsSUFBSSxFQUFFLE1BQU07U0FDYixDQUFDLENBQUE7UUFFRixNQUFNLFNBQVMsR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFBO1FBRXJFLEdBQUcsQ0FBQyxJQUFJLENBQUM7WUFDUCxLQUFLLEVBQUUsU0FBUztZQUNoQixLQUFLLEVBQUUsU0FBUyxDQUFDLE1BQU07WUFDdkIsS0FBSztZQUNMLE1BQU07U0FDUCxDQUFDLENBQUE7SUFDSixDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLE1BQU0sWUFBWSxHQUFHLEtBQUssWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQTtRQUM3RSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsMEJBQTBCO1lBQ25DLEtBQUssRUFBRSxZQUFZO1NBQ3BCLENBQUMsQ0FBQTtJQUNKLENBQUM7QUFDSCxDQUFDLENBQUE7QUE5RFksUUFBQSxHQUFHLE9BOERmO0FBRU0sTUFBTSxJQUFJLEdBQUcsS0FBSyxFQUN2QixHQUFrQixFQUNsQixHQUFtQixFQUNKLEVBQUU7SUFDakIsbUNBQW1DO0lBQ25DLE1BQU0sV0FBVyxHQUFJLEdBRW5CLENBQUMsWUFBWSxDQUFBO0lBRWYsTUFBTSxPQUFPLEdBQUcsV0FBVyxFQUFFLFFBQVEsQ0FBQTtJQUNyQyxNQUFNLFNBQVMsR0FBRyxXQUFXLEVBQUUsVUFBVSxDQUFBO0lBQ3pDLE1BQU0saUJBQWlCLEdBQ3JCLFNBQVMsS0FBSyxVQUFVLElBQUksU0FBUyxLQUFLLE9BQU8sQ0FBQTtJQUVuRCxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUNuQyxPQUFPLENBQUMsSUFBSSxDQUFDLGdDQUFnQyxFQUFFO1lBQzdDLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLFVBQVUsRUFBRSxTQUFTO1lBQ3JCLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDLG9CQUFvQjtTQUM3RCxDQUFDLENBQUE7UUFDRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztZQUNuQixPQUFPLEVBQUUsNERBQTREO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gsaUVBQWlFO1FBQ2pFLElBQUksV0FBVyxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUE7UUFDMUIsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxJQUFJLFdBQVcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDekQsV0FBVyxHQUFHLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQTtRQUM5QixDQUFDO1FBRUQsd0JBQXdCO1FBQ3hCLE1BQU0sSUFBSSxHQUFHLGdCQUFnQixDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsQ0FBQTtRQUVoRCwrQkFBK0I7UUFDL0IsSUFBSSxDQUFDLHlDQUFrQixFQUFFLENBQUM7WUFDeEIsTUFBTSxJQUFJLG1CQUFXLENBQ25CLG1CQUFXLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUNsQyxpRkFBaUYsQ0FDbEYsQ0FBQTtRQUNILENBQUM7UUFFRCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLHlDQUFrQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDekQsS0FBSyxFQUFFO2dCQUNMLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtnQkFDdkIsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO2dCQUMvQixTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVM7Z0JBQ3pCLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtnQkFDbkIsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJO2dCQUNmLFdBQVcsRUFBRSxPQUFPO2FBQ3JCO1NBQ0YsQ0FBQyxDQUFBO1FBRUYsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUE7SUFDOUIsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZixJQUFJLEtBQUssWUFBWSxPQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDaEMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ25CLE9BQU8sRUFBRSxzQkFBc0I7Z0JBQy9CLE1BQU0sRUFBRSxLQUFLLENBQUMsTUFBTTthQUNyQixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELElBQUksS0FBSyxZQUFZLG1CQUFXLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFVBQVUsR0FDZCxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFNBQVM7Z0JBQ3hDLENBQUMsQ0FBQyxHQUFHO2dCQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFdBQVc7b0JBQzlDLENBQUMsQ0FBQyxHQUFHO29CQUNMLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVk7d0JBQy9DLENBQUMsQ0FBQyxHQUFHO3dCQUNMLENBQUMsQ0FBQyxHQUFHLENBQUE7WUFFVCxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDMUIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUE7UUFDN0UsTUFBTSxVQUFVLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFBO1FBRW5FLHVDQUF1QztRQUN2QyxJQUNFLFlBQVksQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQUM7WUFDMUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyx3QkFBd0IsQ0FBQztZQUMvQyxZQUFZLENBQUMsUUFBUSxDQUFDLG9CQUFvQixDQUFDO1lBQzNDLFlBQVksQ0FBQyxRQUFRLENBQUMsb0JBQW9CLENBQUMsRUFDM0MsQ0FBQztZQUNELE9BQU8sQ0FBQyxLQUFLLENBQUMsdUNBQXVDLEVBQUU7Z0JBQ3JELFdBQVcsRUFBRSxPQUFPO2dCQUNwQixLQUFLLEVBQUUsWUFBWTtnQkFDbkIsS0FBSyxFQUFFLFVBQVU7Z0JBQ2pCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTtnQkFDZCxJQUFJLEVBQUUsaUlBQWlJO2FBQ3hJLENBQUMsQ0FBQTtZQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO2dCQUNuQixPQUFPLEVBQUUsb0NBQW9DO2dCQUM3QyxLQUFLLEVBQUUsWUFBWTtnQkFDbkIsSUFBSSxFQUFFLGlGQUFpRjthQUN4RixDQUFDLENBQUE7WUFDRixPQUFNO1FBQ1IsQ0FBQztRQUVELHlEQUF5RDtRQUN6RCxJQUFJLFlBQVksQ0FBQyxRQUFRLENBQUMseUJBQXlCLENBQUMsSUFBSSxZQUFZLENBQUMsUUFBUSxDQUFDLHlCQUF5QixDQUFDLEVBQUUsQ0FBQztZQUN6RyxPQUFPLENBQUMsS0FBSyxDQUFDLDZCQUE2QixFQUFFO2dCQUMzQyxXQUFXLEVBQUUsT0FBTztnQkFDcEIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLEtBQUssRUFBRSxVQUFVO2dCQUNqQixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7Z0JBQ2QsSUFBSSxFQUFFLHNGQUFzRjthQUM3RixDQUFDLENBQUE7WUFFRixHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDbkIsT0FBTyxFQUFFLHdCQUF3QjtnQkFDakMsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLElBQUksRUFBRSw2RUFBNkU7YUFDcEYsQ0FBQyxDQUFBO1lBQ0YsT0FBTTtRQUNSLENBQUM7UUFFRCxPQUFPLENBQUMsS0FBSyxDQUFDLHdCQUF3QixFQUFFO1lBQ3RDLFdBQVcsRUFBRSxPQUFPO1lBQ3BCLEtBQUssRUFBRSxZQUFZO1lBQ25CLEtBQUssRUFBRSxVQUFVO1lBQ2pCLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSTtTQUNmLENBQUMsQ0FBQTtRQUVGLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ25CLE9BQU8sRUFBRSx1QkFBdUI7WUFDaEMsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFBO0lBQ0osQ0FBQztBQUNILENBQUMsQ0FBQTtBQTFJWSxRQUFBLElBQUksUUEwSWhCIn0=
|
|
@@ -45,17 +45,17 @@ class OtpService {
|
|
|
45
45
|
/**
|
|
46
46
|
* Generates a JWT token scoped for guest access.
|
|
47
47
|
*/
|
|
48
|
-
generateToken(identifier,
|
|
48
|
+
generateToken(identifier, actorId, jwtSecret) {
|
|
49
49
|
if (!jwtSecret) {
|
|
50
50
|
throw new Error("order-management: jwtSecret is required");
|
|
51
51
|
}
|
|
52
52
|
return jsonwebtoken_1.default.sign({
|
|
53
53
|
guest_identifier: identifier,
|
|
54
|
-
|
|
54
|
+
actor_id: actorId,
|
|
55
55
|
scope: "guest_orders",
|
|
56
56
|
actor_type: "guest",
|
|
57
57
|
}, jwtSecret, { expiresIn: "1h" });
|
|
58
58
|
}
|
|
59
59
|
}
|
|
60
60
|
exports.OtpService = OtpService;
|
|
61
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
61
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3RwLXNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvc2VydmljZXMvb3RwLXNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsZ0VBQThCO0FBRTlCLDZCQUE2QjtBQUM3QiwwRUFBMEU7QUFDMUUsMERBQTBEO0FBQzFELE1BQU0sUUFBUSxHQUFHLElBQUksR0FBRyxFQUE4QyxDQUFBO0FBRXRFLE1BQWEsVUFBVTtJQUNuQjs7O09BR0c7SUFDSCxLQUFLLENBQUMsUUFBUSxDQUFDLFVBQWtCO1FBQzdCLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQTtRQUVsRSxRQUFRLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRTtZQUNyQixHQUFHO1lBQ0gsU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksRUFBRSxhQUFhO1NBQ3hELENBQUMsQ0FBQTtRQUVGLE9BQU8sR0FBRyxDQUFBO0lBQ2QsQ0FBQztJQUVEOzs7T0FHRztJQUNILEtBQUssQ0FBQyxNQUFNLENBQUMsVUFBa0IsRUFBRSxJQUFZO1FBQ3pDLE1BQU0sSUFBSSxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUE7UUFFckMsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1IsT0FBTyxLQUFLLENBQUE7UUFDaEIsQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUM5QixRQUFRLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFBO1lBQzNCLE9BQU8sS0FBSyxDQUFBO1FBQ2hCLENBQUM7UUFFRCxJQUFJLElBQUksQ0FBQyxHQUFHLEtBQUssSUFBSSxFQUFFLENBQUM7WUFDcEIsT0FBTyxLQUFLLENBQUE7UUFDaEIsQ0FBQztRQUVELDJCQUEyQjtRQUMzQixRQUFRLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFBO1FBQzNCLE9BQU8sSUFBSSxDQUFBO0lBQ2YsQ0FBQztJQUVEOztPQUVHO0lBQ0gsYUFBYSxDQUFDLFVBQWtCLEVBQUUsT0FBMkIsRUFBRSxTQUFpQjtRQUM1RSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLHlDQUF5QyxDQUFDLENBQUE7UUFDOUQsQ0FBQztRQUVELE9BQU8sc0JBQUcsQ0FBQyxJQUFJLENBQ1g7WUFDSSxnQkFBZ0IsRUFBRSxVQUFVO1lBQzVCLFFBQVEsRUFBRSxPQUFPO1lBQ2pCLEtBQUssRUFBRSxjQUFjO1lBQ3JCLFVBQVUsRUFBRSxPQUFPO1NBQ3RCLEVBQ0QsU0FBUyxFQUNULEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUN0QixDQUFBO0lBQ0wsQ0FBQztDQUNKO0FBNURELGdDQTREQyJ9
|