diff --git a/maternal-app/maternal-app-backend/src/modules/ai/ai.controller.ts b/maternal-app/maternal-app-backend/src/modules/ai/ai.controller.ts index 3c910ac..2cd9a3d 100644 --- a/maternal-app/maternal-app-backend/src/modules/ai/ai.controller.ts +++ b/maternal-app/maternal-app-backend/src/modules/ai/ai.controller.ts @@ -9,6 +9,7 @@ import { Req, Res, Header, + UnauthorizedException, } from '@nestjs/common'; import { Response } from 'express'; import { AIService } from './ai.service'; @@ -20,10 +21,12 @@ import { Public } from '../auth/decorators/public.decorator'; export class AIController { constructor(private readonly aiService: AIService) {} - @Public() // Public for testing @Post('chat') async chat(@Req() req: any, @Body() chatDto: ChatMessageDto) { - const userId = req.user?.userId || 'test_user_123'; // Use test user if not authenticated + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } const response = await this.aiService.chat(userId, chatDto); return { success: true, @@ -35,7 +38,6 @@ export class AIController { * Streaming chat endpoint * Returns Server-Sent Events (SSE) for real-time streaming responses */ - @Public() // Public for testing @Post('chat/stream') @Header('Content-Type', 'text/event-stream') @Header('Cache-Control', 'no-cache') @@ -45,7 +47,11 @@ export class AIController { @Body() chatDto: ChatMessageDto, @Res() res: Response, ) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + res.status(401).json({ error: 'Authentication required' }); + return; + } // Set up SSE headers res.setHeader('Content-Type', 'text/event-stream'); @@ -72,10 +78,12 @@ export class AIController { } } - @Public() // Public for testing @Get('conversations') async getConversations(@Req() req: any) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } const conversations = await this.aiService.getUserConversations(userId); return { success: true, @@ -83,10 +91,12 @@ export class AIController { }; } - @Public() // Public for testing @Get('conversations/:id') async getConversation(@Req() req: any, @Param('id') conversationId: string) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } const conversation = await this.aiService.getConversation( userId, conversationId, @@ -109,14 +119,16 @@ export class AIController { }; } - @Public() // Public for testing @Patch('conversations/:id/group') async updateConversationGroup( @Req() req: any, @Param('id') conversationId: string, @Body() body: { groupName: string | null }, ) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } const conversation = await this.aiService.updateConversationGroup( userId, conversationId, @@ -128,10 +140,12 @@ export class AIController { }; } - @Public() // Public for testing @Get('groups') async getConversationGroups(@Req() req: any) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } const groups = await this.aiService.getConversationGroups(userId); return { success: true, @@ -149,10 +163,12 @@ export class AIController { }; } - @Public() // Public for testing @Post('feedback') async submitFeedback(@Req() req: any, @Body() feedbackDto: FeedbackDto) { - const userId = req.user?.userId || 'test_user_123'; + const userId = req.user?.userId; + if (!userId) { + throw new UnauthorizedException('Authentication required'); + } await this.aiService.submitFeedback( userId, feedbackDto.conversationId,