diff --git a/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts b/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts index cfdf49d..714b3d0 100644 --- a/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts +++ b/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts @@ -16,6 +16,7 @@ export enum AuditAction { DELETE = 'DELETE', EXPORT = 'EXPORT', LOGIN = 'LOGIN', + LOGIN_BIOMETRIC = 'LOGIN_BIOMETRIC', LOGOUT = 'LOGOUT', PASSWORD_RESET = 'PASSWORD_RESET', EMAIL_VERIFY = 'EMAIL_VERIFY', diff --git a/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts b/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts index ff42c65..ef99fb0 100644 --- a/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts +++ b/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts @@ -11,7 +11,7 @@ import { JwtService } from '@nestjs/jwt'; import { ConfigService } from '@nestjs/config'; import * as bcrypt from 'bcrypt'; import * as crypto from 'crypto'; -import { User, DeviceRegistry, RefreshToken, Family, FamilyMember } from '../../database/entities'; +import { User, DeviceRegistry, RefreshToken, Family, FamilyMember, AuditAction, EntityType } from '../../database/entities'; import { RegisterDto } from './dto/register.dto'; import { LoginDto } from './dto/login.dto'; import { RefreshTokenDto } from './dto/refresh-token.dto'; @@ -433,30 +433,35 @@ export class AuthService { // Audit log for biometric login await this.auditService.log({ userId: user.id, - action: 'LOGIN_BIOMETRIC', - resourceType: 'AUTH', - resourceId: user.id, - metadata: { - deviceId: device.deviceFingerprint, - platform: device.platform, + action: AuditAction.LOGIN_BIOMETRIC, + entityType: EntityType.USER, + entityId: user.id, + changes: { + after: { + deviceId: device.deviceFingerprint, + platform: device.platform, + }, }, }); return { - accessToken: tokens.accessToken, - refreshToken: tokens.refreshToken, - expiresIn: tokens.expiresIn, - user: { - id: user.id, - email: user.email, - name: user.name, - phone: user.phone, - locale: user.locale, - timezone: user.timezone, - emailVerified: user.emailVerified, - createdAt: user.createdAt, - familyMemberships: user.familyMemberships, - preferences: user.preferences, + success: true, + data: { + tokens: { + accessToken: tokens.accessToken, + refreshToken: tokens.refreshToken, + expiresIn: tokens.expiresIn, + }, + user: { + id: user.id, + email: user.email, + name: user.name, + locale: user.locale, + emailVerified: user.emailVerified, + preferences: user.preferences, + }, + deviceRegistered: true, + deviceTrusted: device.trusted, }, }; } diff --git a/maternal-web/app/(auth)/login/page.tsx b/maternal-web/app/(auth)/login/page.tsx index d9c154f..b7652cc 100644 --- a/maternal-web/app/(auth)/login/page.tsx +++ b/maternal-web/app/(auth)/login/page.tsx @@ -91,7 +91,7 @@ export default function LoginPage() { ); // Store tokens and navigate - tokenStorage.setTokens(result.tokens.accessToken, result.tokens.refreshToken); + tokenStorage.setTokens(result.data.tokens.accessToken, result.data.tokens.refreshToken); router.push('/'); } catch (err: any) { console.error('Biometric login failed:', err); diff --git a/maternal-web/lib/api/biometric.ts b/maternal-web/lib/api/biometric.ts index 761c426..55971d0 100644 --- a/maternal-web/lib/api/biometric.ts +++ b/maternal-web/lib/api/biometric.ts @@ -76,7 +76,7 @@ export const biometricApi = { response: any, email?: string, deviceInfo?: { deviceId: string; platform: string } - ): Promise<{ success: boolean; message: string; user: any; tokens: any }> { + ): Promise<{ success: boolean; data: { user: any; tokens: any; deviceRegistered: boolean; deviceTrusted: boolean } }> { const verifyResponse = await axios.post( `${API_BASE_URL}/api/v1/auth/biometric/authenticate/verify`, { response, email, deviceInfo }