From ff69848ec50d6badfe2550e4f8c4d86679e72206 Mon Sep 17 00:00:00 2001
From: Andrei <andrei@cloudz.ro>
Date: Thu, 2 Oct 2025 05:50:57 +0000
Subject: [PATCH] Fix biometric auth TypeScript errors
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add LOGIN_BIOMETRIC to AuditAction enum
- Import AuditAction and EntityType in AuthService
- Fix loginWithExternalAuth return type to match AuthResponse interface
- Update biometric API client to use correct response structure
- Update login page to access tokens from nested data structure

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../src/database/entities/audit-log.entity.ts |  1 +
 .../src/modules/auth/auth.service.ts          | 47 ++++++++++---------
 maternal-web/app/(auth)/login/page.tsx        |  2 +-
 maternal-web/lib/api/biometric.ts             |  2 +-
 4 files changed, 29 insertions(+), 23 deletions(-)

diff --git a/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts b/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts
index cfdf49d..714b3d0 100644
--- a/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts
+++ b/maternal-app/maternal-app-backend/src/database/entities/audit-log.entity.ts
@@ -16,6 +16,7 @@ export enum AuditAction {
   DELETE = 'DELETE',
   EXPORT = 'EXPORT',
   LOGIN = 'LOGIN',
+  LOGIN_BIOMETRIC = 'LOGIN_BIOMETRIC',
   LOGOUT = 'LOGOUT',
   PASSWORD_RESET = 'PASSWORD_RESET',
   EMAIL_VERIFY = 'EMAIL_VERIFY',
diff --git a/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts b/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts
index ff42c65..ef99fb0 100644
--- a/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts
+++ b/maternal-app/maternal-app-backend/src/modules/auth/auth.service.ts
@@ -11,7 +11,7 @@ import { JwtService } from '@nestjs/jwt';
 import { ConfigService } from '@nestjs/config';
 import * as bcrypt from 'bcrypt';
 import * as crypto from 'crypto';
-import { User, DeviceRegistry, RefreshToken, Family, FamilyMember } from '../../database/entities';
+import { User, DeviceRegistry, RefreshToken, Family, FamilyMember, AuditAction, EntityType } from '../../database/entities';
 import { RegisterDto } from './dto/register.dto';
 import { LoginDto } from './dto/login.dto';
 import { RefreshTokenDto } from './dto/refresh-token.dto';
@@ -433,30 +433,35 @@ export class AuthService {
     // Audit log for biometric login
     await this.auditService.log({
       userId: user.id,
-      action: 'LOGIN_BIOMETRIC',
-      resourceType: 'AUTH',
-      resourceId: user.id,
-      metadata: {
-        deviceId: device.deviceFingerprint,
-        platform: device.platform,
+      action: AuditAction.LOGIN_BIOMETRIC,
+      entityType: EntityType.USER,
+      entityId: user.id,
+      changes: {
+        after: {
+          deviceId: device.deviceFingerprint,
+          platform: device.platform,
+        },
       },
     });
 
     return {
-      accessToken: tokens.accessToken,
-      refreshToken: tokens.refreshToken,
-      expiresIn: tokens.expiresIn,
-      user: {
-        id: user.id,
-        email: user.email,
-        name: user.name,
-        phone: user.phone,
-        locale: user.locale,
-        timezone: user.timezone,
-        emailVerified: user.emailVerified,
-        createdAt: user.createdAt,
-        familyMemberships: user.familyMemberships,
-        preferences: user.preferences,
+      success: true,
+      data: {
+        tokens: {
+          accessToken: tokens.accessToken,
+          refreshToken: tokens.refreshToken,
+          expiresIn: tokens.expiresIn,
+        },
+        user: {
+          id: user.id,
+          email: user.email,
+          name: user.name,
+          locale: user.locale,
+          emailVerified: user.emailVerified,
+          preferences: user.preferences,
+        },
+        deviceRegistered: true,
+        deviceTrusted: device.trusted,
       },
     };
   }
diff --git a/maternal-web/app/(auth)/login/page.tsx b/maternal-web/app/(auth)/login/page.tsx
index d9c154f..b7652cc 100644
--- a/maternal-web/app/(auth)/login/page.tsx
+++ b/maternal-web/app/(auth)/login/page.tsx
@@ -91,7 +91,7 @@ export default function LoginPage() {
       );
 
       // Store tokens and navigate
-      tokenStorage.setTokens(result.tokens.accessToken, result.tokens.refreshToken);
+      tokenStorage.setTokens(result.data.tokens.accessToken, result.data.tokens.refreshToken);
       router.push('/');
     } catch (err: any) {
       console.error('Biometric login failed:', err);
diff --git a/maternal-web/lib/api/biometric.ts b/maternal-web/lib/api/biometric.ts
index 761c426..55971d0 100644
--- a/maternal-web/lib/api/biometric.ts
+++ b/maternal-web/lib/api/biometric.ts
@@ -76,7 +76,7 @@ export const biometricApi = {
     response: any,
     email?: string,
     deviceInfo?: { deviceId: string; platform: string }
-  ): Promise<{ success: boolean; message: string; user: any; tokens: any }> {
+  ): Promise<{ success: boolean; data: { user: any; tokens: any; deviceRegistered: boolean; deviceTrusted: boolean } }> {
     const verifyResponse = await axios.post(
       `${API_BASE_URL}/api/v1/auth/biometric/authenticate/verify`,
       { response, email, deviceInfo }