From 3b295ea79fefce813d86df555a0f4e5401229d22 Mon Sep 17 00:00:00 2001
From: Abdalhamid Alhamad <aahalhmad@gmail.com>
Date: Sun, 2 Nov 2025 10:52:43 +0300
Subject: [PATCH] ZOD-344-Add QR code validation error handling and
 localization support

- Introduced new error handling for already used or expired QR codes in JuniorService.
- Added corresponding localization entries in Arabic and English app.json files for QR code validation messages.
---
 src/i18n/ar/app.json                  |  4 ++++
 src/i18n/en/app.json                  |  4 ++++
 src/junior/services/junior.service.ts | 10 +++++++++-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/i18n/ar/app.json b/src/i18n/ar/app.json
index 4b63817..d5e29b9 100644
--- a/src/i18n/ar/app.json
+++ b/src/i18n/ar/app.json
@@ -19,6 +19,10 @@
     "TOKEN_EXPIRED": "رمز المستخدم منتهي الصلاحية."
   },
 
+  "QR": {
+    "CODE_USED_OR_EXPIRED": "تم استخدام رمز QR مسبقًا أو انتهت صلاحيته."
+  },
+
   "USER": {
     "PHONE_ALREADY_VERIFIED": "تم التحقق من رقم الهاتف بالفعل.",
     "EMAIL_ALREADY_VERIFIED": "تم التحقق من عنوان البريد الإلكتروني بالفعل.",
diff --git a/src/i18n/en/app.json b/src/i18n/en/app.json
index f661688..593d637 100644
--- a/src/i18n/en/app.json
+++ b/src/i18n/en/app.json
@@ -19,6 +19,10 @@
     "TOKEN_EXPIRED": "The user token has expired."
   },
 
+  "QR": {
+    "CODE_USED_OR_EXPIRED": "The QR code has already been used or expired."
+  },
+
   "USER": {
     "PHONE_ALREADY_VERIFIED": "The phone number has already been verified.",
     "EMAIL_ALREADY_VERIFIED": "The email address has already been verified.",
diff --git a/src/junior/services/junior.service.ts b/src/junior/services/junior.service.ts
index 2a799c4..bfdafec 100644
--- a/src/junior/services/junior.service.ts
+++ b/src/junior/services/junior.service.ts
@@ -5,6 +5,7 @@ import { Roles } from '~/auth/enums';
 import { CardService, TransactionService } from '~/card/services';
 import { NeoLeapService } from '~/common/modules/neoleap/services';
 import { PageOptionsRequestDto } from '~/core/dtos';
+import { ErrorCategory } from '~/core/enums';
 import { setIf } from '~/core/utils';
 import { CustomerService } from '~/customer/services';
 import { DocumentService, OciService } from '~/document/services';
@@ -158,7 +159,14 @@ export class JuniorService {
   async validateToken(token: string) {
     this.logger.log(`Validating token ${token}`);
     const juniorId = await this.userTokenService.validateToken(token, UserType.JUNIOR);
-    return this.findJuniorById(juniorId!, true);
+    const junior = await this.findJuniorById(juniorId!, true);
+
+    if (junior.customer?.user?.password) {
+      this.logger.error(`Token ${token} already used for junior ${juniorId}`);
+      throw new BadRequestException({ message: 'QR.CODE_USED_OR_EXPIRED', category: ErrorCategory.BUSINESS_ERROR });
+    }
+
+    return junior;
   }
 
   async generateToken(juniorId: string) {