Merge pull request #54 from HamzaSha1/fix/verfy-email

Implement OTP generation and email verification logic in UserService

src/card/dtos/responses/index.ts

@@ -10,3 +10,6 @@ export * from './paged-parent-transfers.response.dto';
 export * from './child-transfer-item.response.dto';
 export * from './junior-home.response.dto';
 export * from './paged-child-transfers.response.dto';
+export * from './spending-history-item.response.dto';
+export * from './spending-history.response.dto';
+export * from './transaction-detail.response.dto';

src/card/dtos/responses/spending-history-item.response.dto.ts

@@ -0,0 +1,58 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Transaction } from '~/card/entities/transaction.entity';
+
+export class SpendingHistoryItemDto {
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.5 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiPropertyOptional({ example: 'Shopping' })
+  category!: string | null;
+
+  @ApiPropertyOptional({ example: 'Target Store' })
+  merchantName!: string | null;
+
+  @ApiPropertyOptional({ example: 'Riyadh' })
+  merchantCity!: string | null;
+
+  @ApiProperty({ example: '277012*****3456' })
+  cardMasked!: string;
+
+  @ApiProperty()
+  transactionId!: string;
+
+  constructor(transaction: Transaction) {
+    this.date = transaction.transactionDate;
+    this.amount = transaction.transactionAmount;
+    this.currency = transaction.transactionCurrency === '682' ? 'SAR' : transaction.transactionCurrency;
+    this.category = this.mapMccToCategory(transaction.merchantCategoryCode);
+    this.merchantName = transaction.merchantName;
+    this.merchantCity = transaction.merchantCity;
+    this.cardMasked = transaction.cardMaskedNumber;
+    this.transactionId = transaction.id;
+  }
+
+  private mapMccToCategory(mcc: string | null): string {
+    if (!mcc) return 'Other';
+    
+    const mccCode = mcc;
+    
+    // Map MCC codes to categories
+    if (mccCode >= '5200' && mccCode <= '5599') return 'Shopping';
+    if (mccCode >= '5800' && mccCode <= '5899') return 'Food & Dining';
+    if (mccCode >= '3000' && mccCode <= '3999') return 'Travel';
+    if (mccCode >= '4000' && mccCode <= '4799') return 'Transportation';
+    if (mccCode >= '7200' && mccCode <= '7999') return 'Entertainment';
+    if (mccCode >= '5900' && mccCode <= '5999') return 'Services';
+    if (mccCode >= '4800' && mccCode <= '4899') return 'Utilities';
+    if (mccCode >= '8000' && mccCode <= '8999') return 'Health & Wellness';
+    
+    return 'Other';
+  }
+}
+

src/card/dtos/responses/spending-history.response.dto.ts

@@ -0,0 +1,24 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { SpendingHistoryItemDto } from './spending-history-item.response.dto';
+
+export class SpendingHistoryResponseDto {
+  @ApiProperty({ type: [SpendingHistoryItemDto] })
+  transactions!: SpendingHistoryItemDto[];
+
+  @ApiProperty({ example: 150.75 })
+  totalSpent!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 10 })
+  count!: number;
+
+  constructor(transactions: SpendingHistoryItemDto[], currency: string = 'SAR') {
+    this.transactions = transactions;
+    this.totalSpent = transactions.reduce((sum, tx) => sum + tx.amount, 0);
+    this.currency = currency;
+    this.count = transactions.length;
+  }
+}
+

src/card/dtos/responses/transaction-detail.response.dto.ts

@@ -0,0 +1,74 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Transaction } from '~/card/entities/transaction.entity';
+
+export class TransactionDetailResponseDto {
+  @ApiProperty()
+  id!: string;
+
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.5 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 2.5 })
+  fees!: number;
+
+  @ApiProperty({ example: 0.5 })
+  vatOnFees!: number;
+
+  @ApiPropertyOptional({ example: 'Target Store' })
+  merchantName!: string | null;
+
+  @ApiPropertyOptional({ example: 'Shopping' })
+  category!: string | null;
+
+  @ApiPropertyOptional({ example: 'Riyadh' })
+  merchantCity!: string | null;
+
+  @ApiProperty({ example: '277012*****3456' })
+  cardMasked!: string;
+
+  @ApiProperty()
+  rrn!: string;
+
+  @ApiProperty()
+  transactionId!: string;
+
+  constructor(transaction: Transaction) {
+    this.id = transaction.id;
+    this.date = transaction.transactionDate;
+    this.amount = transaction.transactionAmount;
+    this.currency = transaction.transactionCurrency === '682' ? 'SAR' : transaction.transactionCurrency;
+    this.fees = transaction.fees;
+    this.vatOnFees = transaction.vatOnFees;
+    this.merchantName = transaction.merchantName;
+    this.category = this.mapMccToCategory(transaction.merchantCategoryCode);
+    this.merchantCity = transaction.merchantCity;
+    this.cardMasked = transaction.cardMaskedNumber;
+    this.rrn = transaction.rrn;
+    this.transactionId = transaction.transactionId;
+  }
+
+  private mapMccToCategory(mcc: string | null): string {
+    if (!mcc) return 'Other';
+    
+    const mccCode = mcc;
+    
+    // Map MCC codes to categories
+    if (mccCode >= '5200' && mccCode <= '5599') return 'Shopping';
+    if (mccCode >= '5800' && mccCode <= '5899') return 'Food & Dining';
+    if (mccCode >= '3000' && mccCode <= '3999') return 'Travel';
+    if (mccCode >= '4000' && mccCode <= '4799') return 'Transportation';
+    if (mccCode >= '7200' && mccCode <= '7999') return 'Entertainment';
+    if (mccCode >= '5900' && mccCode <= '5999') return 'Services';
+    if (mccCode >= '4800' && mccCode <= '4899') return 'Utilities';
+    if (mccCode >= '8000' && mccCode <= '8999') return 'Health & Wellness';
+    
+    return 'Other';
+  }
+}
+

src/card/entities/transaction.entity.ts

@@ -59,6 +59,15 @@ export class Transaction {
   @Column({ type: 'decimal', name: 'vat_on_fees', precision: 12, scale: 2, default: 0.0 })
   vatOnFees!: number;
 
+  @Column({ name: 'merchant_name', type: 'varchar', nullable: true })
+  merchantName!: string | null;
+
+  @Column({ name: 'merchant_category_code', type: 'varchar', nullable: true })
+  merchantCategoryCode!: string | null;
+
+  @Column({ name: 'merchant_city', type: 'varchar', nullable: true })
+  merchantCity!: string | null;
+
   @Column({ name: 'card_id', type: 'uuid', nullable: true })
   cardId!: string;
 

src/card/repositories/transaction.repository.ts

@@ -34,6 +34,9 @@ export class TransactionRepository {
         accountReference: card.account!.accountReference,
         transactionScope: TransactionScope.CARD,
         vatOnFees: transactionData.vatOnFees,
+        merchantName: transactionData.cardAcceptorLocation?.merchantName || null,
+        merchantCategoryCode: transactionData.cardAcceptorLocation?.mcc || null,
+        merchantCity: transactionData.cardAcceptorLocation?.merchantCity || null,
       }),
     );
   }
@@ -168,4 +171,13 @@ export class TransactionRepository {
       .andWhere('tx.transactionType = :type', { type: TransactionType.INTERNAL })
       .getCount();
   }
+
+  findTransactionById(transactionId: string, juniorId: string): Promise<Transaction | null> {
+    return this.transactionRepository
+      .createQueryBuilder('tx')
+      .innerJoinAndSelect('tx.card', 'card')
+      .where('tx.id = :transactionId', { transactionId })
+      .andWhere('card.customerId = :juniorId', { juniorId })
+      .getOne();
+  }
 }

src/card/services/card.service.ts

@@ -163,8 +163,8 @@ export class CardService {
     return finalAmount.toNumber();
   }
 
-  getWeeklySummary(juniorId: string) {
-    return this.transactionService.getWeeklySummary(juniorId);
+  getWeeklySummary(juniorId: string, startDate?: Date, endDate?: Date) {
+    return this.transactionService.getWeeklySummary(juniorId, startDate, endDate);
   }
 
   fundIban(iban: string, amount: number) {

src/card/services/transaction.service.ts

@@ -84,15 +84,28 @@ export class TransactionService {
     return existingTransaction;
   }
 
-  async getWeeklySummary(juniorId: string) {
-    const startOfWeek = moment().startOf('week').toDate();
-    const endOfWeek = moment().endOf('week').toDate();
+  async getWeeklySummary(juniorId: string, startDate?: Date, endDate?: Date) {
+    let startOfWeek: Date;
+    let endOfWeek: Date;
+
+    if (startDate && endDate) {
+      startOfWeek = startDate;
+      endOfWeek = endDate;
+    } else {
+      const now = moment();
+      const dayOfWeek = now.day();
+      
+      startOfWeek = moment().subtract(dayOfWeek, 'days').startOf('day').toDate();
+      
+      endOfWeek = moment().add(6 - dayOfWeek, 'days').endOf('day').toDate();
+    }
 
     const transactions = await this.transactionRepository.getTransactionsForCardWithinDateRange(
       juniorId,
       startOfWeek,
       endOfWeek,
     );
+    
     const summary = {
       startOfWeek: startOfWeek,
       endOfWeek: endOfWeek,
@@ -251,6 +264,29 @@ export class TransactionService {
     };
   }
 
+  async getChildSpendingHistory(juniorId: string, startUtc: Date, endUtc: Date) {
+    const transactions = await this.transactionRepository.getTransactionsForCardWithinDateRange(
+      juniorId,
+      startUtc,
+      endUtc,
+    );
+
+    const { SpendingHistoryItemDto, SpendingHistoryResponseDto } = await import('../dtos/responses');
+    const items = transactions.map((t) => new SpendingHistoryItemDto(t));
+    return new SpendingHistoryResponseDto(items);
+  }
+
+  async getTransactionDetail(transactionId: string, juniorId: string) {
+    const transaction = await this.transactionRepository.findTransactionById(transactionId, juniorId);
+
+    if (!transaction) {
+      throw new UnprocessableEntityException('TRANSACTION.NOT_FOUND');
+    }
+
+    const { TransactionDetailResponseDto } = await import('../dtos/responses');
+    return new TransactionDetailResponseDto(transaction);
+  }
+
   private mapParentItem(t: Transaction): TransactionItemResponseDto {
     const dto = new TransactionItemResponseDto();
     dto.date = t.transactionDate;

src/db/migrations/1760869651296-AddMerchantInfoToTransactions.ts

@@ -0,0 +1,18 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class AddMerchantInfoToTransactions1760869651296 implements MigrationInterface {
+    name = 'AddMerchantInfoToTransactions1760869651296'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "transactions" ADD COLUMN IF NOT EXISTS "merchant_name" character varying`);
+        await queryRunner.query(`ALTER TABLE "transactions" ADD COLUMN IF NOT EXISTS "merchant_category_code" character varying`);
+        await queryRunner.query(`ALTER TABLE "transactions" ADD COLUMN IF NOT EXISTS "merchant_city" character varying`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "transactions" DROP COLUMN "merchant_city"`);
+        await queryRunner.query(`ALTER TABLE "transactions" DROP COLUMN "merchant_category_code"`);
+        await queryRunner.query(`ALTER TABLE "transactions" DROP COLUMN "merchant_name"`);
+    }
+
+}

src/db/migrations/1761032305682-AddUniqueConstraintToUserEmail.ts

@@ -0,0 +1,15 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class AddUniqueConstraintToUserEmail1761032305682 implements MigrationInterface {
+    name = 'AddUniqueConstraintToUserEmail1761032305682'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+
+        await queryRunner.query(`ALTER TABLE "users" ADD CONSTRAINT "UQ_97672ac88f789774dd47f7c8be3" UNIQUE ("email")`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "users" DROP CONSTRAINT "UQ_97672ac88f789774dd47f7c8be3"`);
+    }
+
+}

src/db/migrations/index.ts

@@ -4,3 +4,5 @@ export * from './1754915164810-seed-default-avatar';
 export * from './1757349525708-create-money-requests-table';
 export * from './1757433339849-add-reservation-amount-to-account-entity';
 export * from './1757915357218-add-deleted-at-column-to-junior';
+export * from './1760869651296-AddMerchantInfoToTransactions';
+export * from './1761032305682-AddUniqueConstraintToUserEmail';

src/junior/controllers/junior.controller.ts

@@ -151,11 +151,17 @@ export class JuniorController {
   @UseGuards(RolesGuard)
   @AllowedRoles(Roles.GUARDIAN)
   @ApiDataResponse(WeeklySummaryResponseDto)
+  @ApiQuery({ name: 'startUtc', required: false, type: String, example: '2025-10-20T00:00:00.000Z', description: 'Start date (defaults to start of current week)' })
+  @ApiQuery({ name: 'endUtc', required: false, type: String, example: '2025-10-26T23:59:59.999Z', description: 'End date (defaults to end of current week)' })
   async getWeeklySummary(
     @Param('juniorId', CustomParseUUIDPipe) juniorId: string,
     @AuthenticatedUser() user: IJwtPayload,
+    @Query('startUtc') startUtc?: string,
+    @Query('endUtc') endUtc?: string,
   ) {
-    const summary = await this.juniorService.getWeeklySummary(juniorId, user.sub);
+    const startDate = startUtc ? new Date(startUtc) : undefined;
+    const endDate = endUtc ? new Date(endUtc) : undefined;
+    const summary = await this.juniorService.getWeeklySummary(juniorId, user.sub, startDate, endDate);
     return ResponseFactory.data(summary);
   }
 
@@ -191,4 +197,31 @@ export class JuniorController {
     const res = await this.juniorService.getJuniorTransfers(juniorId, user.sub, pageNum, pageSize);
     return ResponseFactory.data(res);
   }
+
+  @Get(':juniorId/spending-history')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.JUNIOR, Roles.GUARDIAN)
+  @ApiQuery({ name: 'startUtc', required: true, type: String, example: '2025-01-01T00:00:00.000Z' })
+  @ApiQuery({ name: 'endUtc', required: true, type: String, example: '2025-01-31T23:59:59.999Z' })
+  async getSpendingHistory(
+    @Param('juniorId', CustomParseUUIDPipe) juniorId: string,
+    @AuthenticatedUser() user: IJwtPayload,
+    @Query('startUtc') startUtc: string,
+    @Query('endUtc') endUtc: string,
+  ) {
+    const res = await this.juniorService.getSpendingHistory(juniorId, user.sub, new Date(startUtc), new Date(endUtc));
+    return ResponseFactory.data(res);
+  }
+
+  @Get(':juniorId/transactions/:transactionId')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.JUNIOR, Roles.GUARDIAN)
+  async getTransactionDetail(
+    @Param('juniorId', CustomParseUUIDPipe) juniorId: string,
+    @Param('transactionId', CustomParseUUIDPipe) transactionId: string,
+    @AuthenticatedUser() user: IJwtPayload,
+  ) {
+    const res = await this.juniorService.getTransactionDetail(juniorId, user.sub, transactionId);
+    return ResponseFactory.data(res);
+  }
 }

src/junior/services/junior.service.ts

@@ -120,6 +120,7 @@ export class JuniorService {
     setIf(customer, 'firstName', body.firstName);
     setIf(customer, 'lastName', body.lastName);
     setIf(customer, 'dateOfBirth', body.dateOfBirth as unknown as Date);
+    setIf(customer, 'gender', body.gender);
 
     setIf(junior, 'relationship', body.relationship);
     await Promise.all([junior.save(), customer.save(), user.save()]);
@@ -211,8 +212,8 @@ export class JuniorService {
     this.logger.log(`Junior ${juniorId} deleted successfully`);
   }
 
-  getWeeklySummary(juniorId: string, guardianId: string) {
-    const doesBelong = this.doesJuniorBelongToGuardian(guardianId, juniorId);
+  async getWeeklySummary(juniorId: string, guardianId: string, startDate?: Date, endDate?: Date) {
+    const doesBelong = await this.doesJuniorBelongToGuardian(guardianId, juniorId);
 
     if (!doesBelong) {
       this.logger.error(`Junior ${juniorId} does not belong to guardian ${guardianId}`);
@@ -220,7 +221,7 @@ export class JuniorService {
     }
 
     this.logger.log(`Getting weekly summary for junior ${juniorId}`);
-    return this.cardService.getWeeklySummary(juniorId);
+    return this.cardService.getWeeklySummary(juniorId, startDate, endDate);
   }
 
   async getJuniorHome(juniorId: string, userId: string, size: number): Promise<JuniorHomeResponseDto> {
@@ -273,6 +274,42 @@ export class JuniorService {
     return this.transactionService.getChildTransfersPaginated(juniorId, page, size);
   }
 
+  async getSpendingHistory(juniorId: string, userId: string, startUtc: Date, endUtc: Date) {
+    this.logger.log(`Getting spending history for junior ${juniorId}`);
+    
+    // Check if user is the junior themselves or their guardian
+    let junior: Junior | null;
+    if (juniorId === userId) {
+      junior = await this.findJuniorById(juniorId, false);
+    } else {
+      junior = await this.findJuniorById(juniorId, false, userId);
+    }
+
+    if (!junior) {
+      throw new BadRequestException('JUNIOR.NOT_FOUND');
+    }
+
+    return this.transactionService.getChildSpendingHistory(juniorId, startUtc, endUtc);
+  }
+
+  async getTransactionDetail(juniorId: string, userId: string, transactionId: string) {
+    this.logger.log(`Getting transaction detail ${transactionId} for junior ${juniorId}`);
+    
+    // Check if user is the junior themselves or their guardian
+    let junior: Junior | null;
+    if (juniorId === userId) {
+      junior = await this.findJuniorById(juniorId, false);
+    } else {
+      junior = await this.findJuniorById(juniorId, false, userId);
+    }
+
+    if (!junior) {
+      throw new BadRequestException('JUNIOR.NOT_FOUND');
+    }
+
+    return this.transactionService.getTransactionDetail(transactionId, juniorId);
+  }
+
   private async prepareJuniorImages(juniors: Junior[]) {
     this.logger.log(`Preparing junior images`);
     await Promise.all(

src/user/dtos/request/update-user.request.dto.ts

@@ -1,6 +1,7 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator';
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { IsDateString, IsEmail, IsEnum, IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator';
 import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { Gender } from '~/customer/enums';
 export class UpdateUserRequestDto {
   @ApiProperty({ example: 'John' })
   @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'user.firstName' }) })
@@ -14,8 +15,23 @@ export class UpdateUserRequestDto {
   @IsOptional()
   lastName!: string;
 
+  @ApiPropertyOptional({ example: 'child@example.com' })
+  @IsEmail({}, { message: i18n('validation.IsEmail', { path: 'general', property: 'user.email' }) })
+  @IsOptional()
+  email!: string;
+
   @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
   @IsUUID('4', { message: i18n('validation.IsUUID', { path: 'general', property: 'user.profilePictureId' }) })
   @IsOptional()
   profilePictureId!: string;
+
+  @ApiPropertyOptional({ enum: Gender })
+  @IsEnum(Gender, { message: i18n('validation.IsEnum', { path: 'general', property: 'customer.gender' }) })
+  @IsOptional()
+  gender!: Gender;
+
+  @ApiPropertyOptional({ example: '2020-01-01' })
+  @IsDateString({}, { message: i18n('validation.IsDateString', { path: 'general', property: 'customer.dateOfBirth' }) })
+  @IsOptional()
+  dateOfBirth!: Date;
 }

src/user/entities/user.entity.ts

@@ -28,7 +28,7 @@ export class User extends BaseEntity {
   @Column('varchar', { length: 255, name: 'last_name', nullable: false })
   lastName!: string;
 
-  @Column('varchar', { length: 255, name: 'email', nullable: true })
+  @Column('varchar', { length: 255, name: 'email', nullable: true, unique: true })
   email!: string;
 
   @Column('varchar', { length: 255, name: 'phone_number', nullable: true })

src/user/services/user.service.ts

@@ -191,20 +191,50 @@ export class UserService {
   async updateUser(userId: string, data: UpdateUserRequestDto) {
     await this.validateProfilePictureId(data.profilePictureId, userId);
 
+    if (data.email) {
+      const userWithEmail = await this.findUser({ email: data.email });
+      if (userWithEmail && userWithEmail.id !== userId) {
+        this.logger.error(`Email ${data.email} is already taken by another user`);
+        throw new BadRequestException('USER.EMAIL_ALREADY_TAKEN');
+      }
+    }
+
     this.logger.log(`Updating user ${userId} with data ${JSON.stringify(data)}`);
-    const { affected } = await this.userRepository.update(userId, data);
+    
+    const { gender, dateOfBirth, ...userData } = data;
+    
+    const { affected } = await this.userRepository.update(userId, userData);
     if (affected === 0) {
       this.logger.error(`User with id ${userId} not found`);
       throw new BadRequestException('USER.NOT_FOUND');
     }
+
+    if (gender !== undefined || dateOfBirth !== undefined) {
+      const customerData: Partial<{ gender: typeof gender; dateOfBirth: Date }> = {};
+      if (gender !== undefined) {
+        customerData.gender = gender;
+      }
+      if (dateOfBirth !== undefined) {
+        customerData.dateOfBirth = dateOfBirth;
+      }
+      await this.customerService.updateCustomer(userId, customerData);
+    }
   }
 
   async updateUserEmail(userId: string, email: string) {
-    const userWithEmail = await this.findUser({ email, isEmailVerified: true });
+    const userWithEmail = await this.findUser({ email });
 
     if (userWithEmail) {
       if (userWithEmail.id === userId) {
-        return;
+        this.logger.log(`Generating OTP for current email ${email} for user ${userId}`);
+        await this.userRepository.update(userId, { isEmailVerified: false });
+        
+        return this.otpService.generateAndSendOtp({
+          userId,
+          recipient: email,
+          otpType: OtpType.EMAIL,
+          scope: OtpScope.VERIFY_EMAIL,
+        });
       }
 
       this.logger.error(`Email ${email} is already taken by another user`);