Enhances CDK deployment process and documentation

Improves the deployment script to use the UAE region and adds context for the CDK stack.
fix the super user seeded to accept terms and add certificate arn
2025-07-10 15:17:41 +00:00 · 2025-07-07 09:37:10 +03:00 · 2025-06-30 03:58:47 -04:00 · 2025-06-29 20:45:38 -04:00 · 2025-06-29 10:10:19 +03:00 · 2025-06-25 15:32:46 +03:00
31 changed files with 1747 additions and 317 deletions
--- a/.github/workflows/main_syncrow(staging).yml
+++ b/.github/workflows/main_syncrow(staging).yml
@ -1,4 +1,7 @@
-name: Backend deployment to Azure App Service
+# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
+# More GitHub Actions for Azure: https://github.com/Azure/actions
+
+name: Build and deploy container app to Azure Web App - syncrow(staging)

 on:
  push:
@ -6,50 +9,43 @@ on:
      - main
  workflow_dispatch:

-env:
-  AZURE_WEB_APP_NAME: 'syncrow'
-  AZURE_WEB_APP_SLOT_NAME: 'staging'
-  ACR_REGISTRY: 'syncrow.azurecr.io'
-  IMAGE_NAME: 'backend'
-  IMAGE_TAG: 'latest'
-
 jobs:
-  build_and_deploy:
-    runs-on: ubuntu-latest
+  build:
+    runs-on: 'ubuntu-latest'

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2

-      - name: Set up Node.js
-        uses: actions/setup-node@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Log in to registry
+        uses: docker/login-action@v2
        with:
-          node-version: '20'
+          registry: https://syncrow.azurecr.io/
+          username: ${{ secrets.AzureAppService_ContainerUsername_47395803300340b49931ea82f6d80be3 }}
+          password: ${{ secrets.AzureAppService_ContainerPassword_e7b0ff54f54d44cba04a970a22384848 }}

-      - name: Install dependencies and build project
-        run: |
-          npm install
-          npm run build
-
-      - name: Log in to Azure
-        uses: azure/login@v1
+      - name: Build and push container image to registry
+        uses: docker/build-push-action@v3
        with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          push: true
+          tags: syncrow.azurecr.io/${{ secrets.AzureAppService_ContainerUsername_47395803300340b49931ea82f6d80be3 }}/syncrow/backend:${{ github.sha }}
+          file: ./Dockerfile

-      - name: Log in to Azure Container Registry
-        run: az acr login --name ${{ env.ACR_REGISTRY }}
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    environment:
+      name: 'staging'
+      url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}

-      - name: List build output
-        run: ls -R dist/
-
-      - name: Build and push Docker image
-        run: |
-          docker build . -t ${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
-          docker push ${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
-
-      - name: Set Web App with Docker container
-        run: |
-          az webapp config container set \
-          --name ${{ env.AZURE_WEB_APP_NAME }} \
-          --resource-group backend \
-          --docker-custom-image-name ${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} \
-          --docker-registry-server-url https://${{ env.ACR_REGISTRY }}
+    steps:
+      - name: Deploy to Azure Web App
+        id: deploy-to-webapp
+        uses: azure/webapps-deploy@v2
+        with:
+          app-name: 'syncrow'
+          slot-name: 'staging'
+          publish-profile: ${{ secrets.AzureAppService_PublishProfile_44f7766441ec4796b74789e9761ef589 }}
+          images: 'syncrow.azurecr.io/${{ secrets.AzureAppService_ContainerUsername_47395803300340b49931ea82f6d80be3 }}/syncrow/backend:${{ github.sha }}'
--- a/.github/workflows/main_syncrow(stg).yml
+++ b/.github/workflows/main_syncrow(stg).yml
@ -0,0 +1,73 @@
+# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
+# More GitHub Actions for Azure: https://github.com/Azure/actions
+
+name: Build and deploy Node.js app to Azure Web App - syncrow
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read #This is required for actions/checkout
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Node.js version
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20.x'
+
+      - name: npm install, build, and test
+        run: |
+          npm install
+          npm run build --if-present
+          npm run test --if-present
+
+      - name: Zip artifact for deployment
+        run: zip release.zip ./* -r
+
+      - name: Upload artifact for deployment job
+        uses: actions/upload-artifact@v4
+        with:
+          name: node-app
+          path: release.zip
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    environment:
+      name: 'stg'
+      url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
+    permissions:
+      id-token: write #This is required for requesting the JWT
+      contents: read #This is required for actions/checkout
+
+    steps:
+      - name: Download artifact from build job
+        uses: actions/download-artifact@v4
+        with:
+          name: node-app
+
+      - name: Unzip artifact for deployment
+        run: unzip release.zip
+
+      - name: Login to Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_515C8E782CFF431AB20448C85CA0FE58 }}
+          tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_2AEFE5534424490387C08FAE41573CC2 }}
+          subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_00623C33023749FEA5F6BC36884F9C8A }}
+
+      - name: 'Deploy to Azure Web App'
+        id: deploy-to-webapp
+        uses: azure/webapps-deploy@v3
+        with:
+          app-name: 'syncrow'
+          slot-name: 'stg'
+          package: .
--- a/.gitignore
+++ b/.gitignore
@ -58,4 +58,9 @@ pids
 # Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json

-config.dev
+config.dev
+cdk.out
+backend-cdk-new.out
+web-cdk.out
+backend-cdk.out
+backend-cdk-final.out
--- a/22
+++ b/22
@ -1,16 +1,28 @@
-FROM node:20-alpine
+FROM --platform=linux/amd64 node:20-alpine
+
+# curl for health checks
+RUN apk add --no-cache curl

 WORKDIR /app

+
 COPY package*.json ./

-RUN npm install
-RUN npm install -g @nestjs/cli
+RUN npm install --production --ignore-scripts

 COPY . .

 RUN npm run build

-EXPOSE 4000
+RUN addgroup -g 1001 -S nodejs
+RUN adduser -S nestjs -u 1001

-CMD ["npm", "run", "start"]
+RUN chown -R nestjs:nodejs /app
+USER nestjs
+
+EXPOSE 3000
+
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD curl -f http://localhost:3000/health || exit 1
+
+CMD ["npm", "run", "start:prod"]
--- a/GITHUB_SETUP.md
+++ b/GITHUB_SETUP.md
@ -0,0 +1,119 @@
+# GitHub Actions Setup Guide
+
+## Required GitHub Secrets
+
+Add these secrets to your GitHub repository (Settings > Secrets and variables > Actions):
+
+### AWS Credentials
+```
+AWS_ACCESS_KEY_ID=your-aws-access-key
+AWS_SECRET_ACCESS_KEY=your-aws-secret-key
+```
+
+### JWT Configuration (CRITICAL - Generate secure random strings)
+```
+JWT_SECRET=your-super-secure-jwt-secret-key-here
+JWT_SECRET_REFRESH=your-super-secure-refresh-secret-key-here
+SECRET_KEY=your-general-encryption-secret-key-here
+```
+
+### Admin Configuration
+```
+SUPER_ADMIN_EMAIL=admin@syncrow.ae
+SUPER_ADMIN_PASSWORD=YourSecureAdminPassword123!
+```
+
+### Tuya IoT Configuration
+```
+TUYA_ACCESS_ID=your-tuya-access-id
+TUYA_ACCESS_KEY=your-tuya-access-key
+TRUN_ON_TUYA_SOCKET=true-or-false
+```
+
+### Firebase Configuration
+```
+FIREBASE_API_KEY=your-firebase-api-key
+FIREBASE_AUTH_DOMAIN=your-project.firebaseapp.com
+FIREBASE_PROJECT_ID=your-project-id
+FIREBASE_STORAGE_BUCKET=your-project.appspot.com
+FIREBASE_MESSAGING_SENDER_ID=your-sender-id
+FIREBASE_APP_ID=your-app-id
+FIREBASE_MEASUREMENT_ID=your-measurement-id
+FIREBASE_DATABASE_URL=https://your-project.firebaseio.com
+```
+
+### Google OAuth
+```
+GOOGLE_CLIENT_ID=your-google-client-id
+GOOGLE_CLIENT_SECRET=your-google-client-secret
+```
+
+### OneSignal Push Notifications
+```
+ONESIGNAL_APP_ID=your-onesignal-app-id
+ONESIGNAL_API_KEY=your-onesignal-api-key
+```
+
+### Email Configuration (SMTP)
+```
+SMTP_HOST=your-smtp-host
+SMTP_USER=your-smtp-username
+SMTP_PASSWORD=your-smtp-password
+```
+
+### Mailtrap Configuration
+```
+MAILTRAP_API_TOKEN=your-mailtrap-api-token
+MAILTRAP_ENABLE_TEMPLATE_UUID=template-uuid
+MAILTRAP_DISABLE_TEMPLATE_UUID=template-uuid
+MAILTRAP_INVITATION_TEMPLATE_UUID=template-uuid
+MAILTRAP_DELETE_USER_TEMPLATE_UUID=template-uuid
+MAILTRAP_EDIT_USER_TEMPLATE_UUID=template-uuid
+```
+
+### Optional Services (leave empty if not used)
+```
+AZURE_REDIS_CONNECTIONSTRING=your-redis-connection-string
+DOPPLER_PROJECT=your-doppler-project
+DOPPLER_CONFIG=your-doppler-config
+DOPPLER_ENVIRONMENT=your-doppler-environment
+ACCESS_KEY=your-access-key
+DOCKER_REGISTRY_SERVER_URL=your-registry-url
+DOCKER_REGISTRY_SERVER_USERNAME=your-registry-username
+DOCKER_REGISTRY_SERVER_PASSWORD=your-registry-password
+```
+
+## Setup Steps
+
+1. **Add AWS Credentials**
+   - Create IAM user with ECR, ECS, CloudFormation permissions
+   - Add AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to GitHub Secrets
+
+2. **Generate JWT Secrets**
+   - Use a secure random string generator
+   - Make JWT_SECRET and JWT_SECRET_REFRESH different values
+   - Keep these values secure and never share them
+
+3. **Configure Services**
+   - Add secrets for each service you're using
+   - Leave unused services empty (they'll default to empty strings)
+
+4. **Test Deployment**
+   - Push to master/main branch
+   - Check GitHub Actions tab for deployment status
+   - Verify API is accessible at https://api.syncrow.me
+
+## Security Notes
+
+- Never commit secrets to the repository
+- Use GitHub Secrets for all sensitive values
+- Rotate secrets regularly
+- Monitor GitHub Actions logs for any exposed values
+- Database password is automatically managed by AWS Secrets Manager
+
+## Troubleshooting
+
+- Check GitHub Actions logs for deployment errors
+- Verify all required secrets are set
+- Ensure AWS credentials have sufficient permissions
+- Check ECS service logs in CloudWatch for runtime errors
--- a/README.md
+++ b/README.md
@ -107,3 +107,29 @@ $ npm run test:cov
         |            |  Standby Node    |                |                |
         |            +------------------+----------------+                |
         +-----------------------------------------------------------------+
+
+## CDK Deployment
+
+• Bootstrap CDK (first time only): npx cdk bootstrap aws://482311766496/me-central-1
+• List available stacks: npx cdk list
+• Deploy infrastructure: npx cdk deploy --require-approval never
+• View changes before deploy: npx cdk diff
+• Generate CloudFormation template: npx cdk synth
+• Destroy infrastructure: npx cdk destroy
+• Environment variables are configured in infrastructure/stack.ts
+• After code changes: build Docker image, push to ECR, force ECS deployment
+• Database seeding happens automatically on first deployment with DB_SYNC=true
+• Admin credentials: admin@syncrow.ae / YourSecureAdminPassword123!
+• Production API: https://api.syncrow.me
+• Health check: https://api.syncrow.me/health
+
+## GitHub Actions Deployment
+
+• Automatic deployment on push to master/main branch
+• Configure GitHub Secrets (see GITHUB_SETUP.md for complete list)
+• Required secrets: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, JWT_SECRET, JWT_SECRET_REFRESH
+• Workflow builds Docker image, pushes to ECR, and deploys CDK stack
+• Environment variables are passed securely via GitHub Secrets
+• Manual deployment: Go to Actions tab and run "Deploy Backend to AWS" workflow
+• Check deployment status in GitHub Actions tab
+• Logs available in CloudWatch under /ecs/syncrow-backend log group
--- a/cdk.context.json
+++ b/cdk.context.json
@ -0,0 +1,25 @@
+{
+  "availability-zones:account=426265406140:region=us-east-2": [
+    "us-east-2a",
+    "us-east-2b",
+    "us-east-2c"
+  ],
+  "availability-zones:account=482311766496:region=us-east-2": [
+    "us-east-2a",
+    "us-east-2b",
+    "us-east-2c"
+  ],
+  "hosted-zone:account=482311766496:domainName=syncrow.me:region=us-east-2": {
+    "Id": "/hostedzone/Z02085662NLJECF4DGJV3",
+    "Name": "syncrow.me."
+  },
+  "availability-zones:account=482311766496:region=me-central-1": [
+    "me-central-1a",
+    "me-central-1b",
+    "me-central-1c"
+  ],
+  "hosted-zone:account=482311766496:domainName=syncrow.me:region=me-central-1": {
+    "Id": "/hostedzone/Z02085662NLJECF4DGJV3",
+    "Name": "syncrow.me."
+  }
+}
--- a/cdk.json
+++ b/cdk.json
@ -0,0 +1,58 @@
+{
+  "app": "npx ts-node --prefer-ts-exts infrastructure/app.ts",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "**/*.d.ts",
+      "**/*.js",
+      "tsconfig.json",
+      "package*.json",
+      "yarn.lock",
+      "node_modules",
+      "test"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
+    "@aws-cdk/core:checkSecretUsage": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ],
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
+    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
+    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
+    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
+    "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
+    "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
+    "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
+    "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
+    "@aws-cdk/aws-route53-patters:useCertificate": true,
+    "@aws-cdk/customresources:installLatestAwsSdkDefault": false,
+    "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
+    "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
+    "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
+    "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
+    "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
+    "@aws-cdk/aws-redshift:columnId": true,
+    "@aws-cdk/aws-stepfunctions-tasks:enableLogging": true,
+    "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
+    "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true,
+    "@aws-cdk/aws-kms:aliasNameRef": true,
+    "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true,
+    "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true,
+    "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
+    "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForSourceAction": true
+  }
+}
--- a/deploy.sh
+++ b/deploy.sh
@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
+REGION=${AWS_DEFAULT_REGION:-me-central-1}
+
+npx cdk deploy SyncrowBackendStack --context certificateArn=arn:aws:acm:me-central-1:482311766496:certificate/bea1e2ae-84a1-414e-8dbf-4599397e7ed0 --require-approval never
+
+aws ecr get-login-password --region $REGION | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com
+
+docker build --platform=linux/amd64 -t syncrow-backend .
+docker tag syncrow-backend:latest $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/syncrow-backend:latest
+docker push $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/syncrow-backend:latest
+
+SERVICE_ARN=$(aws ecs list-services --cluster syncrow-backend-cluster --query 'serviceArns[0]' --output text --region $REGION 2>/dev/null || echo "")
+
+if [ "$SERVICE_ARN" != "" ] && [ "$SERVICE_ARN" != "None" ]; then
+    SERVICE_NAME=$(echo $SERVICE_ARN | cut -d'/' -f3)
+    aws ecs update-service --cluster syncrow-backend-cluster --service $SERVICE_NAME --force-new-deployment --region $REGION
+else
+    npx cdk deploy SyncrowBackendStack --context certificateArn=arn:aws:acm:me-central-1:482311766496:certificate/bea1e2ae-84a1-414e-8dbf-4599397e7ed0 --require-approval never
+fi
--- a/infrastructure/app.ts
+++ b/infrastructure/app.ts
@ -0,0 +1,15 @@
+#!/usr/bin/env node
+import 'source-map-support/register';
+import * as cdk from 'aws-cdk-lib';
+import { BackendStack } from './stack';
+
+const app = new cdk.App();
+
+new BackendStack(app, 'SyncrowBackendStack', {
+  env: {
+    account: process.env.CDK_DEFAULT_ACCOUNT,
+    region: 'me-central-1',
+  },
+  databaseName: 'syncrow',
+  certificateArn: 'arn:aws:acm:me-central-1:482311766496:certificate/bea1e2ae-84a1-414e-8dbf-4599397e7ed0',
+});
--- a/infrastructure/stack.ts
+++ b/infrastructure/stack.ts
@ -0,0 +1,342 @@
+import * as cdk from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as ecs from 'aws-cdk-lib/aws-ecs';
+import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns';
+import * as rds from 'aws-cdk-lib/aws-rds';
+import * as ecr from 'aws-cdk-lib/aws-ecr';
+import * as logs from 'aws-cdk-lib/aws-logs';
+import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2';
+import * as acm from 'aws-cdk-lib/aws-certificatemanager';
+import * as route53 from 'aws-cdk-lib/aws-route53';
+import { Construct } from 'constructs';
+import * as dotenv from 'dotenv';
+
+export interface BackendStackProps extends cdk.StackProps {
+  vpcId?: string;
+  databaseName?: string;
+  certificateArn?: string;
+}
+
+export class BackendStack extends cdk.Stack {
+  public readonly apiUrl: string;
+  public readonly databaseEndpoint: string;
+  public readonly vpc: ec2.IVpc;
+
+  constructor(scope: Construct, id: string, props?: BackendStackProps) {
+    super(scope, id, props);
+
+    // Load environment variables from .env file
+    dotenv.config({ path: '.env' });
+
+    // VPC - either use existing or create new
+    this.vpc = props?.vpcId 
+      ? ec2.Vpc.fromLookup(this, 'ExistingVpc', { vpcId: props.vpcId })
+      : new ec2.Vpc(this, 'SyncrowVpc', {
+          maxAzs: 2,
+          natGateways: 1,
+          subnetConfiguration: [
+            {
+              cidrMask: 24,
+              name: 'public',
+              subnetType: ec2.SubnetType.PUBLIC,
+            },
+            {
+              cidrMask: 24,
+              name: 'private',
+              subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
+            },
+          ],
+        });
+
+    // Security Groups
+    const dbSecurityGroup = new ec2.SecurityGroup(this, 'DatabaseSecurityGroup', {
+      vpc: this.vpc,
+      description: 'Security group for RDS PostgreSQL',
+      allowAllOutbound: false,
+    });
+
+    const ecsSecurityGroup = new ec2.SecurityGroup(this, 'EcsSecurityGroup', {
+      vpc: this.vpc,
+      description: 'Security group for ECS Fargate service',
+      allowAllOutbound: true,
+    });
+
+    const albSecurityGroup = new ec2.SecurityGroup(this, 'AlbSecurityGroup', {
+      vpc: this.vpc,
+      description: 'Security group for Application Load Balancer',
+      allowAllOutbound: true,
+    });
+
+    // Allow ALB to connect to ECS
+    ecsSecurityGroup.addIngressRule(
+      albSecurityGroup,
+      ec2.Port.tcp(3000),
+      'Allow ALB to connect to ECS service'
+    );
+
+    // Allow ECS to connect to RDS
+    dbSecurityGroup.addIngressRule(
+      ecsSecurityGroup,
+      ec2.Port.tcp(5432),
+      'Allow ECS to connect to PostgreSQL'
+    );
+
+    // Temporary access for admin IP
+    dbSecurityGroup.addIngressRule(
+      ec2.Peer.ipv4('216.126.231.231/32'),
+      ec2.Port.tcp(5432),
+      'Temporary access from admin IP'
+    );
+
+    // Allow HTTP/HTTPS traffic to ALB
+    albSecurityGroup.addIngressRule(
+      ec2.Peer.anyIpv4(),
+      ec2.Port.tcp(80),
+      'Allow HTTP traffic'
+    );
+    albSecurityGroup.addIngressRule(
+      ec2.Peer.anyIpv4(),
+      ec2.Port.tcp(443),
+      'Allow HTTPS traffic'
+    );
+
+    // RDS Aurora Serverless v2 PostgreSQL
+    const dbCluster = new rds.DatabaseCluster(this, 'SyncrowDatabase', {
+      engine: rds.DatabaseClusterEngine.auroraPostgres({
+        version: rds.AuroraPostgresEngineVersion.VER_15_4,
+      }),
+      vpc: this.vpc,
+      securityGroups: [dbSecurityGroup],
+      serverlessV2MinCapacity: 0.5,
+      serverlessV2MaxCapacity: 4,
+      writer: rds.ClusterInstance.serverlessV2('writer'),
+      defaultDatabaseName: props?.databaseName || 'syncrow',
+      credentials: rds.Credentials.fromGeneratedSecret('syncrowadmin', {
+        secretName: 'syncrow-db-credentials',
+      }),
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+    });
+
+    // ECR Repository for Docker images - ensure it's in the correct region
+    const ecrRepository = new ecr.Repository(this, 'SyncrowBackendRepo', {
+      repositoryName: 'syncrow-backend',
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+      emptyOnDelete: true,
+    });
+
+    // Output the correct ECR URI for this region
+    new cdk.CfnOutput(this, 'EcrRepositoryUriRegional', {
+      value: ecrRepository.repositoryUri,
+      description: `ECR Repository URI in region ${this.region}`,
+      exportName: `${this.stackName}-EcrRepositoryUriRegional`,
+    });
+
+    // ECS Cluster
+    const cluster = new ecs.Cluster(this, 'SyncrowCluster', {
+      vpc: this.vpc,
+      clusterName: 'syncrow-backend-cluster',
+    });
+
+    // CloudWatch Log Group
+    const logGroup = new logs.LogGroup(this, 'SyncrowBackendLogs', {
+      logGroupName: '/ecs/syncrow-backend',
+      retention: logs.RetentionDays.ONE_WEEK,
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+    });
+
+    // Use existing wildcard certificate or create new one
+    const apiCertificate = props?.certificateArn 
+      ? acm.Certificate.fromCertificateArn(this, 'ApiCertificate', props.certificateArn)
+      : new acm.Certificate(this, 'ApiCertificate', {
+          domainName: 'api.syncrow.me',
+          validation: acm.CertificateValidation.fromDns(),
+        });
+
+    // ECS Fargate Service with Application Load Balancer
+    const fargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'SyncrowBackendService', {
+      cluster,
+      memoryLimitMiB: 1024,
+      cpu: 512,
+      desiredCount: 1,
+      domainName: 'api.syncrow.me',
+      domainZone: route53.HostedZone.fromLookup(this, 'SyncrowZone', {
+        domainName: 'syncrow.me',
+      }),
+      certificate: apiCertificate,
+      protocol: elbv2.ApplicationProtocol.HTTPS,
+      redirectHTTP: true,
+        taskImageOptions: {
+        image: ecs.ContainerImage.fromEcrRepository(ecrRepository, 'latest'),
+        containerPort: 3000,
+        enableLogging: true,
+        environment: {
+          // App settings
+          NODE_ENV: process.env.NODE_ENV || 'production',
+          PORT: process.env.PORT || '3000',
+          BASE_URL: process.env.BASE_URL || '',
+          
+          // Database connection (CDK provides these automatically)
+          AZURE_POSTGRESQL_HOST: dbCluster.clusterEndpoint.hostname,
+          AZURE_POSTGRESQL_PORT: '5432',
+          AZURE_POSTGRESQL_DATABASE: props?.databaseName || 'syncrow',
+          AZURE_POSTGRESQL_USER: 'syncrowadmin',
+          AZURE_POSTGRESQL_SSL: process.env.AZURE_POSTGRESQL_SSL || 'false',
+          AZURE_POSTGRESQL_SYNC: process.env.AZURE_POSTGRESQL_SYNC || 'false',
+          
+          // JWT Configuration - CRITICAL: These must be set
+          JWT_SECRET: process.env.JWT_SECRET || 'syncrow-jwt-secret-key-2025-production-environment-very-secure-random-string',
+          JWT_SECRET_REFRESH: process.env.JWT_SECRET_REFRESH || 'syncrow-refresh-secret-key-2025-production-environment-different-secure-string',
+          JWT_EXPIRE_TIME: process.env.JWT_EXPIRE_TIME || '1h',
+          JWT_EXPIRE_TIME_REFRESH: process.env.JWT_EXPIRE_TIME_REFRESH || '7d',
+        
+          // Firebase Configuration
+          FIREBASE_API_KEY: process.env.FIREBASE_API_KEY || '',
+          FIREBASE_AUTH_DOMAIN: process.env.FIREBASE_AUTH_DOMAIN || '',
+          FIREBASE_PROJECT_ID: process.env.FIREBASE_PROJECT_ID || '',
+          FIREBASE_STORAGE_BUCKET: process.env.FIREBASE_STORAGE_BUCKET || '',
+          FIREBASE_MESSAGING_SENDER_ID: process.env.FIREBASE_MESSAGING_SENDER_ID || '',
+          FIREBASE_APP_ID: process.env.FIREBASE_APP_ID || '',
+          FIREBASE_MEASUREMENT_ID: process.env.FIREBASE_MEASUREMENT_ID || '',
+          FIREBASE_DATABASE_URL: process.env.FIREBASE_DATABASE_URL || '',
+          
+          // Tuya IoT Configuration
+          TUYA_EU_URL: process.env.TUYA_EU_URL || 'https://openapi.tuyaeu.com',
+          TUYA_ACCESS_ID: process.env.TUYA_ACCESS_ID || '',
+          TUYA_ACCESS_KEY: process.env.TUYA_ACCESS_KEY || '',
+          TRUN_ON_TUYA_SOCKET: process.env.TRUN_ON_TUYA_SOCKET || '',
+          
+          // Email Configuration
+          SMTP_HOST: process.env.SMTP_HOST || '',
+          SMTP_PORT: process.env.SMTP_PORT || '587',
+          SMTP_SECURE: process.env.SMTP_SECURE || 'true',
+          SMTP_USER: process.env.SMTP_USER || '',
+          SMTP_PASSWORD: process.env.SMTP_PASSWORD || '',
+          
+          // Mailtrap Configuration
+          MAILTRAP_API_TOKEN: process.env.MAILTRAP_API_TOKEN || '',
+          MAILTRAP_INVITATION_TEMPLATE_UUID: process.env.MAILTRAP_INVITATION_TEMPLATE_UUID || '',
+          MAILTRAP_EDIT_USER_TEMPLATE_UUID: process.env.MAILTRAP_EDIT_USER_TEMPLATE_UUID || '',
+          MAILTRAP_DISABLE_TEMPLATE_UUID: process.env.MAILTRAP_DISABLE_TEMPLATE_UUID || '',
+          MAILTRAP_ENABLE_TEMPLATE_UUID: process.env.MAILTRAP_ENABLE_TEMPLATE_UUID || '',
+          MAILTRAP_DELETE_USER_TEMPLATE_UUID: process.env.MAILTRAP_DELETE_USER_TEMPLATE_UUID || '',
+          
+          // OneSignal Push Notifications
+          ONESIGNAL_APP_ID: process.env.ONESIGNAL_APP_ID || '',
+          ONESIGNAL_API_KEY: process.env.ONESIGNAL_API_KEY || '',
+          
+          // Admin Configuration
+          SUPER_ADMIN_EMAIL: process.env.SUPER_ADMIN_EMAIL || 'admin@yourdomain.com',
+          SUPER_ADMIN_PASSWORD: process.env.SUPER_ADMIN_PASSWORD || 'YourSecureAdminPassword123!',
+          
+          // Google OAuth
+          GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID || '',
+          GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET || '',
+          
+          // Other Configuration
+          OTP_LIMITER: process.env.OTP_LIMITER || '5',
+          SECRET_KEY: process.env.SECRET_KEY || 'another-random-secret-key-for-general-encryption',
+          ACCESS_KEY: process.env.ACCESS_KEY || '',
+          DB_SYNC: process.env.DB_SYNC || 'txsrue',
+          
+          // Redis (used?)
+          AZURE_REDIS_CONNECTIONSTRING: process.env.AZURE_REDIS_CONNECTIONSTRING || '',
+          
+          // Docker Registry (for deployment)
+          DOCKER_REGISTRY_SERVER_URL: process.env.DOCKER_REGISTRY_SERVER_URL || '',
+          DOCKER_REGISTRY_SERVER_USERNAME: process.env.DOCKER_REGISTRY_SERVER_USERNAME || '',
+          DOCKER_REGISTRY_SERVER_PASSWORD: process.env.DOCKER_REGISTRY_SERVER_PASSWORD || '',
+          
+          // Doppler (if used for secrets management)
+          DOPPLER_PROJECT: process.env.DOPPLER_PROJECT || '',
+          DOPPLER_CONFIG: process.env.DOPPLER_CONFIG || '',
+          DOPPLER_ENVIRONMENT: process.env.DOPPLER_ENVIRONMENT || '',
+          
+          // Azure specific
+          WEBSITES_ENABLE_APP_SERVICE_STORAGE: process.env.WEBSITES_ENABLE_APP_SERVICE_STORAGE || 'false',
+        },
+        secrets: {
+          AZURE_POSTGRESQL_PASSWORD: ecs.Secret.fromSecretsManager(
+            dbCluster.secret!,
+            'password'
+          ),
+        },
+        logDriver: ecs.LogDrivers.awsLogs({
+          streamPrefix: 'syncrow-backend',
+          logGroup,
+        }),
+      },
+      publicLoadBalancer: true,
+      securityGroups: [ecsSecurityGroup],
+    });
+
+    // Add security group to load balancer after creation
+    fargateService.loadBalancer.addSecurityGroup(albSecurityGroup);
+
+    // Configure health check
+    fargateService.targetGroup.configureHealthCheck({
+      path: '/health',
+      healthyHttpCodes: '200',
+      interval: cdk.Duration.seconds(30),
+      timeout: cdk.Duration.seconds(5),
+      healthyThresholdCount: 2,
+      unhealthyThresholdCount: 3,
+    });
+
+    // Auto Scaling
+    const scalableTarget = fargateService.service.autoScaleTaskCount({
+      minCapacity: 1,
+      maxCapacity: 10,
+    });
+
+    scalableTarget.scaleOnCpuUtilization('CpuScaling', {
+      targetUtilizationPercent: 70,
+      scaleInCooldown: cdk.Duration.minutes(5),
+      scaleOutCooldown: cdk.Duration.minutes(2),
+    });
+
+    scalableTarget.scaleOnMemoryUtilization('MemoryScaling', {
+      targetUtilizationPercent: 80,
+      scaleInCooldown: cdk.Duration.minutes(5),
+      scaleOutCooldown: cdk.Duration.minutes(2),
+    });
+
+    // Grant ECS task access to RDS credentials
+    if (dbCluster.secret) {
+      dbCluster.secret.grantRead(fargateService.taskDefinition.taskRole);
+    }
+
+    this.apiUrl = 'https://api.syncrow.me';
+    this.databaseEndpoint = dbCluster.clusterEndpoint.hostname;
+
+    // Outputs
+    new cdk.CfnOutput(this, 'ApiUrl', {
+      value: this.apiUrl,
+      description: 'Application Load Balancer URL',
+      exportName: `${this.stackName}-ApiUrl`,
+    });
+
+    new cdk.CfnOutput(this, 'DatabaseEndpoint', {
+      value: this.databaseEndpoint,
+      description: 'RDS Cluster Endpoint',
+      exportName: `${this.stackName}-DatabaseEndpoint`,
+    });
+
+    new cdk.CfnOutput(this, 'EcrRepositoryUri', {
+      value: ecrRepository.repositoryUri,
+      description: 'ECR Repository URI',
+      exportName: `${this.stackName}-EcrRepositoryUri`,
+    });
+
+    new cdk.CfnOutput(this, 'ClusterName', {
+      value: cluster.clusterName,
+      description: 'ECS Cluster Name',
+      exportName: `${this.stackName}-ClusterName`,
+    });
+
+    new cdk.CfnOutput(this, 'ServiceName', {
+      value: fargateService.service.serviceName,
+      description: 'ECS Service Name',
+      exportName: `${this.stackName}-ServiceName`,
+    });
+  }
+}
--- a/libs/common/src/constants/controller-route.ts
+++ b/libs/common/src/constants/controller-route.ts
@ -397,6 +397,11 @@ export class ControllerRoute {
      public static readonly DELETE_USER_SUMMARY = 'Delete user by UUID';
      public static readonly DELETE_USER_DESCRIPTION =
        'This endpoint deletes a user identified by their UUID. Accessible only by users with the Super Admin role.';
+
+      public static readonly DELETE_USER_PROFILE_SUMMARY =
+        'Delete user profile by UUID';
+      public static readonly DELETE_USER_PROFILE_DESCRIPTION =
+        'This endpoint deletes a user profile identified by their UUID. Accessible only by users with the Super Admin role.';
      public static readonly UPDATE_USER_WEB_AGREEMENT_SUMMARY =
        'Update user web agreement by user UUID';
      public static readonly UPDATE_USER_WEB_AGREEMENT_DESCRIPTION =
@ -501,7 +506,6 @@ export class ControllerRoute {
  };
  static PowerClamp = class {
    public static readonly ROUTE = 'power-clamp';
-
    static ACTIONS = class {
      public static readonly GET_ENERGY_SUMMARY =
        'Get power clamp historical data';
--- a/libs/common/src/constants/product-type.enum.ts
+++ b/libs/common/src/constants/product-type.enum.ts
@ -15,6 +15,7 @@ export enum ProductType {
  WL = 'WL',
  GD = 'GD',
  CUR = 'CUR',
+  CUR_2 = 'CUR_2',
  PC = 'PC',
  FOUR_S = '4S',
  SIX_S = '6S',
--- a/libs/common/src/firebase/devices-status/dtos/add.devices-status.dto.ts
+++ b/libs/common/src/firebase/devices-status/dtos/add.devices-status.dto.ts
@ -13,6 +13,7 @@ class StatusDto {

  @IsNotEmpty()
  value: any;
+  t?: string | number | Date;
 }

 export class AddDeviceStatusDto {
--- a/libs/common/src/firebase/devices-status/services/devices-status.service.ts
+++ b/libs/common/src/firebase/devices-status/services/devices-status.service.ts
@ -28,6 +28,8 @@ import { AqiDataService } from '@app/common/helper/services/aqi.data.service';
 export class DeviceStatusFirebaseService {
  private tuya: TuyaContext;
  private firebaseDb: Database;
+  private readonly isDevEnv: boolean;
+
  constructor(
    private readonly configService: ConfigService,
    private readonly deviceRepository: DeviceRepository,
@ -46,7 +48,14 @@ export class DeviceStatusFirebaseService {
    });

    // Initialize firebaseDb using firebaseDataBase function
-    this.firebaseDb = firebaseDataBase(this.configService);
+    try {
+      this.firebaseDb = firebaseDataBase(this.configService);
+    } catch (error) {
+      console.warn('Firebase initialization failed, continuing without Firebase:', error.message);
+      this.firebaseDb = null;
+    }
+    this.isDevEnv =
+      this.configService.get<string>('NODE_ENV') === 'development';
  }
  async addDeviceStatusByDeviceUuid(
    deviceTuyaUuid: string,
@ -61,7 +70,7 @@ export class DeviceStatusFirebaseService {
          const deviceStatusSaved = await this.createDeviceStatusFirebase({
            deviceUuid: device.uuid,
            deviceTuyaUuid: deviceTuyaUuid,
-            status: deviceStatus.status,
+            status: deviceStatus?.status,
            productUuid: deviceStatus.productUuid,
            productType: deviceStatus.productType,
          });
@ -122,7 +131,7 @@ export class DeviceStatusFirebaseService {
      return {
        productUuid: deviceDetails.productDevice.uuid,
        productType: deviceDetails.productDevice.prodType,
-        status: deviceStatus.result[0].status,
+        status: deviceStatus.result[0]?.status,
      };
    } catch (error) {
      throw new HttpException(
@ -166,6 +175,14 @@ export class DeviceStatusFirebaseService {
  async createDeviceStatusFirebase(
    addDeviceStatusDto: AddDeviceStatusDto,
  ): Promise<any> {
+    // Check if Firebase is available
+    if (!this.firebaseDb) {
+      console.warn('Firebase not available, skipping Firebase operations');
+      // Still process the database logs but skip Firebase operations
+      await this.processDeviceStatusLogs(addDeviceStatusDto);
+      return { message: 'Device status processed without Firebase' };
+    }
+
    const dataRef = ref(
      this.firebaseDb,
      `device-status/${addDeviceStatusDto.deviceUuid}`,
@ -187,18 +204,18 @@ export class DeviceStatusFirebaseService {
      if (!existingData.productType) {
        existingData.productType = addDeviceStatusDto.productType;
      }
-      if (!existingData.status) {
+      if (!existingData?.status) {
        existingData.status = [];
      }

      // Create a map to track existing status codes
      const statusMap = new Map(
-        existingData.status.map((item) => [item.code, item.value]),
+        existingData?.status.map((item) => [item.code, item.value]),
      );

      // Update or add status codes

-      for (const statusItem of addDeviceStatusDto.status) {
+      for (const statusItem of addDeviceStatusDto?.status) {
        statusMap.set(statusItem.code, statusItem.value);
      }

@ -211,66 +228,251 @@ export class DeviceStatusFirebaseService {
      return existingData;
    });

-    // Save logs to your repository
-    const newLogs = addDeviceStatusDto.log.properties.map((property) => {
-      return this.deviceStatusLogRepository.create({
-        deviceId: addDeviceStatusDto.deviceUuid,
-        deviceTuyaId: addDeviceStatusDto.deviceTuyaUuid,
-        productId: addDeviceStatusDto.log.productId,
-        log: addDeviceStatusDto.log,
-        code: property.code,
-        value: property.value,
-        eventId: addDeviceStatusDto.log.dataId,
-        eventTime: new Date(property.time).toISOString(),
+    if (this.isDevEnv) {
+      // Save logs to your repository
+      const newLogs = addDeviceStatusDto.log.properties.map((property) => {
+        return this.deviceStatusLogRepository.create({
+          deviceId: addDeviceStatusDto.deviceUuid,
+          deviceTuyaId: addDeviceStatusDto.deviceTuyaUuid,
+          productId: addDeviceStatusDto.log.productId,
+          log: addDeviceStatusDto.log,
+          code: property.code,
+          value: property.value,
+          eventId: addDeviceStatusDto.log.dataId,
+          eventTime: new Date(property.time).toISOString(),
+        });
      });
-    });
-    await this.deviceStatusLogRepository.save(newLogs);
+      await this.deviceStatusLogRepository.save(newLogs);

-    if (addDeviceStatusDto.productType === ProductType.PC) {
-      const energyCodes = new Set([
-        PowerClampEnergyEnum.ENERGY_CONSUMED,
-        PowerClampEnergyEnum.ENERGY_CONSUMED_A,
-        PowerClampEnergyEnum.ENERGY_CONSUMED_B,
-        PowerClampEnergyEnum.ENERGY_CONSUMED_C,
-      ]);
+      if (addDeviceStatusDto.productType === ProductType.PC) {
+        const energyCodes = new Set([
+          PowerClampEnergyEnum.ENERGY_CONSUMED,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_A,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_B,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_C,
+        ]);

-      const energyStatus = addDeviceStatusDto?.log?.properties?.find((status) =>
-        energyCodes.has(status.code),
-      );
+        const energyStatus = addDeviceStatusDto?.log?.properties?.find(
+          (status) => energyCodes.has(status.code),
+        );

-      if (energyStatus) {
-        await this.powerClampService.updateEnergyConsumedHistoricalData(
+        if (energyStatus) {
+          await this.powerClampService.updateEnergyConsumedHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (
+        addDeviceStatusDto.productType === ProductType.CPS ||
+        addDeviceStatusDto.productType === ProductType.WPS
+      ) {
+        const occupancyCodes = new Set([PresenceSensorEnum.PRESENCE_STATE]);
+
+        const occupancyStatus = addDeviceStatusDto?.log?.properties?.find(
+          (status) => occupancyCodes.has(status.code),
+        );
+
+        if (occupancyStatus) {
+          await this.occupancyService.updateOccupancySensorHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+          await this.occupancyService.updateOccupancySensorHistoricalDurationData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+      if (addDeviceStatusDto.productType === ProductType.AQI) {
+        await this.aqiDataService.updateAQISensorHistoricalData(
          addDeviceStatusDto.deviceUuid,
        );
      }
-    }
+    } else {
+      // Save logs to your repository
+      const newLogs = addDeviceStatusDto?.status.map((property) => {
+        return this.deviceStatusLogRepository.create({
+          deviceId: addDeviceStatusDto.deviceUuid,
+          deviceTuyaId: addDeviceStatusDto.deviceTuyaUuid,
+          productId: addDeviceStatusDto.log.productKey,
+          log: addDeviceStatusDto.log,
+          code: property.code,
+          value: property.value,
+          eventId: addDeviceStatusDto.log.dataId,
+          eventTime: new Date(property.t).toISOString(),
+        });
+      });
+      await this.deviceStatusLogRepository.save(newLogs);

-    if (
-      addDeviceStatusDto.productType === ProductType.CPS ||
-      addDeviceStatusDto.productType === ProductType.WPS
-    ) {
-      const occupancyCodes = new Set([PresenceSensorEnum.PRESENCE_STATE]);
+      if (addDeviceStatusDto.productType === ProductType.PC) {
+        const energyCodes = new Set([
+          PowerClampEnergyEnum.ENERGY_CONSUMED,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_A,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_B,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_C,
+        ]);

-      const occupancyStatus = addDeviceStatusDto?.log?.properties?.find(
-        (status) => occupancyCodes.has(status.code),
-      );
+        const energyStatus = addDeviceStatusDto?.status?.find((status) => {
+          return energyCodes.has(status.code as PowerClampEnergyEnum);
+        });

-      if (occupancyStatus) {
-        await this.occupancyService.updateOccupancySensorHistoricalData(
-          addDeviceStatusDto.deviceUuid,
-        );
-        await this.occupancyService.updateOccupancySensorHistoricalDurationData(
+        if (energyStatus) {
+          await this.powerClampService.updateEnergyConsumedHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (
+        addDeviceStatusDto.productType === ProductType.CPS ||
+        addDeviceStatusDto.productType === ProductType.WPS
+      ) {
+        const occupancyCodes = new Set([PresenceSensorEnum.PRESENCE_STATE]);
+
+        const occupancyStatus = addDeviceStatusDto?.status?.find((status) => {
+          return occupancyCodes.has(status.code as PresenceSensorEnum);
+        });
+
+        if (occupancyStatus) {
+          await this.occupancyService.updateOccupancySensorHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+          await this.occupancyService.updateOccupancySensorHistoricalDurationData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (addDeviceStatusDto.productType === ProductType.AQI) {
+        await this.aqiDataService.updateAQISensorHistoricalData(
          addDeviceStatusDto.deviceUuid,
        );
      }
    }
-    if (addDeviceStatusDto.productType === ProductType.AQI) {
-      await this.aqiDataService.updateAQISensorHistoricalData(
-        addDeviceStatusDto.deviceUuid,
-      );
-    }
    // Return the updated data
    const snapshot: DataSnapshot = await get(dataRef);
    return snapshot.val();
  }
+
+  private async processDeviceStatusLogs(addDeviceStatusDto: AddDeviceStatusDto): Promise<void> {
+    if (this.isDevEnv) {
+      // Save logs to your repository
+      const newLogs = addDeviceStatusDto.log.properties.map((property) => {
+        return this.deviceStatusLogRepository.create({
+          deviceId: addDeviceStatusDto.deviceUuid,
+          deviceTuyaId: addDeviceStatusDto.deviceTuyaUuid,
+          productId: addDeviceStatusDto.log.productId,
+          log: addDeviceStatusDto.log,
+          code: property.code,
+          value: property.value,
+          eventId: addDeviceStatusDto.log.dataId,
+          eventTime: new Date(property.time).toISOString(),
+        });
+      });
+      await this.deviceStatusLogRepository.save(newLogs);
+
+      if (addDeviceStatusDto.productType === ProductType.PC) {
+        const energyCodes = new Set([
+          PowerClampEnergyEnum.ENERGY_CONSUMED,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_A,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_B,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_C,
+        ]);
+
+        const energyStatus = addDeviceStatusDto?.log?.properties?.find(
+          (status) => energyCodes.has(status.code),
+        );
+
+        if (energyStatus) {
+          await this.powerClampService.updateEnergyConsumedHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (
+        addDeviceStatusDto.productType === ProductType.CPS ||
+        addDeviceStatusDto.productType === ProductType.WPS
+      ) {
+        const occupancyCodes = new Set([PresenceSensorEnum.PRESENCE_STATE]);
+
+        const occupancyStatus = addDeviceStatusDto?.log?.properties?.find(
+          (status) => occupancyCodes.has(status.code),
+        );
+
+        if (occupancyStatus) {
+          await this.occupancyService.updateOccupancySensorHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+          await this.occupancyService.updateOccupancySensorHistoricalDurationData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+      if (addDeviceStatusDto.productType === ProductType.AQI) {
+        await this.aqiDataService.updateAQISensorHistoricalData(
+          addDeviceStatusDto.deviceUuid,
+        );
+      }
+    } else {
+      // Save logs to your repository
+      const newLogs = addDeviceStatusDto?.status.map((property) => {
+        return this.deviceStatusLogRepository.create({
+          deviceId: addDeviceStatusDto.deviceUuid,
+          deviceTuyaId: addDeviceStatusDto.deviceTuyaUuid,
+          productId: addDeviceStatusDto.log.productKey,
+          log: addDeviceStatusDto.log,
+          code: property.code,
+          value: property.value,
+          eventId: addDeviceStatusDto.log.dataId,
+          eventTime: new Date(property.t).toISOString(),
+        });
+      });
+      await this.deviceStatusLogRepository.save(newLogs);
+
+      if (addDeviceStatusDto.productType === ProductType.PC) {
+        const energyCodes = new Set([
+          PowerClampEnergyEnum.ENERGY_CONSUMED,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_A,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_B,
+          PowerClampEnergyEnum.ENERGY_CONSUMED_C,
+        ]);
+
+        const energyStatus = addDeviceStatusDto?.status?.find((status) => {
+          return energyCodes.has(status.code as PowerClampEnergyEnum);
+        });
+
+        if (energyStatus) {
+          await this.powerClampService.updateEnergyConsumedHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (
+        addDeviceStatusDto.productType === ProductType.CPS ||
+        addDeviceStatusDto.productType === ProductType.WPS
+      ) {
+        const occupancyCodes = new Set([PresenceSensorEnum.PRESENCE_STATE]);
+
+        const occupancyStatus = addDeviceStatusDto?.status?.find((status) => {
+          return occupancyCodes.has(status.code as PresenceSensorEnum);
+        });
+
+        if (occupancyStatus) {
+          await this.occupancyService.updateOccupancySensorHistoricalData(
+            addDeviceStatusDto.deviceUuid,
+          );
+          await this.occupancyService.updateOccupancySensorHistoricalDurationData(
+            addDeviceStatusDto.deviceUuid,
+          );
+        }
+      }
+
+      if (addDeviceStatusDto.productType === ProductType.AQI) {
+        await this.aqiDataService.updateAQISensorHistoricalData(
+          addDeviceStatusDto.deviceUuid,
+        );
+      }
+    }
+  }
 }
--- a/libs/common/src/firebase/firebase.config.ts
+++ b/libs/common/src/firebase/firebase.config.ts
@ -3,21 +3,32 @@ import { getDatabase } from 'firebase/database';
 import { ConfigService } from '@nestjs/config';

 export const initializeFirebaseApp = (configService: ConfigService) => {
-  const firebaseConfig = {
-    apiKey: configService.get<string>('FIREBASE_API_KEY'),
-    authDomain: configService.get<string>('FIREBASE_AUTH_DOMAIN'),
-    projectId: configService.get<string>('FIREBASE_PROJECT_ID'),
-    storageBucket: configService.get<string>('FIREBASE_STORAGE_BUCKET'),
-    messagingSenderId: configService.get<string>(
-      'FIREBASE_MESSAGING_SENDER_ID',
-    ),
-    appId: configService.get<string>('FIREBASE_APP_ID'),
-    measurementId: configService.get<string>('FIREBASE_MEASUREMENT_ID'),
-    databaseURL: configService.get<string>('FIREBASE_DATABASE_URL'),
-  };
+  try {
+    const firebaseConfig = {
+      apiKey: configService.get<string>('FIREBASE_API_KEY'),
+      authDomain: configService.get<string>('FIREBASE_AUTH_DOMAIN'),
+      projectId: configService.get<string>('FIREBASE_PROJECT_ID'),
+      storageBucket: configService.get<string>('FIREBASE_STORAGE_BUCKET'),
+      messagingSenderId: configService.get<string>(
+        'FIREBASE_MESSAGING_SENDER_ID',
+      ),
+      appId: configService.get<string>('FIREBASE_APP_ID'),
+      measurementId: configService.get<string>('FIREBASE_MEASUREMENT_ID'),
+      databaseURL: configService.get<string>('FIREBASE_DATABASE_URL'),
+    };

-  const app = initializeApp(firebaseConfig);
-  return getDatabase(app);
+    // Check if required Firebase config is available
+    if (!firebaseConfig.projectId || firebaseConfig.projectId === 'placeholder-project') {
+      console.warn('Firebase configuration not available, Firebase features will be disabled');
+      return null;
+    }
+
+    const app = initializeApp(firebaseConfig);
+    return getDatabase(app);
+  } catch (error) {
+    console.warn('Firebase initialization failed, Firebase features will be disabled:', error.message);
+    return null;
+  }
 };

 export const firebaseDataBase = (configService: ConfigService) =>
--- a/libs/common/src/logger/services/winston.logger.ts
+++ b/libs/common/src/logger/services/winston.logger.ts
@ -1,43 +1,26 @@
 import { utilities as nestWinstonModuleUtilities } from 'nest-winston';
 import * as winston from 'winston';
-const environment = process.env.NODE_ENV || 'local';

 export const winstonLoggerOptions: winston.LoggerOptions = {
  level:
-    environment === 'local'
-      ? 'debug'
-      : environment === 'development'
-        ? 'warn'
-        : 'error',
+    process.env.AZURE_POSTGRESQL_DATABASE === 'development' ? 'debug' : 'error',
  transports: [
    new winston.transports.Console({
-      level:
-        environment === 'local'
-          ? 'debug'
-          : environment === 'development'
-            ? 'warn'
-            : 'error',
      format: winston.format.combine(
        winston.format.timestamp(),
        nestWinstonModuleUtilities.format.nestLike('MyApp', {
-          prettyPrint: environment === 'local',
+          prettyPrint: true,
        }),
      ),
    }),
-    // Only create file logs if NOT local
-    ...(environment !== 'local'
-      ? [
-          new winston.transports.File({
-            filename: 'logs/error.log',
-            level: 'error',
-            format: winston.format.json(),
-          }),
-          new winston.transports.File({
-            filename: 'logs/combined.log',
-            level: 'info',
-            format: winston.format.json(),
-          }),
-        ]
-      : []),
+    new winston.transports.File({
+      filename: 'logs/error.log',
+      level: 'error',
+      format: winston.format.json(),
+    }),
+    new winston.transports.File({
+      filename: 'logs/combined.log',
+      format: winston.format.json(),
+    }),
  ],
 };
--- a/libs/common/src/modules/Invite-user/entities/Invite-user.entity.ts
+++ b/libs/common/src/modules/Invite-user/entities/Invite-user.entity.ts
@ -8,14 +8,14 @@ import {
  Unique,
 } from 'typeorm';

-import { AbstractEntity } from '../../abstract/entities/abstract.entity';
-import { RoleTypeEntity } from '../../role-type/entities';
-import { UserStatusEnum } from '@app/common/constants/user-status.enum';
-import { UserEntity } from '../../user/entities';
 import { RoleType } from '@app/common/constants/role.type.enum';
-import { InviteUserDto, InviteUserSpaceDto } from '../dtos';
+import { UserStatusEnum } from '@app/common/constants/user-status.enum';
+import { AbstractEntity } from '../../abstract/entities/abstract.entity';
 import { ProjectEntity } from '../../project/entities';
+import { RoleTypeEntity } from '../../role-type/entities';
 import { SpaceEntity } from '../../space/entities/space.entity';
+import { UserEntity } from '../../user/entities';
+import { InviteUserDto, InviteUserSpaceDto } from '../dtos';

@Entity({ name: 'invite-user' })
@Unique(['email', 'project'])
@ -82,7 +82,10 @@ export class InviteUserEntity extends AbstractEntity<InviteUserDto> {
    onDelete: 'CASCADE',
  })
  public roleType: RoleTypeEntity;
-  @OneToOne(() => UserEntity, (user) => user.inviteUser, { nullable: true })
+  @OneToOne(() => UserEntity, (user) => user.inviteUser, {
+    nullable: true,
+    onDelete: 'CASCADE',
+  })
  @JoinColumn({ name: 'user_uuid' })
  user: UserEntity;
  @OneToMany(
@ -112,7 +115,9 @@ export class InviteUserSpaceEntity extends AbstractEntity<InviteUserSpaceDto> {
  })
  public uuid: string;

-  @ManyToOne(() => InviteUserEntity, (inviteUser) => inviteUser.spaces)
+  @ManyToOne(() => InviteUserEntity, (inviteUser) => inviteUser.spaces, {
+    onDelete: 'CASCADE',
+  })
  @JoinColumn({ name: 'invite_user_uuid' })
  public inviteUser: InviteUserEntity;

--- a/libs/common/src/modules/device/entities/device.entity.ts
+++ b/libs/common/src/modules/device/entities/device.entity.ts
@ -1,24 +1,24 @@
 import {
  Column,
  Entity,
+  Index,
+  JoinColumn,
  ManyToOne,
  OneToMany,
  Unique,
-  Index,
-  JoinColumn,
 } from 'typeorm';
 import { AbstractEntity } from '../../abstract/entities/abstract.entity';
-import { DeviceDto, DeviceUserPermissionDto } from '../dtos/device.dto';
-import { ProductEntity } from '../../product/entities';
-import { UserEntity } from '../../user/entities';
-import { DeviceNotificationDto } from '../dtos';
 import { PermissionTypeEntity } from '../../permission/entities';
+import { PowerClampHourlyEntity } from '../../power-clamp/entities/power-clamp.entity';
+import { PresenceSensorDailyDeviceEntity } from '../../presence-sensor/entities';
+import { ProductEntity } from '../../product/entities';
 import { SceneDeviceEntity } from '../../scene-device/entities';
 import { SpaceEntity } from '../../space/entities/space.entity';
 import { SubspaceEntity } from '../../space/entities/subspace/subspace.entity';
 import { NewTagEntity } from '../../tag';
-import { PowerClampHourlyEntity } from '../../power-clamp/entities/power-clamp.entity';
-import { PresenceSensorDailyDeviceEntity } from '../../presence-sensor/entities';
+import { UserEntity } from '../../user/entities';
+import { DeviceNotificationDto } from '../dtos';
+import { DeviceDto, DeviceUserPermissionDto } from '../dtos/device.dto';

@Entity({ name: 'device' })
@Unique(['deviceTuyaUuid'])
@ -111,6 +111,7 @@ export class DeviceNotificationEntity extends AbstractEntity<DeviceNotificationD

  @ManyToOne(() => UserEntity, (user) => user.userPermission, {
    nullable: false,
+    onDelete: 'CASCADE',
  })
  user: UserEntity;

@ -149,6 +150,7 @@ export class DeviceUserPermissionEntity extends AbstractEntity<DeviceUserPermiss

  @ManyToOne(() => UserEntity, (user) => user.userPermission, {
    nullable: false,
+    onDelete: 'CASCADE',
  })
  user: UserEntity;
  constructor(partial: Partial<DeviceUserPermissionEntity>) {
--- a/libs/common/src/modules/user/entities/user.entity.ts
+++ b/libs/common/src/modules/user/entities/user.entity.ts
@ -1,3 +1,4 @@
+import { defaultProfilePicture } from '@app/common/constants/default.profile.picture';
 import {
  Column,
  DeleteDateColumn,
@ -8,27 +9,26 @@ import {
  OneToOne,
  Unique,
 } from 'typeorm';
+import { OtpType } from '../../../../src/constants/otp-type.enum';
+import { AbstractEntity } from '../../abstract/entities/abstract.entity';
+import { ClientEntity } from '../../client/entities';
+import {
+  DeviceNotificationEntity,
+  DeviceUserPermissionEntity,
+} from '../../device/entities';
+import { InviteUserEntity } from '../../Invite-user/entities';
+import { ProjectEntity } from '../../project/entities';
+import { RegionEntity } from '../../region/entities';
+import { RoleTypeEntity } from '../../role-type/entities';
+import { SpaceEntity } from '../../space/entities/space.entity';
+import { TimeZoneEntity } from '../../timezone/entities';
+import { VisitorPasswordEntity } from '../../visitor-password/entities';
 import {
  UserDto,
  UserNotificationDto,
  UserOtpDto,
  UserSpaceDto,
 } from '../dtos';
-import { AbstractEntity } from '../../abstract/entities/abstract.entity';
-import {
-  DeviceNotificationEntity,
-  DeviceUserPermissionEntity,
-} from '../../device/entities';
-import { defaultProfilePicture } from '@app/common/constants/default.profile.picture';
-import { RegionEntity } from '../../region/entities';
-import { TimeZoneEntity } from '../../timezone/entities';
-import { OtpType } from '../../../../src/constants/otp-type.enum';
-import { RoleTypeEntity } from '../../role-type/entities';
-import { VisitorPasswordEntity } from '../../visitor-password/entities';
-import { InviteUserEntity } from '../../Invite-user/entities';
-import { ProjectEntity } from '../../project/entities';
-import { SpaceEntity } from '../../space/entities/space.entity';
-import { ClientEntity } from '../../client/entities';

@Entity({ name: 'user' })
 export class UserEntity extends AbstractEntity<UserDto> {
@ -94,7 +94,9 @@ export class UserEntity extends AbstractEntity<UserDto> {
  @Column({ type: 'timestamp', nullable: true })
  appAgreementAcceptedAt: Date;

-  @OneToMany(() => UserSpaceEntity, (userSpace) => userSpace.user)
+  @OneToMany(() => UserSpaceEntity, (userSpace) => userSpace.user, {
+    onDelete: 'CASCADE',
+  })
  userSpaces: UserSpaceEntity[];

  @OneToMany(
@ -158,6 +160,7 @@ export class UserEntity extends AbstractEntity<UserDto> {
 export class UserNotificationEntity extends AbstractEntity<UserNotificationDto> {
  @ManyToOne(() => UserEntity, (user) => user.roleType, {
    nullable: false,
+    onDelete: 'CASCADE',
  })
  user: UserEntity;
  @Column({
@ -219,7 +222,10 @@ export class UserSpaceEntity extends AbstractEntity<UserSpaceDto> {
  })
  public uuid: string;

-  @ManyToOne(() => UserEntity, (user) => user.userSpaces, { nullable: false })
+  @ManyToOne(() => UserEntity, (user) => user.userSpaces, {
+    nullable: false,
+    onDelete: 'CASCADE',
+  })
  user: UserEntity;

  @ManyToOne(() => SpaceEntity, (space) => space.userSpaces, {
--- a/libs/common/src/modules/visitor-password/entities/visitor-password.entity.ts
+++ b/libs/common/src/modules/visitor-password/entities/visitor-password.entity.ts
@ -1,7 +1,7 @@
-import { Column, Entity, ManyToOne, JoinColumn, Index } from 'typeorm';
-import { VisitorPasswordDto } from '../dtos';
+import { Column, Entity, Index, JoinColumn, ManyToOne } from 'typeorm';
 import { AbstractEntity } from '../../abstract/entities/abstract.entity';
 import { UserEntity } from '../../user/entities/user.entity';
+import { VisitorPasswordDto } from '../dtos';

@Entity({ name: 'visitor-password' })
@Index('IDX_PASSWORD_TUYA_UUID', ['passwordTuyaUuid'])
@ -14,6 +14,7 @@ export class VisitorPasswordEntity extends AbstractEntity<VisitorPasswordDto> {

  @ManyToOne(() => UserEntity, (user) => user.visitorPasswords, {
    nullable: false,
+    onDelete: 'CASCADE',
  })
  @JoinColumn({ name: 'authorizer_uuid' })
  public user: UserEntity;
--- a/libs/common/src/seed/services/supper.admin.seeder.ts
+++ b/libs/common/src/seed/services/supper.admin.seeder.ts
@ -61,6 +61,10 @@ export class SuperAdminSeeder {
        lastName: 'Admin',
        isUserVerified: true,
        isActive: true,
+        hasAcceptedAppAgreement: true,
+        hasAcceptedWebAgreement: true,
+        appAgreementAcceptedAt: new Date(),
+        webAgreementAcceptedAt: new Date(),
        roleType: { uuid: defaultUserRoleUuid },
      });
    } catch (err) {
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -6,19 +6,24 @@
  "private": true,
  "license": "UNLICENSED",
  "scripts": {
-    "build": "npm run test && npx nest build",
+    "build": "npx nest build",
+    "build:lambda": "npx nest build && cp package*.json dist/",
    "format": "prettier --write \"apps/**/*.ts\" \"libs/**/*.ts\"",
-    "start": "npm run test && node dist/main",
-    "start:dev": "npm run test && npx nest start --watch",
+    "start": "node dist/main",
+    "start:dev": "npx nest start --watch",
    "dev": "npx nest start --watch",
-    "start:debug": "npm run test && npx nest start --debug --watch",
-    "start:prod": "npm run test && node dist/main",
+    "start:debug": "npx nest start --debug --watch",
+    "start:prod": "node dist/main",
+    "start:lambda": "node dist/lambda",
    "lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix",
    "test": "jest --config jest.config.js",
    "test:watch": "jest --watch --config jest.config.js",
    "test:cov": "jest --coverage --config jest.config.js",
    "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
-    "test:e2e": "jest --config ./apps/backend/test/jest-e2e.json"
+    "test:e2e": "jest --config ./apps/backend/test/jest-e2e.json",
+    "deploy": "./deploy.sh",
+    "infra:deploy": "cdk deploy SyncrowBackendStack",
+    "infra:destroy": "cdk destroy SyncrowBackendStack"
  },
  "dependencies": {
    "@fast-csv/format": "^5.0.2",
@ -36,13 +41,16 @@
    "@nestjs/typeorm": "^10.0.2",
    "@nestjs/websockets": "^10.3.8",
    "@tuya/tuya-connector-nodejs": "^2.1.2",
+    "@types/aws-lambda": "^8.10.150",
    "argon2": "^0.40.1",
+    "aws-serverless-express": "^3.4.0",
    "axios": "^1.7.7",
    "bcryptjs": "^2.4.3",
    "class-transformer": "^0.5.1",
    "class-validator": "^0.14.1",
    "crypto-js": "^4.2.0",
    "csv-parser": "^3.2.0",
+    "dotenv": "^17.0.0",
    "express-rate-limit": "^7.1.5",
    "firebase": "^10.12.5",
    "google-auth-library": "^9.14.1",
@ -52,11 +60,13 @@
    "nest-winston": "^1.10.2",
    "nodemailer": "^6.9.10",
    "onesignal-node": "^3.4.0",
+    "passport": "^0.7.0",
    "passport-jwt": "^4.0.1",
    "pg": "^8.11.3",
    "reflect-metadata": "^0.2.0",
    "rxjs": "^7.8.1",
    "typeorm": "^0.3.20",
+    "webpack": "^5.99.9",
    "winston": "^3.17.0",
    "ws": "^8.17.0"
  },
@ -73,7 +83,9 @@
    "@types/supertest": "^6.0.0",
    "@typescript-eslint/eslint-plugin": "^6.0.0",
    "@typescript-eslint/parser": "^6.0.0",
+    "aws-cdk-lib": "^2.202.0",
    "concurrently": "^8.2.2",
+    "constructs": "^10.4.2",
    "eslint": "^8.42.0",
    "eslint-config-prettier": "^9.0.0",
    "eslint-plugin-import": "^2.31.0",
@ -87,5 +99,9 @@
    "ts-node": "^10.9.1",
    "tsconfig-paths": "^4.2.0",
    "typescript": "^5.1.3"
+  },
+  "engines": {
+    "node": "20.x",
+    "npm": "10.x"
  }
 }
--- a/src/community/services/community.service.ts
+++ b/src/community/services/community.service.ts
@ -111,6 +111,7 @@ export class CommunityService {
        .leftJoin('c.spaces', 's', 's.disabled = false')
        .where('c.project = :projectUuid', { projectUuid })
        .andWhere(`c.name != '${ORPHAN_COMMUNITY_NAME}-${project.name}'`)
+        .orderBy('c.createdAt', 'DESC')
        .distinct(true);
      if (pageable.search) {
        qb.andWhere(
--- a/src/main.ts
+++ b/src/main.ts
@ -57,7 +57,8 @@ async function bootstrap() {
    logger.error('Seeding failed!', error.stack || error);
  }

-  logger.log('Starting auth at port ...', process.env.PORT || 4000);
-  await app.listen(process.env.PORT || 4000);
+  const port = process.env.PORT || 3000;
+  logger.log(`Starting application on port ${port}...`);
+  await app.listen(port, '0.0.0.0');
 }
 bootstrap();
--- a/src/power-clamp/controllers/power-clamp.controller.ts
+++ b/src/power-clamp/controllers/power-clamp.controller.ts
@ -1,25 +1,24 @@
+import { ControllerRoute } from '@app/common/constants/controller-route';
+import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
+import { BaseResponseDto } from '@app/common/dto/base.response.dto';
+import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
 import { Controller, Get, Param, Query, UseGuards } from '@nestjs/common';
 import {
-  ApiTags,
  ApiBearerAuth,
  ApiOperation,
  ApiParam,
  ApiQuery,
+  ApiTags,
 } from '@nestjs/swagger';
-import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
-import { ControllerRoute } from '@app/common/constants/controller-route';
-import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
-import { PowerClampService } from '../services/power-clamp.service';
 import {
  GetPowerClampBySpaceDto,
  GetPowerClampDto,
 } from '../dto/get-power-clamp.dto';
-import { BaseResponseDto } from '@app/common/dto/base.response.dto';
 import {
  PowerClampParamsDto,
  ResourceParamsDto,
 } from '../dto/power-clamp-params.dto';
-
+import { PowerClampService } from '../services/power-clamp.service';
@ApiTags('Power Clamp Module')
@Controller({
  version: EnableDisableStatusEnum.ENABLED,
@ -27,7 +26,6 @@ import {
 })
 export class PowerClampController {
  constructor(private readonly powerClampService: PowerClampService) {}
-
  @ApiBearerAuth()
  @UseGuards(JwtAuthGuard)
  @Get(':powerClampUuid/historical')
--- a/src/power-clamp/services/power-clamp.service.ts
+++ b/src/power-clamp/services/power-clamp.service.ts
@ -23,10 +23,10 @@ import { SpaceDeviceService } from 'src/space/services';
 import { SqlLoaderService } from '@app/common/helper/services/sql-loader.service';
 import { DataSource } from 'typeorm';
 import { SQL_PROCEDURES_PATH } from '@app/common/constants/sql-query-path';
-import { filterByMonth, toMMYYYY } from '@app/common/helper/date-format';
 import { ProductType } from '@app/common/constants/product-type.enum';
 import { CommunityService } from 'src/community/services';
 import { BaseResponseDto } from '@app/common/dto/base.response.dto';
+import { filterByMonth, toMMYYYY } from '@app/common/helper/date-format';

@Injectable()
 export class PowerClampService {
--- a/src/schedule/services/schedule.service.ts
+++ b/src/schedule/services/schedule.service.ts
@ -1,6 +1,6 @@
-import { Injectable, HttpException, HttpStatus } from '@nestjs/common';
-import { TuyaContext } from '@tuya/tuya-connector-nodejs';
+import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
+import { TuyaContext } from '@tuya/tuya-connector-nodejs';
 import {
  AddScheduleDto,
  EnableScheduleDto,
@ -11,14 +11,14 @@ import {
  getDeviceScheduleInterface,
 } from '../interfaces/get.schedule.interface';

-import { convertKeysToCamelCase } from '@app/common/helper/camelCaseConverter';
-import { DeviceRepository } from '@app/common/modules/device/repositories';
 import { ProductType } from '@app/common/constants/product-type.enum';
+import { convertKeysToCamelCase } from '@app/common/helper/camelCaseConverter';
 import { convertTimestampToDubaiTime } from '@app/common/helper/convertTimestampToDubaiTime';
 import {
  getEnabledDays,
  getScheduleStatus,
 } from '@app/common/helper/getScheduleStatus';
+import { DeviceRepository } from '@app/common/modules/device/repositories';

@Injectable()
 export class ScheduleService {
@ -57,7 +57,8 @@ export class ScheduleService {
        deviceDetails.productDevice.prodType !== ProductType.ONE_1TG &&
        deviceDetails.productDevice.prodType !== ProductType.TWO_2TG &&
        deviceDetails.productDevice.prodType !== ProductType.THREE_3TG &&
-        deviceDetails.productDevice.prodType !== ProductType.GD
+        deviceDetails.productDevice.prodType !== ProductType.GD &&
+        deviceDetails.productDevice.prodType !== ProductType.CUR_2
      ) {
        throw new HttpException(
          'This device is not supported for schedule',
@ -115,7 +116,8 @@ export class ScheduleService {
        deviceDetails.productDevice.prodType !== ProductType.ONE_1TG &&
        deviceDetails.productDevice.prodType !== ProductType.TWO_2TG &&
        deviceDetails.productDevice.prodType !== ProductType.THREE_3TG &&
-        deviceDetails.productDevice.prodType !== ProductType.GD
+        deviceDetails.productDevice.prodType !== ProductType.GD &&
+        deviceDetails.productDevice.prodType !== ProductType.CUR_2
      ) {
        throw new HttpException(
          'This device is not supported for schedule',
@ -169,7 +171,8 @@ export class ScheduleService {
        deviceDetails.productDevice.prodType !== ProductType.ONE_1TG &&
        deviceDetails.productDevice.prodType !== ProductType.TWO_2TG &&
        deviceDetails.productDevice.prodType !== ProductType.THREE_3TG &&
-        deviceDetails.productDevice.prodType !== ProductType.GD
+        deviceDetails.productDevice.prodType !== ProductType.GD &&
+        deviceDetails.productDevice.prodType !== ProductType.CUR_2
      ) {
        throw new HttpException(
          'This device is not supported for schedule',
@ -237,7 +240,8 @@ export class ScheduleService {
        deviceDetails.productDevice.prodType !== ProductType.ONE_1TG &&
        deviceDetails.productDevice.prodType !== ProductType.TWO_2TG &&
        deviceDetails.productDevice.prodType !== ProductType.THREE_3TG &&
-        deviceDetails.productDevice.prodType !== ProductType.GD
+        deviceDetails.productDevice.prodType !== ProductType.GD &&
+        deviceDetails.productDevice.prodType !== ProductType.CUR_2
      ) {
        throw new HttpException(
          'This device is not supported for schedule',
@ -323,7 +327,8 @@ export class ScheduleService {
        deviceDetails.productDevice.prodType !== ProductType.ONE_1TG &&
        deviceDetails.productDevice.prodType !== ProductType.TWO_2TG &&
        deviceDetails.productDevice.prodType !== ProductType.THREE_3TG &&
-        deviceDetails.productDevice.prodType !== ProductType.GD
+        deviceDetails.productDevice.prodType !== ProductType.GD &&
+        deviceDetails.productDevice.prodType !== ProductType.CUR_2
      ) {
        throw new HttpException(
          'This device is not supported for schedule',
--- a/src/users/controllers/user.controller.ts
+++ b/src/users/controllers/user.controller.ts
@ -1,3 +1,7 @@
+import { ControllerRoute } from '@app/common/constants/controller-route';
+import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
+import { RoleType } from '@app/common/constants/role.type.enum';
+import { BaseResponseDto } from '@app/common/dto/base.response.dto';
 import {
  Body,
  Controller,
@ -7,10 +11,12 @@ import {
  Param,
  Patch,
  Put,
+  Req,
  UseGuards,
 } from '@nestjs/common';
-import { UserService } from '../services/user.service';
-import { ApiTags, ApiBearerAuth, ApiOperation } from '@nestjs/swagger';
+import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
+import { CheckProfilePictureGuard } from 'src/guards/profile.picture.guard';
+import { SuperAdminRoleGuard } from 'src/guards/super.admin.role.guard';
 import { JwtAuthGuard } from '../../../libs/common/src/guards/jwt.auth.guard';
 import {
  UpdateNameDto,
@ -18,11 +24,7 @@ import {
  UpdateRegionDataDto,
  UpdateTimezoneDataDto,
 } from '../dtos';
-import { CheckProfilePictureGuard } from 'src/guards/profile.picture.guard';
-import { SuperAdminRoleGuard } from 'src/guards/super.admin.role.guard';
-import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
-import { ControllerRoute } from '@app/common/constants/controller-route';
-import { BaseResponseDto } from '@app/common/dto/base.response.dto';
+import { UserService } from '../services/user.service';

@ApiTags('User Module')
@Controller({
@ -154,6 +156,32 @@ export class UserController {
    };
  }

+  @ApiBearerAuth()
+  @UseGuards(JwtAuthGuard)
+  @Delete('')
+  @ApiOperation({
+    summary: ControllerRoute.USER.ACTIONS.DELETE_USER_PROFILE_SUMMARY,
+    description: ControllerRoute.USER.ACTIONS.DELETE_USER_PROFILE_DESCRIPTION,
+  })
+  async deleteUserProfile(@Req() req: Request) {
+    const userUuid = req['user']?.userUuid;
+    const userRole = req['user']?.role;
+    if (!userUuid || (userRole && userRole == RoleType.SUPER_ADMIN)) {
+      throw {
+        statusCode: HttpStatus.UNAUTHORIZED,
+        message: 'Unauthorized',
+      };
+    }
+    await this.userService.deleteUserProfile(userUuid);
+    return {
+      statusCode: HttpStatus.OK,
+      data: {
+        userId: userUuid,
+      },
+      message: 'User deleted successfully',
+    };
+  }
+
  @ApiBearerAuth()
  @UseGuards(JwtAuthGuard)
  @Patch('agreements/web/:userUuid')
--- a/src/users/services/user.service.ts
+++ b/src/users/services/user.service.ts
@ -1,21 +1,21 @@
-import {
-  UpdateNameDto,
-  UpdateProfilePictureDataDto,
-  UpdateRegionDataDto,
-  UpdateTimezoneDataDto,
-} from './../dtos/update.user.dto';
+import { SuccessResponseDto } from '@app/common/dto/success.response.dto';
+import { removeBase64Prefix } from '@app/common/helper/removeBase64Prefix';
+import { RegionRepository } from '@app/common/modules/region/repositories';
+import { TimeZoneRepository } from '@app/common/modules/timezone/repositories';
+import { UserEntity } from '@app/common/modules/user/entities';
+import { UserRepository } from '@app/common/modules/user/repositories';
 import {
  BadRequestException,
  HttpException,
  HttpStatus,
  Injectable,
 } from '@nestjs/common';
-import { UserRepository } from '@app/common/modules/user/repositories';
-import { RegionRepository } from '@app/common/modules/region/repositories';
-import { TimeZoneRepository } from '@app/common/modules/timezone/repositories';
-import { removeBase64Prefix } from '@app/common/helper/removeBase64Prefix';
-import { UserEntity } from '@app/common/modules/user/entities';
-import { SuccessResponseDto } from '@app/common/dto/success.response.dto';
+import {
+  UpdateNameDto,
+  UpdateProfilePictureDataDto,
+  UpdateRegionDataDto,
+  UpdateTimezoneDataDto,
+} from './../dtos/update.user.dto';

@Injectable()
 export class UserService {
@ -269,4 +269,12 @@ export class UserService {
    }
    return await this.userRepository.update({ uuid }, { isActive: false });
  }
+
+  async deleteUserProfile(uuid: string) {
+    const user = await this.findOneById(uuid);
+    if (!user) {
+      throw new BadRequestException('User not found');
+    }
+    return this.userRepository.delete({ uuid });
+  }
 }
Author	SHA1	Message	Date
Ammar Qaffaf	fbf62fcd66	Enhances CDK deployment process and documentation Improves the deployment script to use the UAE region and adds context for the CDK stack.	2025-07-07 09:37:10 +03:00
Ammar Qaffaf	374fb69804	fix the super user seeded to accept terms and add certificate arn	2025-06-30 03:58:47 -04:00
Ammar Qaffaf	d4d1ec817d	a functioning backend stack bypassing firebase and using an existing domain	2025-06-29 20:45:38 -04:00
ZaydSkaff	90ab291d83	add curtain module device (#440 )	2025-06-29 10:10:19 +03:00
ZaydSkaff	5381a949bc	task: delete used & its relations (#437 )	2025-06-25 15:32:46 +03:00
ZaydSkaff	6973e8b195	task: sort communities by creation date (#416 )	2025-06-19 11:13:24 +03:00
faljawhary	92d102d08f	Merge pull request #413 from SyncrowIOT/fix-staging-insirt-logs-data Fix-staging-insirt-logs-data	2025-06-18 07:35:30 -06:00
faris Aljohari	7dc28d0cb3	fix: enable AQI sensor historical data update in device status processing	2025-06-18 07:32:39 -06:00
faris Aljohari	d9ad431a23	fix: correct procedure names in energy consumption updates	2025-06-18 05:33:49 -06:00
faris Aljohari	4bf43dab2b	feat: enhance device status DTO and service with optional properties and environment checks	2025-06-18 05:33:43 -06:00
ZaydSkaff	7520b8d9c7	fix: power clamp historical API (#408 )	2025-06-17 15:17:49 +03:00
faris Aljohari	72753b6dfb	merge dev to main	2025-06-14 15:18:20 -06:00
faris Aljohari	568eef8119	Merge branch 'dev'	2025-06-14 15:04:48 -06:00
Karim Hussami	a40560a0b1	Merge pull request #380 from SyncrowIOT/revert-378-daily-aqi-sensor Revert "SQL model for aqi score and processing air data"	2025-05-21 20:04:43 -04:00
Karim Hussami	7d6f1bb944	Revert "SQL model for aqi score and processing air data"	2025-05-21 20:01:05 -04:00
Karim Hussami	434316fe51	Merge pull request #378 from SyncrowIOT/daily-aqi-sensor SQL model for aqi score and processing air data	2025-05-21 16:54:19 -04:00
khuss	287bb4c5e4	SQL model for aqi score and processing air data	2025-05-21 16:49:44 -04:00
faris Aljohari	85602fa952	check deployment	2025-05-08 13:15:31 +03:00
Dona Maria Absi	25a4d3e91b	Merge pull request #364 from SyncrowIOT/revert-363-DATA-date-param-filtering Revert "DATA-date-param-moved"	2025-05-08 13:08:58 +03:00
Dona Maria Absi	d3a560d18f	Revert "DATA-date-param-moved"	2025-05-08 13:08:41 +03:00
Dona Maria Absi	ab99bb5afc	Merge pull request #363 from SyncrowIOT/DATA-date-param-filtering DATA-date-param-moved	2025-05-08 13:07:51 +03:00
Dona Maria Absi	67911d5ff1	moved param	2025-05-08 13:06:39 +03:00
faris Aljohari	13e3f3e213	Merge branch 'dev'	2025-04-29 09:58:05 +03:00
faris Aljohari	327d678656	Enhance TuyaWebSocketService to handle environment-specific message extraction	2025-03-28 03:40:09 +03:00
hannathkadher	dd5447fc5f	Merge pull request #311 from SyncrowIOT/dev	2025-03-13 13:56:50 +04:00
faris Aljohari	7df5b9ab08	Merge branch 'main' of https://github.com/SyncrowIOT/backend	2025-03-13 11:06:06 +03:00
faris Aljohari	06b4407b85	Merge branch 'dev'	2025-03-13 11:05:11 +03:00
hannathkadher	1d6f3b8e65	Merge pull request #309 from SyncrowIOT:dev propagating of space model to space	2025-03-13 00:27:23 +04:00
faris Aljohari	80659f7a48	Merge branch 'dev'	2025-03-12 02:22:33 +03:00
faris Aljohari	4a5f2f3b9f	Merge branch 'dev'	2025-03-11 20:27:22 +03:00
faris Aljohari	a57f4e1c65	Merge branch 'dev'	2025-03-11 15:33:52 +03:00
faris Aljohari	b2d52c7622	Merge branch 'dev'	2025-02-20 03:46:08 -06:00
hannathkadher	c9cbb2e085	Merge pull request #262 from SyncrowIOT/dev change subspace tag movement	2025-02-19 13:11:46 +04:00
hannathkadher	8aa3de5fdc	config	2025-02-18 16:59:38 +04:00
faris Aljohari	bc1ee9a53b	test deploy 2	2025-02-18 05:39:55 -06:00
faris Aljohari	19356c3833	test deploy	2025-02-18 05:35:06 -06:00
faris Aljohari	8737ee992b	Update GitHub Actions workflow for Node.js app deployment to Azure	2025-02-18 05:08:51 -06:00
faris Aljohari	e98a99be73	Update GitHub Actions workflow for containerized deployment to Azure Web App	2025-02-18 05:03:05 -06:00
faris Aljohari	93efa15f3c	Empty commit	2025-02-18 04:50:54 -06:00
faris Aljohari	c305e39ff2	Add or update the Azure App Service build and deployment workflow config	2025-02-18 04:34:31 -06:00
faris Aljohari	61e4d220dc	test deploy	2025-02-18 04:15:24 -06:00
faris Aljohari	cd4bbe1788	Empty commit	2025-02-18 00:10:22 -06:00
faris Aljohari	d770a0c732	Remove robots.txt request handling middleware	2025-02-17 18:51:16 -06:00
faris Aljohari	030e6ae902	Add middleware to ignore requests for robots*.txt files	2025-02-17 18:43:43 -06:00
faris Aljohari	9d8287b82b	Remove trailing whitespace in GitHub workflow file	2025-02-17 18:05:20 -06:00
faris Aljohari	d741a6c1f3	Empty commit	2025-02-17 17:50:51 -06:00
faris Aljohari	6d55704dd4	Merge branch 'dev'	2025-02-17 17:35:45 -06:00
hannathkadher	d8ad9e55ea	Merge pull request #253 from SyncrowIOT/dev Dev	2025-02-06 09:26:54 +04:00