Merge pull request #98 from Zod-Alkhair/feature/allowance-scheduling-cron-queue

feat(allowance): add dead letter exchange to allowance queue configur…

.gitignore

@@ -53,3 +53,5 @@ pids
 # Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 
+
+zod-certs

ALLOWANCE_SCHEDULING_SYSTEM.md

@@ -0,0 +1,291 @@
+# Allowance Scheduling System (Backend)
+
+This document captures the complete allowance scheduling feature as implemented in the backend.
+It is intended as a long-term reference for how the system works, why it was built this way,
+and how to operate/extend it safely.
+
+## Goals and Scope
+
+- Allow parents/guardians to create a recurring allowance schedule for a child.
+- Credit the allowance automatically based on the schedule.
+- Scale safely with multiple workers and avoid duplicate credits.
+- Keep cron lightweight and offload work to RabbitMQ workers.
+
+Non-goals in the current implementation:
+- UI changes
+- Analytics/reporting views
+- Advanced scheduling (e.g., custom weekdays)
+
+## High-Level Flow
+
+1. Parent creates a schedule via API.
+2. Cron runs every 5 minutes and enqueues due schedules into RabbitMQ.
+3. Workers consume queue messages, credit the allowance, and update the next run.
+4. Idempotency is enforced in the database to prevent duplicate credits.
+
+## Data Model
+
+### Table: `allowance_schedules`
+
+Purpose: Stores the schedule definition (amount, frequency, status, next run).
+
+Key fields:
+- `guardian_id`, `junior_id`: who funds and who receives.
+- `amount`: the allowance amount.
+- `frequency`: DAILY / WEEKLY / MONTHLY.
+- `status`: ON / OFF.
+- `next_run_at`, `last_run_at`: scheduling metadata.
+
+Constraints:
+- Unique `(guardian_id, junior_id)` ensures one schedule per child.
+
+Entity: `src/allowance/entities/allowance-schedule.entity.ts`
+
+### Table: `allowance_credits`
+
+Purpose: Audit log and idempotency guard for each credit run.
+
+Key fields:
+- `schedule_id`: which schedule executed.
+- `transaction_id`: the resulting transaction (nullable).
+- `amount`, `run_at`, `credited_at`.
+
+Idempotency:
+- Unique `(schedule_id, run_at)` prevents duplicates even with multiple workers.
+
+Entity: `src/allowance/entities/allowance-credit.entity.ts`
+
+### Table: `cron_runs`
+
+Purpose: shared audit table for all cron jobs (not just allowance).
+
+Key fields:
+- `job_name`: unique identifier for the cron.
+- `status`: SUCCESS / FAILED.
+- `processed_count`: number of schedules processed.
+- `error_message`: failure reason.
+- `started_at`, `finished_at`.
+
+Entity: `src/cron/entities/cron-run.entity.ts`
+
+## API (Schedule Creation)
+
+Endpoint:
+- `POST /guardians/me/allowances/:juniorId`
+
+Input DTO:
+- `amount` (required, numeric, positive)
+- `frequency` (required, enum)
+- `status` (required, enum)
+
+DTO: `src/allowance/dtos/request/create-allowance-schedule.request.dto.ts`
+
+Response DTO:
+- `AllowanceScheduleResponseDto` with schedule fields.
+
+DTO: `src/allowance/dtos/response/allowance-schedule.response.dto.ts`
+
+Business validation:
+- Child must belong to guardian.
+- No duplicate schedule for the same guardian+child.
+
+Service: `src/allowance/services/allowance.service.ts`
+
+## Cron Producer (Queue Enqueue)
+
+Cron job:
+- Runs every 5 minutes.
+- Batches schedules (cursor-based) to avoid large load.
+- Enqueues each schedule to RabbitMQ.
+
+Cron: `src/cron/tasks/allowance-schedule.cron.ts`
+
+Batch behavior:
+- Batch size = 100
+- Uses a cursor (`nextRunAt`, `id`) for stable pagination.
+- Prevents re-reading the same rows.
+
+Locking:
+- `BaseCronService` uses cache lock to ensure only one instance runs.
+- Each cron run is logged to `cron_runs` with status and processed count.
+
+Lock: `src/cron/services/base-cron.service.ts`
+
+## Queue Publisher
+
+Queue publisher:
+- Asserts queue + retry/DLQ exchanges.
+- Enqueues jobs with message id (for traceability).
+
+Service: `src/allowance/services/allowance-queue.service.ts`
+
+Queue names:
+- `allowance.schedule` (main)
+- `allowance.schedule.retry` (retry with TTL)
+- `allowance.schedule.dlq` (dead-letter queue)
+
+Constants: `src/allowance/constants/allowance-queue.constants.ts`
+
+## Worker Consumer (Transfers)
+
+Worker:
+- Consumes `allowance.schedule` queue.
+- Validates schedule is due and active.
+- Creates `allowance_credits` record for idempotency.
+- Transfers money via `cardService.transferToChild`.
+- Updates `last_run_at` and `next_run_at`.
+
+Worker: `src/allowance/services/allowance-worker.service.ts`
+
+Transfer:
+- Uses existing logic in `card.service.ts` for balance updates and transaction creation.
+
+Service: `src/card/services/card.service.ts`
+
+### Idempotency details
+
+1. Worker inserts `allowance_credits` row first.
+2. Unique constraint blocks duplicates.
+3. If transfer fails, the credit row is removed so the job can retry.
+
+This makes multiple workers safe.
+
+## Retry + DLQ Strategy
+
+Retry delay:
+- Failed jobs are dead-lettered to retry queue.
+- Retry queue has `messageTtl = 10 minutes`.
+- After TTL, job is routed back to main queue.
+
+DLQ:
+- If a job fails `ALLOWANCE_MAX_RETRIES` times (default 5), it is routed to the DLQ.
+- This prevents endless loops and allows manual inspection.
+
+Config:
+- `ALLOWANCE_MAX_RETRIES` (default 5)
+
+## Redis Usage
+
+Redis is used by `BaseCronService` to enforce a **distributed lock** for the cron job.
+This prevents multiple backend instances from enqueuing the same schedules at the same time.
+
+Lock behavior:
+- If the lock key exists, cron exits early.
+- If the lock key is absent, cron sets it with a TTL and proceeds.
+- TTL ensures the lock is released even if a node crashes.
+
+Service: `src/cron/services/base-cron.service.ts`
+
+## RabbitMQ Setup and Behavior
+
+The allowance system uses RabbitMQ for asynchronous processing. Cron publishes due schedules,
+and workers consume them.
+
+### Exchanges and Queues
+
+Main queue:
+- `allowance.schedule`
+
+Retry setup:
+- Exchange: `allowance.schedule.retry.exchange`
+- Queue: `allowance.schedule.retry`
+- Binding key: `allowance.schedule`
+- TTL: 10 minutes
+- Dead-letter route: back to `allowance.schedule`
+
+Dead-letter queue (DLQ):
+- Exchange: `allowance.schedule.dlq.exchange`
+- Queue: `allowance.schedule.dlq`
+- Binding key: `allowance.schedule`
+
+### Flow Summary
+
+1. Cron enqueues jobs to `allowance.schedule`.
+2. Worker consumes jobs from `allowance.schedule`.
+3. On failure, job is **dead-lettered** to `allowance.schedule.retry`.
+4. After 10 minutes, it returns to `allowance.schedule`.
+5. After max retries, worker publishes the job to `allowance.schedule.dlq`.
+
+### Where it is configured
+
+- Publisher setup: `src/allowance/services/allowance-queue.service.ts`
+- Worker consumer: `src/allowance/services/allowance-worker.service.ts`
+- Queue constants: `src/allowance/constants/allowance-queue.constants.ts`
+
+## Environment Variables
+
+- `RABBITMQ_URL` (required for queue/worker)
+- `ALLOWANCE_QUEUE_NAME` (optional, defaults to `allowance.schedule`)
+- `ALLOWANCE_MAX_RETRIES` (optional, defaults to 5)
+- `ALLOWANCE_RETRY_DELAY_MS` (optional, defaults to 10 minutes)
+
+### Example .env snippet
+
+```
+RABBITMQ_URL=amqp://guest:guest@localhost:5672
+ALLOWANCE_QUEUE_NAME=allowance.schedule
+ALLOWANCE_MAX_RETRIES=5
+ALLOWANCE_RETRY_DELAY_MS=600000
+```
+
+## Operational Checklist
+
+- Ensure Redis is running (cron locking).
+- Ensure RabbitMQ is running (queue + workers).
+- Start at least one worker process.
+- Monitor DLQ for failures.
+
+## Manual Test Checklist
+
+1. Create schedule:
+   - POST `/guardians/me/allowances/:juniorId`
+   - Valid amount, frequency, status.
+2. Duplicate schedule:
+   - Expect `ALLOWANCE.ALREADY_EXISTS`.
+3. Cron enqueue:
+   - Wait for cron interval or manually trigger.
+   - Confirm messages appear in RabbitMQ.
+4. Worker:
+   - Ensure worker is running.
+   - Verify transfers happen and `allowance_credits` is created.
+5. Failure paths:
+   - Simulate transfer failure and verify retry queue behavior.
+   - Confirm DLQ after max retries.
+
+## Operational Notes
+
+- For large volumes, scale workers horizontally.
+- Keep cron lightweight; do not perform transfers in cron.
+- Monitor queue depth and DLQ entries.
+
+## Known Limitations (Current)
+
+- Only one schedule per child (guardian+junior unique).
+- No custom weekdays or complex schedules.
+- Retry delay is fixed at 10 minutes (can be configurable).
+
+## File Map (Quick Reference)
+
+- API:
+  - `src/allowance/controllers/allowance.controller.ts`
+  - `src/allowance/services/allowance.service.ts`
+  - `src/allowance/dtos/request/create-allowance-schedule.request.dto.ts`
+  - `src/allowance/dtos/response/allowance-schedule.response.dto.ts`
+
+- Cron:
+  - `src/cron/tasks/allowance-schedule.cron.ts`
+  - `src/cron/services/base-cron.service.ts`
+
+- Queue/Worker:
+  - `src/allowance/services/allowance-queue.service.ts`
+  - `src/allowance/services/allowance-worker.service.ts`
+  - `src/allowance/constants/allowance-queue.constants.ts`
+
+- Repositories:
+  - `src/allowance/repositories/allowance-schedule.repository.ts`
+  - `src/allowance/repositories/allowance-credit.repository.ts`
+
+- Entities:
+  - `src/allowance/entities/allowance-schedule.entity.ts`
+  - `src/allowance/entities/allowance-credit.entity.ts`
+

nest-cli.json

@@ -10,8 +10,8 @@
         "include": "config",
         "exclude": "**/*.md"
       },
-      { "include": "common/modules/**/templates/*", "watchAssets": true }
-,
+      { "include": "common/modules/**/templates/**/*", "watchAssets": true },
+      { "include": "common/modules/neoleap/zod-certs" },
       "i18n",
       "files"
     ]

package.json

@@ -23,7 +23,8 @@
     "migration:generate": "npm run typeorm:cli-d migration:generate",
     "migration:create": "npm run typeorm:cli migration:create",
     "migration:up": "npm run typeorm:cli-d migration:run",
-    "migration:down": "npm run typeorm:cli-d migration:revert"
+    "migration:down": "npm run typeorm:cli-d migration:revert",
+    "seed": "TS_NODE_PROJECT=tsconfig.json ts-node -r tsconfig-paths/register src/scripts/seed.ts"
   },
   "dependencies": {
     "@abdalhamid/hello": "^2.0.0",
@@ -50,10 +51,12 @@
     "cacheable": "^1.8.5",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.1",
+    "decimal.js": "^10.6.0",
     "firebase-admin": "^13.0.2",
     "google-libphonenumber": "^3.2.39",
     "handlebars": "^4.7.8",
-    "ioredis": "^5.4.1",
+    "handlebars-layouts": "^3.1.4",
+    "jwk-to-pem": "^2.0.7",
     "lodash": "^4.17.21",
     "moment": "^2.30.1",
     "nestjs-i18n": "^10.4.9",
@@ -82,6 +85,7 @@
     "@types/express": "^5.0.0",
     "@types/google-libphonenumber": "^7.4.30",
     "@types/jest": "^29.5.2",
+    "@types/jwk-to-pem": "^2.0.3",
     "@types/lodash": "^4.17.13",
     "@types/multer": "^1.4.12",
     "@types/node": "^20.3.1",

src/allowance/allowance.module.ts

@@ -1,20 +1,22 @@
 import { Module } from '@nestjs/common';
 import { TypeOrmModule } from '@nestjs/typeorm';
+import { CardModule } from '~/card/card.module';
 import { JuniorModule } from '~/junior/junior.module';
-import { AllowanceChangeRequestController, AllowancesController } from './controllers';
-import { Allowance, AllowanceChangeRequest } from './entities';
-import { AllowanceChangeRequestsRepository, AllowancesRepository } from './repositories';
-import { AllowanceChangeRequestsService, AllowancesService } from './services';
+import { AllowanceController } from './controllers';
+import { AllowanceCredit, AllowanceSchedule } from './entities';
+import { AllowanceCreditRepository, AllowanceScheduleRepository } from './repositories';
+import { AllowanceQueueService, AllowanceService, AllowanceWorkerService } from './services';
 
 @Module({
-  controllers: [AllowancesController, AllowanceChangeRequestController],
-  imports: [TypeOrmModule.forFeature([Allowance, AllowanceChangeRequest]), JuniorModule],
+  imports: [TypeOrmModule.forFeature([AllowanceSchedule, AllowanceCredit]), JuniorModule, CardModule],
+  controllers: [AllowanceController],
   providers: [
-    AllowancesService,
-    AllowancesRepository,
-    AllowanceChangeRequestsService,
-    AllowanceChangeRequestsRepository,
+    AllowanceService,
+    AllowanceScheduleRepository,
+    AllowanceCreditRepository,
+    AllowanceQueueService,
+    AllowanceWorkerService,
   ],
-  exports: [AllowancesService],
+  exports: [AllowanceScheduleRepository, AllowanceQueueService, AllowanceCreditRepository],
 })
 export class AllowanceModule {}

src/allowance/constants/allowance-queue.constants.ts

@@ -0,0 +1,5 @@
+export const ALLOWANCE_QUEUE_NAME = 'allowance.schedule';
+export const ALLOWANCE_RETRY_QUEUE_NAME = 'allowance.schedule.retry';
+export const ALLOWANCE_DLQ_NAME = 'allowance.schedule.dlq';
+export const ALLOWANCE_RETRY_EXCHANGE = 'allowance.schedule.retry.exchange';
+export const ALLOWANCE_DLQ_EXCHANGE = 'allowance.schedule.dlq.exchange';

src/allowance/constants/index.ts

@@ -0,0 +1 @@
+export * from './allowance-queue.constants';

src/allowance/controllers/allowance-change-request.controller.ts

@@ -1,80 +0,0 @@
-import { Body, Controller, Get, HttpCode, HttpStatus, Param, Patch, Post, Query, UseGuards } from '@nestjs/common';
-import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
-import { Roles } from '~/auth/enums';
-import { IJwtPayload } from '~/auth/interfaces';
-import { AllowedRoles, AuthenticatedUser } from '~/common/decorators';
-import { RolesGuard } from '~/common/guards';
-import { ApiDataPageResponse, ApiDataResponse } from '~/core/decorators';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { CustomParseUUIDPipe } from '~/core/pipes';
-import { ResponseFactory } from '~/core/utils';
-import { CreateAllowanceChangeRequestDto } from '../dtos/request';
-import { AllowanceChangeRequestResponseDto } from '../dtos/response';
-import { AllowanceChangeRequestsService } from '../services';
-
-@Controller('allowance-change-requests')
-@ApiTags('Allowance Change Requests')
-@ApiBearerAuth()
-export class AllowanceChangeRequestController {
-  constructor(private readonly allowanceChangeRequestsService: AllowanceChangeRequestsService) {}
-
-  @Post()
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.JUNIOR)
-  @HttpCode(HttpStatus.NO_CONTENT)
-  requestAllowanceChange(@AuthenticatedUser() { sub }: IJwtPayload, @Body() body: CreateAllowanceChangeRequestDto) {
-    return this.allowanceChangeRequestsService.createAllowanceChangeRequest(sub, body);
-  }
-
-  @Get()
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataPageResponse(AllowanceChangeRequestResponseDto)
-  async findAllowanceChangeRequests(@AuthenticatedUser() { sub }: IJwtPayload, @Query() query: PageOptionsRequestDto) {
-    const [requests, itemCount] = await this.allowanceChangeRequestsService.findAllowanceChangeRequests(sub, query);
-
-    return ResponseFactory.dataPage(
-      requests.map((request) => new AllowanceChangeRequestResponseDto(request)),
-      {
-        itemCount,
-        page: query.page,
-        size: query.size,
-      },
-    );
-  }
-
-  @Get('/:changeRequestId')
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataResponse(AllowanceChangeRequestResponseDto)
-  async findAllowanceChangeRequestById(
-    @AuthenticatedUser() { sub }: IJwtPayload,
-    @Param('changeRequestId', CustomParseUUIDPipe) changeRequestId: string,
-  ) {
-    const request = await this.allowanceChangeRequestsService.findAllowanceChangeRequestById(sub, changeRequestId);
-
-    return ResponseFactory.data(new AllowanceChangeRequestResponseDto(request));
-  }
-
-  @Patch(':changeRequestId/approve')
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @HttpCode(HttpStatus.NO_CONTENT)
-  approveAllowanceChangeRequest(
-    @AuthenticatedUser() { sub }: IJwtPayload,
-    @Param('changeRequestId', CustomParseUUIDPipe) changeRequestId: string,
-  ) {
-    return this.allowanceChangeRequestsService.approveAllowanceChangeRequest(sub, changeRequestId);
-  }
-
-  @Patch(':changeRequestId/reject')
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @HttpCode(HttpStatus.NO_CONTENT)
-  rejectAllowanceChangeRequest(
-    @AuthenticatedUser() { sub }: IJwtPayload,
-    @Param('changeRequestId', CustomParseUUIDPipe) changeRequestId: string,
-  ) {
-    return this.allowanceChangeRequestsService.rejectAllowanceChangeRequest(sub, changeRequestId);
-  }
-}

src/allowance/controllers/allowance.controller.ts

@@ -0,0 +1,78 @@
+import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Patch, Post, UseGuards } from '@nestjs/common';
+import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
+import { Roles } from '~/auth/enums';
+import { IJwtPayload } from '~/auth/interfaces';
+import { AllowedRoles, AuthenticatedUser } from '~/common/decorators';
+import { AccessTokenGuard, RolesGuard } from '~/common/guards';
+import { ApiDataResponse, ApiLangRequestHeader } from '~/core/decorators';
+import { ResponseFactory } from '~/core/utils';
+import { CreateAllowanceScheduleRequestDto, UpdateAllowanceScheduleRequestDto } from '../dtos/request';
+import {
+  AllowanceScheduleResponseDto,
+  AllowanceSchedulesListResponseDto,
+  AllowanceSummaryResponseDto,
+} from '../dtos/response';
+import { AllowanceService } from '../services';
+
+@Controller('guardians/me/allowances')
+@ApiTags('Allowances')
+@ApiBearerAuth()
+@ApiLangRequestHeader()
+@UseGuards(AccessTokenGuard, RolesGuard)
+@AllowedRoles(Roles.GUARDIAN)
+export class AllowanceController {
+  constructor(private readonly allowanceService: AllowanceService) {}
+
+  @Get()
+  @ApiOperation({ summary: 'Get all allowance schedules for the authenticated guardian' })
+  @ApiDataResponse(AllowanceSchedulesListResponseDto)
+  async getSchedules(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const { withSchedule, withoutSchedule, monthlyTotal } =
+      await this.allowanceService.getSchedulesByGuardian(sub);
+    return ResponseFactory.data(
+      new AllowanceSchedulesListResponseDto(withSchedule, withoutSchedule, monthlyTotal),
+    );
+  }
+
+  @Get('summary')
+  @ApiOperation({ summary: 'Get allowance summary for home page (lightweight)' })
+  @ApiDataResponse(AllowanceSummaryResponseDto)
+  async getSummary(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const { nextPaymentAt, monthlyTotal } = await this.allowanceService.getSummary(sub);
+    return ResponseFactory.data(new AllowanceSummaryResponseDto(nextPaymentAt, monthlyTotal));
+  }
+
+  @Post(':juniorId')
+  @ApiOperation({ summary: 'Create a new allowance schedule for a junior' })
+  @ApiDataResponse(AllowanceScheduleResponseDto)
+  async createSchedule(
+    @AuthenticatedUser() { sub }: IJwtPayload,
+    @Param('juniorId') juniorId: string,
+    @Body() body: CreateAllowanceScheduleRequestDto,
+  ) {
+    const schedule = await this.allowanceService.createSchedule(sub, juniorId, body);
+    return ResponseFactory.data(new AllowanceScheduleResponseDto(schedule));
+  }
+
+  @Patch(':scheduleId')
+  @ApiOperation({ summary: 'Update an existing allowance schedule' })
+  @ApiDataResponse(AllowanceScheduleResponseDto)
+  async updateSchedule(
+    @AuthenticatedUser() { sub }: IJwtPayload,
+    @Param('scheduleId') scheduleId: string,
+    @Body() body: UpdateAllowanceScheduleRequestDto,
+  ) {
+    const schedule = await this.allowanceService.updateSchedule(sub, scheduleId, body);
+    return ResponseFactory.data(new AllowanceScheduleResponseDto(schedule));
+  }
+
+  @Delete(':scheduleId')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  @ApiOperation({ summary: 'Delete an allowance schedule' })
+  async deleteSchedule(
+    @AuthenticatedUser() { sub }: IJwtPayload,
+    @Param('scheduleId') scheduleId: string,
+  ) {
+    await this.allowanceService.deleteSchedule(sub, scheduleId);
+  }
+}

src/allowance/controllers/allowances.controller.ts

@@ -1,72 +0,0 @@
-import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post, Query, UseGuards } from '@nestjs/common';
-import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
-import { Roles } from '~/auth/enums';
-import { IJwtPayload } from '~/auth/interfaces';
-import { AllowedRoles, AuthenticatedUser } from '~/common/decorators';
-import { RolesGuard } from '~/common/guards';
-import { ApiDataPageResponse, ApiDataResponse } from '~/core/decorators';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { CustomParseUUIDPipe } from '~/core/pipes';
-import { ResponseFactory } from '~/core/utils';
-import { CreateAllowanceRequestDto } from '../dtos/request';
-import { AllowanceResponseDto } from '../dtos/response';
-import { AllowancesService } from '../services';
-
-@Controller('allowances')
-@ApiTags('Allowances')
-@ApiBearerAuth()
-export class AllowancesController {
-  constructor(private readonly allowancesService: AllowancesService) {}
-
-  @Post()
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataResponse(AllowanceResponseDto)
-  async createAllowance(@AuthenticatedUser() { sub }: IJwtPayload, @Body() body: CreateAllowanceRequestDto) {
-    const allowance = await this.allowancesService.createAllowance(sub, body);
-
-    return ResponseFactory.data(new AllowanceResponseDto(allowance));
-  }
-
-  @Get()
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataPageResponse(AllowanceResponseDto)
-  async findAllowances(@AuthenticatedUser() { sub }: IJwtPayload, @Query() query: PageOptionsRequestDto) {
-    const [allowances, itemCount] = await this.allowancesService.findAllowances(sub, query);
-
-    return ResponseFactory.dataPage(
-      allowances.map((allowance) => new AllowanceResponseDto(allowance)),
-      {
-        itemCount,
-        page: query.page,
-        size: query.size,
-      },
-    );
-  }
-
-  @Get(':allowanceId')
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataResponse(AllowanceResponseDto)
-  async findAllowanceById(
-    @AuthenticatedUser() { sub }: IJwtPayload,
-    @Param('allowanceId', CustomParseUUIDPipe) allowanceId: string,
-  ) {
-    const allowance = await this.allowancesService.findAllowanceById(allowanceId, sub);
-
-    return ResponseFactory.data(new AllowanceResponseDto(allowance));
-  }
-
-  @Delete(':allowanceId')
-  @UseGuards(RolesGuard)
-  @AllowedRoles(Roles.GUARDIAN)
-  @ApiDataResponse(AllowanceResponseDto)
-  @HttpCode(HttpStatus.NO_CONTENT)
-  deleteAllowance(
-    @AuthenticatedUser() { sub }: IJwtPayload,
-    @Param('allowanceId', CustomParseUUIDPipe) allowanceId: string,
-  ) {
-    return this.allowancesService.deleteAllowance(sub, allowanceId);
-  }
-}

src/allowance/controllers/index.ts

@@ -1,2 +1 @@
-export * from './allowance-change-request.controller';
-export * from './allowances.controller';
+export * from './allowance.controller';

src/allowance/dtos/request/create-allowance-change.request.dto.ts

@@ -1,28 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { IsNotEmpty, IsNumber, IsPositive, IsString, IsUUID } from 'class-validator';
-import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-
-export class CreateAllowanceChangeRequestDto {
-  @ApiProperty({ example: 'I want to change the amount of the allowance' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'allowanceChangeRequest.reason' }) })
-  @IsNotEmpty({
-    message: i18n('validation.IsNotEmpty', { path: 'general', property: 'allowanceChangeRequest.reason' }),
-  })
-  reason!: string;
-
-  @ApiProperty({ example: 100 })
-  @IsNumber(
-    {},
-    { message: i18n('validation.IsNumber', { path: 'general', property: 'allowanceChangeRequest.amount' }) },
-  )
-  @IsPositive({
-    message: i18n('validation.IsPositive', { path: 'general', property: 'allowanceChangeRequest.amount' }),
-  })
-  amount!: number;
-
-  @ApiProperty({ example: 'd641bb71-2e7c-4e62-96fa-2785f0a651c6' })
-  @IsUUID('4', {
-    message: i18n('validation.IsUUID', { path: 'general', property: 'allowanceChangeRequest.allowanceId' }),
-  })
-  allowanceId!: string;
-}

src/allowance/dtos/request/create-allowance-schedule.request.dto.ts

@@ -0,0 +1,38 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEnum, IsNotEmpty, IsNumber, IsPositive } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '~/allowance/enums';
+
+export class CreateAllowanceScheduleRequestDto {
+  @ApiProperty({ example: 400 })
+  @IsNotEmpty({
+    message: i18n('validation.IsNotEmpty', { path: 'general', property: 'allowance.amount' }),
+  })
+  @IsNumber(
+    { maxDecimalPlaces: 2 },
+    { message: i18n('validation.IsNumber', { path: 'general', property: 'allowance.amount' }) },
+  )
+  @IsPositive({
+    message: i18n('validation.IsPositive', { path: 'general', property: 'allowance.amount' }),
+  })
+  amount!: number;
+
+  @ApiProperty({ enum: AllowanceFrequency, example: AllowanceFrequency.WEEKLY })
+  @IsNotEmpty({
+    message: i18n('validation.IsNotEmpty', { path: 'general', property: 'allowance.frequency' }),
+  })
+  @IsEnum(AllowanceFrequency, {
+    message: i18n('validation.IsEnum', { path: 'general', property: 'allowance.frequency' }),
+  })
+  frequency!: AllowanceFrequency;
+
+  @ApiProperty({ enum: AllowanceScheduleStatus, example: AllowanceScheduleStatus.ON })
+  @IsNotEmpty({
+    message: i18n('validation.IsNotEmpty', { path: 'general', property: 'allowance.status' }),
+  })
+  @IsEnum(AllowanceScheduleStatus, {
+    message: i18n('validation.IsEnum', { path: 'general', property: 'allowance.status' }),
+  })
+  status!: AllowanceScheduleStatus;
+
+}

src/allowance/dtos/request/create-allowance.request.dto.ts

@@ -1,52 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { Transform } from 'class-transformer';
-import { IsDate, IsEnum, IsInt, IsNotEmpty, IsNumber, IsPositive, IsString, IsUUID, ValidateIf } from 'class-validator';
-import moment from 'moment';
-import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-import { AllowanceFrequency, AllowanceType } from '~/allowance/enums';
-export class CreateAllowanceRequestDto {
-  @ApiProperty({ example: 'Allowance name' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'allowance.name' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'allowance.name' }) })
-  name!: string;
-
-  @ApiProperty({ example: 100 })
-  @IsNumber({}, { message: i18n('validation.IsNumber', { path: 'general', property: 'allowance.amount' }) })
-  @IsPositive({ message: i18n('validation.IsPositive', { path: 'general', property: 'allowance.amount' }) })
-  amount!: number;
-
-  @ApiProperty({ example: AllowanceFrequency.WEEKLY })
-  @IsEnum(AllowanceFrequency, {
-    message: i18n('validation.IsEnum', { path: 'general', property: 'allowance.frequency' }),
-  })
-  frequency!: AllowanceFrequency;
-
-  @ApiProperty({ example: AllowanceType.BY_END_DATE })
-  @IsEnum(AllowanceType, { message: i18n('validation.IsEnum', { path: 'general', property: 'allowance.type' }) })
-  type!: AllowanceType;
-
-  @ApiProperty({ example: new Date() })
-  @IsDate({ message: i18n('validation.IsDate', { path: 'general', property: 'allowance.startDate' }) })
-  @Transform(({ value }) => moment(value).startOf('day').toDate())
-  startDate!: Date;
-
-  @ApiProperty({ example: new Date() })
-  @IsDate({ message: i18n('validation.IsDate', { path: 'general', property: 'allowance.endDate' }) })
-  @Transform(({ value }) => moment(value).endOf('day').toDate())
-  @ValidateIf((o) => o.type === AllowanceType.BY_END_DATE)
-  endDate?: Date;
-
-  @ApiProperty({ example: 10 })
-  @IsNumber(
-    {},
-    { message: i18n('validation.IsNumber', { path: 'general', property: 'allowance.numberOfTransactions' }) },
-  )
-  @IsInt({ message: i18n('validation.IsInt', { path: 'general', property: 'allowance.amount' }) })
-  @IsPositive({ message: i18n('validation.IsPositive', { path: 'general', property: 'allowance.amount' }) })
-  @ValidateIf((o) => o.type === AllowanceType.BY_COUNT)
-  numberOfTransactions?: number;
-
-  @ApiProperty({ example: 'e7b1b3b4-4b3b-4b3b-4b3b-4b3b4b3b4b3b' })
-  @IsUUID('4', { message: i18n('validation.IsUUID', { path: 'general', property: 'allowance.juniorId' }) })
-  juniorId!: string;
-}

src/allowance/dtos/request/index.ts

@@ -1,2 +1,2 @@
-export * from './create-allowance-change.request.dto';
-export * from './create-allowance.request.dto';
+export * from './create-allowance-schedule.request.dto';
+export * from './update-allowance-schedule.request.dto';

src/allowance/dtos/request/update-allowance-schedule.request.dto.ts

@@ -0,0 +1,40 @@
+import { ApiPropertyOptional } from '@nestjs/swagger';
+import { IsEnum, IsNotEmpty, IsNumber, IsOptional, IsPositive } from 'class-validator';
+import { i18nValidationMessage } from 'nestjs-i18n';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '~/allowance/enums';
+
+export class UpdateAllowanceScheduleRequestDto {
+  @ApiPropertyOptional({ example: 150, description: 'Allowance amount' })
+  @IsOptional()
+  @IsNotEmpty({ message: i18nValidationMessage('validation.NOT_EMPTY') })
+  @IsNumber(
+    { maxDecimalPlaces: 2 },
+    { message: i18nValidationMessage('validation.INVALID_NUMBER', { field: 'general.amount' }) },
+  )
+  @IsPositive({ message: i18nValidationMessage('validation.MUST_BE_POSITIVE', { field: 'general.amount' }) })
+  amount?: number;
+
+  @ApiPropertyOptional({
+    enum: AllowanceFrequency,
+    example: AllowanceFrequency.WEEKLY,
+    description: 'How often the allowance is paid',
+  })
+  @IsOptional()
+  @IsNotEmpty({ message: i18nValidationMessage('validation.NOT_EMPTY') })
+  @IsEnum(AllowanceFrequency, {
+    message: i18nValidationMessage('validation.INVALID_ENUM', { field: 'general.allowance.frequency' }),
+  })
+  frequency?: AllowanceFrequency;
+
+  @ApiPropertyOptional({
+    enum: AllowanceScheduleStatus,
+    example: AllowanceScheduleStatus.ON,
+    description: 'Whether the schedule is active or paused',
+  })
+  @IsOptional()
+  @IsNotEmpty({ message: i18nValidationMessage('validation.NOT_EMPTY') })
+  @IsEnum(AllowanceScheduleStatus, {
+    message: i18nValidationMessage('validation.INVALID_ENUM', { field: 'general.allowance.status' }),
+  })
+  status?: AllowanceScheduleStatus;
+}

src/allowance/dtos/response/allowance-change-request.response.dto.ts

@@ -1,45 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { AllowanceChangeRequest } from '~/allowance/entities';
-import { AllowanceChangeRequestStatus } from '~/allowance/enums';
-import { JuniorResponseDto } from '~/junior/dtos/response';
-
-export class AllowanceChangeRequestResponseDto {
-  @ApiProperty({ example: 'd641bb71-2e7c-4e62-96fa-2785f0a651c6' })
-  id!: string;
-
-  @ApiProperty({ example: AllowanceChangeRequestStatus.APPROVED })
-  status!: AllowanceChangeRequestStatus;
-
-  @ApiProperty({ example: 'Allowance name' })
-  name!: string;
-
-  @ApiProperty({ example: '100' })
-  oldAmount!: number;
-
-  @ApiProperty({ example: '200' })
-  newAmount!: number;
-
-  @ApiProperty({ example: 'Some reason' })
-  reason!: string;
-
-  @ApiProperty({ example: 'd641bb71-2e7c-4e62-96fa-2785f0a651c6' })
-  allowanceId!: string;
-
-  @ApiProperty({ type: JuniorResponseDto })
-  junior!: JuniorResponseDto;
-
-  @ApiProperty({ example: new Date() })
-  createdAt!: Date;
-
-  constructor(allowanceChangeRequest: AllowanceChangeRequest) {
-    this.id = allowanceChangeRequest.id;
-    this.status = allowanceChangeRequest.status;
-    this.name = allowanceChangeRequest.allowance.name;
-    this.oldAmount = allowanceChangeRequest.allowance.amount;
-    this.newAmount = allowanceChangeRequest.amount;
-    this.reason = allowanceChangeRequest.reason;
-    this.allowanceId = allowanceChangeRequest.allowanceId;
-    this.junior = new JuniorResponseDto(allowanceChangeRequest.allowance.junior);
-    this.createdAt = allowanceChangeRequest.createdAt;
-  }
-}

src/allowance/dtos/response/allowance-schedule.response.dto.ts

@@ -0,0 +1,48 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { AllowanceSchedule } from '~/allowance/entities/allowance-schedule.entity';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '~/allowance/enums';
+
+export class AllowanceScheduleResponseDto {
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  id!: string;
+
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  guardianId!: string;
+
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  juniorId!: string;
+
+  @ApiProperty({ example: 400 })
+  amount!: number;
+
+  @ApiProperty({ enum: AllowanceFrequency, example: AllowanceFrequency.WEEKLY })
+  frequency!: AllowanceFrequency;
+
+  @ApiProperty({ enum: AllowanceScheduleStatus, example: AllowanceScheduleStatus.ON })
+  status!: AllowanceScheduleStatus;
+
+  @ApiProperty({ example: '2026-01-01T00:00:00.000Z' })
+  nextRunAt!: Date;
+
+  @ApiProperty({ example: null })
+  lastRunAt!: Date | null;
+
+  @ApiProperty({ example: '2026-01-01T00:00:00.000Z' })
+  createdAt!: Date;
+
+  @ApiProperty({ example: '2026-01-01T00:00:00.000Z' })
+  updatedAt!: Date;
+
+  constructor(data: AllowanceSchedule) {
+    this.id = data.id;
+    this.guardianId = data.guardianId;
+    this.juniorId = data.juniorId;
+    this.amount = Number(data.amount);
+    this.frequency = data.frequency;
+    this.status = data.status;
+    this.nextRunAt = data.nextRunAt;
+    this.lastRunAt = data.lastRunAt;
+    this.createdAt = data.createdAt;
+    this.updatedAt = data.updatedAt;
+  }
+}

src/allowance/dtos/response/allowance-schedules-list.response.dto.ts

@@ -0,0 +1,36 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { AllowanceSchedule } from '~/allowance/entities/allowance-schedule.entity';
+import { Junior } from '~/junior/entities';
+import { JuniorWithScheduleDto, JuniorWithoutScheduleDto } from './junior-allowance-info.response.dto';
+
+export class AllowanceSchedulesListResponseDto {
+  @ApiProperty({
+    type: [JuniorWithScheduleDto],
+    description: 'Children who have an allowance schedule configured',
+  })
+  withSchedule!: JuniorWithScheduleDto[];
+
+  @ApiProperty({
+    type: [JuniorWithoutScheduleDto],
+    description: 'Children who do not have an allowance schedule yet',
+  })
+  withoutSchedule!: JuniorWithoutScheduleDto[];
+
+  @ApiProperty({
+    example: 1600,
+    description: 'Total monthly equivalent amount for all active schedules',
+  })
+  monthlyTotal!: number;
+
+  constructor(
+    juniorsWithSchedule: { junior: Junior; schedule: AllowanceSchedule }[],
+    juniorsWithoutSchedule: Junior[],
+    monthlyTotal: number,
+  ) {
+    this.withSchedule = juniorsWithSchedule.map(
+      ({ junior, schedule }) => new JuniorWithScheduleDto(junior, schedule),
+    );
+    this.withoutSchedule = juniorsWithoutSchedule.map((j) => new JuniorWithoutScheduleDto(j));
+    this.monthlyTotal = monthlyTotal;
+  }
+}

src/allowance/dtos/response/allowance-summary.response.dto.ts

@@ -0,0 +1,21 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+
+export class AllowanceSummaryResponseDto {
+  @ApiPropertyOptional({
+    example: '2026-02-01T00:00:00.000Z',
+    description: 'The nearest upcoming payment date among all active schedules (null if no active schedules)',
+    nullable: true,
+  })
+  nextPaymentAt!: Date | null;
+
+  @ApiProperty({
+    example: 1600,
+    description: 'Total monthly equivalent amount for all active schedules',
+  })
+  monthlyTotal!: number;
+
+  constructor(nextPaymentAt: Date | null, monthlyTotal: number) {
+    this.nextPaymentAt = nextPaymentAt;
+    this.monthlyTotal = monthlyTotal;
+  }
+}

src/allowance/dtos/response/allowance.response.dto.ts

@@ -1,53 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { Allowance } from '~/allowance/entities';
-import { AllowanceFrequency, AllowanceType } from '~/allowance/enums';
-import { JuniorResponseDto } from '~/junior/dtos/response';
-
-export class AllowanceResponseDto {
-  @ApiProperty({ example: 'd641bb71-2e7c-4e62-96fa-2785f0a651c6' })
-  id!: string;
-
-  @ApiProperty({ example: 'Allowance name' })
-  name!: string;
-
-  @ApiProperty({ example: 100 })
-  amount!: number;
-
-  @ApiProperty({ example: AllowanceFrequency.WEEKLY })
-  frequency!: AllowanceFrequency;
-
-  @ApiProperty({ example: AllowanceType.BY_END_DATE })
-  type!: AllowanceType;
-
-  @ApiProperty({ example: new Date() })
-  startDate!: Date;
-
-  @ApiProperty({ example: new Date() })
-  endDate?: Date;
-
-  @ApiProperty({ example: 10 })
-  numberOfTransactions?: number;
-
-  @ApiProperty({ type: JuniorResponseDto })
-  junior!: JuniorResponseDto;
-
-  @ApiProperty({ example: new Date() })
-  createdAt!: Date;
-
-  @ApiProperty({ example: new Date() })
-  updatedAt!: Date;
-
-  constructor(allowance: Allowance) {
-    this.id = allowance.id;
-    this.name = allowance.name;
-    this.amount = allowance.amount;
-    this.frequency = allowance.frequency;
-    this.type = allowance.type;
-    this.startDate = allowance.startDate;
-    this.endDate = allowance.endDate;
-    this.numberOfTransactions = allowance.numberOfTransactions;
-    this.junior = new JuniorResponseDto(allowance.junior);
-    this.createdAt = allowance.createdAt;
-    this.updatedAt = allowance.updatedAt;
-  }
-}

src/allowance/dtos/response/index.ts

@@ -1,2 +1,4 @@
-export * from './allowance-change-request.response.dto';
-export * from './allowance.response.dto';
+export * from './allowance-schedule.response.dto';
+export * from './allowance-schedules-list.response.dto';
+export * from './allowance-summary.response.dto';
+export * from './junior-allowance-info.response.dto';

src/allowance/dtos/response/junior-allowance-info.response.dto.ts

@@ -0,0 +1,89 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { Junior } from '~/junior/entities';
+import { AllowanceSchedule } from '~/allowance/entities';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '~/allowance/enums';
+
+/**
+ * Junior without an allowance schedule - basic info only
+ */
+export class JuniorWithoutScheduleDto {
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  juniorId!: string;
+
+  @ApiProperty({ example: 'Ahmed' })
+  firstName!: string;
+
+  @ApiProperty({ example: 'Al-Khair' })
+  lastName!: string;
+
+  @ApiProperty({ example: 'https://example.com/profile.jpg', nullable: true })
+  profilePictureUrl!: string | null;
+
+  constructor(junior: Junior) {
+    this.juniorId = junior.id;
+    this.firstName = junior.customer?.user?.firstName || '';
+    this.lastName = junior.customer?.user?.lastName || '';
+    this.profilePictureUrl = junior.customer?.user?.profilePicture?.url || null;
+  }
+}
+
+/**
+ * Junior with their allowance schedule - all data flattened into one object
+ */
+export class JuniorWithScheduleDto {
+  // Junior info
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  juniorId!: string;
+
+  @ApiProperty({ example: 'Ahmed' })
+  firstName!: string;
+
+  @ApiProperty({ example: 'Al-Khair' })
+  lastName!: string;
+
+  @ApiProperty({ example: 'https://example.com/profile.jpg', nullable: true })
+  profilePictureUrl!: string | null;
+
+  // Schedule info
+  @ApiProperty({ example: '123e4567-e89b-12d3-a456-426614174000' })
+  scheduleId!: string;
+
+  @ApiProperty({ example: 100 })
+  amount!: number;
+
+  @ApiProperty({ enum: AllowanceFrequency, example: AllowanceFrequency.WEEKLY })
+  frequency!: AllowanceFrequency;
+
+  @ApiProperty({ enum: AllowanceScheduleStatus, example: AllowanceScheduleStatus.ON })
+  status!: AllowanceScheduleStatus;
+
+  @ApiProperty({ example: '2026-02-05T00:00:00.000Z' })
+  nextRunAt!: Date;
+
+  @ApiProperty({ example: null, nullable: true })
+  lastRunAt!: Date | null;
+
+  @ApiProperty({ example: '2026-01-15T10:30:00.000Z' })
+  createdAt!: Date;
+
+  @ApiProperty({ example: '2026-01-15T10:30:00.000Z' })
+  updatedAt!: Date;
+
+  constructor(junior: Junior, schedule: AllowanceSchedule) {
+    // Junior info
+    this.juniorId = junior.id;
+    this.firstName = junior.customer?.user?.firstName || '';
+    this.lastName = junior.customer?.user?.lastName || '';
+    this.profilePictureUrl = junior.customer?.user?.profilePicture?.url || null;
+
+    // Schedule info
+    this.scheduleId = schedule.id;
+    this.amount = Number(schedule.amount);
+    this.frequency = schedule.frequency;
+    this.status = schedule.status;
+    this.nextRunAt = schedule.nextRunAt;
+    this.lastRunAt = schedule.lastRunAt;
+    this.createdAt = schedule.createdAt;
+    this.updatedAt = schedule.updatedAt;
+  }
+}

src/allowance/entities/allowance-change-request.entity.ts

@@ -1,45 +0,0 @@
-import {
-  Column,
-  CreateDateColumn,
-  Entity,
-  JoinColumn,
-  ManyToOne,
-  PrimaryGeneratedColumn,
-  UpdateDateColumn,
-} from 'typeorm';
-import { AllowanceChangeRequestStatus } from '../enums';
-import { Allowance } from './allowance.entity';
-
-@Entity('allowance_change_requests')
-export class AllowanceChangeRequest {
-  @PrimaryGeneratedColumn('uuid')
-  id!: string;
-
-  @Column({ type: 'text', name: 'reason' })
-  reason!: string;
-
-  @Column({
-    type: 'decimal',
-    precision: 10,
-    scale: 2,
-    name: 'amount',
-    transformer: { to: (value: number) => value, from: (value: string) => parseFloat(value) },
-  })
-  amount!: number;
-
-  @Column({ type: 'varchar', length: 255, name: 'status', default: AllowanceChangeRequestStatus.PENDING })
-  status!: AllowanceChangeRequestStatus;
-
-  @Column({ type: 'uuid', name: 'allowance_id' })
-  allowanceId!: string;
-
-  @ManyToOne(() => Allowance, (allowance) => allowance.changeRequests)
-  @JoinColumn({ name: 'allowance_id' })
-  allowance!: Allowance;
-
-  @CreateDateColumn({ name: 'created_at', type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP' })
-  createdAt!: Date;
-
-  @UpdateDateColumn({ name: 'updated_at', type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP' })
-  updatedAt!: Date;
-}

src/allowance/entities/allowance-credit.entity.ts

@@ -0,0 +1,42 @@
+import {
+  BaseEntity,
+  Column,
+  CreateDateColumn,
+  Entity,
+  JoinColumn,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+} from 'typeorm';
+import { Transaction } from '~/card/entities/transaction.entity';
+import { AllowanceSchedule } from './allowance-schedule.entity';
+
+@Entity('allowance_credits')
+export class AllowanceCredit extends BaseEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Column({ type: 'decimal', precision: 12, scale: 2, name: 'amount' })
+  amount!: number;
+
+  @Column({ type: 'timestamp with time zone', name: 'run_at' })
+  runAt!: Date;
+
+  @CreateDateColumn({ type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP', name: 'credited_at' })
+  creditedAt!: Date;
+
+  @Column({ type: 'uuid', name: 'schedule_id' })
+  scheduleId!: string;
+
+
+  @ManyToOne(() => AllowanceSchedule, (schedule) => schedule.credits, { onDelete: 'CASCADE' })
+  @JoinColumn({ name: 'schedule_id' })
+  schedule!: AllowanceSchedule;
+
+  @Column({ type: 'uuid', name: 'transaction_id', nullable: true })
+  transactionId!: string | null;
+
+  @ManyToOne(() => Transaction, { onDelete: 'SET NULL', nullable: true })
+  @JoinColumn({ name: 'transaction_id' })
+  transaction!: Transaction | null;
+
+}

src/allowance/entities/allowance-schedule.entity.ts

@@ -0,0 +1,60 @@
+import {
+  BaseEntity,
+  Column,
+  CreateDateColumn,
+  Entity,
+  JoinColumn,
+  ManyToOne,
+  OneToMany,
+  PrimaryGeneratedColumn,
+  UpdateDateColumn,
+} from 'typeorm';
+import { Guardian } from '~/guardian/entities/guradian.entity';
+import { Junior } from '~/junior/entities';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '../enums';
+import { AllowanceCredit } from './allowance-credit.entity';
+
+@Entity('allowance_schedules')
+export class AllowanceSchedule extends BaseEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Column({ type: 'decimal', precision: 12, scale: 2, name: 'amount' })
+  amount!: number;
+
+  @Column({ type: 'varchar', name: 'frequency' })
+  frequency!: AllowanceFrequency;
+
+  @Column({ type: 'varchar', name: 'status', default: AllowanceScheduleStatus.ON })
+  status!: AllowanceScheduleStatus;
+
+  @Column({ type: 'timestamp with time zone', name: 'next_run_at' })
+  nextRunAt!: Date;
+
+  @Column({ type: 'timestamp with time zone', name: 'last_run_at', nullable: true })
+  lastRunAt!: Date | null;
+
+  @CreateDateColumn({ type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP', name: 'created_at' })
+  createdAt!: Date;
+
+  @UpdateDateColumn({ type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP', name: 'updated_at' })
+  updatedAt!: Date;
+
+  @Column({ type: 'uuid', name: 'guardian_id' })
+  guardianId!: string;
+
+  @ManyToOne(() => Guardian, (guardian) => guardian.allowanceSchedules, { onDelete: 'CASCADE' })
+  @JoinColumn({ name: 'guardian_id' })
+  guardian!: Guardian;
+
+  @Column({ type: 'uuid', name: 'junior_id' })
+  juniorId!: string;
+
+  @ManyToOne(() => Junior, (junior) => junior.allowanceSchedules, { onDelete: 'CASCADE' })
+  @JoinColumn({ name: 'junior_id' })
+  junior!: Junior;
+
+  @OneToMany(() => AllowanceCredit, (credit) => credit.schedule)
+  credits!: AllowanceCredit[];
+
+}

src/allowance/entities/allowance.entity.ts

@@ -1,107 +0,0 @@
-import moment from 'moment';
-import {
-  Column,
-  CreateDateColumn,
-  DeleteDateColumn,
-  Entity,
-  JoinColumn,
-  ManyToOne,
-  OneToMany,
-  PrimaryGeneratedColumn,
-  UpdateDateColumn,
-} from 'typeorm';
-import { Guardian } from '~/guardian/entities/guradian.entity';
-import { Junior } from '~/junior/entities';
-import { AllowanceFrequency, AllowanceType } from '../enums';
-import { AllowanceChangeRequest } from './allowance-change-request.entity';
-@Entity('allowances')
-export class Allowance {
-  @PrimaryGeneratedColumn('uuid')
-  id!: string;
-
-  @Column({ type: 'varchar', length: 255, name: 'name' })
-  name!: string;
-
-  @Column({
-    type: 'decimal',
-    precision: 10,
-    scale: 2,
-    name: 'amount',
-    transformer: { to: (value: number) => value, from: (value: string) => parseFloat(value) },
-  })
-  amount!: number;
-
-  @Column({ type: 'varchar', length: 255, name: 'frequency' })
-  frequency!: AllowanceFrequency;
-
-  @Column({ type: 'varchar', length: 255, name: 'type' })
-  type!: AllowanceType;
-
-  @Column({ type: 'timestamp with time zone', name: 'start_date' })
-  startDate!: Date;
-
-  @Column({ type: 'timestamp with time zone', name: 'end_date', nullable: true })
-  endDate?: Date;
-
-  @Column({ type: 'int', name: 'number_of_transactions', nullable: true })
-  numberOfTransactions?: number;
-
-  @Column({ type: 'uuid', name: 'guardian_id' })
-  guardianId!: string;
-
-  @Column({ type: 'uuid', name: 'junior_id' })
-  juniorId!: string;
-
-  @ManyToOne(() => Guardian, (guardian) => guardian.allowances)
-  @JoinColumn({ name: 'guardian_id' })
-  guardian!: Guardian;
-
-  @ManyToOne(() => Junior, (junior) => junior.allowances)
-  @JoinColumn({ name: 'junior_id' })
-  junior!: Junior;
-
-  @OneToMany(() => AllowanceChangeRequest, (changeRequest) => changeRequest.allowance)
-  changeRequests!: AllowanceChangeRequest[];
-
-  @CreateDateColumn({ name: 'created_at', type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP' })
-  createdAt!: Date;
-
-  @UpdateDateColumn({ name: 'updated_at', type: 'timestamp with time zone', default: () => 'CURRENT_TIMESTAMP' })
-  updatedAt!: Date;
-
-  @DeleteDateColumn({ name: 'deleted_at', type: 'timestamp with time zone', nullable: true })
-  deletedAt?: Date;
-
-  get nextPaymentDate(): Date | null {
-    const startDate = moment(this.startDate).clone().startOf('day');
-    const endDate = this.endDate ? moment(this.endDate).endOf('day') : null;
-    const now = moment().startOf('day');
-
-    if (endDate && moment().isAfter(endDate)) {
-      return null;
-    }
-
-    const calculateNextDate = (unit: moment.unitOfTime.Diff) => {
-      const diff = now.diff(startDate, unit);
-      const nextDate = startDate.clone().add(diff, unit);
-      const adjustedDate = nextDate.isSameOrAfter(now) ? nextDate : nextDate.add('1', unit);
-
-      if (endDate && adjustedDate.isAfter(endDate)) {
-        return null;
-      }
-
-      return adjustedDate.toDate();
-    };
-
-    switch (this.frequency) {
-      case AllowanceFrequency.DAILY:
-        return calculateNextDate('days');
-      case AllowanceFrequency.WEEKLY:
-        return calculateNextDate('weeks');
-      case AllowanceFrequency.MONTHLY:
-        return calculateNextDate('months');
-      default:
-        return null;
-    }
-  }
-}

src/allowance/entities/index.ts

@@ -1,2 +1,2 @@
-export * from './allowance-change-request.entity';
-export * from './allowance.entity';
+export * from './allowance-credit.entity';
+export * from './allowance-schedule.entity';

src/allowance/enums/allowance-schedule-status.enum.ts

@@ -0,0 +1,4 @@
+export enum AllowanceScheduleStatus {
+  ON = 'ON',
+  OFF = 'OFF',
+}

src/allowance/enums/allowance-type.enum.ts

@@ -1,4 +0,0 @@
-export enum AllowanceType {
-  BY_END_DATE = 'BY_END_DATE',
-  BY_COUNT = 'BY_COUNT',
-}

src/allowance/enums/index.ts

@@ -1,3 +1,2 @@
-export * from './allowance-change-request-status.enum';
 export * from './allowance-frequency.enum';
-export * from './allowance-type.enum';
+export * from './allowance-schedule-status.enum';

src/allowance/interfaces/allowance-schedules-grouped.interface.ts

@@ -0,0 +1,13 @@
+import { Junior } from '~/junior/entities';
+import { AllowanceSchedule } from '../entities/allowance-schedule.entity';
+
+export interface AllowanceSchedulesGrouped {
+  withSchedule: { junior: Junior; schedule: AllowanceSchedule }[];
+  withoutSchedule: Junior[];
+  monthlyTotal: number;
+}
+
+export interface AllowanceSummary {
+  nextPaymentAt: Date | null;
+  monthlyTotal: number;
+}

src/allowance/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './allowance-schedules-grouped.interface';

src/allowance/repositories/allowance-change-request.repository.ts

@@ -1,50 +0,0 @@
-import { Injectable } from '@nestjs/common';
-import { InjectRepository } from '@nestjs/typeorm';
-import { FindOptionsWhere, Repository } from 'typeorm';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { CreateAllowanceChangeRequestDto } from '../dtos/request';
-import { AllowanceChangeRequest } from '../entities';
-import { AllowanceChangeRequestStatus } from '../enums';
-const ONE = 1;
-@Injectable()
-export class AllowanceChangeRequestsRepository {
-  constructor(
-    @InjectRepository(AllowanceChangeRequest)
-    private readonly allowanceChangeRequestsRepository: Repository<AllowanceChangeRequest>,
-  ) {}
-
-  createAllowanceChangeRequest(allowanceId: string, body: CreateAllowanceChangeRequestDto) {
-    return this.allowanceChangeRequestsRepository.save(
-      this.allowanceChangeRequestsRepository.create({
-        allowanceId,
-        amount: body.amount,
-        reason: body.reason,
-      }),
-    );
-  }
-
-  findAllowanceChangeRequestBy(where: FindOptionsWhere<AllowanceChangeRequest>, withRelations = false) {
-    const relations = withRelations
-      ? ['allowance', 'allowance.junior', 'allowance.junior.customer', 'allowance.junior.customer.profilePicture']
-      : [];
-    return this.allowanceChangeRequestsRepository.findOne({ where, relations });
-  }
-
-  updateAllowanceChangeRequestStatus(requestId: string, status: AllowanceChangeRequestStatus) {
-    return this.allowanceChangeRequestsRepository.update({ id: requestId }, { status });
-  }
-
-  findAllowanceChangeRequests(guardianId: string, query: PageOptionsRequestDto) {
-    return this.allowanceChangeRequestsRepository.findAndCount({
-      where: { allowance: { guardianId } },
-      take: query.size,
-      skip: query.size * (query.page - ONE),
-      relations: [
-        'allowance',
-        'allowance.junior',
-        'allowance.junior.customer',
-        'allowance.junior.customer.profilePicture',
-      ],
-    });
-  }
-}

src/allowance/repositories/allowance-credit.repository.ts

@@ -0,0 +1,32 @@
+import { Injectable } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { AllowanceCredit } from '~/allowance/entities';
+
+@Injectable()
+export class AllowanceCreditRepository {
+  constructor(
+    @InjectRepository(AllowanceCredit)
+    private readonly allowanceCreditRepository: Repository<AllowanceCredit>,
+  ) {}
+
+  createCredit(scheduleId: string, amount: number, runAt: Date): Promise<AllowanceCredit> {
+    return this.allowanceCreditRepository.save(
+      this.allowanceCreditRepository.create({
+        scheduleId,
+        amount,
+        runAt,
+      }),
+    );
+  }
+
+  findByScheduleAndRunAt(scheduleId: string, runAt: Date): Promise<AllowanceCredit | null> {
+    return this.allowanceCreditRepository.findOne({
+      where: { scheduleId, runAt },
+    });
+  }
+
+  deleteById(id: string): Promise<void> {
+    return this.allowanceCreditRepository.delete({ id }).then(() => undefined);
+  }
+}

src/allowance/repositories/allowance-schedule.repository.ts

@@ -0,0 +1,96 @@
+import { Injectable } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { AllowanceSchedule } from '~/allowance/entities/allowance-schedule.entity';
+import { CreateAllowanceScheduleRequestDto } from '~/allowance/dtos/request';
+import { AllowanceScheduleStatus } from '~/allowance/enums';
+
+@Injectable()
+export class AllowanceScheduleRepository {
+  constructor(
+    @InjectRepository(AllowanceSchedule)
+    private readonly allowanceScheduleRepository: Repository<AllowanceSchedule>,
+  ) {}
+
+  findByGuardianAndJunior(guardianId: string, juniorId: string): Promise<AllowanceSchedule | null> {
+    return this.allowanceScheduleRepository.findOne({
+      where: { guardianId, juniorId },
+    });
+  }
+
+  findByGuardianId(guardianId: string): Promise<AllowanceSchedule[]> {
+    return this.allowanceScheduleRepository.find({
+      where: { guardianId },
+      order: { createdAt: 'DESC' },
+    });
+  }
+
+  /**
+   * Finds only active (ON) schedules for a guardian, ordered by nextRunAt (nearest first)
+   */
+  findActiveByGuardianId(guardianId: string): Promise<AllowanceSchedule[]> {
+    return this.allowanceScheduleRepository.find({
+      where: { guardianId, status: AllowanceScheduleStatus.ON },
+      order: { nextRunAt: 'ASC' },
+    });
+  }
+
+  createSchedule(guardianId: string, juniorId: string, body: CreateAllowanceScheduleRequestDto, nextRunAt: Date) {
+    return this.allowanceScheduleRepository.save(
+      this.allowanceScheduleRepository.create({
+        guardianId,
+        juniorId,
+        amount: body.amount,
+        frequency: body.frequency,
+        status: body.status,
+        nextRunAt,
+      }),
+    );
+  }
+
+  findDueSchedulesBatch(
+    limit: number,
+    cursor?: { nextRunAt: Date; id: string },
+  ): Promise<AllowanceSchedule[]> {
+    const query = this.allowanceScheduleRepository
+      .createQueryBuilder('schedule')
+      .where('schedule.status = :status', { status: AllowanceScheduleStatus.ON })
+      .andWhere('schedule.nextRunAt <= :now', { now: new Date() });
+
+    if (cursor) {
+      query.andWhere(
+        '(schedule.nextRunAt > :cursorDate OR (schedule.nextRunAt = :cursorDate AND schedule.id > :cursorId))',
+        {
+          cursorDate: cursor.nextRunAt,
+          cursorId: cursor.id,
+        },
+      );
+    }
+
+    return query
+      .orderBy('schedule.nextRunAt', 'ASC')
+      .addOrderBy('schedule.id', 'ASC')
+      .take(limit)
+      .getMany();
+  }
+
+  findById(id: string): Promise<AllowanceSchedule | null> {
+    return this.allowanceScheduleRepository.findOne({ where: { id } });
+  }
+
+  findByIdAndGuardian(id: string, guardianId: string): Promise<AllowanceSchedule | null> {
+    return this.allowanceScheduleRepository.findOne({ where: { id, guardianId } });
+  }
+
+  updateScheduleRun(id: string, lastRunAt: Date, nextRunAt: Date) {
+    return this.allowanceScheduleRepository.update({ id }, { lastRunAt, nextRunAt });
+  }
+
+  async updateSchedule(schedule: AllowanceSchedule): Promise<AllowanceSchedule> {
+    return this.allowanceScheduleRepository.save(schedule);
+  }
+
+  async deleteById(id: string): Promise<void> {
+    await this.allowanceScheduleRepository.delete({ id });
+  }
+}

src/allowance/repositories/allowances.repository.ts

@@ -1,64 +0,0 @@
-import { Injectable } from '@nestjs/common';
-import { InjectRepository } from '@nestjs/typeorm';
-import { Repository } from 'typeorm';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { CreateAllowanceRequestDto } from '../dtos/request';
-import { Allowance } from '../entities';
-const ONE = 1;
-@Injectable()
-export class AllowancesRepository {
-  constructor(@InjectRepository(Allowance) private readonly allowancesRepository: Repository<Allowance>) {}
-
-  createAllowance(guardianId: string, body: CreateAllowanceRequestDto) {
-    return this.allowancesRepository.save(
-      this.allowancesRepository.create({
-        guardianId,
-        name: body.name,
-        amount: body.amount,
-        frequency: body.frequency,
-        type: body.type,
-        startDate: body.startDate,
-        endDate: body.endDate,
-        numberOfTransactions: body.numberOfTransactions,
-        juniorId: body.juniorId,
-      }),
-    );
-  }
-
-  findAllowanceById(allowanceId: string, guardianId?: string) {
-    return this.allowancesRepository.findOne({
-      where: { id: allowanceId, guardianId },
-      relations: ['junior', 'junior.customer', 'junior.customer.profilePicture'],
-    });
-  }
-
-  findAllowances(guardianId: string, query: PageOptionsRequestDto) {
-    return this.allowancesRepository.findAndCount({
-      where: { guardianId },
-      relations: ['junior', 'junior.customer', 'junior.customer.profilePicture'],
-      take: query.size,
-      skip: query.size * (query.page - ONE),
-    });
-  }
-
-  deleteAllowance(guardianId: string, allowanceId: string) {
-    return this.allowancesRepository.softDelete({ id: allowanceId, guardianId });
-  }
-
-  async *findAllowancesChunks(chunkSize: number) {
-    let offset = 0;
-    while (true) {
-      const allowances = await this.allowancesRepository.find({
-        take: chunkSize,
-        skip: offset,
-      });
-
-      if (!allowances.length) {
-        break;
-      }
-
-      yield allowances;
-      offset += chunkSize;
-    }
-  }
-}

src/allowance/repositories/index.ts

@@ -1,2 +1,2 @@
-export * from './allowance-change-request.repository';
-export * from './allowances.repository';
+export * from './allowance-credit.repository';
+export * from './allowance-schedule.repository';

src/allowance/services/allowance-change-requests.service.ts

@@ -1,132 +0,0 @@
-import { BadRequestException, Injectable, Logger } from '@nestjs/common';
-import { FindOptionsWhere } from 'typeorm';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { OciService } from '~/document/services';
-import { CreateAllowanceChangeRequestDto } from '../dtos/request';
-import { AllowanceChangeRequest } from '../entities';
-import { AllowanceChangeRequestStatus } from '../enums';
-import { AllowanceChangeRequestsRepository } from '../repositories';
-import { AllowancesService } from './allowances.service';
-
-@Injectable()
-export class AllowanceChangeRequestsService {
-  private readonly logger = new Logger(AllowanceChangeRequestsService.name);
-  constructor(
-    private readonly allowanceChangeRequestsRepository: AllowanceChangeRequestsRepository,
-    private readonly ociService: OciService,
-    private readonly allowanceService: AllowancesService,
-  ) {}
-
-  async createAllowanceChangeRequest(juniorId: string, body: CreateAllowanceChangeRequestDto) {
-    this.logger.log(`Creating allowance change request for junior ${juniorId}`);
-    const allowance = await this.allowanceService.validateAllowanceForJunior(juniorId, body.allowanceId);
-
-    if (allowance.amount === body.amount) {
-      this.logger.error(`Amount is the same as the current allowance amount`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.SAME_AMOUNT');
-    }
-
-    const requestWithTheSameAmount = await this.findAllowanceChangeRequestBy({
-      allowanceId: body.allowanceId,
-      amount: body.amount,
-      status: AllowanceChangeRequestStatus.PENDING,
-    });
-
-    if (requestWithTheSameAmount) {
-      this.logger.error(`There is a pending request with the same amount`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.SAME_AMOUNT_PENDING');
-    }
-
-    return this.allowanceChangeRequestsRepository.createAllowanceChangeRequest(body.allowanceId, body);
-  }
-
-  findAllowanceChangeRequestBy(where: FindOptionsWhere<AllowanceChangeRequest>) {
-    this.logger.log(`Finding allowance change request by ${JSON.stringify(where)}`);
-    return this.allowanceChangeRequestsRepository.findAllowanceChangeRequestBy(where);
-  }
-
-  async approveAllowanceChangeRequest(guardianId: string, requestId: string) {
-    this.logger.log(`Approving allowance change request ${requestId} by guardian ${guardianId}`);
-    const request = await this.findAllowanceChangeRequestBy({ id: requestId, allowance: { guardianId } });
-
-    if (!request) {
-      this.logger.error(`Allowance change request ${requestId} not found for guardian ${guardianId}`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.NOT_FOUND');
-    }
-    if (request.status === AllowanceChangeRequestStatus.APPROVED) {
-      this.logger.error(`Allowance change request ${requestId} already approved`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.ALREADY_APPROVED');
-    }
-    return this.allowanceChangeRequestsRepository.updateAllowanceChangeRequestStatus(
-      requestId,
-      AllowanceChangeRequestStatus.APPROVED,
-    );
-  }
-
-  async rejectAllowanceChangeRequest(guardianId: string, requestId: string) {
-    this.logger.log(`Rejecting allowance change request ${requestId} by guardian ${guardianId}`);
-    const request = await this.findAllowanceChangeRequestBy({ id: requestId, allowance: { guardianId } });
-
-    if (!request) {
-      this.logger.error(`Allowance change request ${requestId} not found for guardian ${guardianId}`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.NOT_FOUND');
-    }
-    if (request.status === AllowanceChangeRequestStatus.REJECTED) {
-      this.logger.error(`Allowance change request ${requestId} already rejected`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.ALREADY_REJECTED');
-    }
-    return this.allowanceChangeRequestsRepository.updateAllowanceChangeRequestStatus(
-      requestId,
-      AllowanceChangeRequestStatus.REJECTED,
-    );
-  }
-
-  async findAllowanceChangeRequests(
-    guardianId: string,
-    query: PageOptionsRequestDto,
-  ): Promise<[AllowanceChangeRequest[], number]> {
-    this.logger.log(`Finding allowance change requests for guardian ${guardianId}`);
-    const [requests, itemCount] = await this.allowanceChangeRequestsRepository.findAllowanceChangeRequests(
-      guardianId,
-      query,
-    );
-
-    await this.prepareAllowanceChangeRequestsImages(requests);
-
-    this.logger.log(`Returning allowance change requests for guardian ${guardianId}`);
-    return [requests, itemCount];
-  }
-
-  async findAllowanceChangeRequestById(guardianId: string, requestId: string) {
-    this.logger.log(`Finding allowance change request ${requestId} for guardian ${guardianId}`);
-    const request = await this.allowanceChangeRequestsRepository.findAllowanceChangeRequestBy(
-      {
-        id: requestId,
-        allowance: { guardianId },
-      },
-      true,
-    );
-
-    if (!request) {
-      this.logger.error(`Allowance change request ${requestId} not found for guardian ${guardianId}`);
-      throw new BadRequestException('ALLOWANCE_CHANGE_REQUEST.NOT_FOUND');
-    }
-
-    await this.prepareAllowanceChangeRequestsImages([request]);
-
-    this.logger.log(`Allowance change request ${requestId} found successfully`);
-    return request;
-  }
-
-  private prepareAllowanceChangeRequestsImages(requests: AllowanceChangeRequest[]) {
-    this.logger.log(`Preparing allowance change requests images`);
-    return Promise.all(
-      requests.map(async (request) => {
-        const profilePicture = request.allowance.junior.customer.profilePicture;
-        if (profilePicture) {
-          profilePicture.url = await this.ociService.generatePreSignedUrl(profilePicture);
-        }
-      }),
-    );
-  }
-}

src/allowance/services/allowance-queue.service.ts

@@ -0,0 +1,90 @@
+import { Injectable, Logger, OnModuleDestroy } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { AmqpConnectionManager, ChannelWrapper, connect } from 'amqp-connection-manager';
+import {
+  ALLOWANCE_DLQ_EXCHANGE,
+  ALLOWANCE_DLQ_NAME,
+  ALLOWANCE_QUEUE_NAME,
+  ALLOWANCE_RETRY_EXCHANGE,
+  ALLOWANCE_RETRY_QUEUE_NAME,
+} from '../constants';
+
+@Injectable()
+export class AllowanceQueueService implements OnModuleDestroy {
+  private readonly logger = new Logger(AllowanceQueueService.name);
+  private connection?: AmqpConnectionManager;
+  private channel?: ChannelWrapper;
+  private readonly queueName: string;
+  private readonly rabbitUrl?: string;
+  private readonly retryDelayMs: number;
+
+  constructor(private readonly configService: ConfigService) {
+    this.queueName = this.configService.get<string>('ALLOWANCE_QUEUE_NAME') || ALLOWANCE_QUEUE_NAME;
+    this.rabbitUrl = this.configService.get<string>('RABBITMQ_URL');
+    this.retryDelayMs = Number(this.configService.get<string>('ALLOWANCE_RETRY_DELAY_MS') || 10 * 60 * 1000);
+  }
+
+  async enqueueSchedule(scheduleId: string, runAt: Date): Promise<void> {
+    if (!this.rabbitUrl) {
+      this.logger.warn('RABBITMQ_URL is not set; skipping allowance enqueue.');
+      return;
+    }
+
+    if (!this.connection || !this.channel) {
+      this.connection = connect([this.rabbitUrl]);
+      this.connection.on('connect', () => {
+        this.logger.log('RabbitMQ connected (publisher).');
+      });
+      this.connection.on('disconnect', (params) => {
+        this.logger.error(`RabbitMQ disconnected (publisher): ${params?.err?.message || 'unknown error'}`);
+      });
+      this.channel = this.connection.createChannel({
+        setup: async (channel: any) => {
+          await channel.assertExchange(ALLOWANCE_RETRY_EXCHANGE, 'direct', { durable: true });
+          await channel.assertExchange(ALLOWANCE_DLQ_EXCHANGE, 'direct', { durable: true });
+
+          await channel.assertQueue(ALLOWANCE_RETRY_QUEUE_NAME, {
+            durable: true,
+            messageTtl: this.retryDelayMs,
+            deadLetterExchange: '',
+            deadLetterRoutingKey: this.queueName,
+          });
+
+          await channel.assertQueue(ALLOWANCE_DLQ_NAME, {
+            durable: true,
+          });
+
+          await channel.bindQueue(ALLOWANCE_RETRY_QUEUE_NAME, ALLOWANCE_RETRY_EXCHANGE, this.queueName);
+          await channel.bindQueue(ALLOWANCE_DLQ_NAME, ALLOWANCE_DLQ_EXCHANGE, this.queueName);
+
+          await channel.assertQueue(this.queueName, {
+            durable: true,
+            deadLetterExchange: ALLOWANCE_RETRY_EXCHANGE,
+            deadLetterRoutingKey: this.queueName,
+          });
+        },
+      });
+    }
+
+    const payload = {
+      scheduleId,
+      runAt: runAt.toISOString(),
+    };
+
+    const messageId = `allowance:${scheduleId}:${runAt.toISOString()}`;
+    const options: any = {
+      persistent: true,
+      messageId,
+      contentType: 'application/json',
+    };
+
+    this.logger.log(`Enqueueing allowance job - scheduleId: ${scheduleId}, runAt: ${runAt.toISOString()}`);
+    await this.channel.sendToQueue(this.queueName, Buffer.from(JSON.stringify(payload)), options);
+    this.logger.log(`Allowance job enqueued successfully - messageId: ${messageId}`);
+  }
+
+  async onModuleDestroy() {
+    await this.channel?.close();
+    await this.connection?.close();
+  }
+}

src/allowance/services/allowance-worker.service.ts

@@ -0,0 +1,212 @@
+import { Injectable, Logger, OnModuleDestroy, OnModuleInit } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { AmqpConnectionManager, ChannelWrapper, connect } from 'amqp-connection-manager';
+import moment from 'moment';
+import { CardService } from '~/card/services';
+import { AllowanceScheduleRepository } from '../repositories/allowance-schedule.repository';
+import { AllowanceCreditRepository } from '../repositories/allowance-credit.repository';
+import { ALLOWANCE_DLQ_EXCHANGE, ALLOWANCE_QUEUE_NAME, ALLOWANCE_RETRY_EXCHANGE } from '../constants';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '../enums';
+
+type AllowanceQueuePayload = {
+  scheduleId: string;
+  runAt: string;
+};
+
+@Injectable()
+export class AllowanceWorkerService implements OnModuleInit, OnModuleDestroy {
+  private readonly logger = new Logger(AllowanceWorkerService.name);
+  private connection?: AmqpConnectionManager;
+  private channel?: ChannelWrapper;
+  private readonly queueName: string;
+  private readonly rabbitUrl?: string;
+  private readonly maxRetries: number;
+  private readonly isTestMode: boolean;
+
+  constructor(
+    private readonly configService: ConfigService,
+    private readonly allowanceScheduleRepository: AllowanceScheduleRepository,
+    private readonly allowanceCreditRepository: AllowanceCreditRepository,
+    private readonly cardService: CardService,
+  ) {
+    this.queueName = this.configService.get<string>('ALLOWANCE_QUEUE_NAME') || ALLOWANCE_QUEUE_NAME;
+    this.rabbitUrl = this.configService.get<string>('RABBITMQ_URL');
+    this.maxRetries = Number(this.configService.get<string>('ALLOWANCE_MAX_RETRIES') || 5);
+    this.isTestMode = this.configService.get<string>('ALLOWANCE_TEST_MODE') === 'true';
+    if (this.isTestMode) {
+      this.logger.warn('ALLOWANCE_TEST_MODE is enabled - using short intervals (5/10/15 min)');
+    }
+  }
+
+  async onModuleInit() {
+    if (!this.rabbitUrl) {
+      this.logger.warn('RABBITMQ_URL is not set; allowance worker is disabled.');
+      return;
+    }
+
+    this.connection = connect([this.rabbitUrl]);
+    this.connection.on('connect', () => {
+      this.logger.log('RabbitMQ connected (worker).');
+    });
+    this.connection.on('disconnect', (params) => {
+      this.logger.error(`RabbitMQ disconnected (worker): ${params?.err?.message || 'unknown error'}`);
+    });
+    this.channel = this.connection.createChannel({
+      setup: async (channel: any) => {
+        await channel.assertQueue(this.queueName, {
+          durable: true,
+          deadLetterExchange: ALLOWANCE_RETRY_EXCHANGE,
+          deadLetterRoutingKey: this.queueName,
+        });
+        await channel.prefetch(10);
+        await channel.consume(this.queueName, (msg: any) => this.handleMessage(channel, msg), {
+          noAck: false,
+        });
+      },
+    });
+  }
+
+  async onModuleDestroy() {
+    await this.channel?.close();
+    await this.connection?.close();
+  }
+
+  private async handleMessage(channel: any, msg: any) {
+    if (!msg) {
+      return;
+    }
+
+    let payload: AllowanceQueuePayload;
+    try {
+      payload = JSON.parse(msg.content.toString()) as AllowanceQueuePayload;
+    } catch (error) {
+      const stack = error instanceof Error ? error.stack : undefined;
+      this.logger.error('Invalid allowance queue payload', stack || error);
+      channel.ack(msg);
+      return;
+    }
+
+    try {
+      await this.processAllowanceJob(payload);
+      channel.ack(msg);
+    } catch (error) {
+      const stack = error instanceof Error ? error.stack : undefined;
+      this.logger.error(`Allowance job failed for schedule ${payload.scheduleId}`, stack || error);
+      const retryCount = this.getRetryCount(msg);
+      if (retryCount >= this.maxRetries) {
+        this.logger.error(`Allowance job exceeded max retries (${this.maxRetries}). Sending to DLQ.`);
+        channel.publish(ALLOWANCE_DLQ_EXCHANGE, this.queueName, msg.content, {
+          contentType: msg.properties.contentType,
+          messageId: msg.properties.messageId,
+          headers: msg.properties.headers,
+          persistent: true,
+        });
+        channel.ack(msg);
+        return;
+      }
+      channel.nack(msg, false, false);
+    }
+  }
+
+  private async processAllowanceJob(payload: AllowanceQueuePayload): Promise<void> {
+    const runAt = new Date(payload.runAt);
+    if (!payload.scheduleId || Number.isNaN(runAt.getTime())) {
+      this.logger.warn(`Invalid payload - scheduleId: ${payload.scheduleId}, runAt: ${payload.runAt}`);
+      return;
+    }
+
+    this.logger.log(`Processing allowance job - scheduleId: ${payload.scheduleId}, runAt: ${runAt.toISOString()}`);
+
+    const schedule = await this.allowanceScheduleRepository.findById(payload.scheduleId);
+    if (!schedule) {
+      this.logger.warn(`Schedule not found: ${payload.scheduleId}`);
+      return;
+    }
+
+    this.logger.debug(`Schedule found - juniorId: ${schedule.juniorId}, amount: ${schedule.amount}, status: ${schedule.status}, nextRunAt: ${schedule.nextRunAt}`);
+
+    if (schedule.status !== AllowanceScheduleStatus.ON) {
+      this.logger.warn(`Schedule ${payload.scheduleId} is not ON (status: ${schedule.status}). Skipping.`);
+      return;
+    }
+
+    if (schedule.nextRunAt > runAt) {
+      this.logger.warn(`Schedule ${payload.scheduleId} nextRunAt (${schedule.nextRunAt}) > runAt (${runAt}). Skipping.`);
+      return;
+    }
+
+    // Convert amount from decimal string to number
+    const amount = Number(schedule.amount);
+    if (isNaN(amount) || amount <= 0) {
+      this.logger.error(`Invalid amount for schedule ${payload.scheduleId}: ${schedule.amount}`);
+      return;
+    }
+
+    this.logger.log(`Creating allowance credit - scheduleId: ${payload.scheduleId}, amount: ${amount}`);
+
+    let credit = null;
+    try {
+      credit = await this.allowanceCreditRepository.createCredit(schedule.id, amount, runAt);
+      this.logger.log(`Credit created: ${credit.id}`);
+    } catch (error: any) {
+      if (error?.code === '23505') {
+        this.logger.warn(`Credit already exists for schedule ${payload.scheduleId} at ${runAt.toISOString()} (idempotency check)`);
+        return;
+      }
+      throw error;
+    }
+
+    try {
+      this.logger.log(`Transferring ${amount} to junior ${schedule.juniorId}`);
+      await this.cardService.transferToChild(schedule.juniorId, amount);
+      this.logger.log(`Transfer successful for junior ${schedule.juniorId}`);
+
+      const nextRunAt = this.computeNextRunAt(schedule.frequency);
+      await this.allowanceScheduleRepository.updateScheduleRun(schedule.id, runAt, nextRunAt);
+      this.logger.log(`Schedule ${payload.scheduleId} updated - lastRunAt: ${runAt.toISOString()}, nextRunAt: ${nextRunAt.toISOString()}`);
+    } catch (error) {
+      this.logger.error(`Transfer failed for schedule ${payload.scheduleId}: ${error instanceof Error ? error.message : error}`);
+      if (credit) {
+        await this.allowanceCreditRepository.deleteById(credit.id);
+        this.logger.log(`Credit ${credit.id} deleted due to transfer failure`);
+      }
+      throw error;
+    }
+  }
+
+  private computeNextRunAt(frequency: AllowanceFrequency): Date {
+    const base = moment();
+
+    if (this.isTestMode) {
+      // Test mode: DAILY=5min, WEEKLY=10min, MONTHLY=15min
+      switch (frequency) {
+        case AllowanceFrequency.DAILY:
+          return base.add(5, 'minutes').toDate();
+        case AllowanceFrequency.WEEKLY:
+          return base.add(10, 'minutes').toDate();
+        case AllowanceFrequency.MONTHLY:
+          return base.add(15, 'minutes').toDate();
+        default:
+          return base.toDate();
+      }
+    }
+
+    // Production mode: real intervals
+    switch (frequency) {
+      case AllowanceFrequency.DAILY:
+        return base.add(1, 'day').toDate();
+      case AllowanceFrequency.WEEKLY:
+        return base.add(1, 'week').toDate();
+      case AllowanceFrequency.MONTHLY:
+        return base.add(1, 'month').toDate();
+      default:
+        return base.toDate();
+    }
+  }
+
+  private getRetryCount(msg: any): number {
+    const deaths = (msg.properties.headers?.['x-death'] as Array<{ count?: number }> | undefined) || [];
+    const retryDeath = deaths.find((death) => death?.count != null);
+    return retryDeath?.count ?? 0;
+  }
+}

src/allowance/services/allowance.service.ts

@@ -0,0 +1,213 @@
+import { BadRequestException, Injectable, Logger, NotFoundException } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import moment from 'moment';
+import { Junior } from '~/junior/entities';
+import { JuniorService } from '~/junior/services';
+import { CreateAllowanceScheduleRequestDto, UpdateAllowanceScheduleRequestDto } from '../dtos/request';
+import { AllowanceSchedule } from '../entities/allowance-schedule.entity';
+import { AllowanceFrequency, AllowanceScheduleStatus } from '../enums';
+import { AllowanceSchedulesGrouped, AllowanceSummary } from '../interfaces';
+import { AllowanceScheduleRepository } from '../repositories';
+
+@Injectable()
+export class AllowanceService {
+  private readonly logger = new Logger(AllowanceService.name);
+  private readonly isTestMode: boolean;
+
+  constructor(
+    private readonly allowanceScheduleRepository: AllowanceScheduleRepository,
+    private readonly juniorService: JuniorService,
+    private readonly configService: ConfigService,
+  ) {
+    this.isTestMode = this.configService.get<string>('ALLOWANCE_TEST_MODE') === 'true';
+    if (this.isTestMode) {
+      this.logger.warn('ALLOWANCE_TEST_MODE is enabled - using short intervals (5/10/15 min)');
+    }
+  }
+
+  /**
+   * Gets all allowance schedules for a guardian, grouped by juniors with and without schedules.
+   */
+  async getSchedulesByGuardian(guardianId: string): Promise<AllowanceSchedulesGrouped> {
+    // Fetch all juniors for this guardian (with pagination workaround - large size)
+    const [juniors] = await this.juniorService.findJuniorsByGuardianId(guardianId, {
+      page: 1,
+      size: 1000, // Assuming no guardian has more than 1000 children
+    });
+
+    // Fetch all schedules for this guardian
+    const schedules = await this.allowanceScheduleRepository.findByGuardianId(guardianId);
+
+    // Create a map of juniorId -> schedule for quick lookup
+    const scheduleMap = new Map<string, AllowanceSchedule>();
+    for (const schedule of schedules) {
+      scheduleMap.set(schedule.juniorId, schedule);
+    }
+
+    // Separate juniors into two groups
+    const withSchedule: { junior: Junior; schedule: AllowanceSchedule }[] = [];
+    const withoutSchedule: Junior[] = [];
+
+    for (const junior of juniors) {
+      const schedule = scheduleMap.get(junior.id);
+      if (schedule) {
+        withSchedule.push({ junior, schedule });
+      } else {
+        withoutSchedule.push(junior);
+      }
+    }
+
+    const monthlyTotal = this.calculateMonthlyTotal(schedules);
+
+    return { withSchedule, withoutSchedule, monthlyTotal };
+  }
+
+  /**
+   * Calculates the monthly equivalent total for all active schedules.
+   * - DAILY: amount * 30
+   * - WEEKLY: amount * 4
+   * - MONTHLY: amount * 1
+   */
+  private calculateMonthlyTotal(schedules: AllowanceSchedule[]): number {
+    return schedules
+      .filter((s) => s.status === AllowanceScheduleStatus.ON)
+      .reduce((total, schedule) => {
+        const amount = Number(schedule.amount);
+        switch (schedule.frequency) {
+          case AllowanceFrequency.DAILY:
+            return total + amount * 30;
+          case AllowanceFrequency.WEEKLY:
+            return total + amount * 4;
+          case AllowanceFrequency.MONTHLY:
+            return total + amount;
+          default:
+            return total;
+        }
+      }, 0);
+  }
+
+  async createSchedule(
+    guardianId: string,
+    juniorId: string,
+    body: CreateAllowanceScheduleRequestDto,
+  ): Promise<AllowanceSchedule> {
+    const doesBelong = await this.juniorService.doesJuniorBelongToGuardian(guardianId, juniorId);
+    if (!doesBelong) {
+      this.logger.error(`Junior ${juniorId} does not belong to guardian ${guardianId}`);
+      throw new BadRequestException('JUNIOR.NOT_BELONG_TO_GUARDIAN');
+    }
+
+    const existingSchedule = await this.allowanceScheduleRepository.findByGuardianAndJunior(guardianId, juniorId);
+    if (existingSchedule) {
+      throw new BadRequestException('ALLOWANCE.ALREADY_EXISTS');
+    }
+
+    const nextRunAt = this.computeNextRunAt(body.frequency, body.status);
+    return this.allowanceScheduleRepository.createSchedule(guardianId, juniorId, body, nextRunAt);
+  }
+
+  private computeNextRunAt(frequency: AllowanceFrequency, status: AllowanceScheduleStatus): Date {
+    const base = moment();
+    if (status === AllowanceScheduleStatus.OFF) {
+      return base.toDate();
+    }
+
+    if (this.isTestMode) {
+      // Test mode: DAILY=5min, WEEKLY=10min, MONTHLY=15min
+      switch (frequency) {
+        case AllowanceFrequency.DAILY:
+          return base.add(5, 'minutes').toDate();
+        case AllowanceFrequency.WEEKLY:
+          return base.add(10, 'minutes').toDate();
+        case AllowanceFrequency.MONTHLY:
+          return base.add(15, 'minutes').toDate();
+        default:
+          return base.toDate();
+      }
+    }
+
+    // Production mode: real intervals
+    switch (frequency) {
+      case AllowanceFrequency.DAILY:
+        return base.add(1, 'day').toDate();
+      case AllowanceFrequency.WEEKLY:
+        return base.add(1, 'week').toDate();
+      case AllowanceFrequency.MONTHLY:
+        return base.add(1, 'month').toDate();
+      default:
+        return base.toDate();
+    }
+  }
+
+  /**
+   * Updates an existing allowance schedule.
+   * Recalculates nextRunAt if frequency or status changes.
+   */
+  async updateSchedule(
+    guardianId: string,
+    scheduleId: string,
+    body: UpdateAllowanceScheduleRequestDto,
+  ): Promise<AllowanceSchedule> {
+    const schedule = await this.allowanceScheduleRepository.findByIdAndGuardian(scheduleId, guardianId);
+
+    if (!schedule) {
+      this.logger.error(`Schedule ${scheduleId} not found for guardian ${guardianId}`);
+      throw new NotFoundException('ALLOWANCE.NOT_FOUND');
+    }
+
+    // Check if frequency or status is changing (need to recalculate nextRunAt)
+    const frequencyChanged = body.frequency && body.frequency !== schedule.frequency;
+    const statusChanged = body.status && body.status !== schedule.status;
+
+    // Update fields if provided
+    if (body.amount !== undefined) {
+      schedule.amount = body.amount;
+    }
+    if (body.frequency !== undefined) {
+      schedule.frequency = body.frequency;
+    }
+    if (body.status !== undefined) {
+      schedule.status = body.status;
+    }
+
+    // Recalculate nextRunAt if frequency or status changed
+    if (frequencyChanged || statusChanged) {
+      schedule.nextRunAt = this.computeNextRunAt(schedule.frequency, schedule.status);
+    }
+
+    this.logger.log(`Updating schedule ${scheduleId} for guardian ${guardianId}`);
+    return this.allowanceScheduleRepository.updateSchedule(schedule);
+  }
+
+  /**
+   * Gets a lightweight summary of allowances for the home page.
+   * Only fetches active schedules for efficiency.
+   */
+  async getSummary(guardianId: string): Promise<AllowanceSummary> {
+    // Only fetch active schedules, ordered by nextRunAt (nearest first)
+    const activeSchedules = await this.allowanceScheduleRepository.findActiveByGuardianId(guardianId);
+
+    // The first one is the nearest (already sorted by nextRunAt ASC)
+    const nextPaymentAt = activeSchedules.length > 0 ? activeSchedules[0].nextRunAt : null;
+
+    // Calculate monthly total from active schedules
+    const monthlyTotal = this.calculateMonthlyTotal(activeSchedules);
+
+    return { nextPaymentAt, monthlyTotal };
+  }
+
+  /**
+   * Deletes an allowance schedule.
+   */
+  async deleteSchedule(guardianId: string, scheduleId: string): Promise<void> {
+    const schedule = await this.allowanceScheduleRepository.findByIdAndGuardian(scheduleId, guardianId);
+
+    if (!schedule) {
+      this.logger.error(`Schedule ${scheduleId} not found for guardian ${guardianId}`);
+      throw new NotFoundException('ALLOWANCE.NOT_FOUND');
+    }
+
+    this.logger.log(`Deleting schedule ${scheduleId} for guardian ${guardianId}`);
+    await this.allowanceScheduleRepository.deleteById(scheduleId);
+  }
+}

src/allowance/services/allowances.service.ts

@@ -1,110 +0,0 @@
-import { BadRequestException, Injectable, Logger } from '@nestjs/common';
-import moment from 'moment';
-import { PageOptionsRequestDto } from '~/core/dtos';
-import { OciService } from '~/document/services';
-import { JuniorService } from '~/junior/services';
-import { CreateAllowanceRequestDto } from '../dtos/request';
-import { Allowance } from '../entities';
-import { AllowancesRepository } from '../repositories';
-
-@Injectable()
-export class AllowancesService {
-  private readonly logger = new Logger(AllowancesService.name);
-  constructor(
-    private readonly allowancesRepository: AllowancesRepository,
-    private readonly juniorService: JuniorService,
-    private readonly ociService: OciService,
-  ) {}
-
-  async createAllowance(guardianId: string, body: CreateAllowanceRequestDto) {
-    this.logger.log(`Creating allowance for junior ${body.juniorId} by guardian ${guardianId}`);
-    if (moment(body.startDate).isBefore(moment().startOf('day'))) {
-      this.logger.error(`Start date ${body.startDate} is before today`);
-      throw new BadRequestException('ALLOWANCE.START_DATE_BEFORE_TODAY');
-    }
-    if (moment(body.startDate).isAfter(body.endDate)) {
-      this.logger.error(`Start date ${body.startDate} is after end date ${body.endDate}`);
-      throw new BadRequestException('ALLOWANCE.START_DATE_AFTER_END_DATE');
-    }
-
-    const doesJuniorBelongToGuardian = await this.juniorService.doesJuniorBelongToGuardian(guardianId, body.juniorId);
-
-    if (!doesJuniorBelongToGuardian) {
-      this.logger.error(`Junior ${body.juniorId} does not belong to guardian ${guardianId}`);
-      throw new BadRequestException('JUNIOR.DOES_NOT_BELONG_TO_GUARDIAN');
-    }
-
-    const allowance = await this.allowancesRepository.createAllowance(guardianId, body);
-
-    this.logger.log(`Allowance ${allowance.id} created successfully`);
-    return this.findAllowanceById(allowance.id);
-  }
-
-  async findAllowanceById(allowanceId: string, guardianId?: string) {
-    this.logger.log(`Finding allowance ${allowanceId} ${guardianId ? `by guardian ${guardianId}` : ''}`);
-    const allowance = await this.allowancesRepository.findAllowanceById(allowanceId, guardianId);
-
-    if (!allowance) {
-      this.logger.error(`Allowance ${allowanceId} not found ${guardianId ? `for guardian ${guardianId}` : ''}`);
-      throw new BadRequestException('ALLOWANCE.NOT_FOUND');
-    }
-    await this.prepareAllowanceDocuments([allowance]);
-    this.logger.log(`Allowance ${allowanceId} found successfully`);
-    return allowance;
-  }
-
-  async findAllowances(guardianId: string, query: PageOptionsRequestDto): Promise<[Allowance[], number]> {
-    this.logger.log(`Finding allowances for guardian ${guardianId}`);
-    const [allowances, itemCount] = await this.allowancesRepository.findAllowances(guardianId, query);
-    await this.prepareAllowanceDocuments(allowances);
-    this.logger.log(`Returning allowances for guardian ${guardianId}`);
-    return [allowances, itemCount];
-  }
-
-  async deleteAllowance(guardianId: string, allowanceId: string) {
-    this.logger.log(`Deleting allowance ${allowanceId} for guardian ${guardianId}`);
-    const { affected } = await this.allowancesRepository.deleteAllowance(guardianId, allowanceId);
-
-    if (!affected) {
-      this.logger.error(`Allowance ${allowanceId} not found`);
-      throw new BadRequestException('ALLOWANCE.NOT_FOUND');
-    }
-    this.logger.log(`Allowance ${allowanceId} deleted successfully`);
-  }
-
-  async validateAllowanceForJunior(juniorId: string, allowanceId: string) {
-    this.logger.log(`Validating allowance ${allowanceId} for junior ${juniorId}`);
-    const allowance = await this.allowancesRepository.findAllowanceById(allowanceId);
-
-    if (!allowance) {
-      this.logger.error(`Allowance ${allowanceId} not found`);
-      throw new BadRequestException('ALLOWANCE.NOT_FOUND');
-    }
-
-    if (allowance.juniorId !== juniorId) {
-      this.logger.error(`Allowance ${allowanceId} does not belong to junior ${juniorId}`);
-      throw new BadRequestException('ALLOWANCE.DOES_NOT_BELONG_TO_JUNIOR');
-    }
-
-    return allowance;
-  }
-
-  async findAllowancesChunks(chunkSize: number) {
-    this.logger.log(`Finding allowances chunks`);
-    const allowances = await this.allowancesRepository.findAllowancesChunks(chunkSize);
-    this.logger.log(`Returning allowances chunks`);
-    return allowances;
-  }
-
-  private async prepareAllowanceDocuments(allowance: Allowance[]) {
-    this.logger.log(`Preparing document for allowances`);
-    await Promise.all(
-      allowance.map(async (allowance) => {
-        const profilePicture = allowance.junior.customer.profilePicture;
-        if (profilePicture) {
-          profilePicture.url = await this.ociService.generatePreSignedUrl(profilePicture);
-        }
-      }),
-    );
-  }
-}

src/allowance/services/index.ts

@@ -1,2 +1,3 @@
-export * from './allowance-change-requests.service';
-export * from './allowances.service';
+export * from './allowance-queue.service';
+export * from './allowance.service';
+export * from './allowance-worker.service';

src/app.module.ts

@@ -8,10 +8,12 @@ import { I18nMiddleware, I18nModule } from 'nestjs-i18n';
 import { LoggerModule } from 'nestjs-pino';
 import { DataSource } from 'typeorm';
 import { addTransactionalDataSource } from 'typeorm-transactional';
-import { AllowanceModule } from './allowance/allowance.module';
 import { AuthModule } from './auth/auth.module';
+import { AllowanceModule } from './allowance/allowance.module';
+import { CardModule } from './card/card.module';
 import { CacheModule } from './common/modules/cache/cache.module';
 import { LookupModule } from './common/modules/lookup/lookup.module';
+import { NeoLeapModule } from './common/modules/neoleap/neoleap.module';
 import { NotificationModule } from './common/modules/notification/notification.module';
 import { OtpModule } from './common/modules/otp/otp.module';
 import { AllExceptionsFilter, buildI18nValidationExceptionFilter } from './core/filters';
@@ -22,14 +24,12 @@ import { CronModule } from './cron/cron.module';
 import { CustomerModule } from './customer/customer.module';
 import { migrations } from './db';
 import { DocumentModule } from './document/document.module';
-import { GiftModule } from './gift/gift.module';
 import { GuardianModule } from './guardian/guardian.module';
 import { HealthModule } from './health/health.module';
 import { JuniorModule } from './junior/junior.module';
-import { MoneyRequestModule } from './money-request/money-request.module';
-import { SavingGoalsModule } from './saving-goals/saving-goals.module';
-import { TaskModule } from './task/task.module';
 import { UserModule } from './user/user.module';
+import { WebhookModule } from './webhook/webhook.module';
+import { MoneyRequestModule } from './money-request/money-request.module';
 
 @Module({
   controllers: [],
@@ -41,7 +41,6 @@ import { UserModule } from './user/user.module';
       useFactory: (config: ConfigService) => {
         return buildTypeormOptions(config, migrations);
       },
-      /* eslint-disable require-await */
       async dataSourceFactory(options) {
         if (!options) {
           throw new Error('Invalid options passed');
@@ -49,7 +48,6 @@ import { UserModule } from './user/user.module';
 
         return addTransactionalDataSource(new DataSource(options));
       },
-      /* eslint-enable require-await */
     }),
     LoggerModule.forRootAsync({
       useFactory: (config: ConfigService) => buildLoggerOptions(config),
@@ -61,15 +59,14 @@ import { UserModule } from './user/user.module';
     ScheduleModule.forRoot(),
     // App modules
     AuthModule,
+    AllowanceModule,
+    UserModule,
+
     CustomerModule,
     JuniorModule,
-
-    TaskModule,
     GuardianModule,
-    SavingGoalsModule,
-    AllowanceModule,
-    MoneyRequestModule,
-    GiftModule,
+    CardModule,
+
     NotificationModule,
     OtpModule,
     DocumentModule,
@@ -77,9 +74,10 @@ import { UserModule } from './user/user.module';
 
     HealthModule,
 
-    UserModule,
-
     CronModule,
+    NeoLeapModule,
+    WebhookModule,
+    MoneyRequestModule,
   ],
   providers: [
     // Global Pipes

src/auth/auth.module.ts

@@ -1,3 +1,4 @@
+import { HttpModule } from '@nestjs/axios';
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';
 import { JuniorModule } from '~/junior/junior.module';
@@ -7,7 +8,7 @@ import { AuthService } from './services';
 import { AccessTokenStrategy } from './strategies';
 
 @Module({
-  imports: [JwtModule.register({}), JuniorModule, UserModule],
+  imports: [JwtModule.register({}), UserModule, JuniorModule, HttpModule],
   providers: [AuthService, AccessTokenStrategy],
   controllers: [AuthController],
   exports: [],

src/auth/controllers/auth.controller.ts

@@ -1,31 +1,32 @@
-import { Body, Controller, Headers, HttpCode, HttpStatus, Post, Req, UseGuards } from '@nestjs/common';
+import { Body, Controller, HttpCode, HttpStatus, Post, Req, UseGuards } from '@nestjs/common';
 import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
 import { Request } from 'express';
-import { DEVICE_ID_HEADER } from '~/common/constants';
 import { AuthenticatedUser, Public } from '~/common/decorators';
 import { AccessTokenGuard } from '~/common/guards';
+import { ApiDataResponse, ApiLangRequestHeader } from '~/core/decorators';
 import { ResponseFactory } from '~/core/utils';
 import {
+  ChangePasswordRequestDto,
   CreateUnverifiedUserRequestDto,
-  DisableBiometricRequestDto,
-  EnableBiometricRequestDto,
   ForgetPasswordRequestDto,
+  JuniorLoginRequestDto,
   LoginRequestDto,
   RefreshTokenRequestDto,
   SendForgetPasswordOtpRequestDto,
-  SetEmailRequestDto,
   setJuniorPasswordRequestDto,
-  SetPasscodeRequestDto,
+  VerifyForgetPasswordOtpRequestDto,
   VerifyUserRequestDto,
 } from '../dtos/request';
 import { SendForgetPasswordOtpResponseDto, SendRegisterOtpResponseDto } from '../dtos/response';
 import { LoginResponseDto } from '../dtos/response/login.response.dto';
+import { VerifyForgetPasswordOtpResponseDto } from '../dtos/response/verify-forget-password-otp.response.dto';
 import { IJwtPayload } from '../interfaces';
 import { AuthService } from '../services';
 
 @Controller('auth')
 @ApiTags('Auth')
 @ApiBearerAuth()
+@ApiLangRequestHeader()
 export class AuthController {
   constructor(private readonly authService: AuthService) {}
   @Post('register/otp')
@@ -40,51 +41,54 @@ export class AuthController {
     return ResponseFactory.data(new LoginResponseDto(res, user));
   }
 
-  @Post('register/set-email')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  @UseGuards(AccessTokenGuard)
-  async setEmail(@AuthenticatedUser() { sub }: IJwtPayload, @Body() setEmailDto: SetEmailRequestDto) {
-    await this.authService.setEmail(sub, setEmailDto);
-  }
-
-  @Post('register/set-passcode')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  @UseGuards(AccessTokenGuard)
-  async setPasscode(@AuthenticatedUser() { sub }: IJwtPayload, @Body() { passcode }: SetPasscodeRequestDto) {
-    await this.authService.setPasscode(sub, passcode);
-  }
-
-  @Post('biometric/enable')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  @UseGuards(AccessTokenGuard)
-  enableBiometric(@AuthenticatedUser() { sub }: IJwtPayload, @Body() enableBiometricDto: EnableBiometricRequestDto) {
-    return this.authService.enableBiometric(sub, enableBiometricDto);
-  }
-
-  @Post('biometric/disable')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  @UseGuards(AccessTokenGuard)
-  disableBiometric(@AuthenticatedUser() { sub }: IJwtPayload, @Body() disableBiometricDto: DisableBiometricRequestDto) {
-    return this.authService.disableBiometric(sub, disableBiometricDto);
+  @Post('login')
+  async login(@Body() verifyUserDto: LoginRequestDto) {
+    const [res, user] = await this.authService.loginWithPassword(verifyUserDto);
+    return ResponseFactory.data(new LoginResponseDto(res, user));
   }
 
   @Post('forget-password/otp')
   async forgetPassword(@Body() sendForgetPasswordOtpDto: SendForgetPasswordOtpRequestDto) {
-    const email = await this.authService.sendForgetPasswordOtp(sendForgetPasswordOtpDto);
-    return ResponseFactory.data(new SendForgetPasswordOtpResponseDto(email));
+    const maskedNumber = await this.authService.sendForgetPasswordOtp(sendForgetPasswordOtpDto);
+    return ResponseFactory.data(new SendForgetPasswordOtpResponseDto(maskedNumber));
+  }
+
+  @Post('forget-password/verify')
+  @HttpCode(HttpStatus.OK)
+  @ApiDataResponse(VerifyForgetPasswordOtpResponseDto)
+  async verifyForgetPasswordOtp(@Body() forgetPasswordDto: VerifyForgetPasswordOtpRequestDto) {
+    const { token, user } = await this.authService.verifyForgetPasswordOtp(forgetPasswordDto);
+
+    return ResponseFactory.data(new VerifyForgetPasswordOtpResponseDto(token, user));
   }
 
   @Post('forget-password/reset')
   @HttpCode(HttpStatus.NO_CONTENT)
   resetPassword(@Body() forgetPasswordDto: ForgetPasswordRequestDto) {
-    return this.authService.verifyForgetPasswordOtp(forgetPasswordDto);
+    return this.authService.resetPassword(forgetPasswordDto);
   }
 
-  @Post('junior/set-passcode')
+  @Post('change-password')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  @UseGuards(AccessTokenGuard)
+  changePassword(@AuthenticatedUser() { sub }: IJwtPayload, @Body() forgetPasswordDto: ChangePasswordRequestDto) {
+    return this.authService.changePassword(sub, forgetPasswordDto);
+  }
+
+  @Post('junior/set-password')
   @HttpCode(HttpStatus.NO_CONTENT)
   @Public()
-  setJuniorPasscode(@Body() setPasscodeDto: setJuniorPasswordRequestDto) {
-    return this.authService.setJuniorPasscode(setPasscodeDto);
+  setJuniorPasscode(@Body() setPassworddto: setJuniorPasswordRequestDto) {
+    return this.authService.setJuniorPassword(setPassworddto);
+  }
+
+  @Post('junior/login')
+  @HttpCode(HttpStatus.OK)
+  @ApiDataResponse(LoginResponseDto)
+  async juniorLogin(@Body() juniorLoginDto: JuniorLoginRequestDto) {
+    const [res, user] = await this.authService.juniorLogin(juniorLoginDto);
+
+    return ResponseFactory.data(new LoginResponseDto(res, user));
   }
 
   @Post('refresh-token')
@@ -94,12 +98,6 @@ export class AuthController {
     return ResponseFactory.data(new LoginResponseDto(res, user));
   }
 
-  @Post('login')
-  async login(@Body() loginDto: LoginRequestDto, @Headers(DEVICE_ID_HEADER) deviceId: string) {
-    const [res, user] = await this.authService.login(loginDto, deviceId);
-    return ResponseFactory.data(new LoginResponseDto(res, user));
-  }
-
   @Post('logout')
   @HttpCode(HttpStatus.NO_CONTENT)
   @UseGuards(AccessTokenGuard)

src/auth/dtos/request/change-password.request.dto.ts

@@ -0,0 +1,23 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString, Matches } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { PASSWORD_REGEX } from '~/auth/constants';
+
+export class ChangePasswordRequestDto {
+  @ApiProperty({ example: 'currentPassword@123' })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.currentPassword' }) })
+  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.currentPassword' }) })
+  currentPassword!: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.newPassword' }),
+  })
+  newPassword!: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.confirmNewPassword' }),
+  })
+  confirmNewPassword!: string;
+}

src/auth/dtos/request/create-unverified-user.request.dto.ts

@@ -1,19 +1,4 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { Matches } from 'class-validator';
-import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-import { COUNTRY_CODE_REGEX } from '~/auth/constants';
-import { IsValidPhoneNumber } from '~/core/decorators/validations';
+import { OmitType } from '@nestjs/swagger';
+import { VerifyUserRequestDto } from './verify-user.request.dto';
 
-export class CreateUnverifiedUserRequestDto {
-  @ApiProperty({ example: '+962' })
-  @Matches(COUNTRY_CODE_REGEX, {
-    message: i18n('validation.Matches', { path: 'general', property: 'auth.countryCode' }),
-  })
-  countryCode: string = '+966';
-
-  @ApiProperty({ example: '787259134' })
-  @IsValidPhoneNumber({
-    message: i18n('validation.IsValidPhoneNumber', { path: 'general', property: 'auth.phoneNumber' }),
-  })
-  phoneNumber!: string;
-}
+export class CreateUnverifiedUserRequestDto extends OmitType(VerifyUserRequestDto, ['otp']) {}

src/auth/dtos/request/disable-biometric.request.dto.ts

@@ -1,4 +0,0 @@
-import { PickType } from '@nestjs/swagger';
-import { EnableBiometricRequestDto } from './enable-biometric.request.dto';
-
-export class DisableBiometricRequestDto extends PickType(EnableBiometricRequestDto, ['deviceId']) {}

src/auth/dtos/request/enable-biometric.request.dto.ts

@@ -1,14 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { IsNotEmpty, IsString } from 'class-validator';
-import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-export class EnableBiometricRequestDto {
-  @ApiProperty({ example: 'device-id' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.deviceId' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.deviceId' }) })
-  deviceId!: string;
-
-  @ApiProperty({ example: 'publicKey' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.publicKey' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.publicKey' }) })
-  publicKey!: string;
-}

src/auth/dtos/request/forget-password.request.dto.ts

@@ -1,32 +1,34 @@
 import { ApiProperty } from '@nestjs/swagger';
-import { IsEmail, IsNotEmpty, IsNumberString, IsString, MaxLength, MinLength } from 'class-validator';
+import { IsString, Matches } from 'class-validator';
 import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-import { DEFAULT_OTP_LENGTH } from '~/common/modules/otp/constants';
+import { COUNTRY_CODE_REGEX, PASSWORD_REGEX } from '~/auth/constants';
+import { IsValidPhoneNumber } from '~/core/decorators/validations';
 export class ForgetPasswordRequestDto {
-  @ApiProperty({ example: 'test@test.com' })
-  @IsEmail({}, { message: i18n('validation.IsEmail', { path: 'general', property: 'auth.email' }) })
-  email!: string;
+  @ApiProperty({ example: '+962' })
+  @Matches(COUNTRY_CODE_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.countryCode' }),
+  })
+  countryCode!: string;
 
-  @ApiProperty({ example: 'password' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.password' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.password' }) })
+  @ApiProperty({ example: '787259134' })
+  @IsValidPhoneNumber({
+    message: i18n('validation.IsValidPhoneNumber', { path: 'general', property: 'auth.phoneNumber' }),
+  })
+  phoneNumber!: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.password' }),
+  })
   password!: string;
 
-  @ApiProperty({ example: 'password' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.confirmPassword' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.confirmPassword' }) })
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.confirmPassword' }),
+  })
   confirmPassword!: string;
 
-  @ApiProperty({ example: '111111' })
-  @IsNumberString(
-    { no_symbols: true },
-    { message: i18n('validation.IsNumberString', { path: 'general', property: 'auth.otp' }) },
-  )
-  @MaxLength(DEFAULT_OTP_LENGTH, {
-    message: i18n('validation.MaxLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
-  })
-  @MinLength(DEFAULT_OTP_LENGTH, {
-    message: i18n('validation.MinLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
-  })
-  otp!: string;
+  @ApiProperty({ example: 'reset-token-32423123' })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.resetPasswordToken' }) })
+  resetPasswordToken!: string;
 }

src/auth/dtos/request/index.ts

@@ -1,11 +1,11 @@
+export * from './change-password.request.dto';
 export * from './create-unverified-user.request.dto';
-export * from './disable-biometric.request.dto';
-export * from './enable-biometric.request.dto';
 export * from './forget-password.request.dto';
+export * from './junior-login.request.dto';
 export * from './login.request.dto';
 export * from './refresh-token.request.dto';
 export * from './send-forget-password-otp.request.dto';
-export * from './set-email.request.dto';
 export * from './set-junior-password.request.dto';
-export * from './set-passcode.request.dto';
+export * from './verify-forget-password-otp.request.dto';
+export * from './verify-otp.request.dto';
 export * from './verify-user.request.dto';

src/auth/dtos/request/junior-login.request.dto.ts

@@ -0,0 +1,35 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsOptional, IsString } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+export class JuniorLoginRequestDto {
+  @ApiProperty({ example: 'test@junior.com' })
+  @IsEmail({}, { message: i18n('validation.IsEmail', { path: 'general', property: 'auth.email' }) })
+  email!: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.password' }) })
+  password!: string;
+
+  @ApiProperty({ example: 'device-123', description: 'Unique device identifier', required: false })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.deviceId' }) })
+  deviceId?: string;
+
+  @ApiProperty({
+    example: 'cXYzABC:APA91bHunvwY7rKpn8N7y6vDxS0qmQ5RZx2C8K...',
+    description: 'Firebase Cloud Messaging token for push notifications',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.fcmToken' }) })
+  fcmToken?: string;
+
+  @ApiProperty({
+    example: 'Asia/Riyadh',
+    description: 'Device timezone (auto-detected from device OS)',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.timezone' }) })
+  timezone?: string;
+}

src/auth/dtos/request/login.request.dto.ts

@@ -1,30 +1,47 @@
 import { ApiProperty } from '@nestjs/swagger';
-import { IsEmail, IsEnum, IsNotEmpty, IsOptional, IsString, ValidateIf } from 'class-validator';
+import { IsEmail, IsEnum, IsNotEmpty, IsOptional, IsString, Matches, ValidateIf } from 'class-validator';
 import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { COUNTRY_CODE_REGEX } from '~/auth/constants';
 import { GrantType } from '~/auth/enums';
+import { IsValidPhoneNumber } from '~/core/decorators/validations';
 export class LoginRequestDto {
-  @ApiProperty({ example: GrantType.PASSWORD })
-  @IsEnum(GrantType, { message: i18n('validation.IsEnum', { path: 'general', property: 'auth.grantType' }) })
-  grantType!: GrantType;
+  @ApiProperty({ example: '+962' })
+  @Matches(COUNTRY_CODE_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.countryCode' }),
+  })
+  countryCode!: string;
 
-  @ApiProperty({ example: 'test@test.com' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.email' }) })
-  @IsEmail({}, { message: i18n('validation.IsEmail', { path: 'general', property: 'auth.email' }) })
-  email!: string;
+  @ApiProperty({ example: '787259134' })
+  @IsValidPhoneNumber({
+    message: i18n('validation.IsValidPhoneNumber', { path: 'general', property: 'auth.phoneNumber' }),
+  })
+  phoneNumber!: string;
 
-  @ApiProperty({ example: '123456' })
+  @ApiProperty({ example: 'Abcd1234@' })
   @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.password' }) })
   @ValidateIf((o) => o.grantType === GrantType.PASSWORD)
   password!: string;
 
-  @ApiProperty({ example: 'fcm-device-token' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.fcmToken' }) })
-  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.fcmToken' }) })
+  @ApiProperty({ example: 'device-123', description: 'Unique device identifier', required: false })
   @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.deviceId' }) })
+  deviceId?: string;
+
+  @ApiProperty({
+    example: 'cXYzABC:APA91bHunvwY7rKpn8N7y6vDxS0qmQ5RZx2C8K...',
+    description: 'Firebase Cloud Messaging token for push notifications',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.fcmToken' }) })
   fcmToken?: string;
 
-  @ApiProperty({ example: 'Login signature' })
-  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.signature' }) })
-  @ValidateIf((o) => o.grantType === GrantType.BIOMETRIC)
-  signature!: string;
+  @ApiProperty({
+    example: 'Asia/Riyadh',
+    description: 'Device timezone (auto-detected from device OS)',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.timezone' }) })
+  timezone?: string;
 }

src/auth/dtos/request/send-forget-password-otp.request.dto.ts

@@ -1,4 +1,4 @@
 import { PickType } from '@nestjs/swagger';
 import { LoginRequestDto } from './login.request.dto';
 
-export class SendForgetPasswordOtpRequestDto extends PickType(LoginRequestDto, ['email']) {}
+export class SendForgetPasswordOtpRequestDto extends PickType(LoginRequestDto, ['countryCode', 'phoneNumber']) {}

src/auth/dtos/request/set-junior-password.request.dto.ts

@@ -1,8 +1,11 @@
-import { ApiProperty } from '@nestjs/swagger';
+import { ApiProperty, PickType } from '@nestjs/swagger';
 import { IsNotEmpty, IsString } from 'class-validator';
 import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-import { SetPasscodeRequestDto } from './set-passcode.request.dto';
-export class setJuniorPasswordRequestDto extends SetPasscodeRequestDto {
+import { ChangePasswordRequestDto } from './change-password.request.dto';
+export class setJuniorPasswordRequestDto extends PickType(ChangePasswordRequestDto, [
+  'newPassword',
+  'confirmNewPassword',
+]) {
   @ApiProperty()
   @IsString({ message: i18n('validation.IsNumberString', { path: 'general', property: 'auth.qrToken' }) })
   @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'auth.qrToken' }) })

src/auth/dtos/request/set-passcode.request.dto.ts

@@ -1,15 +0,0 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { IsNumberString, MaxLength, MinLength } from 'class-validator';
-import { i18nValidationMessage as i18n } from 'nestjs-i18n';
-const PASSCODE_LENGTH = 6;
-
-export class SetPasscodeRequestDto {
-  @ApiProperty({ example: '123456' })
-  @IsNumberString(
-    { no_symbols: true },
-    { message: i18n('validation.IsNumberString', { path: 'general', property: 'auth.passcode' }) },
-  )
-  @MinLength(PASSCODE_LENGTH, { message: i18n('validation.MinLength', { path: 'general', property: 'auth.passcode' }) })
-  @MaxLength(PASSCODE_LENGTH, { message: i18n('validation.MaxLength', { path: 'general', property: 'auth.passcode' }) })
-  passcode!: string;
-}

src/auth/dtos/request/verify-forget-password-otp.request.dto.ts

@@ -0,0 +1,23 @@
+import { ApiProperty, PickType } from '@nestjs/swagger';
+import { IsNumberString, MaxLength, MinLength } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { DEFAULT_OTP_LENGTH } from '~/common/modules/otp/constants';
+import { ForgetPasswordRequestDto } from './forget-password.request.dto';
+
+export class VerifyForgetPasswordOtpRequestDto extends PickType(ForgetPasswordRequestDto, [
+  'countryCode',
+  'phoneNumber',
+]) {
+  @ApiProperty({ example: '111111' })
+  @IsNumberString(
+    { no_symbols: true },
+    { message: i18n('validation.IsNumberString', { path: 'general', property: 'auth.otp' }) },
+  )
+  @MaxLength(DEFAULT_OTP_LENGTH, {
+    message: i18n('validation.MaxLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
+  })
+  @MinLength(DEFAULT_OTP_LENGTH, {
+    message: i18n('validation.MinLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
+  })
+  otp!: string;
+}

src/auth/dtos/request/verify-otp.request.dto.ts

@@ -0,0 +1,19 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNumberString, MaxLength, MinLength } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { DEFAULT_OTP_LENGTH } from '~/common/modules/otp/constants';
+
+export class VerifyOtpRequestDto {
+  @ApiProperty({ example: '111111' })
+  @IsNumberString(
+    { no_symbols: true },
+    { message: i18n('validation.IsNumberString', { path: 'general', property: 'auth.otp' }) },
+  )
+  @MaxLength(DEFAULT_OTP_LENGTH, {
+    message: i18n('validation.MaxLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
+  })
+  @MinLength(DEFAULT_OTP_LENGTH, {
+    message: i18n('validation.MinLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
+  })
+  otp!: string;
+}

src/auth/dtos/request/verify-user.request.dto.ts

@@ -1,10 +1,94 @@
 import { ApiProperty } from '@nestjs/swagger';
-import { IsNumberString, MaxLength, MinLength } from 'class-validator';
+import {
+  IsEnum,
+  IsNotEmpty,
+  IsNumberString,
+  IsOptional,
+  IsString,
+  Matches,
+  MaxLength,
+  MinLength,
+} from 'class-validator';
 import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+import { COUNTRY_CODE_REGEX, PASSWORD_REGEX } from '~/auth/constants';
+import { CountryIso } from '~/common/enums';
 import { DEFAULT_OTP_LENGTH } from '~/common/modules/otp/constants';
-import { CreateUnverifiedUserRequestDto } from './create-unverified-user.request.dto';
+import { IsValidPhoneNumber } from '~/core/decorators/validations';
+
+export class VerifyUserRequestDto {
+  @ApiProperty({ example: '+962' })
+  @Matches(COUNTRY_CODE_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.countryCode' }),
+  })
+  countryCode!: string;
+
+  @ApiProperty({ example: '787259134' })
+  @IsValidPhoneNumber({
+    message: i18n('validation.IsValidPhoneNumber', { path: 'general', property: 'auth.phoneNumber' }),
+  })
+  phoneNumber!: string;
+  @ApiProperty({ example: 'John' })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.firstName' }) })
+  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'customer.firstName' }) })
+  firstName!: string;
+
+  @ApiProperty({ example: 'Doe' })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.lastName' }) })
+  @IsNotEmpty({ message: i18n('validation.IsNotEmpty', { path: 'general', property: 'customer.lastName' }) })
+  lastName!: string;
+
+  @ApiProperty({ example: 'JO' })
+  @IsEnum(CountryIso, {
+    message: i18n('validation.IsEnum', { path: 'general', property: 'customer.countryOfResidence' }),
+  })
+  @IsOptional()
+  countryOfResidence: CountryIso = CountryIso.SAUDI_ARABIA;
+
+  // Address fields (optional during registration, required for card creation)
+  @ApiProperty({ example: 'SA', description: 'Country code', required: false })
+  @IsEnum(CountryIso, {
+    message: i18n('validation.IsEnum', { path: 'general', property: 'customer.country' }),
+  })
+  @IsOptional()
+  country?: CountryIso;
+
+  @ApiProperty({ example: 'Riyadh', description: 'Region/Province', required: false })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.region' }) })
+  @IsOptional()
+  region?: string;
+
+  @ApiProperty({ example: 'Riyadh', description: 'City', required: false })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.city' }) })
+  @IsOptional()
+  city?: string;
+
+  @ApiProperty({ example: 'Al Olaya', description: 'Neighborhood/District', required: false })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.neighborhood' }) })
+  @IsOptional()
+  neighborhood?: string;
+
+  @ApiProperty({ example: 'King Fahd Road', description: 'Street name', required: false })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.street' }) })
+  @IsOptional()
+  street?: string;
+
+  @ApiProperty({ example: '123', description: 'Building number', required: false })
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'customer.building' }) })
+  @IsOptional()
+  building?: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.password' }),
+  })
+  password!: string;
+
+  @ApiProperty({ example: 'Abcd1234@' })
+  @Matches(PASSWORD_REGEX, {
+    message: i18n('validation.Matches', { path: 'general', property: 'auth.confirmPassword' }),
+  })
+  confirmPassword!: string;
 
-export class VerifyUserRequestDto extends CreateUnverifiedUserRequestDto {
   @ApiProperty({ example: '111111' })
   @IsNumberString(
     { no_symbols: true },
@@ -17,4 +101,27 @@ export class VerifyUserRequestDto extends CreateUnverifiedUserRequestDto {
     message: i18n('validation.MinLength', { path: 'general', property: 'auth.otp', length: DEFAULT_OTP_LENGTH }),
   })
   otp!: string;
+
+  @ApiProperty({ example: 'device-123', description: 'Unique device identifier', required: false })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.deviceId' }) })
+  deviceId?: string;
+
+  @ApiProperty({
+    example: 'cXYzABC:APA91bHunvwY7rKpn8N7y6vDxS0qmQ5RZx2C8K...',
+    description: 'Firebase Cloud Messaging token for push notifications',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.fcmToken' }) })
+  fcmToken?: string;
+
+  @ApiProperty({
+    example: 'Asia/Riyadh',
+    description: 'Device timezone (auto-detected from device OS)',
+    required: false,
+  })
+  @IsOptional()
+  @IsString({ message: i18n('validation.IsString', { path: 'general', property: 'auth.timezone' }) })
+  timezone?: string;
 }

src/auth/dtos/response/login.response.dto.ts

@@ -17,12 +17,12 @@ export class LoginResponseDto {
   @ApiProperty({ example: UserResponseDto })
   user!: UserResponseDto;
 
-  @ApiProperty({ example: CustomerResponseDto })
-  customer!: CustomerResponseDto;
+  @ApiProperty({ type: CustomerResponseDto })
+  customer!: CustomerResponseDto | null;
 
   constructor(IVerifyUserResponse: ILoginResponse, user: User) {
     this.user = new UserResponseDto(user);
-    this.customer = new CustomerResponseDto(user.customer);
+    this.customer = user.customer ? new CustomerResponseDto(user.customer) : null;
     this.accessToken = IVerifyUserResponse.accessToken;
     this.refreshToken = IVerifyUserResponse.refreshToken;
     this.expiresAt = IVerifyUserResponse.expiresAt;

src/auth/dtos/response/send-forget-password.response.dto.ts

@@ -1,7 +1,7 @@
 export class SendForgetPasswordOtpResponseDto {
-  email!: string;
+  maskedNumber!: string;
 
-  constructor(email: string) {
-    this.email = email;
+  constructor(maskedNumber: string) {
+    this.maskedNumber = maskedNumber;
   }
 }

src/auth/dtos/response/send-register-otp.response.dto.ts

@@ -2,9 +2,9 @@ import { ApiProperty } from '@nestjs/swagger';
 
 export class SendRegisterOtpResponseDto {
   @ApiProperty()
-  phoneNumber!: string;
+  maskedNumber!: string;
 
-  constructor(phoneNumber: string) {
-    this.phoneNumber = phoneNumber;
+  constructor(maskedNumber: string) {
+    this.maskedNumber = maskedNumber;
   }
 }

src/auth/dtos/response/send-register-otp.v2.response.dto.ts

@@ -0,0 +1,10 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class SendRegisterOtpV2ResponseDto {
+  @ApiProperty()
+  maskedNumber!: string;
+
+  constructor(maskedNumber: string) {
+    this.maskedNumber = maskedNumber;
+  }
+}

src/auth/dtos/response/user.response.dto.ts

@@ -1,5 +1,6 @@
-import { ApiProperty } from '@nestjs/swagger';
-import { Roles } from '~/auth/enums';
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Gender } from '~/customer/enums';
+import { DocumentMetaResponseDto } from '~/document/dtos/response';
 import { User } from '~/user/entities';
 
 export class UserResponseDto {
@@ -7,30 +8,47 @@ export class UserResponseDto {
   id!: string;
 
   @ApiProperty()
-  email!: string;
+  countryCode!: string;
 
   @ApiProperty()
   phoneNumber!: string;
 
   @ApiProperty()
-  countryCode!: string;
+  email!: string;
 
   @ApiProperty()
-  isPasswordSet!: boolean;
+  firstName!: string;
 
   @ApiProperty()
-  isProfileCompleted!: boolean;
+  lastName!: string;
 
   @ApiProperty()
-  roles!: Roles[];
+  dateOfBirth!: Date;
+
+  @ApiPropertyOptional({ type: DocumentMetaResponseDto, nullable: true })
+  profilePicture!: DocumentMetaResponseDto | null;
+
+  @ApiProperty()
+  isPhoneVerified!: boolean;
+
+  @ApiProperty()
+  isEmailVerified!: boolean;
+
+  @ApiPropertyOptional({ enum: Gender, nullable: true })
+  gender!: Gender | null;
+
 
   constructor(user: User) {
     this.id = user.id;
-    this.email = user.email;
-    this.phoneNumber = user.phoneNumber;
     this.countryCode = user.countryCode;
-    this.isPasswordSet = user.isPasswordSet;
-    this.isProfileCompleted = user.isProfileCompleted;
-    this.roles = user.roles;
+    this.phoneNumber = user.phoneNumber;
+    this.dateOfBirth = user.customer?.dateOfBirth;
+    this.email = user.email;
+    this.firstName = user.firstName;
+    this.lastName = user.lastName;
+    this.profilePicture = user.profilePicture ? new DocumentMetaResponseDto(user.profilePicture) : null;
+    this.isEmailVerified = user.isEmailVerified;
+    this.isPhoneVerified = user.isPhoneVerified;
+    this.gender = (user.customer?.gender as Gender) || null;
   }
 }

src/auth/dtos/response/verify-forget-password-otp.response.dto.ts

@@ -0,0 +1,19 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { User } from '~/user/entities';
+
+export class VerifyForgetPasswordOtpResponseDto {
+  @ApiProperty()
+  phoneNumber!: string;
+
+  @ApiProperty()
+  countryCode!: string;
+
+  @ApiProperty()
+  resetPasswordToken!: string;
+
+  constructor(token: string, user: User) {
+    this.phoneNumber = user.phoneNumber;
+    this.countryCode = user.countryCode;
+    this.resetPasswordToken = token;
+  }
+}

src/auth/enums/roles.enum.ts

@@ -1,4 +1,6 @@
 export enum Roles {
   JUNIOR = 'JUNIOR',
   GUARDIAN = 'GUARDIAN',
+  CHECKER = 'CHECKER',
+  SUPER_ADMIN = 'SUPER_ADMIN',
 }

src/auth/services/auth.service.ts

@@ -3,49 +3,54 @@ import { ConfigService } from '@nestjs/config';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcrypt';
 import { Request } from 'express';
+import moment from 'moment';
 import { CacheService } from '~/common/modules/cache/services';
 import { OtpScope, OtpType } from '~/common/modules/otp/enums';
 import { OtpService } from '~/common/modules/otp/services';
-import { JuniorTokenService } from '~/junior/services';
-import { DeviceService, UserService } from '~/user/services';
+import { UserType } from '~/user/enums';
+import { DeviceService, UserService, UserTokenService } from '~/user/services';
 import { User } from '../../user/entities';
-import { PASSCODE_REGEX } from '../constants';
 import {
+  ChangePasswordRequestDto,
   CreateUnverifiedUserRequestDto,
-  DisableBiometricRequestDto,
-  EnableBiometricRequestDto,
   ForgetPasswordRequestDto,
+  JuniorLoginRequestDto,
   LoginRequestDto,
   SendForgetPasswordOtpRequestDto,
-  SetEmailRequestDto,
   setJuniorPasswordRequestDto,
+  VerifyForgetPasswordOtpRequestDto,
   VerifyUserRequestDto,
 } from '../dtos/request';
-import { GrantType } from '../enums';
+import { Roles } from '../enums';
 import { IJwtPayload, ILoginResponse } from '../interfaces';
-import { removePadding, verifySignature } from '../utils';
 
 const ONE_THOUSAND = 1000;
 const SALT_ROUNDS = 10;
 @Injectable()
 export class AuthService {
   private readonly logger = new Logger(AuthService.name);
+
   constructor(
     private readonly otpService: OtpService,
     private readonly jwtService: JwtService,
     private readonly configService: ConfigService,
     private readonly userService: UserService,
     private readonly deviceService: DeviceService,
-    private readonly juniorTokenService: JuniorTokenService,
+    private readonly userTokenService: UserTokenService,
     private readonly cacheService: CacheService,
   ) {}
-  async sendRegisterOtp({ phoneNumber, countryCode }: CreateUnverifiedUserRequestDto) {
-    this.logger.log(`Sending OTP to ${countryCode + phoneNumber}`);
-    const user = await this.userService.findOrCreateUser({ phoneNumber, countryCode });
 
+  async sendRegisterOtp(body: CreateUnverifiedUserRequestDto) {
+    if (body.password !== body.confirmPassword) {
+      this.logger.error('Password and confirm password do not match');
+      throw new BadRequestException('AUTH.PASSWORD_MISMATCH');
+    }
+
+    this.logger.log(`Sending OTP to ${body.countryCode + body.phoneNumber}`);
+    const user = await this.userService.findOrCreateUser(body);
     return this.otpService.generateAndSendOtp({
       userId: user.id,
-      recipient: user.countryCode + user.phoneNumber,
+      recipient: user.fullPhoneNumber,
       scope: OtpScope.VERIFY_PHONE,
       otpType: OtpType.SMS,
     });
@@ -53,13 +58,14 @@ export class AuthService {
 
   async verifyUser(verifyUserDto: VerifyUserRequestDto): Promise<[ILoginResponse, User]> {
     this.logger.log(`Verifying user with phone number ${verifyUserDto.countryCode + verifyUserDto.phoneNumber}`);
-    const user = await this.userService.findUserOrThrow({ phoneNumber: verifyUserDto.phoneNumber });
+    const user = await this.userService.findUserOrThrow({
+      phoneNumber: verifyUserDto.phoneNumber,
+      countryCode: verifyUserDto.countryCode,
+    });
 
-    if (user.isPasswordSet) {
-      this.logger.error(
-        `User with phone number ${verifyUserDto.countryCode + verifyUserDto.phoneNumber} already verified`,
-      );
-      throw new BadRequestException('USERS.PHONE_ALREADY_VERIFIED');
+    if (user.isPhoneVerified) {
+      this.logger.error(`User with phone number ${user.fullPhoneNumber} already verified`);
+      throw new BadRequestException('USER.PHONE_NUMBER_ALREADY_VERIFIED');
     }
 
     const isOtpValid = await this.otpService.verifyOtp({
@@ -70,177 +76,148 @@ export class AuthService {
     });
 
     if (!isOtpValid) {
-      this.logger.error(
-        `Invalid OTP for user with phone number ${verifyUserDto.countryCode + verifyUserDto.phoneNumber}`,
-      );
-      throw new BadRequestException('USERS.INVALID_OTP');
+      this.logger.error(`Invalid OTP for user with phone number ${user.fullPhoneNumber}`);
+      throw new BadRequestException('OTP.INVALID_OTP');
     }
 
-    const updatedUser = await this.userService.verifyUserAndCreateCustomer(user);
+    await this.userService.verifyUser(user.id, verifyUserDto);
 
-    const tokens = await this.generateAuthToken(updatedUser);
-    this.logger.log(
-      `User with phone number ${verifyUserDto.countryCode + verifyUserDto.phoneNumber} verified successfully`,
-    );
-    return [tokens, updatedUser];
-  }
+    await user.reload();
 
-  async setEmail(userId: string, { email }: SetEmailRequestDto) {
-    this.logger.log(`Setting email for user with id ${userId}`);
-    const user = await this.userService.findUserOrThrow({ id: userId });
+    const tokens = await this.generateAuthToken(user);
+    this.logger.log(`User with phone number ${user.fullPhoneNumber} verified successfully`);
 
-    if (user.email) {
-      this.logger.error(`Email already set for user with id ${userId}`);
-      throw new BadRequestException('USERS.EMAIL_ALREADY_SET');
+    // Register/update device with FCM token and timezone if provided
+    if (verifyUserDto.fcmToken && verifyUserDto.deviceId) {
+      await this.registerDeviceToken(user.id, verifyUserDto.deviceId, verifyUserDto.fcmToken, verifyUserDto.timezone);
     }
 
-    const existingUser = await this.userService.findUser({ email });
-
-    if (existingUser) {
-      this.logger.error(`Email ${email} already taken`);
-      throw new BadRequestException('USERS.EMAIL_ALREADY_TAKEN');
-    }
-
-    return this.userService.setEmail(userId, email);
-  }
-
-  async setPasscode(userId: string, passcode: string) {
-    this.logger.log(`Setting passcode for user with id ${userId}`);
-    const user = await this.userService.findUserOrThrow({ id: userId });
-
-    if (user.password) {
-      this.logger.error(`Passcode already set for user with id ${userId}`);
-      throw new BadRequestException('USERS.PASSCODE_ALREADY_SET');
-    }
-    const salt = bcrypt.genSaltSync(SALT_ROUNDS);
-    const hashedPasscode = bcrypt.hashSync(passcode, salt);
-
-    await this.userService.setPasscode(userId, hashedPasscode, salt);
-    this.logger.log(`Passcode set successfully for user with id ${userId}`);
-  }
-
-  async enableBiometric(userId: string, { deviceId, publicKey }: EnableBiometricRequestDto) {
-    this.logger.log(`Enabling biometric for user with id ${userId}`);
-    const device = await this.deviceService.findUserDeviceById(deviceId, userId);
-
-    if (!device) {
-      this.logger.log(`Device not found, creating new device for user with id ${userId}`);
-      return this.deviceService.createDevice({
-        deviceId,
-        userId,
-        publicKey,
-      });
-    }
-
-    if (device.publicKey) {
-      this.logger.error(`Biometric already enabled for user with id ${userId}`);
-      throw new BadRequestException('AUTH.BIOMETRIC_ALREADY_ENABLED');
-    }
-
-    return this.deviceService.updateDevice(deviceId, { publicKey });
-  }
-
-  async disableBiometric(userId: string, { deviceId }: DisableBiometricRequestDto) {
-    const device = await this.deviceService.findUserDeviceById(deviceId, userId);
-
-    if (!device) {
-      this.logger.error(`Device not found for user with id ${userId} and device id ${deviceId}`);
-      throw new BadRequestException('AUTH.DEVICE_NOT_FOUND');
-    }
-
-    if (!device.publicKey) {
-      this.logger.error(`Biometric already disabled for user with id ${userId}`);
-      throw new BadRequestException('AUTH.BIOMETRIC_ALREADY_DISABLED');
-    }
-
-    return this.deviceService.updateDevice(deviceId, { publicKey: null });
-  }
-
-  async sendForgetPasswordOtp({ email }: SendForgetPasswordOtpRequestDto) {
-    this.logger.log(`Sending forget password OTP to ${email}`);
-    const user = await this.userService.findUserOrThrow({ email });
-
-    if (!user.isProfileCompleted) {
-      this.logger.error(`Profile not completed for user with email ${email}`);
-      throw new BadRequestException('USERS.PROFILE_NOT_COMPLETED');
-    }
-
-    return this.otpService.generateAndSendOtp({
-      userId: user.id,
-      recipient: user.email,
-      scope: OtpScope.FORGET_PASSWORD,
-      otpType: OtpType.EMAIL,
-    });
-  }
-
-  async verifyForgetPasswordOtp({ email, otp, password, confirmPassword }: ForgetPasswordRequestDto) {
-    this.logger.log(`Verifying forget password OTP for ${email}`);
-    const user = await this.userService.findUserOrThrow({ email });
-    if (!user.isProfileCompleted) {
-      this.logger.error(`Profile not completed for user with email ${email}`);
-      throw new BadRequestException('USERS.PROFILE_NOT_COMPLETED');
-    }
-    const isOtpValid = await this.otpService.verifyOtp({
-      userId: user.id,
-      scope: OtpScope.FORGET_PASSWORD,
-      otpType: OtpType.EMAIL,
-      value: otp,
-    });
-
-    if (!isOtpValid) {
-      this.logger.error(`Invalid OTP for user with email ${email}`);
-      throw new BadRequestException('USERS.INVALID_OTP');
-    }
-
-    this.validatePassword(password, confirmPassword, user);
-
-    const hashedPassword = bcrypt.hashSync(password, user.salt);
-
-    await this.userService.setPasscode(user.id, hashedPassword, user.salt);
-    this.logger.log(`Passcode updated successfully for user with email ${email}`);
-  }
-
-  async login(loginDto: LoginRequestDto, deviceId: string): Promise<[ILoginResponse, User]> {
-    this.logger.log(`Logging in user with email ${loginDto.email}`);
-    const user = await this.userService.findUser({ email: loginDto.email });
-    let tokens;
-
-    if (!user) {
-      this.logger.error(`User with email ${loginDto.email} not found`);
-      throw new UnauthorizedException('AUTH.INVALID_CREDENTIALS');
-    }
-
-    if (loginDto.grantType === GrantType.PASSWORD) {
-      this.logger.log(`Logging in user with email ${loginDto.email} using password`);
-      tokens = await this.loginWithPassword(loginDto, user);
-    } else {
-      this.logger.log(`Logging in user with email ${loginDto.email} using biometric`);
-      tokens = await this.loginWithBiometric(loginDto, user, deviceId);
-    }
-
-    await this.deviceService.updateDevice(deviceId, {
-      lastAccessOn: new Date(),
-      fcmToken: loginDto.fcmToken,
-      userId: user.id,
-    });
-
-    this.logger.log(`User with email ${loginDto.email} logged in successfully`);
-
     return [tokens, user];
   }
 
-  async setJuniorPasscode(body: setJuniorPasswordRequestDto) {
-    this.logger.log(`Setting passcode for junior with qrToken ${body.qrToken}`);
-    const juniorId = await this.juniorTokenService.validateToken(body.qrToken);
+  async sendForgetPasswordOtp({ countryCode, phoneNumber }: SendForgetPasswordOtpRequestDto) {
+    this.logger.log(`Sending forget password OTP to ${countryCode + phoneNumber}`);
+    const user = await this.userService.findUserOrThrow({ countryCode, phoneNumber });
+
+    return this.otpService.generateAndSendOtp({
+      userId: user.id,
+      recipient: user.fullPhoneNumber,
+      scope: OtpScope.FORGET_PASSWORD,
+      otpType: OtpType.SMS,
+    });
+  }
+
+  async verifyForgetPasswordOtp({ countryCode, phoneNumber, otp }: VerifyForgetPasswordOtpRequestDto) {
+    const user = await this.userService.findUserOrThrow({ countryCode, phoneNumber });
+
+    const isOtpValid = await this.otpService.verifyOtp({
+      userId: user.id,
+      scope: OtpScope.FORGET_PASSWORD,
+      otpType: OtpType.SMS,
+      value: otp,
+    });
+
+    if (!isOtpValid) {
+      this.logger.error(`Invalid OTP for user with phone number ${user.fullPhoneNumber}`);
+      throw new BadRequestException('OTP.INVALID_OTP');
+    }
+
+    // generate a token for the user to reset password
+    const token = await this.userTokenService.generateToken(user.id, moment().add(5, 'minutes').toDate());
+
+    return { token, user };
+  }
+
+  async resetPassword({
+    countryCode,
+    phoneNumber,
+    resetPasswordToken,
+    password,
+    confirmPassword,
+  }: ForgetPasswordRequestDto) {
+    this.logger.log(`Verifying forget password OTP for ${countryCode + phoneNumber}`);
+    const user = await this.userService.findUserOrThrow({ countryCode, phoneNumber });
+    await this.userTokenService.validateToken(
+      resetPasswordToken,
+      user.roles.includes(Roles.GUARDIAN) ? UserType.GUARDIAN : UserType.JUNIOR,
+    );
+
+    if (password !== confirmPassword) {
+      this.logger.error('Password and confirm password do not match');
+      throw new BadRequestException('AUTH.PASSWORD_MISMATCH');
+    }
+
+    const isOldPassword = bcrypt.compareSync(password, user.password);
+
+    if (isOldPassword) {
+      this.logger.error(
+        `New password cannot be the same as the current password for user with phone number ${user.fullPhoneNumber}`,
+      );
+      throw new BadRequestException('AUTH.PASSWORD_SAME_AS_CURRENT');
+    }
+
+    const hashedPassword = bcrypt.hashSync(password, user.salt);
+
+    await this.userService.setPassword(user.id, hashedPassword, user.salt);
+    await this.userTokenService.invalidateToken(resetPasswordToken);
+    this.logger.log(`Passcode updated successfully for user with phone number ${user.fullPhoneNumber}`);
+  }
+
+  async changePassword(userId: string, { currentPassword, newPassword, confirmNewPassword }: ChangePasswordRequestDto) {
+    const user = await this.userService.findUserOrThrow({ id: userId });
+
+    if (!user.isPasswordSet) {
+      this.logger.error(`Password not set for user with id ${userId}`);
+      throw new BadRequestException('AUTH.PASSWORD_NOT_SET');
+    }
+
+    if (currentPassword === newPassword) {
+      this.logger.error('New password cannot be the same as current password');
+      throw new BadRequestException('AUTH.PASSWORD_SAME_AS_CURRENT');
+    }
+
+    if (newPassword !== confirmNewPassword) {
+      this.logger.error('New password and confirm new password do not match');
+      throw new BadRequestException('AUTH.PASSWORD_MISMATCH');
+    }
+
+    this.logger.log(`Validating current password for user with id ${userId}`);
+    const isCurrentPasswordValid = bcrypt.compareSync(currentPassword, user.password);
+
+    if (!isCurrentPasswordValid) {
+      this.logger.error(`Invalid current password for user with id ${userId}`);
+      throw new UnauthorizedException('AUTH.INVALID_CURRENT_PASSWORD');
+    }
+
     const salt = bcrypt.genSaltSync(SALT_ROUNDS);
-    const hashedPasscode = bcrypt.hashSync(body.passcode, salt);
-    await this.userService.setPasscode(juniorId, hashedPasscode, salt);
-    await this.juniorTokenService.invalidateToken(body.qrToken);
+    const hashedNewPassword = bcrypt.hashSync(newPassword, salt);
+    await this.userService.setPassword(user.id, hashedNewPassword, salt);
+    this.logger.log(`Password changed successfully for user with id ${userId}`);
+  }
+
+  async setJuniorPassword(body: setJuniorPasswordRequestDto) {
+    this.logger.log(`Setting passcode for junior with qrToken ${body.qrToken}`);
+    if (body.newPassword != body.confirmNewPassword) {
+      throw new BadRequestException('AUTH.PASSWORD_MISMATCH');
+    }
+    const juniorId = await this.userTokenService.validateToken(body.qrToken, UserType.JUNIOR);
+    const salt = bcrypt.genSaltSync(SALT_ROUNDS);
+    const hashedPasscode = bcrypt.hashSync(body.newPassword, salt);
+    await this.userService.setPassword(juniorId!, hashedPasscode, salt);
+    await this.userTokenService.invalidateToken(body.qrToken);
     this.logger.log(`Passcode set successfully for junior with id ${juniorId}`);
   }
 
   async refreshToken(refreshToken: string): Promise<[ILoginResponse, User]> {
     this.logger.log('Refreshing token');
+
+    const isBlackListed = await this.cacheService.get(refreshToken);
+
+    if (isBlackListed) {
+      this.logger.error('Refresh token is blacklisted');
+      throw new BadRequestException('AUTH.INVALID_REFRESH_TOKEN');
+    }
+
     try {
       const isValid = await this.jwtService.verifyAsync<IJwtPayload>(refreshToken, {
         secret: this.configService.getOrThrow('JWT_REFRESH_TOKEN_SECRET'),
@@ -252,6 +229,12 @@ export class AuthService {
 
       const tokens = await this.generateAuthToken(user);
 
+      this.logger.log(`Blacklisting old tokens for user with id ${isValid.sub}`);
+
+      const refreshTokenExpiry = this.jwtService.decode(refreshToken).exp - Date.now() / ONE_THOUSAND;
+
+      await this.cacheService.set(refreshToken, 'BLACKLISTED', refreshTokenExpiry);
+
       this.logger.log(`Token refreshed successfully for user with id ${isValid.sub}`);
 
       return [tokens, user];
@@ -265,53 +248,129 @@ export class AuthService {
     this.logger.log('Logging out');
     const accessToken = req.headers.authorization?.split(' ')[1] as string;
     const expiryInTtl = this.jwtService.decode(accessToken).exp - Date.now() / ONE_THOUSAND;
-    return this.cacheService.set(accessToken, 'LOGOUT', expiryInTtl);
+    return this.cacheService.set(accessToken, 'BLACKLISTED', expiryInTtl);
   }
 
-  private async loginWithPassword(loginDto: LoginRequestDto, user: User): Promise<ILoginResponse> {
-    this.logger.log(`validating password for user with email ${loginDto.email}`);
+  async loginWithPassword(loginDto: LoginRequestDto): Promise<[ILoginResponse, User]> {
+    const user = await this.userService.findUser({
+      countryCode: loginDto.countryCode,
+      phoneNumber: loginDto.phoneNumber,
+    });
+
+    if (!user) {
+      this.logger.error(`User not found with phone number ${loginDto.countryCode + loginDto.phoneNumber}`);
+      throw new UnauthorizedException('AUTH.INVALID_CREDENTIALS');
+    }
+
+    if (!user.password) {
+      this.logger.error(`Password not set for user with phone number ${loginDto.countryCode + loginDto.phoneNumber}`);
+      throw new UnauthorizedException('AUTH.PHONE_NUMBER_NOT_VERIFIED');
+    }
+
+    this.logger.log(`validating password for user with phone ${loginDto.countryCode + loginDto.phoneNumber}`);
     const isPasswordValid = bcrypt.compareSync(loginDto.password, user.password);
 
     if (!isPasswordValid) {
-      this.logger.error(`Invalid password for user with email ${loginDto.email}`);
+      this.logger.error(`Invalid password for user with phone ${loginDto.countryCode + loginDto.phoneNumber}`);
       throw new UnauthorizedException('AUTH.INVALID_CREDENTIALS');
     }
 
     const tokens = await this.generateAuthToken(user);
-    this.logger.log(`Password validated successfully for user with email ${loginDto.email}`);
-    return tokens;
+    this.logger.log(`Password validated successfully for user`);
+
+    // Register/update device with FCM token and timezone if provided
+    if (loginDto.fcmToken && loginDto.deviceId) {
+      await this.registerDeviceToken(user.id, loginDto.deviceId, loginDto.fcmToken, loginDto.timezone);
+    }
+
+    return [tokens, user];
   }
 
-  private async loginWithBiometric(loginDto: LoginRequestDto, user: User, deviceId: string): Promise<ILoginResponse> {
-    this.logger.log(`validating biometric for user with email ${loginDto.email}`);
-    const device = await this.deviceService.findUserDeviceById(deviceId, user.id);
+  async juniorLogin(juniorLoginDto: JuniorLoginRequestDto): Promise<[ILoginResponse, User]> {
+    const user = await this.userService.findUser({ email: juniorLoginDto.email });
 
-    if (!device) {
-      this.logger.error(`Device not found for user with email ${loginDto.email} and device id ${deviceId}`);
-      throw new UnauthorizedException('AUTH.DEVICE_NOT_FOUND');
+    if (!user || !user.roles.includes(Roles.JUNIOR)) {
+      throw new UnauthorizedException('AUTH.INVALID_CREDENTIALS');
     }
 
-    if (!device.publicKey) {
-      this.logger.error(`Biometric not enabled for user with email ${loginDto.email}`);
-      throw new UnauthorizedException('AUTH.BIOMETRIC_NOT_ENABLED');
-    }
+    this.logger.log(`validating password for user with email ${juniorLoginDto.email}`);
+    const isPasswordValid = bcrypt.compareSync(juniorLoginDto.password, user.password);
 
-    const cleanToken = removePadding(loginDto.signature);
-    const isValidToken = await verifySignature(
-      device.publicKey,
-      cleanToken,
-      `${user.email} - ${device.deviceId}`,
-      'SHA1',
-    );
-
-    if (!isValidToken) {
-      this.logger.error(`Invalid biometric for user with email ${loginDto.email}`);
-      throw new UnauthorizedException('AUTH.INVALID_BIOMETRIC');
+    if (!isPasswordValid) {
+      this.logger.error(`Invalid password for user with email ${juniorLoginDto.email}`);
+      throw new UnauthorizedException('AUTH.INVALID_CREDENTIALS');
     }
 
     const tokens = await this.generateAuthToken(user);
-    this.logger.log(`Biometric validated successfully for user with email ${loginDto.email}`);
-    return tokens;
+    this.logger.log(`Password validated successfully for user`);
+
+    // Register/update device with FCM token and timezone if provided
+    if (juniorLoginDto.fcmToken && juniorLoginDto.deviceId) {
+      await this.registerDeviceToken(user.id, juniorLoginDto.deviceId, juniorLoginDto.fcmToken, juniorLoginDto.timezone);
+    }
+
+    return [tokens, user];
+  }
+
+  /**
+   * Register or update device with FCM token and timezone
+   * This method handles:
+   * 1. Device already exists for this user → Update FCM token and timezone
+   * 2. Device exists for different user → Transfer device to new user
+   * 3. Device doesn't exist → Create new device
+   */
+  private async registerDeviceToken(userId: string, deviceId: string, fcmToken: string, timezone?: string): Promise<void> {
+    try {
+      this.logger.log(`Registering/updating device ${deviceId} with FCM token for user ${userId}`);
+
+      // Step 1: Check if device already exists for this user
+      const existingDeviceForUser = await this.deviceService.findUserDeviceById(deviceId, userId);
+
+      if (existingDeviceForUser) {
+        // Device exists for this user → Update FCM token, timezone, and last access time
+        await this.deviceService.updateDevice(deviceId, {
+          fcmToken,
+          userId,
+          timezone, // Update timezone if provided
+          lastAccessOn: new Date(),
+        });
+        this.logger.log(`Device ${deviceId} updated with new FCM token and timezone for user ${userId}`);
+        return;
+      }
+
+      // Step 2: Check if device exists for any user (different user scenario)
+      const existingDevice = await this.deviceService.findByDeviceId(deviceId);
+
+      if (existingDevice) {
+        // Device exists for different user → Transfer device to new user
+        this.logger.log(
+          `Device ${deviceId} exists for user ${existingDevice.userId}, transferring to user ${userId}`
+        );
+        await this.deviceService.updateDevice(deviceId, {
+          userId,
+          fcmToken,
+          timezone, // Update timezone if provided
+          lastAccessOn: new Date(),
+        });
+        this.logger.log(`Device ${deviceId} transferred from user ${existingDevice.userId} to user ${userId}`);
+        return;
+      }
+
+      // Step 3: Device doesn't exist → Create new device
+      await this.deviceService.createDevice({
+        deviceId,
+        userId,
+        fcmToken,
+        timezone, // Store timezone if provided
+        lastAccessOn: new Date(),
+      });
+      this.logger.log(`New device ${deviceId} registered with FCM token for user ${userId}`);
+    } catch (error) {
+      // Log error but don't fail the login/signup process
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      const errorStack = error instanceof Error ? error.stack : undefined;
+      this.logger.error(`Failed to register device token for user ${userId}: ${errorMessage}`, errorStack);
+    }
   }
 
   private async generateAuthToken(user: User) {
@@ -336,17 +395,4 @@ export class AuthService {
     this.logger.log(`Auth token generated successfully for user with id ${user.id}`);
     return { accessToken, refreshToken, expiresAt: new Date(this.jwtService.decode(accessToken).exp * ONE_THOUSAND) };
   }
-
-  private validatePassword(password: string, confirmPassword: string, user: User) {
-    this.logger.log(`Validating password for user with id ${user.id}`);
-    if (password !== confirmPassword) {
-      this.logger.error(`Password mismatch for user with id ${user.id}`);
-      throw new BadRequestException('AUTH.PASSWORD_MISMATCH');
-    }
-
-    if (!PASSCODE_REGEX.test(password)) {
-      this.logger.error(`Invalid password for user with id ${user.id}`);
-      throw new BadRequestException('AUTH.INVALID_PASSCODE');
-    }
-  }
 }

src/auth/strategies/access-token.strategy.ts

@@ -1,12 +1,13 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { PassportStrategy } from '@nestjs/passport';
 import { ExtractJwt, Strategy } from 'passport-jwt';
+import { UserService } from '~/user/services';
 import { IJwtPayload } from '../interfaces';
 
 @Injectable()
 export class AccessTokenStrategy extends PassportStrategy(Strategy, 'access-token') {
-  constructor(configService: ConfigService) {
+  constructor(configService: ConfigService, private userService: UserService) {
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
       ignoreExpiration: false,
@@ -14,7 +15,13 @@ export class AccessTokenStrategy extends PassportStrategy(Strategy, 'access-toke
     });
   }
 
-  validate(payload: IJwtPayload) {
+  async validate(payload: IJwtPayload) {
+    const user = await this.userService.findUser({ id: payload.sub });
+
+    if (!user) {
+      throw new UnauthorizedException();
+    }
+
     return payload;
   }
 }

src/card/card.module.ts

@@ -0,0 +1,33 @@
+import { forwardRef, Module } from '@nestjs/common';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { NeoLeapModule } from '~/common/modules/neoleap/neoleap.module';
+import { CustomerModule } from '~/customer/customer.module';
+import { CardsController } from './controllers';
+import { Card } from './entities';
+import { Account } from './entities/account.entity';
+import { Transaction } from './entities/transaction.entity';
+import { CardRepository } from './repositories';
+import { AccountRepository } from './repositories/account.repository';
+import { TransactionRepository } from './repositories/transaction.repository';
+import { CardService } from './services';
+import { AccountService } from './services/account.service';
+import { TransactionService } from './services/transaction.service';
+
+@Module({
+  imports: [
+    TypeOrmModule.forFeature([Card, Account, Transaction]),
+    forwardRef(() => NeoLeapModule),
+    forwardRef(() => CustomerModule), // <-- add forwardRef here
+  ],
+  providers: [
+    CardService,
+    CardRepository,
+    TransactionService,
+    TransactionRepository,
+    AccountService,
+    AccountRepository,
+  ],
+  exports: [CardService, TransactionService, AccountService],
+  controllers: [CardsController],
+})
+export class CardModule {}

src/card/controllers/cards.controller.ts

@@ -0,0 +1,86 @@
+import { Body, Controller, Get, HttpCode, HttpStatus, Param, Post, UseGuards } from '@nestjs/common';
+import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
+import { Roles } from '~/auth/enums';
+import { IJwtPayload } from '~/auth/interfaces';
+import { AllowedRoles, AuthenticatedUser } from '~/common/decorators';
+import { AccessTokenGuard, RolesGuard } from '~/common/guards';
+import { CardEmbossingDetailsResponseDto } from '~/common/modules/neoleap/dtos/response';
+import { ApiDataResponse } from '~/core/decorators';
+import { ResponseFactory } from '~/core/utils';
+import { FundIbanRequestDto } from '../dtos/requests';
+import { AccountIbanResponseDto, CardResponseDto, ChildCardResponseDto } from '../dtos/responses';
+import { CardService } from '../services';
+
+@Controller('cards')
+@ApiBearerAuth()
+@ApiTags('Cards')
+@UseGuards(AccessTokenGuard)
+export class CardsController {
+  constructor(private readonly cardService: CardService) {}
+
+  @Post()
+  @ApiDataResponse(CardResponseDto)
+  async createCard(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const card = await this.cardService.createCard(sub);
+    return ResponseFactory.data(new CardResponseDto(card));
+  }
+
+  @Get('child-cards')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.GUARDIAN)
+  @ApiDataResponse(ChildCardResponseDto)
+  async getChildCards(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const cards = await this.cardService.getChildCards(sub);
+    return ResponseFactory.data(cards.map((card) => new ChildCardResponseDto(card)));
+  }
+
+  @Get('child-cards/:childid')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.GUARDIAN)
+  @ApiDataResponse(ChildCardResponseDto)
+  async getChildCardById(@Param('childid') childId: string, @AuthenticatedUser() { sub }: IJwtPayload) {
+    const card = await this.cardService.getCardByChildId(sub, childId);
+    return ResponseFactory.data(new ChildCardResponseDto(card));
+  }
+
+  @Get('child-cards/:cardid/embossing-details')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.GUARDIAN)
+  @ApiDataResponse(CardEmbossingDetailsResponseDto)
+  async getChildCardEmbossingDetails(@Param('cardid') cardId: string, @AuthenticatedUser() { sub }: IJwtPayload) {
+    const res = await this.cardService.getChildCardEmbossingInformation(cardId, sub);
+    return ResponseFactory.data(res);
+  }
+
+  @Get('current')
+  @ApiDataResponse(CardResponseDto)
+  async getCurrentCard(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const card = await this.cardService.getCardByCustomerId(sub);
+    return ResponseFactory.data(new CardResponseDto(card));
+  }
+
+  @Get('embossing-details')
+  @ApiDataResponse(CardEmbossingDetailsResponseDto)
+  async getCardById(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const res = await this.cardService.getEmbossingInformation(sub);
+    return ResponseFactory.data(res);
+  }
+
+  @Get('iban')
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.GUARDIAN)
+  @ApiDataResponse(AccountIbanResponseDto)
+  async getCardIban(@AuthenticatedUser() { sub }: IJwtPayload) {
+    const iban = await this.cardService.getIbanInformation(sub);
+    return ResponseFactory.data(new AccountIbanResponseDto(iban));
+  }
+
+  @Post('mock/fund-iban')
+  @ApiOperation({ summary: 'Mock endpoint to fund the IBAN - For testing purposes only' })
+  @UseGuards(RolesGuard)
+  @AllowedRoles(Roles.GUARDIAN)
+  @HttpCode(HttpStatus.NO_CONTENT)
+  fundIban(@Body() { amount, iban }: FundIbanRequestDto) {
+    return this.cardService.fundIban(iban, amount);
+  }
+}

src/card/controllers/index.ts

@@ -0,0 +1 @@
+export * from './cards.controller';

src/card/dtos/requests/fund-iban.request.dto.ts

@@ -0,0 +1,9 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsString } from 'class-validator';
+import { TransferToJuniorRequestDto } from '~/junior/dtos/request';
+
+export class FundIbanRequestDto extends TransferToJuniorRequestDto {
+  @ApiProperty({ example: 'DE89370400440532013000' })
+  @IsString()
+  iban!: string;
+}

src/card/dtos/requests/index.ts

@@ -0,0 +1 @@
+export * from './fund-iban.request.dto';

src/card/dtos/responses/account-iban.response.dto.ts

@@ -0,0 +1,10 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class AccountIbanResponseDto {
+  @ApiProperty({ example: 'DE89370400440532013000' })
+  iban!: string;
+
+  constructor(iban: string) {
+    this.iban = iban;
+  }
+}

src/card/dtos/responses/card.response.dto.ts

@@ -0,0 +1,66 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { Card } from '~/card/entities';
+import { CardScheme, CardStatus, CustomerType } from '~/card/enums';
+import { CardStatusDescriptionMapper } from '~/card/mappers/card-status-description.mapper';
+import { UserLocale } from '~/core/enums';
+
+export class CardResponseDto {
+  @ApiProperty({
+    example: 'b34df8c2-5d3e-4b1a-9c2f-7e3b1a2d3f4e',
+  })
+  id!: string;
+
+  @ApiProperty({
+    example: '123456',
+    description: 'The first six digits of the card number.',
+  })
+  firstSixDigits!: string;
+
+  @ApiProperty({ example: '7890', description: 'The last four digits of the card number.' })
+  lastFourDigits!: string;
+
+  @ApiProperty({
+    enum: CardScheme,
+    description: 'The card scheme (e.g., VISA, MASTERCARD).',
+  })
+  scheme!: CardScheme;
+
+  @ApiProperty({
+    enum: CardStatus,
+    description: 'The current status of the card (e.g., ACTIVE, PENDING).',
+  })
+  status!: CardStatus;
+
+  @ApiProperty({
+    example: 'The card is active',
+    description: 'A description of the card status.',
+  })
+  statusDescription!: string;
+
+  @ApiProperty({
+    example: 2000.0,
+    description: 'The credit limit of the card.',
+  })
+  balance!: number;
+
+  @ApiProperty({
+    example: 100.0,
+    nullable: true,
+    description: 'The reserved balance of the card (applicable for child accounts).',
+  })
+  reservedBalance!: number | null;
+
+  constructor(card: Card) {
+    this.id = card.id;
+    this.firstSixDigits = card.firstSixDigits;
+    this.lastFourDigits = card.lastFourDigits;
+    this.scheme = card.scheme;
+    this.status = card.status;
+    this.statusDescription = CardStatusDescriptionMapper[card.statusDescription][UserLocale.ENGLISH].description;
+    this.balance =
+      card.customerType === CustomerType.CHILD
+        ? Math.min(card.limit, card.account.balance)
+        : card.account.balance - card.account.reservedBalance;
+    this.reservedBalance = card.customerType === CustomerType.PARENT ? card.account.reservedBalance : null;
+  }
+}

src/card/dtos/responses/child-card.response.dto.ts

@@ -0,0 +1,48 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { Card } from '~/card/entities';
+import { Gender } from '~/customer/enums';
+import { DocumentMetaResponseDto } from '~/document/dtos/response';
+import { CardResponseDto } from './card.response.dto';
+
+class JuniorInfo {
+  @ApiProperty({ example: 'id' })
+  id!: string;
+
+  @ApiProperty({ example: 'FirstName' })
+  firstName!: string;
+
+  @ApiProperty({ example: 'LastName' })
+  lastName!: string;
+
+  @ApiProperty({ example: 'test@example.com' })
+  email!: string;
+
+  @ApiProperty({ enum: Gender, example: Gender.MALE })
+  gender!: Gender;
+
+  @ApiProperty({ example: '2000-01-01' })
+  dateOfBirth!: Date;
+
+  @ApiProperty({ example: DocumentMetaResponseDto, nullable: true })
+  profilePicture!: DocumentMetaResponseDto | null;
+
+  constructor(card: Card) {
+    this.id = card.customer?.junior?.id;
+    this.firstName = card.customer?.firstName;
+    this.lastName = card.customer?.lastName;
+    this.email = card.customer?.user?.email;
+    this.gender = card.customer.gender;
+    this.profilePicture = card.customer?.user?.profilePicture
+      ? new DocumentMetaResponseDto(card.customer.user.profilePicture)
+      : null;
+  }
+}
+export class ChildCardResponseDto extends CardResponseDto {
+  @ApiProperty({ type: JuniorInfo })
+  junior!: JuniorInfo | null;
+
+  constructor(card: Card) {
+    super(card);
+    this.junior = card.customer?.junior ? new JuniorInfo(card) : null;
+  }
+}

src/card/dtos/responses/child-transfer-item.response.dto.ts

@@ -0,0 +1,16 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class ChildTransferItemDto {
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.0 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 'You received {{amount}} {{currency}} from your parent.' })
+  message!: string;
+}
+

src/card/dtos/responses/guardian-home.response.dto.ts

@@ -0,0 +1,17 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { TransactionItemResponseDto } from './transaction-item.response.dto';
+
+export class GuardianHomeResponseDto {
+  @ApiProperty({ example: 2000.0 })
+  availableBalance!: number;
+
+  @ApiProperty({ type: [TransactionItemResponseDto] })
+  recentTransactions!: TransactionItemResponseDto[];
+
+  constructor(availableBalance: number, recentTransactions: TransactionItemResponseDto[]) {
+    this.availableBalance = availableBalance;
+    this.recentTransactions = recentTransactions;
+  }
+}
+
+

src/card/dtos/responses/index.ts

@@ -0,0 +1,15 @@
+export * from './account-iban.response.dto';
+export * from './card.response.dto';
+export * from './child-card.response.dto';
+export * from './transaction-item.response.dto';
+export * from './guardian-home.response.dto';
+export * from './paged-transactions.response.dto';
+export * from './parent-transfer-item.response.dto';
+export * from './parent-home.response.dto';
+export * from './paged-parent-transfers.response.dto';
+export * from './child-transfer-item.response.dto';
+export * from './junior-home.response.dto';
+export * from './paged-child-transfers.response.dto';
+export * from './spending-history-item.response.dto';
+export * from './spending-history.response.dto';
+export * from './transaction-detail.response.dto';

src/card/dtos/responses/junior-home.response.dto.ts

@@ -0,0 +1,16 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { ChildTransferItemDto } from './child-transfer-item.response.dto';
+
+export class JuniorHomeResponseDto {
+  @ApiProperty({ example: 500.0 })
+  availableBalance!: number;
+
+  @ApiProperty({ type: [ChildTransferItemDto] })
+  recentTransfers!: ChildTransferItemDto[];
+
+  constructor(availableBalance: number, recentTransfers: ChildTransferItemDto[]) {
+    this.availableBalance = availableBalance;
+    this.recentTransfers = recentTransfers;
+  }
+}
+

src/card/dtos/responses/paged-child-transfers.response.dto.ts

@@ -0,0 +1,33 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { ChildTransferItemDto } from './child-transfer-item.response.dto';
+
+export class PagedChildTransfersResponseDto {
+  @ApiProperty({ type: [ChildTransferItemDto] })
+  items!: ChildTransferItemDto[];
+
+  @ApiProperty({ example: 1 })
+  page!: number;
+
+  @ApiProperty({ example: 10 })
+  size!: number;
+
+  @ApiProperty({ example: 20 })
+  total!: number;
+
+  @ApiProperty({ example: true })
+  hasMore!: boolean;
+
+  constructor(
+    items: ChildTransferItemDto[],
+    page: number,
+    size: number,
+    total: number,
+  ) {
+    this.items = items;
+    this.page = page;
+    this.size = size;
+    this.total = total;
+    this.hasMore = page * size < total;
+  }
+}
+

src/card/dtos/responses/paged-parent-transfers.response.dto.ts

@@ -0,0 +1,33 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { ParentTransferItemDto } from './parent-transfer-item.response.dto';
+
+export class PagedParentTransfersResponseDto {
+  @ApiProperty({ type: [ParentTransferItemDto] })
+  items!: ParentTransferItemDto[];
+
+  @ApiProperty({ example: 1 })
+  page!: number;
+
+  @ApiProperty({ example: 10 })
+  size!: number;
+
+  @ApiProperty({ example: 45 })
+  total!: number;
+
+  @ApiProperty({ example: true })
+  hasMore!: boolean;
+
+  constructor(
+    items: ParentTransferItemDto[],
+    page: number,
+    size: number,
+    total: number,
+  ) {
+    this.items = items;
+    this.page = page;
+    this.size = size;
+    this.total = total;
+    this.hasMore = page * size < total;
+  }
+}
+

src/card/dtos/responses/paged-transactions.response.dto.ts

@@ -0,0 +1,33 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { TransactionItemResponseDto } from './transaction-item.response.dto';
+
+export class PagedTransactionsResponseDto {
+  @ApiProperty({ type: [TransactionItemResponseDto] })
+  items!: TransactionItemResponseDto[];
+
+  @ApiProperty({ example: 1 })
+  page!: number;
+
+  @ApiProperty({ example: 10 })
+  size!: number;
+
+  @ApiProperty({ example: 45 })
+  total!: number;
+
+  @ApiProperty({ example: true })
+  hasMore!: boolean;
+
+  constructor(
+    items: TransactionItemResponseDto[],
+    page: number,
+    size: number,
+    total: number,
+  ) {
+    this.items = items;
+    this.page = page;
+    this.size = size;
+    this.total = total;
+    this.hasMore = page * size < total;
+  }
+}
+

src/card/dtos/responses/parent-home.response.dto.ts

@@ -0,0 +1,16 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { ParentTransferItemDto } from './parent-transfer-item.response.dto';
+
+export class ParentHomeResponseDto {
+  @ApiProperty({ example: 2000.0 })
+  availableBalance!: number;
+
+  @ApiProperty({ type: [ParentTransferItemDto] })
+  recentTransfers!: ParentTransferItemDto[];
+
+  constructor(availableBalance: number, recentTransfers: ParentTransferItemDto[]) {
+    this.availableBalance = availableBalance;
+    this.recentTransfers = recentTransfers;
+  }
+}
+

src/card/dtos/responses/parent-transfer-item.response.dto.ts

@@ -0,0 +1,16 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class ParentTransferItemDto {
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.0 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 'Ahmed Ali' })
+  childName!: string;
+}
+

src/card/dtos/responses/spending-history-item.response.dto.ts

@@ -0,0 +1,58 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Transaction } from '~/card/entities/transaction.entity';
+
+export class SpendingHistoryItemDto {
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.5 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiPropertyOptional({ example: 'Shopping' })
+  category!: string | null;
+
+  @ApiPropertyOptional({ example: 'Target Store' })
+  merchantName!: string | null;
+
+  @ApiPropertyOptional({ example: 'Riyadh' })
+  merchantCity!: string | null;
+
+  @ApiProperty({ example: '277012*****3456' })
+  cardMasked!: string;
+
+  @ApiProperty()
+  transactionId!: string;
+
+  constructor(transaction: Transaction) {
+    this.date = transaction.transactionDate;
+    this.amount = transaction.transactionAmount;
+    this.currency = transaction.transactionCurrency === '682' ? 'SAR' : transaction.transactionCurrency;
+    this.category = this.mapMccToCategory(transaction.merchantCategoryCode);
+    this.merchantName = transaction.merchantName;
+    this.merchantCity = transaction.merchantCity;
+    this.cardMasked = transaction.cardMaskedNumber;
+    this.transactionId = transaction.id;
+  }
+
+  private mapMccToCategory(mcc: string | null): string {
+    if (!mcc) return 'Other';
+    
+    const mccCode = mcc;
+    
+    // Map MCC codes to categories
+    if (mccCode >= '5200' && mccCode <= '5599') return 'Shopping';
+    if (mccCode >= '5800' && mccCode <= '5899') return 'Food & Dining';
+    if (mccCode >= '3000' && mccCode <= '3999') return 'Travel';
+    if (mccCode >= '4000' && mccCode <= '4799') return 'Transportation';
+    if (mccCode >= '7200' && mccCode <= '7999') return 'Entertainment';
+    if (mccCode >= '5900' && mccCode <= '5999') return 'Services';
+    if (mccCode >= '4800' && mccCode <= '4899') return 'Utilities';
+    if (mccCode >= '8000' && mccCode <= '8999') return 'Health & Wellness';
+    
+    return 'Other';
+  }
+}
+

src/card/dtos/responses/spending-history.response.dto.ts

@@ -0,0 +1,24 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { SpendingHistoryItemDto } from './spending-history-item.response.dto';
+
+export class SpendingHistoryResponseDto {
+  @ApiProperty({ type: [SpendingHistoryItemDto] })
+  transactions!: SpendingHistoryItemDto[];
+
+  @ApiProperty({ example: 150.75 })
+  totalSpent!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 10 })
+  count!: number;
+
+  constructor(transactions: SpendingHistoryItemDto[], currency: string = 'SAR') {
+    this.transactions = transactions;
+    this.totalSpent = transactions.reduce((sum, tx) => sum + tx.amount, 0);
+    this.currency = currency;
+    this.count = transactions.length;
+  }
+}
+

src/card/dtos/responses/transaction-detail.response.dto.ts

@@ -0,0 +1,74 @@
+import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
+import { Transaction } from '~/card/entities/transaction.entity';
+
+export class TransactionDetailResponseDto {
+  @ApiProperty()
+  id!: string;
+
+  @ApiProperty({ example: '2025-10-14T09:53:40.000Z' })
+  date!: Date;
+
+  @ApiProperty({ example: 50.5 })
+  amount!: number;
+
+  @ApiProperty({ example: 'SAR' })
+  currency!: string;
+
+  @ApiProperty({ example: 2.5 })
+  fees!: number;
+
+  @ApiProperty({ example: 0.5 })
+  vatOnFees!: number;
+
+  @ApiPropertyOptional({ example: 'Target Store' })
+  merchantName!: string | null;
+
+  @ApiPropertyOptional({ example: 'Shopping' })
+  category!: string | null;
+
+  @ApiPropertyOptional({ example: 'Riyadh' })
+  merchantCity!: string | null;
+
+  @ApiProperty({ example: '277012*****3456' })
+  cardMasked!: string;
+
+  @ApiProperty()
+  rrn!: string;
+
+  @ApiProperty()
+  transactionId!: string;
+
+  constructor(transaction: Transaction) {
+    this.id = transaction.id;
+    this.date = transaction.transactionDate;
+    this.amount = transaction.transactionAmount;
+    this.currency = transaction.transactionCurrency === '682' ? 'SAR' : transaction.transactionCurrency;
+    this.fees = transaction.fees;
+    this.vatOnFees = transaction.vatOnFees;
+    this.merchantName = transaction.merchantName;
+    this.category = this.mapMccToCategory(transaction.merchantCategoryCode);
+    this.merchantCity = transaction.merchantCity;
+    this.cardMasked = transaction.cardMaskedNumber;
+    this.rrn = transaction.rrn;
+    this.transactionId = transaction.transactionId;
+  }
+
+  private mapMccToCategory(mcc: string | null): string {
+    if (!mcc) return 'Other';
+    
+    const mccCode = mcc;
+    
+    // Map MCC codes to categories
+    if (mccCode >= '5200' && mccCode <= '5599') return 'Shopping';
+    if (mccCode >= '5800' && mccCode <= '5899') return 'Food & Dining';
+    if (mccCode >= '3000' && mccCode <= '3999') return 'Travel';
+    if (mccCode >= '4000' && mccCode <= '4799') return 'Transportation';
+    if (mccCode >= '7200' && mccCode <= '7999') return 'Entertainment';
+    if (mccCode >= '5900' && mccCode <= '5999') return 'Services';
+    if (mccCode >= '4800' && mccCode <= '4899') return 'Utilities';
+    if (mccCode >= '8000' && mccCode <= '8999') return 'Health & Wellness';
+    
+    return 'Other';
+  }
+}
+

src/card/dtos/responses/transaction-item.response.dto.ts

@@ -0,0 +1,24 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { ParentTransactionType } from '~/card/enums';
+
+export class TransactionItemResponseDto {
+  @ApiProperty()
+  date!: Date;
+
+  @ApiProperty({ example: -50.0 })
+  amountSigned!: number;
+
+  @ApiProperty({ enum: ParentTransactionType })
+  type!: ParentTransactionType;
+
+  @ApiProperty({ description: 'Counterparty display name (child for transfer, source label for top-up)' })
+  counterpartyName!: string;
+
+  @ApiProperty({ nullable: true })
+  counterpartyAccountMasked!: string | null;
+
+  @ApiProperty({ required: false })
+  childName?: string;
+}
+
+

src/card/entities/account.entity.ts

@@ -0,0 +1,60 @@
+import { Column, CreateDateColumn, Entity, Index, OneToMany, PrimaryGeneratedColumn, UpdateDateColumn } from 'typeorm';
+import { Card } from './card.entity';
+import { Transaction } from './transaction.entity';
+
+@Entity('accounts')
+export class Account {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Column('varchar', { length: 255, nullable: false, unique: true, name: 'account_reference' })
+  @Index({ unique: true })
+  accountReference!: string;
+
+  @Index({ unique: true })
+  @Column('varchar', { length: 255, nullable: false, name: 'account_number' })
+  accountNumber!: string;
+
+  @Index({ unique: true })
+  @Column('varchar', { length: 255, nullable: false, name: 'iban' })
+  iban!: string;
+
+  @Column('varchar', { length: 255, nullable: false, name: 'currency' })
+  currency!: string;
+
+  @Column('decimal', {
+    precision: 10,
+    scale: 2,
+    default: 0.0,
+    name: 'balance',
+    transformer: {
+      to: (value: number) => value,
+      from: (value: string) => parseFloat(value),
+    },
+  })
+  balance!: number;
+
+  @Column('decimal', {
+    precision: 10,
+    scale: 2,
+    default: 0.0,
+    name: 'reserved_balance',
+    transformer: {
+      to: (value: number) => value,
+      from: (value: string) => parseFloat(value),
+    },
+  })
+  reservedBalance!: number;
+
+  @OneToMany(() => Card, (card) => card.account, { cascade: true })
+  cards!: Card[];
+
+  @OneToMany(() => Transaction, (transaction) => transaction.account, { cascade: true })
+  transactions!: Transaction[];
+
+  @CreateDateColumn({ name: 'created_at', type: 'timestamp with time zone' })
+  createdAt!: Date;
+
+  @UpdateDateColumn({ name: 'updated_at', type: 'timestamp with time zone' })
+  updatedAt!: Date;
+}

src/card/entities/card.entity.ts

@@ -0,0 +1,89 @@
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  Index,
+  JoinColumn,
+  ManyToOne,
+  OneToMany,
+  PrimaryGeneratedColumn,
+  UpdateDateColumn,
+} from 'typeorm';
+import { Customer } from '~/customer/entities';
+import { CardColors, CardIssuers, CardScheme, CardStatus, CardStatusDescription, CustomerType } from '../enums';
+import { Account } from './account.entity';
+import { Transaction } from './transaction.entity';
+
+@Entity('cards')
+export class Card {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Index({ unique: true })
+  @Column({ name: 'card_reference', nullable: false, type: 'varchar' })
+  cardReference!: string;
+
+  @Index({ unique: true })
+  @Column({ name: 'vpan', nullable: false, type: 'varchar' })
+  vpan!: string;
+
+  @Column({ length: 6, name: 'first_six_digits', nullable: false, type: 'varchar' })
+  firstSixDigits!: string;
+
+  @Column({ length: 4, name: 'last_four_digits', nullable: false, type: 'varchar' })
+  lastFourDigits!: string;
+
+  @Column({ type: 'varchar', nullable: false })
+  expiry!: string;
+
+  @Column({ type: 'varchar', nullable: false, name: 'customer_type' })
+  customerType!: CustomerType;
+
+  @Column({ type: 'varchar', nullable: false, default: CardColors.DEEP_MAGENTA })
+  color!: CardColors;
+
+  @Column({ type: 'varchar', nullable: false, default: CardStatus.PENDING })
+  status!: CardStatus;
+
+  @Column({ type: 'varchar', nullable: false, default: CardStatusDescription.PENDING_ACTIVATION })
+  statusDescription!: CardStatusDescription;
+
+  @Column({ type: 'decimal', precision: 10, scale: 2, default: 0.0, name: 'limit' })
+  limit!: number;
+
+  @Column({ type: 'varchar', nullable: false, default: CardScheme.VISA })
+  scheme!: CardScheme;
+
+  @Column({ type: 'varchar', nullable: false })
+  issuer!: CardIssuers;
+
+  @Column({ type: 'uuid', name: 'customer_id', nullable: false })
+  customerId!: string;
+
+  @Column({ type: 'uuid', name: 'parent_id', nullable: true })
+  parentId?: string;
+
+  @Column({ type: 'uuid', name: 'account_id', nullable: false })
+  accountId!: string;
+
+  @ManyToOne(() => Customer, (customer) => customer.childCards)
+  @JoinColumn({ name: 'parent_id' })
+  parentCustomer?: Customer;
+
+  @ManyToOne(() => Customer, (customer) => customer.cards, { onDelete: 'CASCADE' })
+  @JoinColumn({ name: 'customer_id' })
+  customer!: Customer;
+
+  @ManyToOne(() => Account, (account) => account.cards, { onDelete: 'CASCADE' })
+  @JoinColumn({ name: 'account_id' })
+  account!: Account;
+
+  @OneToMany(() => Transaction, (transaction) => transaction.card, { cascade: true })
+  transactions!: Transaction[];
+
+  @CreateDateColumn({ name: 'created_at', type: 'timestamp with time zone' })
+  createdAt!: Date;
+
+  @UpdateDateColumn({ type: 'timestamp with time zone', name: 'updated_at' })
+  updatedAt!: Date;
+}

src/card/entities/index.ts

@@ -0,0 +1 @@
+export * from './card.entity';

src/card/entities/transaction.entity.ts

@@ -0,0 +1,87 @@
+import { Column, CreateDateColumn, Entity, JoinColumn, ManyToOne, PrimaryGeneratedColumn } from 'typeorm';
+import { TransactionScope, TransactionType } from '../enums';
+import { Account } from './account.entity';
+import { Card } from './card.entity';
+
+@Entity('transactions')
+export class Transaction {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Column({ name: 'transaction_scope', type: 'varchar', nullable: false })
+  transactionScope!: TransactionScope;
+
+  @Column({ name: 'transaction_type', type: 'varchar', default: TransactionType.EXTERNAL })
+  transactionType!: TransactionType;
+
+  @Column({ name: 'card_reference', nullable: true, type: 'varchar' })
+  cardReference!: string;
+
+  @Column({ name: 'account_reference', nullable: true, type: 'varchar' })
+  accountReference!: string;
+
+  @Column({ name: 'transaction_id', unique: true, nullable: true, type: 'varchar' })
+  transactionId!: string;
+
+  @Column({ name: 'card_masked_number', nullable: true, type: 'varchar' })
+  cardMaskedNumber!: string;
+
+  @Column({ type: 'timestamp with time zone', name: 'transaction_date', nullable: true })
+  transactionDate!: Date;
+
+  @Column({ name: 'rrn', nullable: true, type: 'varchar' })
+  rrn!: string;
+
+  @Column({
+    type: 'decimal',
+    precision: 12,
+    scale: 2,
+    name: 'transaction_amount',
+    transformer: {
+      to: (value: number) => value,
+      from: (value: string) => parseFloat(value),
+    },
+  })
+  transactionAmount!: number;
+
+  @Column({ type: 'varchar', name: 'transaction_currency' })
+  transactionCurrency!: string;
+
+  @Column({ type: 'decimal', name: 'billing_amount', precision: 12, scale: 2 })
+  billingAmount!: number;
+
+  @Column({ type: 'decimal', name: 'settlement_amount', precision: 12, scale: 2 })
+  settlementAmount!: number;
+
+  @Column({ type: 'decimal', name: 'fees', precision: 12, scale: 2 })
+  fees!: number;
+
+  @Column({ type: 'decimal', name: 'vat_on_fees', precision: 12, scale: 2, default: 0.0 })
+  vatOnFees!: number;
+
+  @Column({ name: 'merchant_name', type: 'varchar', nullable: true })
+  merchantName!: string | null;
+
+  @Column({ name: 'merchant_category_code', type: 'varchar', nullable: true })
+  merchantCategoryCode!: string | null;
+
+  @Column({ name: 'merchant_city', type: 'varchar', nullable: true })
+  merchantCity!: string | null;
+
+  @Column({ name: 'card_id', type: 'uuid', nullable: true })
+  cardId!: string;
+
+  @Column({ name: 'account_id', type: 'uuid', nullable: true })
+  accountId!: string;
+
+  @ManyToOne(() => Card, (card) => card.transactions, { onDelete: 'CASCADE', nullable: true })
+  @JoinColumn({ name: 'card_id' })
+  card!: Card;
+
+  @ManyToOne(() => Account, (account) => account.transactions, { onDelete: 'CASCADE', nullable: true })
+  @JoinColumn({ name: 'account_id' })
+  account!: Account;
+
+  @CreateDateColumn({ name: 'created_at', type: 'timestamp with time zone' })
+  createdAt!: Date;
+}

src/card/enums/card-colors.enum.ts

@@ -0,0 +1,13 @@
+export enum CardColors {
+  RAINBOW_PASTEL = 'RAINBOW_PASTEL',
+  DEEP_MAGENTA = 'DEEP_MAGENTA',
+  GREEN_TEAL = 'GREEN_TEAL',
+
+  BLUE_GREEN = 'BLUE_GREEN',
+  TEAL_NAVY = 'TEAL_NAVY',
+  PURPLE_PINK = 'PURPLE_PINK',
+
+  GOLD_BLUE = 'GOLD_BLUE',
+  OCEAN_BLUE = 'OCEAN_BLUE',
+  BROWN_RUST = 'BROWN_RUST',
+}

src/card/enums/card-issuers.enum.ts

@@ -0,0 +1,3 @@
+export enum CardIssuers {
+  NEOLEAP = 'NEOLEAP',
+}

src/card/enums/card-scheme.enum.ts

@@ -0,0 +1,4 @@
+export enum CardScheme {
+  VISA = 'VISA',
+  MASTERCARD = 'MASTERCARD',
+}