feat(auth): add guest login

Co-authored-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2025-06-07 18:04:56 -04:00 · 2025-05-28 21:53:35 +02:00 · 2025-05-28 21:53:35 +02:00 · 167135a8d0
commit 167135a8d0
parent 04d19ebfbc
9 changed files with 87 additions and 19 deletions
--- a/backend/src/api/private/api-tokens/api-tokens.controller.ts
+++ b/backend/src/api/private/api-tokens/api-tokens.controller.ts
@ -40,7 +40,9 @@ export class ApiTokensController {

  @Get()
  @OpenApi(200)
-  async getUserTokens(@RequestUserId() userId: number): Promise<ApiTokenDto[]> {
+  async getUserTokens(
+    @RequestUserId({ forbidGuests: true }) userId: number,
+  ): Promise<ApiTokenDto[]> {
    return (await this.apiTokenService.getTokensOfUserById(userId)).map(
      (token) => this.apiTokenService.toAuthTokenDto(token),
    );
@ -50,7 +52,7 @@ export class ApiTokensController {
  @OpenApi(201)
  async postTokenRequest(
    @Body() createDto: ApiTokenCreateDto,
-    @RequestUserId() userId: User[FieldNameUser.id],
+    @RequestUserId({ forbidGuests: true }) userId: User[FieldNameUser.id],
  ): Promise<ApiTokenWithSecretDto> {
    return await this.apiTokenService.createToken(
      userId,
@ -62,7 +64,7 @@ export class ApiTokensController {
  @Delete('/:keyId')
  @OpenApi(204, 404)
  async deleteToken(
-    @RequestUserId() userId: number,
+    @RequestUserId({ forbidGuests: true }) userId: number,
    @Param('keyId') keyId: string,
  ): Promise<void> {
    await this.apiTokenService.removeToken(keyId, userId);