From f0d3d2c9f11e1b2529f6acb1d1374a7d6b1d7aa7 Mon Sep 17 00:00:00 2001 From: saridsa2 Date: Wed, 18 Mar 2026 10:43:05 +0530 Subject: [PATCH] feat: fetch user profile with custom roles (HelixEngage Manager/User) after login, determine app role, pass to frontend --- src/auth/auth.controller.ts | 66 +++++++++++++++++++++++++++++-------- 1 file changed, 53 insertions(+), 13 deletions(-) diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts index 25d24b1..09217ad 100644 --- a/src/auth/auth.controller.ts +++ b/src/auth/auth.controller.ts @@ -81,24 +81,64 @@ export class AuthController { } const tokens = tokenRes.data.data.getAuthTokensFromLoginToken.tokens; + const accessToken = tokens.accessOrWorkspaceAgnosticToken.token; - // Auto-login Ozonetel agent (fire and forget — don't block auth) - const ozAgentId = process.env.OZONETEL_AGENT_ID ?? 'agent3'; - const ozAgentPassword = process.env.OZONETEL_AGENT_PASSWORD ?? 'Test123$'; - const ozSipId = process.env.OZONETEL_SIP_ID ?? '521814'; - - this.ozonetelAgent.loginAgent({ - agentId: ozAgentId, - password: ozAgentPassword, - phoneNumber: ozSipId, - mode: 'blended', - }).catch(err => { - this.logger.warn(`Ozonetel agent login failed (non-blocking): ${err.message}`); + // Step 3: Fetch user profile with roles + const profileRes = await axios.post(this.graphqlUrl, { + query: `{ currentUser { id email workspaceMember { id name { firstName lastName } userEmail avatarUrl roles { id label } } } }`, + }, { + headers: { + 'Content-Type': 'application/json', + 'Authorization': `Bearer ${accessToken}`, + }, }); + const currentUser = profileRes.data?.data?.currentUser; + const workspaceMember = currentUser?.workspaceMember; + const roles = workspaceMember?.roles ?? []; + const roleLabels = roles.map((r: any) => r.label); + + // Determine app role from platform roles + let appRole = 'executive'; // default + if (roleLabels.includes('HelixEngage Manager')) { + appRole = 'admin'; + } else if (roleLabels.includes('HelixEngage User')) { + // Distinguish CC agent from executive by email convention or config + // For now, emails containing 'cc' map to cc-agent + const email = workspaceMember?.userEmail ?? body.email; + appRole = email.includes('cc') ? 'cc-agent' : 'executive'; + } + + this.logger.log(`User ${body.email} logged in with role: ${appRole} (platform roles: ${roleLabels.join(', ')})`); + + // Auto-login Ozonetel agent for CC agents (fire and forget) + if (appRole === 'cc-agent') { + const ozAgentId = process.env.OZONETEL_AGENT_ID ?? 'agent3'; + const ozAgentPassword = process.env.OZONETEL_AGENT_PASSWORD ?? 'Test123$'; + const ozSipId = process.env.OZONETEL_SIP_ID ?? '521814'; + + this.ozonetelAgent.loginAgent({ + agentId: ozAgentId, + password: ozAgentPassword, + phoneNumber: ozSipId, + mode: 'blended', + }).catch(err => { + this.logger.warn(`Ozonetel agent login failed (non-blocking): ${err.message}`); + }); + } + return { - accessToken: tokens.accessOrWorkspaceAgnosticToken.token, + accessToken, refreshToken: tokens.refreshToken.token, + user: { + id: currentUser?.id, + email: currentUser?.email, + firstName: workspaceMember?.name?.firstName ?? '', + lastName: workspaceMember?.name?.lastName ?? '', + avatarUrl: workspaceMember?.avatarUrl, + role: appRole, + platformRoles: roleLabels, + }, }; } catch (error) { if (error instanceof HttpException) throw error;