changed logic form filter only with start date

- Added a new API endpoint to set a user passcode with validation.
- Created SetPasscodeDTO for passcode input validation.
- Implemented setUserPasscode method in UserService to handle passcode setting.
- Updated user.yml to include the new set-passcode endpoint.
- Created setPasscodeForMobile handler to manage the passcode setting logic.
- Removed unused test-stepper-handler.ts file.
- Deleted Dockerfile, docker-compose.yml, init.sql, and serverless.yml.backup files as part of cleanup.

Dockerfile

@@ -1,62 +0,0 @@
-# Multi-stage build for NestJS Serverless Application
-FROM node:18-alpine AS builder
-
-# Set working directory
-WORKDIR /app
-
-# Copy package files
-COPY package*.json ./
-COPY prisma ./prisma/
-
-# Install dependencies
-RUN npm ci --only=production && npm cache clean --force
-
-# Copy source code
-COPY . .
-
-# Generate Prisma client
-RUN npx prisma generate
-
-# Build the application
-RUN npm run build
-
-# Production stage
-FROM node:18-alpine AS production
-
-# Set working directory
-WORKDIR /app
-
-# Install serverless framework globally
-RUN npm install -g serverless
-
-# Copy package files
-COPY package*.json ./
-
-# Install production dependencies
-RUN npm ci --only=production && npm cache clean --force
-
-# Copy built application
-COPY --from=builder /app/dist ./dist
-COPY --from=builder /app/prisma ./prisma
-COPY --from=builder /app/node_modules/.prisma ./node_modules/.prisma
-
-# Copy serverless configuration
-COPY serverless*.yml ./
-
-# Create non-root user
-RUN addgroup -g 1001 -S nodejs
-RUN adduser -S nestjs -u 1001
-
-# Change ownership
-RUN chown -R nestjs:nodejs /app
-USER nestjs
-
-# Expose port
-EXPOSE 3000
-
-# Health check
-HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
-  CMD curl -f http://localhost:3000/health || exit 1
-
-# Start the application
-CMD ["npm", "run", "start:prod"]

docker-compose.yml

@@ -1,86 +0,0 @@
-version: '3.8'
-
-services:
-  # PostgreSQL Database
-  postgres:
-    image: postgres:15-alpine
-    container_name: nestjs-postgres
-    restart: unless-stopped
-    environment:
-      POSTGRES_DB: nestjs_user_crud
-      POSTGRES_USER: postgres
-      POSTGRES_PASSWORD: postgres
-    ports:
-      - "5432:5432"
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-      - ./init.sql:/docker-entrypoint-initdb.d/init.sql
-    networks:
-      - nestjs-network
-
-  # Redis for caching (optional)
-  redis:
-    image: redis:7-alpine
-    container_name: nestjs-redis
-    restart: unless-stopped
-    ports:
-      - "6379:6379"
-    volumes:
-      - redis_data:/data
-    networks:
-      - nestjs-network
-
-  # NestJS Application
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile
-      target: production
-    container_name: nestjs-app
-    restart: unless-stopped
-    ports:
-      - "3000:3000"
-    environment:
-      NODE_ENV: development
-      DATABASE_URL: postgresql://postgres:postgres@postgres:5432/nestjs_user_crud?schema=public
-      JWT_SECRET: docker-jwt-secret-key
-      JWT_EXPIRES_IN: 7d
-      API_PREFIX: api/v1
-      API_VERSION: 1.0.0
-      THROTTLE_TTL: 60
-      THROTTLE_LIMIT: 10
-      CORS_ORIGIN: http://localhost:3000
-    depends_on:
-      - postgres
-      - redis
-    networks:
-      - nestjs-network
-    volumes:
-      - ./src:/app/src
-      - ./prisma:/app/prisma
-
-  # Prisma Studio
-  prisma-studio:
-    image: node:18-alpine
-    container_name: nestjs-prisma-studio
-    restart: unless-stopped
-    ports:
-      - "5555:5555"
-    environment:
-      DATABASE_URL: postgresql://postgres:postgres@postgres:5432/nestjs_user_crud?schema=public
-    working_dir: /app
-    volumes:
-      - .:/app
-    command: sh -c "npm install && npx prisma generate && npx prisma studio --hostname 0.0.0.0"
-    depends_on:
-      - postgres
-    networks:
-      - nestjs-network
-
-volumes:
-  postgres_data:
-  redis_data:
-
-networks:
-  nestjs-network:
-    driver: bridge

init.sql

@@ -1,19 +0,0 @@
--- Initialize database for NestJS Serverless Application
--- This file is executed when the PostgreSQL container starts
-
--- Create database if it doesn't exist
-SELECT 'CREATE DATABASE nestjs_user_crud'
-WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'nestjs_user_crud')\gexec
-
--- Connect to the database
-\c nestjs_user_crud;
-
--- Create extensions if needed
-CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
-
--- Set timezone
-SET timezone = 'UTC';
-
--- Create a user for the application (optional)
--- CREATE USER nestjs_user WITH PASSWORD 'nestjs_password';
--- GRANT ALL PRIVILEGES ON DATABASE nestjs_user_crud TO nestjs_user;

insertCities.js

@@ -0,0 +1,53 @@
+import { PrismaClient } from '@prisma/client';
+import fs from 'fs';
+import path from 'path';
+
+const prisma = new PrismaClient();
+
+async function insertCities() {
+  try {
+    const statesFolder = path.join(process.cwd(), 'states-cities');
+    const files = fs.readdirSync(statesFolder);
+
+    for (const file of files) {
+      if (!file.endsWith('.json')) continue;
+
+      const stateName = file.replace('.json', '');
+
+      const state = await prisma.states.findFirst({
+        where: { stateName },
+      });
+
+      if (!state) {
+        console.log(`❌ State not found: ${stateName}`);
+        continue;
+      }
+
+      const filePath = path.join(statesFolder, file);
+      const citiesData = JSON.parse(
+        fs.readFileSync(filePath, 'utf-8')
+      );
+
+      await prisma.cities.createMany({
+        data: citiesData.map((city) => ({
+          stateXid: state.id,
+          cityName:
+            typeof city === 'string'
+              ? city.trim()
+              : city.cityName.trim(),
+        })),
+        skipDuplicates: true,
+      });
+
+      console.log(`✅ ${stateName} cities inserted`);
+    }
+
+    console.log('🎉 All cities inserted successfully');
+  } catch (error) {
+    console.error('Error inserting cities:', error);
+  } finally {
+    await prisma.$disconnect();
+  }
+}
+
+insertCities();

layers/prisma/nodejs/package-lock.json

@@ -15,23 +15,21 @@
       }
     },
     "node_modules/@prisma/adapter-pg": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/@prisma/adapter-pg/-/adapter-pg-7.0.1.tgz",
-      "integrity": "sha512-01GpPPhLMoDMF4ipgfZz0L87fla/TV/PBQcmHy+9vV1ml6gUoqF8dUIRNI5Yf2YKpOwzQg9sn8C7dYD1Yio9Ug==",
-      "license": "Apache-2.0",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/@prisma/adapter-pg/-/adapter-pg-7.2.0.tgz",
+      "integrity": "sha512-euIdQ13cRB2wZ3jPsnDnFhINquo1PYFPCg6yVL8b2rp3EdinQHsX9EDdCtRr489D5uhphcRk463OdQAFlsCr0w==",
       "dependencies": {
-        "@prisma/driver-adapter-utils": "7.0.1",
+        "@prisma/driver-adapter-utils": "7.2.0",
         "pg": "^8.16.3",
         "postgres-array": "3.0.4"
       }
     },
     "node_modules/@prisma/client": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/@prisma/client/-/client-7.0.1.tgz",
-      "integrity": "sha512-O74T6xcfaGAq5gXwCAvfTLvI6fmC3and2g5yLRMkNjri1K8mSpEgclDNuUWs9xj5AwNEMQ88NeD3asI+sovm1g==",
-      "license": "Apache-2.0",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/@prisma/client/-/client-7.2.0.tgz",
+      "integrity": "sha512-JdLF8lWZ+LjKGKpBqyAlenxd/kXjd1Abf/xK+6vUA7R7L2Suo6AFTHFRpPSdAKCan9wzdFApsUpSa/F6+t1AtA==",
       "dependencies": {
-        "@prisma/client-runtime-utils": "7.0.1"
+        "@prisma/client-runtime-utils": "7.2.0"
       },
       "engines": {
         "node": "^20.19 || ^22.12 || >=24.0"
@@ -50,31 +48,27 @@
       }
     },
     "node_modules/@prisma/client-runtime-utils": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/@prisma/client-runtime-utils/-/client-runtime-utils-7.0.1.tgz",
-      "integrity": "sha512-R26BVX9D/iw4toUmZKZf3jniM/9pMGHHdZN5LVP2L7HNiCQKNQQx/9LuMtjepbgRqSqQO3oHN0yzojHLnKTGEw==",
-      "license": "Apache-2.0"
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/@prisma/client-runtime-utils/-/client-runtime-utils-7.2.0.tgz",
+      "integrity": "sha512-dn7oB53v0tqkB0wBdMuTNFNPdEbfICEUe82Tn9FoKAhJCUkDH+fmyEp0ClciGh+9Hp2Tuu2K52kth2MTLstvmA=="
     },
     "node_modules/@prisma/debug": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/@prisma/debug/-/debug-7.0.1.tgz",
-      "integrity": "sha512-5+25XokVeAK2Z2C9W457AFw7Hk032Q3QI3G58KYKXPlpgxy+9FvV1+S1jqfJ2d4Nmq9LP/uACrM6OVhpJMSr8w==",
-      "license": "Apache-2.0"
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/@prisma/debug/-/debug-7.2.0.tgz",
+      "integrity": "sha512-YSGTiSlBAVJPzX4ONZmMotL+ozJwQjRmZweQNIq/ER0tQJKJynNkRB3kyvt37eOfsbMCXk3gnLF6J9OJ4QWftw=="
     },
     "node_modules/@prisma/driver-adapter-utils": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/@prisma/driver-adapter-utils/-/driver-adapter-utils-7.0.1.tgz",
-      "integrity": "sha512-sBbxm/yysHLLF2iMAB+qcX/nn3WFgsiC4DQNz0uM6BwGSIs8lIvgo0u8nR9nxe5gvFgKiIH8f4z2fgOEMeXc8w==",
-      "license": "Apache-2.0",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/@prisma/driver-adapter-utils/-/driver-adapter-utils-7.2.0.tgz",
+      "integrity": "sha512-gzrUcbI9VmHS24Uf+0+7DNzdIw7keglJsD5m/MHxQOU68OhGVzlphQRobLiDMn8CHNA2XN8uugwKjudVtnfMVQ==",
       "dependencies": {
-        "@prisma/debug": "7.0.1"
+        "@prisma/debug": "7.2.0"
       }
     },
     "node_modules/pg": {
       "version": "8.16.3",
       "resolved": "https://registry.npmjs.org/pg/-/pg-8.16.3.tgz",
       "integrity": "sha512-enxc1h0jA/aq5oSDMvqyW3q89ra6XIIDZgCX9vkMrnz5DFTw/Ny3Li2lFQ+pt3L6MCgm/5o2o8HW9hiJji+xvw==",
-      "license": "MIT",
       "dependencies": {
         "pg-connection-string": "^2.9.1",
         "pg-pool": "^3.10.1",
@@ -101,20 +95,17 @@
       "version": "1.2.7",
       "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.2.7.tgz",
       "integrity": "sha512-YgCtzMH0ptvZJslLM1ffsY4EuGaU0cx4XSdXLRFae8bPP4dS5xL1tNB3k2o/N64cHJpwU7dxKli/nZ2lUa5fLg==",
-      "license": "MIT",
       "optional": true
     },
     "node_modules/pg-connection-string": {
       "version": "2.9.1",
       "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.9.1.tgz",
-      "integrity": "sha512-nkc6NpDcvPVpZXxrreI/FOtX3XemeLl8E0qFr6F2Lrm/I8WOnaWNhIPK2Z7OHpw7gh5XJThi6j6ppgNoaT1w4w==",
-      "license": "MIT"
+      "integrity": "sha512-nkc6NpDcvPVpZXxrreI/FOtX3XemeLl8E0qFr6F2Lrm/I8WOnaWNhIPK2Z7OHpw7gh5XJThi6j6ppgNoaT1w4w=="
     },
     "node_modules/pg-int8": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/pg-int8/-/pg-int8-1.0.1.tgz",
       "integrity": "sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==",
-      "license": "ISC",
       "engines": {
         "node": ">=4.0.0"
       }
@@ -123,7 +114,6 @@
       "version": "3.10.1",
       "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.10.1.tgz",
       "integrity": "sha512-Tu8jMlcX+9d8+QVzKIvM/uJtp07PKr82IUOYEphaWcoBhIYkoHpLXN3qO59nAI11ripznDsEzEv8nUxBVWajGg==",
-      "license": "MIT",
       "peerDependencies": {
         "pg": ">=8.0"
       }
@@ -131,14 +121,12 @@
     "node_modules/pg-protocol": {
       "version": "1.10.3",
       "resolved": "https://registry.npmjs.org/pg-protocol/-/pg-protocol-1.10.3.tgz",
-      "integrity": "sha512-6DIBgBQaTKDJyxnXaLiLR8wBpQQcGWuAESkRBX/t6OwA8YsqP+iVSiond2EDy6Y/dsGk8rh/jtax3js5NeV7JQ==",
-      "license": "MIT"
+      "integrity": "sha512-6DIBgBQaTKDJyxnXaLiLR8wBpQQcGWuAESkRBX/t6OwA8YsqP+iVSiond2EDy6Y/dsGk8rh/jtax3js5NeV7JQ=="
     },
     "node_modules/pg-types": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/pg-types/-/pg-types-2.2.0.tgz",
       "integrity": "sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==",
-      "license": "MIT",
       "dependencies": {
         "pg-int8": "1.0.1",
         "postgres-array": "~2.0.0",
@@ -154,7 +142,6 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/postgres-array/-/postgres-array-2.0.0.tgz",
       "integrity": "sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==",
-      "license": "MIT",
       "engines": {
         "node": ">=4"
       }
@@ -163,7 +150,6 @@
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/pgpass/-/pgpass-1.0.5.tgz",
       "integrity": "sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==",
-      "license": "MIT",
       "dependencies": {
         "split2": "^4.1.0"
       }
@@ -172,16 +158,14 @@
       "version": "3.0.4",
       "resolved": "https://registry.npmjs.org/postgres-array/-/postgres-array-3.0.4.tgz",
       "integrity": "sha512-nAUSGfSDGOaOAEGwqsRY27GPOea7CNipJPOA7lPbdEpx5Kg3qzdP0AaWC5MlhTWV9s4hFX39nomVZ+C4tnGOJQ==",
-      "license": "MIT",
       "engines": {
         "node": ">=12"
       }
     },
     "node_modules/postgres-bytea": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/postgres-bytea/-/postgres-bytea-1.0.0.tgz",
-      "integrity": "sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==",
-      "license": "MIT",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/postgres-bytea/-/postgres-bytea-1.0.1.tgz",
+      "integrity": "sha512-5+5HqXnsZPE65IJZSMkZtURARZelel2oXUEO8rH83VS/hxH5vv1uHquPg5wZs8yMAfdv971IU+kcPUczi7NVBQ==",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -190,7 +174,6 @@
       "version": "1.0.7",
       "resolved": "https://registry.npmjs.org/postgres-date/-/postgres-date-1.0.7.tgz",
       "integrity": "sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==",
-      "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -199,7 +182,6 @@
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/postgres-interval/-/postgres-interval-1.2.0.tgz",
       "integrity": "sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==",
-      "license": "MIT",
       "dependencies": {
         "xtend": "^4.0.0"
       },
@@ -211,7 +193,6 @@
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/split2/-/split2-4.2.0.tgz",
       "integrity": "sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==",
-      "license": "ISC",
       "engines": {
         "node": ">= 10.x"
       }
@@ -220,16 +201,14 @@
       "version": "4.0.2",
       "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
       "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==",
-      "license": "MIT",
       "engines": {
         "node": ">=0.4"
       }
     },
     "node_modules/zod": {
-      "version": "4.1.13",
-      "resolved": "https://registry.npmjs.org/zod/-/zod-4.1.13.tgz",
-      "integrity": "sha512-AvvthqfqrAhNH9dnfmrfKzX5upOdjUVJYFqNSlkmGf64gRaTzlPwz99IHYnVs28qYAybvAlBV+H7pn0saFY4Ig==",
-      "license": "MIT",
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/zod/-/zod-4.2.1.tgz",
+      "integrity": "sha512-0wZ1IRqGGhMP76gLqz8EyfBXKk0J2qo2+H3fi4mcUP/KtTocoX08nmIAHl1Z2kJIZbZee8KOpBCSNPRgauucjw==",
       "funding": {
         "url": "https://github.com/sponsors/colinhacks"
       }

package-lock.json

@@ -13,7 +13,7 @@
         "@aws-crypto/sha256-browser": "^5.2.0",
         "@aws-crypto/sha256-js": "^5.2.0",
         "@aws-sdk/client-s3": "^3.928.0",
-        "@aws-sdk/s3-request-presigner": "^3.310.0",
+        "@aws-sdk/s3-request-presigner": "^3.928.0",
         "@aws/lambda-invoke-store": "^0.2.1",
         "@nestjs/common": "^10.3.0",
         "@nestjs/config": "^3.1.1",
@@ -31,18 +31,27 @@
         "@types/http-status": "^1.1.2",
         "ajv": "8.12.0",
         "aws-lambda": "^1.0.7",
+        "aws-sdk": "^2.1692.0",
         "bcrypt": "^6.0.0",
         "bcryptjs": "^2.4.3",
         "class-transformer": "^0.5.1",
         "class-validator": "^0.14.0",
         "date-fns": "^4.1.0",
+        "dayjs": "^1.11.19",
+        "docx": "^9.6.0",
+        "docxtemplater": "^3.68.3",
         "fast-xml-parser": "^5.3.1",
+        "fs": "^0.0.1-security",
         "helmet": "^7.1.0",
         "http-status": "^2.1.0",
         "moment": "^2.30.1",
+        "number-to-words": "^1.2.4",
         "passport": "^0.7.0",
         "passport-jwt": "^4.0.1",
         "passport-local": "^1.0.0",
+        "path": "^0.12.7",
+        "pdf-lib": "^1.17.1",
+        "pizzip": "^3.2.0",
         "prisma": "^7.0.1",
         "reflect-metadata": "^0.1.13",
         "rxjs": "^7.8.1",
@@ -73,6 +82,7 @@
         "prettier": "^3.2.5",
         "serverless-esbuild": "^1.55.1",
         "serverless-offline": "^14.4.0",
+        "serverless-plugin-split-stacks": "^1.14.0",
         "source-map-support": "^0.5.21",
         "supertest": "^6.3.4",
         "ts-jest": "^29.1.2",
@@ -4650,6 +4660,24 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@pdf-lib/standard-fonts": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@pdf-lib/standard-fonts/-/standard-fonts-1.0.0.tgz",
+      "integrity": "sha512-hU30BK9IUN/su0Mn9VdlVKsWBS6GyhVfqjwl1FjZN4TxP6cCw0jP2w7V3Hf5uX7M0AZJ16vey9yE0ny7Sa59ZA==",
+      "license": "MIT",
+      "dependencies": {
+        "pako": "^1.0.6"
+      }
+    },
+    "node_modules/@pdf-lib/upng": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/@pdf-lib/upng/-/upng-1.0.1.tgz",
+      "integrity": "sha512-dQK2FUMQtowVP00mtIksrlZhdFXQZPC+taih1q4CvPZ5vqdxR/LKBaFg0oAfzd1GlHZXXSPdQfzQnt+ViGvEIQ==",
+      "license": "MIT",
+      "dependencies": {
+        "pako": "^1.0.10"
+      }
+    },
     "node_modules/@pkgjs/parseargs": {
       "version": "0.11.0",
       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
@@ -5751,6 +5779,13 @@
       "integrity": "sha512-OvjF+z51L3ov0OyAU0duzsYuvO01PH7x4t6DJx+guahgTnBHkhJdG7soQeTSFLWN3efnHyibZ4Z8l2EuWwJN3A==",
       "license": "MIT"
     },
+    "node_modules/@tootallnate/quickjs-emscripten": {
+      "version": "0.23.0",
+      "resolved": "https://registry.npmjs.org/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz",
+      "integrity": "sha512-C5Mc6rdnsaJDjO3UpGW/CQTHtCKaYlScZTly4JIu97Jxo/odCiH0ITnDXSJPTOrEKk/ycSZ0AOgTmkDtkOsvIA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@tsconfig/node10": {
       "version": "1.0.12",
       "resolved": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.12.tgz",
@@ -6546,6 +6581,15 @@
         "@xtuc/long": "4.2.2"
       }
     },
+    "node_modules/@xmldom/xmldom": {
+      "version": "0.9.8",
+      "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.9.8.tgz",
+      "integrity": "sha512-p96FSY54r+WJ50FIOsCOjyj/wavs8921hG5+kVMmZgKcvIKxMXHTrjNJvRgWa/zuX3B6t2lijLNFaOyuxUH+2A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=14.6"
+      }
+    },
     "node_modules/@xtuc/ieee754": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz",
@@ -6624,6 +6668,16 @@
         "node": ">=0.4.0"
       }
     },
+    "node_modules/agent-base": {
+      "version": "7.1.4",
+      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz",
+      "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/aggregate-error": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
@@ -6964,6 +7018,19 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/ast-types": {
+      "version": "0.13.4",
+      "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz",
+      "integrity": "sha512-x1FCFnFifvYDDzTaLII71vG5uvDwgtmDTEVWAxrgeiR8VjMONcCXJx7E+USjDtHlwFmt9MysbqgF9b9Vjr6w+w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "tslib": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/async": {
       "version": "3.2.6",
       "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz",
@@ -6992,6 +7059,13 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/aws-info": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/aws-info/-/aws-info-1.3.0.tgz",
+      "integrity": "sha512-dYE3J2GQOMXjirx54IonDisZ6Ok4vBSYjNklNAGGDj2FzGHkWpGOlGAn5/BC8TRh8ttmYRy+Fsmxc8EJMnzSCg==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/aws-lambda": {
       "version": "1.0.7",
       "resolved": "https://registry.npmjs.org/aws-lambda/-/aws-lambda-1.0.7.tgz",
@@ -7257,6 +7331,16 @@
         "baseline-browser-mapping": "dist/cli.js"
       }
     },
+    "node_modules/basic-ftp": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.2.0.tgz",
+      "integrity": "sha512-VoMINM2rqJwJgfdHq6RiUudKt2BV+FY5ZFezP/ypmwayk68+NzzAQy4XXLlqsGD4MCzq3DrmNFD/uUmBJuGoXw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
     "node_modules/bcrypt": {
       "version": "6.0.0",
       "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-6.0.0.tgz",
@@ -8386,7 +8470,6 @@
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz",
       "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==",
-      "dev": true,
       "license": "MIT"
     },
     "node_modules/cors": {
@@ -8539,6 +8622,12 @@
         "url": "https://github.com/sponsors/kossnocorp"
       }
     },
+    "node_modules/dayjs": {
+      "version": "1.11.19",
+      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.19.tgz",
+      "integrity": "sha512-t5EcLVS6QPBNqM2z8fakk/NKel+Xzshgt8FFKAn+qwlD1pzZWxh0nVCrvFK7ZDb6XucZeF9z8C7CBWTRIVApAw==",
+      "license": "MIT"
+    },
     "node_modules/debug": {
       "version": "4.4.3",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
@@ -8633,6 +8722,21 @@
       "integrity": "sha512-mEQCMmwJu317oSz8CwdIOdwf3xMif1ttiM8LTufzc3g6kR+9Pe236twL8j3IYT1F7GfRgGcW6MWxzZjLIkuHIg==",
       "license": "MIT"
     },
+    "node_modules/degenerator": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-5.0.1.tgz",
+      "integrity": "sha512-TllpMR/t0M5sqCXfj85i4XaAzxmS5tVA16dqvdkMwGmzI+dXLXnw3J+3Vdv7VKw+ThlTMboK6i9rnZ6Nntj5CQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "ast-types": "^0.13.4",
+        "escodegen": "^2.1.0",
+        "esprima": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/delayed-stream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -8763,6 +8867,50 @@
         "node": ">=6.0.0"
       }
     },
+    "node_modules/docx": {
+      "version": "9.6.0",
+      "resolved": "https://registry.npmjs.org/docx/-/docx-9.6.0.tgz",
+      "integrity": "sha512-y6EaJJMDvt4P7wgGQB9KsZf4wsRkQMJfkc9LlNufRshggI5BT35hGNkXBCAeEoI3MLMwApKguxzjdqqVcBCqNA==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/node": "^25.2.3",
+        "hash.js": "^1.1.7",
+        "jszip": "^3.10.1",
+        "nanoid": "^5.1.3",
+        "xml": "^1.0.1",
+        "xml-js": "^1.6.8"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/docx/node_modules/@types/node": {
+      "version": "25.3.0",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.3.0.tgz",
+      "integrity": "sha512-4K3bqJpXpqfg2XKGK9bpDTc6xO/xoUP/RBWS7AtRMug6zZFaRekiLzjVtAoZMquxoAbzBvy5nxQ7veS5eYzf8A==",
+      "license": "MIT",
+      "dependencies": {
+        "undici-types": "~7.18.0"
+      }
+    },
+    "node_modules/docx/node_modules/undici-types": {
+      "version": "7.18.2",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+      "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
+      "license": "MIT"
+    },
+    "node_modules/docxtemplater": {
+      "version": "3.68.3",
+      "resolved": "https://registry.npmjs.org/docxtemplater/-/docxtemplater-3.68.3.tgz",
+      "integrity": "sha512-hTZfGcHgN60A09w68Qj0EQRCnF5kf2/ohFlZlUVqAOozCFwx9QMm8naCTvmTsXafuO3nG9qpS4pQWSjFdaCWfQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@xmldom/xmldom": "^0.9.8"
+      },
+      "engines": {
+        "node": ">=0.10"
+      }
+    },
     "node_modules/dotenv": {
       "version": "16.4.5",
       "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz",
@@ -9031,6 +9179,39 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/escodegen": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.1.0.tgz",
+      "integrity": "sha512-2NlIDTwUWJN0mRPQOdtQBzbUHvdGY2P1VXSyU83Q3xKxM7WHX2Ql8dKq782Q9TgQUNOLEzEYu9bzLNj1q88I5w==",
+      "dev": true,
+      "license": "BSD-2-Clause",
+      "dependencies": {
+        "esprima": "^4.0.1",
+        "estraverse": "^5.2.0",
+        "esutils": "^2.0.2"
+      },
+      "bin": {
+        "escodegen": "bin/escodegen.js",
+        "esgenerate": "bin/esgenerate.js"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "optionalDependencies": {
+        "source-map": "~0.6.1"
+      }
+    },
+    "node_modules/escodegen/node_modules/source-map": {
+      "version": "0.6.1",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "dev": true,
+      "license": "BSD-3-Clause",
+      "optional": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/eslint": {
       "version": "8.57.1",
       "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.57.1.tgz",
@@ -10022,6 +10203,12 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/fs": {
+      "version": "0.0.1-security",
+      "resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz",
+      "integrity": "sha512-3XY9e1pP0CVEUCdj5BmfIZxRBTSDycnbqhIOGec9QYtmVH2fbLpj86CFWkrNOkt/Fvty4KZG5lTglL9j/gJ87w==",
+      "license": "ISC"
+    },
     "node_modules/fs-constants": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz",
@@ -10199,6 +10386,31 @@
         "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1"
       }
     },
+    "node_modules/get-uri": {
+      "version": "6.0.5",
+      "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.5.tgz",
+      "integrity": "sha512-b1O07XYq8eRuVzBNgJLstU6FYc1tS6wnMtF1I1D9lE8LxZSOGZ7LhxN54yPP6mGw5f2CkXY2BQUL9Fx41qvcIg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "basic-ftp": "^5.0.2",
+        "data-uri-to-buffer": "^6.0.2",
+        "debug": "^4.3.4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/get-uri/node_modules/data-uri-to-buffer": {
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-6.0.2.tgz",
+      "integrity": "sha512-7hvf7/GW8e86rW0ptuwS3OcBGDjIi6SZva7hCyWC0yYry2cOPmLIjXAUHI6DK2HsnwJd9ifmt57i8eV2n4YNpw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/giget": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/giget/-/giget-2.0.0.tgz",
@@ -10437,6 +10649,16 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/hash.js": {
+      "version": "1.1.7",
+      "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz",
+      "integrity": "sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==",
+      "license": "MIT",
+      "dependencies": {
+        "inherits": "^2.0.3",
+        "minimalistic-assert": "^1.0.1"
+      }
+    },
     "node_modules/hasown": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
@@ -10499,6 +10721,20 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/http-proxy-agent": {
+      "version": "7.0.2",
+      "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz",
+      "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "agent-base": "^7.1.0",
+        "debug": "^4.3.4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/http-status": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/http-status/-/http-status-2.1.0.tgz",
@@ -10514,6 +10750,20 @@
       "integrity": "sha512-RJ8XvFvpPM/Dmc5SV+dC4y5PCeOhT3x1Hq0NU3rjGeg5a/CqlhZ7uudknPwZFz4aeAXDcbAyaeP7GAo9lvngtA==",
       "license": "MIT"
     },
+    "node_modules/https-proxy-agent": {
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz",
+      "integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/human-signals": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz",
@@ -10556,7 +10806,6 @@
       "version": "3.0.6",
       "resolved": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz",
       "integrity": "sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==",
-      "dev": true,
       "license": "MIT"
     },
     "node_modules/import-fresh": {
@@ -10661,6 +10910,16 @@
         "node": ">=12.0.0"
       }
     },
+    "node_modules/ip-address": {
+      "version": "10.1.0",
+      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz",
+      "integrity": "sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 12"
+      }
+    },
     "node_modules/ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -11986,7 +12245,6 @@
       "version": "3.10.1",
       "resolved": "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz",
       "integrity": "sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g==",
-      "dev": true,
       "license": "(MIT OR GPL-3.0-or-later)",
       "dependencies": {
         "lie": "~3.3.0",
@@ -11999,7 +12257,6 @@
       "version": "2.3.8",
       "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
       "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
-      "dev": true,
       "license": "MIT",
       "dependencies": {
         "core-util-is": "~1.0.0",
@@ -12015,14 +12272,12 @@
       "version": "5.1.2",
       "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
-      "dev": true,
       "license": "MIT"
     },
     "node_modules/jszip/node_modules/string_decoder": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
       "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
-      "dev": true,
       "license": "MIT",
       "dependencies": {
         "safe-buffer": "~5.1.0"
@@ -12149,7 +12404,6 @@
       "version": "3.3.0",
       "resolved": "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz",
       "integrity": "sha512-UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ==",
-      "dev": true,
       "license": "MIT",
       "dependencies": {
         "immediate": "~3.0.5"
@@ -12548,6 +12802,12 @@
         "node": ">=6"
       }
     },
+    "node_modules/minimalistic-assert": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
+      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==",
+      "license": "ISC"
+    },
     "node_modules/minimatch": {
       "version": "9.0.3",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
@@ -12698,6 +12958,24 @@
         "node": ">=12"
       }
     },
+    "node_modules/nanoid": {
+      "version": "5.1.6",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-5.1.6.tgz",
+      "integrity": "sha512-c7+7RQ+dMB5dPwwCp4ee1/iV/q2P6aK1mTZcfr1BTuVlyW9hJYiMPybJCcnBlQtuSmTIWNeazm/zqNoZSSElBg==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.js"
+      },
+      "engines": {
+        "node": "^18 || >=20"
+      }
+    },
     "node_modules/natural-compare": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
@@ -12722,6 +13000,16 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/netmask": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/netmask/-/netmask-2.0.2.tgz",
+      "integrity": "sha512-dBpDMdxv9Irdq66304OLfEmQ9tbNRFnFTuZiLo+bD+r332bBmMJ8GBLXklIXXgxd3+v9+KUnZaUR5PJMa75Gsg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4.0"
+      }
+    },
     "node_modules/nock": {
       "version": "13.5.6",
       "resolved": "https://registry.npmjs.org/nock/-/nock-13.5.6.tgz",
@@ -12873,6 +13161,12 @@
         "node": ">=8"
       }
     },
+    "node_modules/number-to-words": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/number-to-words/-/number-to-words-1.2.4.tgz",
+      "integrity": "sha512-/fYevVkXRcyBiZDg6yzZbm0RuaD6i0qRfn8yr+6D0KgBMOndFPxuW10qCHpzs50nN8qKuv78k8MuotZhcVX6Pw==",
+      "license": "MIT"
+    },
     "node_modules/nypm": {
       "version": "0.6.2",
       "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.6.2.tgz",
@@ -13118,6 +13412,40 @@
         "node": ">=6"
       }
     },
+    "node_modules/pac-proxy-agent": {
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.2.0.tgz",
+      "integrity": "sha512-TEB8ESquiLMc0lV8vcd5Ql/JAKAoyzHFXaStwjkzpOpC5Yv+pIzLfHvjTSdf3vpa2bMiUQrg9i6276yn8666aA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@tootallnate/quickjs-emscripten": "^0.23.0",
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "get-uri": "^6.0.1",
+        "http-proxy-agent": "^7.0.0",
+        "https-proxy-agent": "^7.0.6",
+        "pac-resolver": "^7.0.1",
+        "socks-proxy-agent": "^8.0.5"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/pac-resolver": {
+      "version": "7.0.1",
+      "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.1.tgz",
+      "integrity": "sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "degenerator": "^5.0.0",
+        "netmask": "^2.0.2"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/package-json-from-dist": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz",
@@ -13128,7 +13456,6 @@
       "version": "1.0.11",
       "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz",
       "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==",
-      "dev": true,
       "license": "(MIT AND Zlib)"
     },
     "node_modules/parent-module": {
@@ -13219,6 +13546,16 @@
         "node": ">= 0.4.0"
       }
     },
+    "node_modules/path": {
+      "version": "0.12.7",
+      "resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz",
+      "integrity": "sha512-aXXC6s+1w7otVF9UletFkFcDsJeO7lSZBPUQhtb5O0xJe8LtYhj/GxldoL09bBj9+ZmE2hNoHqQSFMN5fikh4Q==",
+      "license": "MIT",
+      "dependencies": {
+        "process": "^0.11.1",
+        "util": "^0.10.3"
+      }
+    },
     "node_modules/path-exists": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
@@ -13293,6 +13630,21 @@
         "node": ">=8"
       }
     },
+    "node_modules/path/node_modules/inherits": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz",
+      "integrity": "sha512-x00IRNXNy63jwGkJmzPigoySHbaqpNuzKbBOmzK+g2OdZpQ9w+sxCN+VSB3ja7IAge2OP2qpfxTjeNcyjmW1uw==",
+      "license": "ISC"
+    },
+    "node_modules/path/node_modules/util": {
+      "version": "0.10.4",
+      "resolved": "https://registry.npmjs.org/util/-/util-0.10.4.tgz",
+      "integrity": "sha512-0Pm9hTQ3se5ll1XihRic3FDIku70C+iHUdT/W926rSgHV5QgXsYbKZN8MSC3tJtSkhuROzvsQjAaFENRXr+19A==",
+      "license": "MIT",
+      "dependencies": {
+        "inherits": "2.0.3"
+      }
+    },
     "node_modules/pathe": {
       "version": "2.0.3",
       "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz",
@@ -13304,6 +13656,24 @@
       "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
       "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
     },
+    "node_modules/pdf-lib": {
+      "version": "1.17.1",
+      "resolved": "https://registry.npmjs.org/pdf-lib/-/pdf-lib-1.17.1.tgz",
+      "integrity": "sha512-V/mpyJAoTsN4cnP31vc0wfNA1+p20evqqnap0KLoRUN0Yk/p3wN52DOEsL4oBFcLdb76hlpKPtzJIgo67j/XLw==",
+      "license": "MIT",
+      "dependencies": {
+        "@pdf-lib/standard-fonts": "^1.0.0",
+        "@pdf-lib/upng": "^1.0.1",
+        "pako": "^1.0.11",
+        "tslib": "^1.11.1"
+      }
+    },
+    "node_modules/pdf-lib/node_modules/tslib": {
+      "version": "1.14.1",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
+      "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==",
+      "license": "0BSD"
+    },
     "node_modules/perfect-debounce": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-1.0.0.tgz",
@@ -13438,6 +13808,21 @@
         "node": ">= 6"
       }
     },
+    "node_modules/pizzip": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/pizzip/-/pizzip-3.2.0.tgz",
+      "integrity": "sha512-X4NPNICxCfIK8VYhF6wbksn81vTiziyLbvKuORVAmolvnUzl1A1xmz9DAWKxPRq9lZg84pJOOAMq3OE61bD8IQ==",
+      "license": "(MIT OR GPL-3.0)",
+      "dependencies": {
+        "pako": "^2.1.0"
+      }
+    },
+    "node_modules/pizzip/node_modules/pako": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/pako/-/pako-2.1.0.tgz",
+      "integrity": "sha512-w+eufiZ1WuJYgPXbV/PO3NCMEc3xqylkKHzp8bxp1uW4qaSNQUkwmLLEc3kKsfz8lpV1F8Ht3U1Cm+9Srog2ug==",
+      "license": "(MIT AND Zlib)"
+    },
     "node_modules/pkg-dir": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz",
@@ -13689,11 +14074,19 @@
         }
       }
     },
+    "node_modules/process": {
+      "version": "0.11.10",
+      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
+      "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6.0"
+      }
+    },
     "node_modules/process-nextick-args": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
       "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==",
-      "dev": true,
       "license": "MIT"
     },
     "node_modules/prompts": {
@@ -13756,6 +14149,36 @@
         "node": ">= 0.10"
       }
     },
+    "node_modules/proxy-agent": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-6.5.0.tgz",
+      "integrity": "sha512-TmatMXdr2KlRiA2CyDu8GqR8EjahTG3aY3nXjdzFyoZbmB8hrBsTyMezhULIXKnC0jpfjlmiZ3+EaCzoInSu/A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "http-proxy-agent": "^7.0.1",
+        "https-proxy-agent": "^7.0.6",
+        "lru-cache": "^7.14.1",
+        "pac-proxy-agent": "^7.1.0",
+        "proxy-from-env": "^1.1.0",
+        "socks-proxy-agent": "^8.0.5"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/proxy-agent/node_modules/lru-cache": {
+      "version": "7.18.3",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+      "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
+      "dev": true,
+      "license": "ISC",
+      "engines": {
+        "node": ">=12"
+      }
+    },
     "node_modules/proxy-from-env": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
@@ -14756,6 +15179,23 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/serverless-plugin-split-stacks": {
+      "version": "1.14.0",
+      "resolved": "https://registry.npmjs.org/serverless-plugin-split-stacks/-/serverless-plugin-split-stacks-1.14.0.tgz",
+      "integrity": "sha512-VksNqvJUPnGHqef0jHNiN0BzTVr0Hy0cWaLxCG75HiQ3vnIog8qeyiu7uWH6LKNhJnGP1jiTNh0YcheCN8kaKA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "aws-info": "^1.2.0",
+        "lodash": "^4.17.21",
+        "proxy-agent": "^6.3.1",
+        "semver": "^7.3.5",
+        "throat": "^6.0.1"
+      },
+      "peerDependencies": {
+        "serverless": "1 || 2 || 3 || 4"
+      }
+    },
     "node_modules/serverless/node_modules/rimraf": {
       "version": "5.0.10",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.10.tgz",
@@ -14792,7 +15232,6 @@
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz",
       "integrity": "sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==",
-      "dev": true,
       "license": "MIT"
     },
     "node_modules/setprototypeof": {
@@ -14923,6 +15362,47 @@
         "node": ">=8"
       }
     },
+    "node_modules/smart-buffer": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz",
+      "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6.0.0",
+        "npm": ">= 3.0.0"
+      }
+    },
+    "node_modules/socks": {
+      "version": "2.8.7",
+      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.7.tgz",
+      "integrity": "sha512-HLpt+uLy/pxB+bum/9DzAgiKS8CX1EvbWxI4zlmgGCExImLdiad2iCwXT5Z4c9c3Eq8rP2318mPW2c+QbtjK8A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "ip-address": "^10.0.1",
+        "smart-buffer": "^4.2.0"
+      },
+      "engines": {
+        "node": ">= 10.0.0",
+        "npm": ">= 3.0.0"
+      }
+    },
+    "node_modules/socks-proxy-agent": {
+      "version": "8.0.5",
+      "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz",
+      "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "socks": "^2.8.3"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/sorted-array-functions": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/sorted-array-functions/-/sorted-array-functions-1.3.0.tgz",
@@ -15504,6 +15984,13 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/throat": {
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/throat/-/throat-6.0.2.tgz",
+      "integrity": "sha512-WKexMoJj3vEuK0yFEapj8y64V0A6xcuPuK9Gt1d0R+dzCSJc0lHqQytAbSB4cDAK0dWh4T0E2ETkoLE2WZ41OQ==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/through": {
       "version": "2.3.8",
       "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
@@ -17076,6 +17563,30 @@
         }
       }
     },
+    "node_modules/xml": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/xml/-/xml-1.0.1.tgz",
+      "integrity": "sha512-huCv9IH9Tcf95zuYCsQraZtWnJvBtLVE0QHMOs8bWyZAFZNDcYjsPq1nEx8jKA9y+Beo9v+7OBPRisQTjinQMw==",
+      "license": "MIT"
+    },
+    "node_modules/xml-js": {
+      "version": "1.6.11",
+      "resolved": "https://registry.npmjs.org/xml-js/-/xml-js-1.6.11.tgz",
+      "integrity": "sha512-7rVi2KMfwfWFl+GpPg6m80IVMWXLRjO+PxTq7V2CDhoGak0wzYzFgUY2m4XJ47OGdXd8eLE8EmwfAmdjw7lC1g==",
+      "license": "MIT",
+      "dependencies": {
+        "sax": "^1.2.4"
+      },
+      "bin": {
+        "xml-js": "bin/cli.js"
+      }
+    },
+    "node_modules/xml-js/node_modules/sax": {
+      "version": "1.4.3",
+      "resolved": "https://registry.npmjs.org/sax/-/sax-1.4.3.tgz",
+      "integrity": "sha512-yqYn1JhPczigF94DMS+shiDMjDowYO6y9+wB/4WgO0Y19jWYk0lQ4tuG5KI7kj4FTp1wxPj5IFfcrz/s1c3jjQ==",
+      "license": "BlueOak-1.0.0"
+    },
     "node_modules/xml2js": {
       "version": "0.6.2",
       "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz",

package.json

@@ -30,7 +30,7 @@
     "@aws-crypto/sha256-browser": "^5.2.0",
     "@aws-crypto/sha256-js": "^5.2.0",
     "@aws-sdk/client-s3": "^3.928.0",
-    "@aws-sdk/s3-request-presigner": "^3.310.0",
+    "@aws-sdk/s3-request-presigner": "^3.928.0",
     "@aws/lambda-invoke-store": "^0.2.1",
     "@nestjs/common": "^10.3.0",
     "@nestjs/config": "^3.1.1",
@@ -48,19 +48,29 @@
     "@types/http-status": "^1.1.2",
     "ajv": "8.12.0",
     "aws-lambda": "^1.0.7",
+    "aws-sdk": "^2.1692.0",
     "bcrypt": "^6.0.0",
     "bcryptjs": "^2.4.3",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.0",
     "date-fns": "^4.1.0",
+    "dayjs": "^1.11.19",
+    "docx": "^9.6.0",
+    "docxtemplater": "^3.68.3",
     "fast-xml-parser": "^5.3.1",
+    "fs": "^0.0.1-security",
     "helmet": "^7.1.0",
     "http-status": "^2.1.0",
     "moment": "^2.30.1",
+    "number-to-words": "^1.2.4",
     "passport": "^0.7.0",
     "passport-jwt": "^4.0.1",
     "passport-local": "^1.0.0",
+    "path": "^0.12.7",
+    "pdf-lib": "^1.17.1",
+    "pizzip": "^3.2.0",
     "prisma": "^7.0.1",
+    "razorpay": "^2.9.6",
     "reflect-metadata": "^0.1.13",
     "rxjs": "^7.8.1",
     "serverless": "4.24.0",
@@ -90,6 +100,7 @@
     "prettier": "^3.2.5",
     "serverless-esbuild": "^1.55.1",
     "serverless-offline": "^14.4.0",
+    "serverless-plugin-split-stacks": "^1.14.0",
     "source-map-support": "^0.5.21",
     "supertest": "^6.3.4",
     "ts-jest": "^29.1.2",

prisma/citiesSeeder.ts

@@ -0,0 +1,64 @@
+import fs from 'fs'
+import path from 'path'
+import { PrismaClient } from '@prisma/client'
+
+export async function seedCities(prisma: PrismaClient) {
+
+    const statesFolder = path.join(process.cwd(), 'states-cities')
+    const files = fs.readdirSync(statesFolder)
+
+    for (const file of files) {
+        if (!file.endsWith('.json')) continue
+
+        const stateName = file.replace('.json', '')
+
+        const state = await prisma.states.findFirst({
+            where: {
+                stateName: {
+                    equals: stateName,
+                    mode: 'insensitive',
+                },
+            },
+        })
+
+        if (!state) {
+            console.log(`❌ State not found: ${stateName}`)
+            continue
+        }
+
+        const filePath = path.join(statesFolder, file)
+        const rawData = JSON.parse(fs.readFileSync(filePath, 'utf-8'))
+
+        if (!rawData.districts) {
+            console.log(`❌ Invalid structure in ${file}`)
+            continue
+        }
+
+        const allVillages: string[] = []
+
+        for (const district of rawData.districts) {
+            for (const sub of district.subDistricts || []) {
+                for (const village of sub.villages || []) {
+                    if (village && village.trim()) {
+                        allVillages.push(village.trim())
+                    }
+                }
+            }
+        }
+
+        console.log(`📦 Total villages found in ${stateName}:`, allVillages.length)
+
+        const result = await prisma.cities.createMany({
+            data: allVillages.map((village) => ({
+                stateXid: state.id,
+                cityName: village,
+            })),
+            skipDuplicates: true,
+        })
+
+        console.log(`✅ ${stateName} inserted: ${result.count}`)
+    }
+
+    console.log('🎉 All states processed successfully!')
+}
+

serverless.host.yml

@@ -0,0 +1,13 @@
+service: minglar-host
+
+useDotenv: ${file(./serverless/common.yml):useDotenv}
+params: ${file(./serverless/common.yml):params}
+provider: ${file(./serverless/common.yml):provider}
+build: ${file(./serverless/common.yml):build}
+package: ${file(./serverless/common.yml):package}
+plugins: ${file(./serverless/common.yml):plugins}
+custom: ${file(./serverless/common.yml):custom}
+
+functions:
+  - ${file(./serverless/functions/host.yml)}
+

serverless.minglaradmin.yml

@@ -0,0 +1,13 @@
+service: minglar-admin
+
+useDotenv: ${file(./serverless/common.yml):useDotenv}
+params: ${file(./serverless/common.yml):params}
+provider: ${file(./serverless/common.yml):provider}
+build: ${file(./serverless/common.yml):build}
+package: ${file(./serverless/common.yml):package}
+plugins: ${file(./serverless/common.yml):plugins}
+custom: ${file(./serverless/common.yml):custom}
+
+functions:
+  - ${file(./serverless/functions/minglaradmin.yml)}
+

serverless.operator.yml

@@ -0,0 +1,12 @@
+service: minglar-operator
+
+useDotenv: ${file(./serverless/common.yml):useDotenv}
+params: ${file(./serverless/common.yml):params}
+provider: ${file(./serverless/common.yml):provider}
+build: ${file(./serverless/common.yml):build}
+package: ${file(./serverless/common.yml):package}
+plugins: ${file(./serverless/common.yml):plugins}
+custom: ${file(./serverless/common.yml):custom}
+
+functions:
+  - ${file(./serverless/functions/operator.yml)}

serverless.prepopulate.yml

@@ -0,0 +1,13 @@
+service: minglar-prepopulate
+
+useDotenv: ${file(./serverless/common.yml):useDotenv}
+params: ${file(./serverless/common.yml):params}
+provider: ${file(./serverless/common.yml):provider}
+build: ${file(./serverless/common.yml):build}
+package: ${file(./serverless/common.yml):package}
+plugins: ${file(./serverless/common.yml):plugins}
+custom: ${file(./serverless/common.yml):custom}
+
+functions:
+  - ${file(./serverless/functions/prepopulate.yml)}
+

serverless.prisma-layer.yml

@@ -0,0 +1,32 @@
+service: minglar-prisma-layer
+
+useDotenv: true
+
+params:
+  dev:
+    stage: dev
+  test:
+    stage: test
+  uat:
+    stage: uat
+
+provider:
+  name: aws
+  runtime: nodejs22.x
+  region: ap-south-1
+  stage: ${opt:stage, 'dev'}
+  deploymentBucket:
+    # use a fixed bucket name to prevent Serverless from creating/quashing a resource
+    name: serverless-framework-deployments-ap-south-1-50264b8e-d2b9
+    # optionally uncomment below to enable serverless to create if missing
+    # serverSideEncryption: AES256
+  versionFunctions: false
+
+layers:
+  prisma:
+    path: layers/prisma
+    name: ${self:service}-prisma-layer-${sls:stage}
+    description: Prisma 7 client with pg driver adapter (no binary engines)
+    compatibleRuntimes:
+      - nodejs22.x
+    retain: false

serverless.user.yml

@@ -0,0 +1,13 @@
+service: minglar-user
+
+useDotenv: ${file(./serverless/common.yml):useDotenv}
+params: ${file(./serverless/common.yml):params}
+provider: ${file(./serverless/common.yml):provider}
+build: ${file(./serverless/common.yml):build}
+package: ${file(./serverless/common.yml):package}
+plugins: ${file(./serverless/common.yml):plugins}
+custom: ${file(./serverless/common.yml):custom}
+
+functions:
+  - ${file(./serverless/functions/user.yml)}
+

serverless.yml

@@ -1,5 +1,7 @@
+# Legacy monolith config. For new deployments use serverless.*.yml files.
 service: minglar
 
+
 useDotenv: true
 
 params:
@@ -15,17 +17,25 @@ provider:
   runtime: nodejs22.x
   region: ap-south-1
   stage: ${opt:stage, 'dev'}
+  deploymentBucket:
+    # use a fixed bucket name to prevent Serverless from creating/quashing a resource
+    name: serverless-framework-deployments-ap-south-1-50264b8e-d2b9
+    # optionally uncomment below to enable serverless to create if missing
+    # serverSideEncryption: AES256
   versionFunctions: false
   memorySize: 512
   # Apply Prisma layer to all functions
   # Reference the layer defined in this stack using CloudFormation Ref
   layers:
     # Use the exported stack output so deploy function works (expects a string ARN)
-    - ${cf:${self:service}-${sls:stage}.PrismaLambdaLayerQualifiedArn}
+    # For offline/local, fall back to an empty string so the CF lookup is optional.
+    - ${cf:${self:service}-${sls:stage}.PrismaLambdaLayerQualifiedArn, ''}
   apiGateway:
     binaryMediaTypes:
       - '*/*'
     minimumCompressionSize: 1024
+  websocketsApiName: minglar-ws-${sls:stage}
+  websocketsApiRouteSelectionExpression: $request.body.action
  
   environment:
     DATABASE_URL: ${env:DATABASE_URL}
@@ -56,6 +66,10 @@ provider:
     MINGLAR_ADMIN_EMAIL: ${env:MINGLAR_ADMIN_EMAIL}
     AM_INVITATION_LINK: ${env:AM_INVITATION_LINK}
     HOST_LINK: ${env:HOST_LINK}
+    HOST_LINK_PQ: ${env:HOST_LINK_PQ}
+    RAZORPAY_KEY_ID: ${env:RAZORPAY_KEY_ID}
+    RAZORPAY_KEY_SECRET: ${env:RAZORPAY_KEY_SECRET}
+    RAZORPAY_WEBHOOK_SECRET: ${env:RAZORPAY_WEBHOOK_SECRET}
  
   iam:
     role:
@@ -69,10 +83,11 @@ provider:
           Resource:
             - 'arn:aws:s3:::${env:S3_BUCKET_NAME}'
             - 'arn:aws:s3:::${env:S3_BUCKET_NAME}/*'
- 
-custom:
-  serverless-offline:
-    reloadHandler: true
+        - Effect: Allow
+          Action:
+            - execute-api:ManageConnections
+          Resource:
+            - 'arn:aws:execute-api:${self:provider.region}:*:*/*/@connections/*'
  
 build:
   esbuild:
@@ -140,9 +155,22 @@ package:
 # Import function definitions from separate files organized by module
 functions:
   - ${file(./serverless/functions/host.yml)}
+  - ${file(./serverless/functions/operator.yml)}
   - ${file(./serverless/functions/minglaradmin.yml)}
   - ${file(./serverless/functions/prepopulate.yml)}
-  - ${file(./serverless/functions/pqq.yml)}
+  - ${file(./serverless/functions/user.yml)}
+  - ${file(./serverless/functions/websocket.yml)}
  
 plugins:
-  - serverless-offline
+  - serverless-offline
+  - serverless-plugin-split-stacks
+
+custom:
+  serverless-offline:
+    reloadHandler: true
+
+  # split-stacks configuration to avoid CloudFormation resource limit
+  splitStacks:
+    perFunction: true
+    perType: true
+    perGroupFunction: false

serverless.yml.backup

@@ -1,764 +0,0 @@
-service: minglarDev
-
-provider:
-  name: aws
-  runtime: nodejs22.x
-  region: ap-south-1
-  versionFunctions: false
-  memorySize: 512 # Default memory for all functions (can be overridden per function)
-  apiGateway:
-    binaryMediaTypes:
-      - '*/*'
-    minimumCompressionSize: 1024
-
-  environment:
-    DATABASE_URL: ${env:DATABASE_URL}
-    DB_USERNAME: ${env:DB_USERNAME}
-    DB_PASSWORD: ${env:DB_PASSWORD}
-    DB_DATABASE_NAME: ${env:DB_DATABASE_NAME}
-    DB_HOSTNAME: ${env:DB_HOSTNAME}
-    DB_PORT: ${env:DB_PORT}
-    BY_PASS_EMAIL: ${env:BY_PASS_EMAIL}
-    BYPASS_OTP: ${env:BYPASS_OTP}
-    BREVO_EMAIL_API_KEY: ${env:BREVO_EMAIL_API_KEY}
-    BREVO_API_BASEURL: ${env:BREVO_API_BASEURL}
-    BREVO_FROM_EMAIL: ${env:BREVO_FROM_EMAIL}
-    BREVO_SMTP_HOST: ${env:BREVO_SMTP_HOST}
-    BREVO_SMTP_PORT: ${env:BREVO_SMTP_PORT}
-    BREVO_SMTP_USER: ${env:BREVO_SMTP_USER}
-    BREVO_SMTP_PASS: ${env:BREVO_SMTP_PASS}
-    REFRESH_TOKEN_SECRET: ${env:REFRESH_TOKEN_SECRET}
-    JWT_SECRET: ${env:JWT_SECRET}
-    SALT_ROUNDS: ${env:SALT_ROUNDS}
-    NODE_ENV: ${env:NODE_ENV}
-    S3_BUCKET_NAME: ${env:S3_BUCKET_NAME}
-    MINGLAR_ADMIN_NAME: ${env:MINGLAR_ADMIN_NAME}
-    MINGLAR_ADMIN_EMAIL: ${env:MINGLAR_ADMIN_EMAIL}
-
-  iam:
-    role:
-      statements:
-        - Effect: Allow
-          Action:
-            - s3:PutObject
-            - s3:GetObject
-            - s3:DeleteObject
-            - s3:ListBucket
-          Resource:
-            - 'arn:aws:s3:::${env:S3_BUCKET_NAME}'
-            - 'arn:aws:s3:::${env:S3_BUCKET_NAME}/*'
-
-custom:
-  esbuild:
-    bundle: true
-    minify: true
-    sourcemap: false
-    target: node20
-    platform: node
-    concurrency: 5
-    external:
-      - '@prisma/client'
-      - '.prisma'
-    exclude:
-      - 'aws-sdk'
-
-package:
-  individually: true
-  patterns:
-    - '!node_modules/**'
-    - '!**/*.test.js'
-    - '!**/*.spec.js'
-    - '!**/test/**'
-    - '!**/__tests__/**'
-    - '!package-lock.json'
-    - '!yarn.lock'
-    - '!README.md'
-    - '!*.config.js'
-    - '!.git/**'
-    - '!.github/**'
-
-functions:
-  getHosts:
-    handler: src/modules/host/handlers/host.handler
-    memorySize: 384 # Lower memory for simple GET operations
-    package:
-      patterns:
-        - 'src/modules/host/handlers/host.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host
-          method: get
-
-  verifyOtp:
-    handler: src/modules/host/handlers/verifyOtp.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/verifyOtp.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/verify-otp
-          method: post
-
-  loginForHost:
-    handler: src/modules/host/handlers/loginForHost.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/loginForHost.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/login
-          method: post
-
-  registrationOfHost:
-    handler: src/modules/host/handlers/registration.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/registration.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/registration
-          method: post
-
-  createPasswordForHost:
-    handler: src/modules/host/handlers/createPassword.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/createPassword.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/create-password
-          method: post
-
-  addPaymentDetailsForHost:
-    handler: src/modules/host/handlers/addPaymentDetails.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/addPaymentDetails.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/add-payment-details
-          method: post
-
-  addActivity:
-    handler: src/modules/host/handlers/addActivity.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/addActivity.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/add-activity
-          method: post
-
-  getHostById:
-    handler: src/modules/host/handlers/getbyidhandler.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getbyidhandler.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/getById
-          method: get
-
-  getPQQQuestionDetailsById:
-    handler: src/modules/host/handlers/getByIdPQQ.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getByIdPQQ.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/get-pqq-question-details
-          method: get
-
-  getLatestPQQQuestionDetails:
-    handler: src/modules/host/handlers/getLatestQuestionDetailsPQQ.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getLatestQuestionDetailsPQQ.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/get-latest-pqq-question-details
-          method: get
-
-  getActivityTypes:
-    handler: src/modules/host/handlers/getActivity.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getActivity.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/get-activity
-          method: get
-
-  acceptMinglarAgreement:
-    handler: src/modules/host/handlers/acceptAgreement.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/acceptAgreement.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /host/accept-agreement
-          method: patch
-
-  getStepperInfo:
-    handler: src/modules/host/handlers/getStepper.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getStepper.*'
-        - 'src/common/utils/handlers/safeHandler.*'
-        - 'src/common/database/**'
-        - 'src/modules/host/services/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /stepper
-          method: get
-
-  getSuggestion:
-    handler: src/modules/minglaradmin/handlers/getSuggestion.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-suggestion
-          method: get
-
-  minglarRegistration:
-    handler: src/modules/minglaradmin/handlers/registration.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/registration
-          method: post
-
-  minglarLoginForAdmin:
-    handler: src/modules/minglaradmin/handlers/loginForMinglar.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/login
-          method: post
-
-  minglarCreatePassword:
-    handler: src/modules/minglaradmin/handlers/createPassword.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/create-password
-          method: post
-
-  # Functions using AWS SDK - KEEP AS IS with higher memory
-  updateMinglarProfile:
-    handler: src/modules/minglaradmin/handlers/updateProfile.handler
-    memorySize: 512 # Higher memory for AWS SDK operations
-    timeout: 30
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/handlers/updateProfile.*'
-        - 'src/modules/minglaradmin/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-        - 'node_modules/@aws-sdk/**'
-        - 'node_modules/@smithy/**'
-        - 'node_modules/tslib/**'
-        - 'node_modules/fast-xml-parser/**'
-    events:
-      - httpApi:
-          path: /minglaradmin/update-profile
-          method: patch
-
-  prepopulateTeammate:
-    handler: src/modules/minglaradmin/handlers/prepopulateTeammate.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/prepopulate-Roles
-          method: get
-
-  inviteTeammate:
-    handler: src/modules/minglaradmin/handlers/inviteTeammate.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/invite-teammate
-          method: post
-
-  getAllHostApplication:
-    handler: src/modules/minglaradmin/handlers/getAllHostApplication.handler
-    memorySize: 512 # Higher memory for data-intensive operations
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-host-applications-am
-          method: get
-
-  getAllOnboardingHostApplications:
-    handler: src/modules/minglaradmin/handlers/getAllOnboardingHosts.handler
-    memorySize: 512 # Higher memory for data-intensive operations
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-host-applications-admin
-          method: get
-
-  getAllOnboardingHostApplications_New:
-    handler: src/modules/minglaradmin/handlers/getOnboardingNewApplications.handler
-    memorySize: 512 # Higher memory for data-intensive operations
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-host-applications-admin-new
-          method: get
-
-  getAllInvitationDetails:
-    handler: src/modules/minglaradmin/handlers/getAllInvitationDetails.handler
-    memorySize: 512
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-invitation-details
-          method: get
-
-  addSuggestion:
-    handler: src/modules/minglaradmin/handlers/addSuggestion.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/add-suggestion
-          method: post
-
-  getAllCoadminAndAMDetails:
-    handler: src/modules/minglaradmin/handlers/getAllCoadminAndAM.handler
-    memorySize: 512
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-coadmin-and-am-details
-          method: get
-
-  getAllInvitedCoadminAndAMDetails:
-    handler: src/modules/minglaradmin/handlers/getAllInvitedCoadminAndAM.handler
-    memorySize: 512
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/get-all-invited-coadmin-and-am
-          method: get
-
-  getAllBankAndCurrencyDetails:
-    handler: src/modules/prepopulate/handlers/getAllBankDetails.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-all-bank-currency-details
-          method: get
-
-  getCityByState:
-    handler: src/modules/prepopulate/handlers/getCityByState.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/prepopulate/handlers/getCityByState.*'
-        - 'src/modules/prepopulate/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-city-by-state
-          method: get
-
-  getBranchByBankXid:
-    handler: src/modules/prepopulate/handlers/getBranchByBank.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/prepopulate/handlers/getBranchByBank.*'
-        - 'src/modules/prepopulate/services/**'
-        - 'src/common/**'
-        - 'common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-branch-by-bank
-          method: get
-
-  getAllDocumentCountryStateCityDetails:
-    handler: src/modules/prepopulate/handlers/getAllDocTypeWithCountryState.handler
-    memorySize: 512
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-all-doc-country
-          method: get
-
-  getAllPqqQuesAns:
-    handler: src/modules/prepopulate/handlers/getAllPQQQuesWithAns.handler
-    memorySize: 512
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-all-pqq-ques-ans
-          method: get
-
-  getFrequenciesOfActivity:
-    handler: src/modules/prepopulate/handlers/getAllFrequencies.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /prepopulate/get-all-Frequencies
-          method: get
-
-  assignAMToHost:
-    handler: src/modules/minglaradmin/handlers/assignAM.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/assign-am-to-host
-          method: patch
-
-  editAgreementDetails:
-    handler: src/modules/minglaradmin/handlers/editAgreementDetails.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/edit-agreement-details
-          method: patch
-
-  acceptHostApplication:
-    handler: src/modules/minglaradmin/handlers/acceptHostApplication.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/accept-host-application
-          method: patch
-
-  acceptHostApplicationMinglar:
-    handler: src/modules/minglaradmin/handlers/acceptHostAppMinglar.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/accept-host-application-minglar
-          method: patch
-
-  rejectHostApplication:
-    handler: src/modules/minglaradmin/handlers/rejectHostApplication.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/reject-host-application
-          method: patch
-
-  rejectHostApplicationAM:
-    handler: src/modules/minglaradmin/handlers/rejectHostApplicationAM.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-    events:
-      - httpApi:
-          path: /minglaradmin/reject-host-application-am
-          method: patch
-
-  # Functions using AWS SDK and S3 - KEEP AS IS with higher memory
-  addCompanyDetails:
-    handler: src/modules/host/handlers/addCompanyDetails.handler
-    memorySize: 512
-    timeout: 30
-    package:
-      patterns:
-        - 'src/modules/host/handlers/addCompanyDetails.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-        # Only include specific AWS SDK modules needed for S3
-        - 'node_modules/@aws-sdk/client-s3/**'
-        - 'node_modules/@aws-sdk/s3-request-presigner/**'
-        - 'node_modules/@aws-sdk/types/**'
-        - 'node_modules/@aws-sdk/middleware-logger/**'
-        - 'node_modules/@aws-sdk/util-utf8-node/**'
-        - 'node_modules/@aws-sdk/util-utf8-browser/**'
-        - 'node_modules/@smithy/**'
-        - 'node_modules/tslib/**'
-        # Remove these large/unnecessary packages:
-        - 'node_modules/fast-xml-parser/**' # Remove if not used
-        - 'node_modules/lambda-multipart-parser/**' # You're using busboy directly
-        - 'node_modules/busboy/**'
-        # Remove these AWS utility packages (included in main SDK):
-        - 'node_modules/@aws-crypto/**'
-        # - 'node_modules/uuid/**'  # AWS SDK includes its own
-        # - 'node_modules/@aws/util-uri-escape/**'
-        # - 'node_modules/@aws/util-middleware/**'
-        - 'node_modules/@aws/smithy-client/**'
-        # - 'node_modules/@aws/lambda-invoke-store/**'
-    events:
-      - httpApi:
-          path: /host/add-company-details
-          method: patch
-
-  submitPqqAnswer:
-    handler: src/modules/host/handlers/submitPqqAns.handler
-    memorySize: 512
-    timeout: 30
-    package:
-      patterns:
-        - 'src/modules/host/handlers/submitPqqAns.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-        - 'node_modules/@aws-sdk/**'
-        - 'node_modules/@smithy/**'
-        - 'node_modules/tslib/**'
-        - 'node_modules/fast-xml-parser/**'
-        - 'node_modules/lambda-multipart-parser/**'
-        - 'node_modules/busboy/**'
-        - 'node_modules/@aws-crypto/**'
-        - 'node_modules/uuid/**'
-        - 'node_modules/@aws/util-uri-escape/**'
-        - 'node_modules/@aws/util-middleware/**'
-        - 'node_modules/@aws/smithy-client/**'
-        - 'node_modules/@aws/lambda-invoke-store/**'
-    events:
-      - httpApi:
-          path: /host/submit-pqq-ans
-          method: patch
-
-  submitFinalPqqAnswer:
-    handler: src/modules/host/handlers/getPQQScore.handler
-    memorySize: 512
-    timeout: 30
-    package:
-      patterns:
-        - 'src/modules/host/handlers/getPQQScore.*'
-        - 'src/modules/host/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/client/libquery_engine-rhel-openssl-3.0.x.so.node'
-        - 'node_modules/@aws-sdk/**'
-        - 'node_modules/@smithy/**'
-        - 'node_modules/tslib/**'
-        - 'node_modules/fast-xml-parser/**'
-        - 'node_modules/lambda-multipart-parser/**'
-        - 'node_modules/busboy/**'
-        - 'node_modules/@aws-crypto/**'
-        - 'node_modules/uuid/**'
-        - 'node_modules/@aws/util-uri-escape/**'
-        - 'node_modules/@aws/util-middleware/**'
-        - 'node_modules/@aws/smithy-client/**'
-        - 'node_modules/@aws/lambda-invoke-store/**'
-    events:
-      - httpApi:
-          path: /host/submit-final-pqq-ans
-          method: patch
-
-  addPQQSuggestion:
-    handler: src/modules/minglar/handlers/addPQQSuggestion.handler
-    memorySize: 384
-    package:
-      patterns:
-        - 'src/modules/minglaradmin/handlers/addPQQSuggestion.*'
-        - 'src/modules/minglaradmin/services/**'
-        - 'src/common/**'
-        - 'node_modules/@prisma/client/**'
-        - 'node_modules/.prisma/**'
-    events:
-      - httpApi:
-          path: /minglar/add-Pqq-suggestion
-          method: post

serverless/common.yml

@@ -0,0 +1,138 @@
+useDotenv: true
+
+params:
+  dev:
+    stage: dev
+  test:
+    stage: test
+  uat:
+    stage: uat
+
+provider:
+  name: aws
+  runtime: nodejs22.x
+  region: ap-south-1
+  stage: ${opt:stage, 'dev'}
+  deploymentBucket:
+    # use a fixed bucket name to prevent Serverless from creating/quashing a resource
+    name: serverless-framework-deployments-ap-south-1-50264b8e-d2b9
+    # optionally uncomment below to enable serverless to create if missing
+    # serverSideEncryption: AES256
+  versionFunctions: false
+  memorySize: 512
+  # Apply Prisma layer to all functions
+  # Reference the layer defined in the dedicated layer stack
+  layers:
+    - ${cf:minglar-prisma-layer-${sls:stage}.PrismaLambdaLayerQualifiedArn}
+  apiGateway:
+    binaryMediaTypes:
+      - '*/*'
+    minimumCompressionSize: 1024
+
+  environment:
+    DATABASE_URL: ${env:DATABASE_URL}
+    DB_USERNAME: ${env:DB_USERNAME}
+    DB_PASSWORD: ${env:DB_PASSWORD}
+    DB_DATABASE_NAME: ${env:DB_DATABASE_NAME}
+    DB_HOSTNAME: ${env:DB_HOSTNAME}
+    DB_PORT: ${env:DB_PORT}
+    BY_PASS_EMAIL: ${env:BY_PASS_EMAIL}
+    BYPASS_OTP: ${env:BYPASS_OTP}
+    BREVO_EMAIL_API_KEY: ${env:BREVO_EMAIL_API_KEY}
+    BREVO_API_BASEURL: ${env:BREVO_API_BASEURL}
+    BREVO_FROM_EMAIL: ${env:BREVO_FROM_EMAIL}
+    BREVO_SMTP_HOST: ${env:BREVO_SMTP_HOST}
+    BREVO_SMTP_PORT: ${env:BREVO_SMTP_PORT}
+    BREVO_SMTP_USER: ${env:BREVO_SMTP_USER}
+    BREVO_SMTP_PASS: ${env:BREVO_SMTP_PASS}
+    REFRESH_TOKEN_SECRET: ${env:REFRESH_TOKEN_SECRET}
+    JWT_SECRET: ${env:JWT_SECRET}
+    JWT_ACCESS_EXPIRATION_MINUTES: ${env:JWT_ACCESS_EXPIRATION_MINUTES}
+    JWT_REFRESH_EXPIRATION_DAYS: ${env:JWT_REFRESH_EXPIRATION_DAYS}
+    JWT_RESET_PASSWORD_EXPIRATION_MINUTES: ${env:JWT_RESET_PASSWORD_EXPIRATION_MINUTES}
+    JWT_VERIFY_EMAIL_EXPIRATION_MINUTES: ${env:JWT_VERIFY_EMAIL_EXPIRATION_MINUTES}
+    SALT_ROUNDS: ${env:SALT_ROUNDS}
+    NODE_ENV: ${env:NODE_ENV}
+    S3_BUCKET_NAME: ${env:S3_BUCKET_NAME}
+    MINGLAR_ADMIN_NAME: ${env:MINGLAR_ADMIN_NAME}
+    MINGLAR_ADMIN_EMAIL: ${env:MINGLAR_ADMIN_EMAIL}
+    AM_INVITATION_LINK: ${env:AM_INVITATION_LINK}
+    AM_INTERFACE_LINK: ${env:AM_INTERFACE_LINK}
+    HOST_LINK: ${env:HOST_LINK}
+    HOST_LINK_PQ: ${env:HOST_LINK_PQ}
+    RAZORPAY_KEY_ID: ${env:RAZORPAY_KEY_ID}
+    RAZORPAY_KEY_SECRET: ${env:RAZORPAY_KEY_SECRET}
+    RAZORPAY_WEBHOOK_SECRET: ${env:RAZORPAY_WEBHOOK_SECRET}
+
+  iam:
+    role:
+      statements:
+        - Effect: Allow
+          Action:
+            - s3:PutObject
+            - s3:GetObject
+            - s3:DeleteObject
+            - s3:ListBucket
+          Resource:
+            - 'arn:aws:s3:::${env:S3_BUCKET_NAME}'
+            - 'arn:aws:s3:::${env:S3_BUCKET_NAME}/*'
+
+build:
+  esbuild:
+    bundle: true
+    minify: true
+    sourcemap: false
+    target: node20
+    platform: node
+    # Mark as external so they're not bundled into the JS
+    external:
+      - '@prisma/client'
+      - '.prisma/client'
+      - '.prisma'
+      - '@prisma/adapter-pg'
+      - 'pg'
+      - 'zod'
+      - '@aws-sdk/*'
+      - '@smithy/*'
+      - '@aws-crypto/*'
+    # Exclude prevents npm install of these packages in the zip
+    exclude:
+      - 'aws-sdk'
+      - '@aws-sdk/*'
+      - '@smithy/*'
+      - '@aws-crypto/*'
+      - '@prisma/adapter-pg'
+      - '@prisma/client'
+      - '.prisma'
+      - '.prisma/client'
+      - 'pg'
+      - 'zod'
+      - 'pg-*'
+      - 'postgres-*'
+      - 'pgpass'
+      - 'split2'
+      - 'xtend'
+
+package:
+  individually: true
+  patterns:
+    - '!node_modules/**'
+    - '!node_modules/@prisma/**'
+    - '!node_modules/.prisma/**'
+    - '!**/*.test.js'
+    - '!**/*.spec.js'
+    - '!**/test/**'
+    - '!**/__tests__/**'
+    - '!package-lock.json'
+    - '!yarn.lock'
+    - '!README.md'
+    - '!*.config.js'
+    - '!.git/**'
+    - '!.github/**'
+
+plugins:
+  - serverless-offline
+
+custom:
+  serverless-offline:
+    reloadHandler: true

serverless/functions/host.yml

@@ -14,7 +14,7 @@ getHosts:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host
+        path: /
         method: get
 
 verifyOTP:
@@ -30,7 +30,7 @@ verifyOTP:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/verify-otp
+        path: /Host_Admin/onboarding/verify-otp
         method: post
 
 login:
@@ -46,7 +46,7 @@ login:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/login
+        path: /Host_Admin/onboarding/login
         method: post
 
 signUp:
@@ -62,7 +62,7 @@ signUp:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/registration
+        path: /Host_Admin/onboarding/registration
         method: post
 
 createPassword:
@@ -78,7 +78,7 @@ createPassword:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/create-password
+        path: /Host_Admin/onboarding/create-password
         method: post
 
 updateBankDetails:
@@ -94,7 +94,7 @@ updateBankDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/add-payment-details
+        path: /Host_Admin/onboarding/add-payment-details
         method: post
 
 saveActivity_ForPQQ:
@@ -110,7 +110,7 @@ saveActivity_ForPQQ:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/add-activity
+        path: /Activity_Hub/OnBoarding/add-activity
         method: post
 
 getHostById:
@@ -126,7 +126,7 @@ getHostById:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/getById
+        path: /getById
         method: get
 
 getPQQ_ByQuestionId:
@@ -142,7 +142,7 @@ getPQQ_ByQuestionId:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/get-pqq-question-details
+        path: /Activity_Hub/OnBoarding/get-pqq-question-details
         method: get
 
 getPQQ_LastUpdatedQuestion:
@@ -158,7 +158,7 @@ getPQQ_LastUpdatedQuestion:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/get-latest-pqq-question-details
+        path: /Activity_Hub/OnBoarding/get-latest-pqq-question-details
         method: get
 
 prePopulateNewActivity:
@@ -174,9 +174,26 @@ prePopulateNewActivity:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/prepopulate-new-activity
+        path: /Activity_Hub/OnBoarding/prepopulate-new-activity
         method: get
 
+createNewActivity:
+  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/CreateNewActivity.handler
+  memorySize: 1024
+  timeout: 30
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/CreateNewActivity.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /Activity_Hub/OnBoarding/create-new-activity
+        method: patch
+
 showSuggestion:
   handler: src/modules/host/handlers/Host_Admin/onboarding/showSuggestion.handler
   memorySize: 384
@@ -190,7 +207,23 @@ showSuggestion:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/get-suggestion
+        path: /get-suggestion
+        method: get
+
+getAllActivitySuggestion:
+  handler: src/modules/host/handlers/Host_Admin/onboarding/getAllActvitySuggestion.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Host_Admin/onboarding/getAllActvitySuggestion.handler.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /get-Activity-suggestion
         method: get
 
 getAllHostActivity:
@@ -206,7 +239,7 @@ getAllHostActivity:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/get-all-host-activity
+        path: /Activity_Hub/OnBoarding/get-all-host-activity
         method: get
 
 acceptAggrement:
@@ -222,9 +255,25 @@ acceptAggrement:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/accept-agreement
+        path: /Host_Admin/onboarding/accept-agreement
         method: patch
 
+getLatestAgreement:
+  handler: src/modules/host/handlers/Host_Admin/onboarding/getLatestAgreement.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Host_Admin/onboarding/getLatestAgreement.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /Host_Admin/onboarding/get-latest-agreement
+        method: get
+
 getStepperInfo:
   handler: src/modules/host/handlers/getStepper.handler
   memorySize: 384
@@ -243,6 +292,118 @@ getStepperInfo:
         path: /stepper
         method: get
 
+updateHostProfile:
+  handler: src/modules/host/handlers/updateHostProfile.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/updateHostProfile.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /profile
+        method: patch
+
+inviteHostMember:
+  handler: src/modules/host/handlers/settings/inviteMember.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/invite-member
+        method: post
+
+getAllInvitedCoadminAndOperator:
+  handler: src/modules/host/handlers/settings/getAllInvitedCoadminAndOperator.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/invited-coadmin-operators
+        method: get
+
+saveRolePermissions:
+  handler: src/modules/host/handlers/settings/saveRolePermissions.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/save-role-permissions
+        method: post
+
+getPermissionMasters:
+  handler: src/modules/host/handlers/settings/getPermissionMasters.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/permission-masters
+        method: get
+
+getHostMemberRoles:
+  handler: src/modules/host/handlers/settings/getMemberRoles.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/member-roles
+        method: get
+
+getMemberPermissions:
+  handler: src/modules/host/handlers/settings/getMemberPermissions.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/settings/**'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /settings/member-permissions/{memberUserXid}
+        method: get
+
 # Functions with S3/AWS SDK dependencies
 submitCompanyDetails:
   handler: src/modules/host/handlers/Host_Admin/onboarding/submitCompanyDetails.handler
@@ -255,7 +416,7 @@ submitCompanyDetails:
       - 'src/common/**'
   events:
     - httpApi:
-        path: /host/Host_Admin/onboarding/add-company-details
+        path: /Host_Admin/onboarding/add-company-details
         method: patch
 
 submitPQQ_Answer:
@@ -271,7 +432,7 @@ submitPQQ_Answer:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/submit-pqq-answer
+        path: /Activity_Hub/OnBoarding/submit-pqq-answer
         method: patch
 
 updatePQQ_LastAnswer:
@@ -287,10 +448,9 @@ updatePQQ_LastAnswer:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/submit-final-pqq-answer
+        path: /Activity_Hub/OnBoarding/submit-final-pqq-answer
         method: post
 
-
 submitPQQForReview:
   handler: src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQQForReview.handler
   memorySize: 384
@@ -304,7 +464,7 @@ submitPQQForReview:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/submit-pqq-for-review
+        path: /Activity_Hub/OnBoarding/submit-pqq-for-review
         method: patch
 
 getAllPQQwithSubmittedAns:
@@ -319,7 +479,22 @@ getAllPQQwithSubmittedAns:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/get-all-pqq-ques-submited-ans
+        path: /Activity_Hub/OnBoarding/get-all-pqq-ques-submited-ans
+        method: get
+
+getAllDetailsOfActivityAndVenue:
+  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/getAllDetailsOfActivityAndVenue.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /Activity_Hub/OnBoarding/get-all-details-activity-venue/{activityXid}
         method: get
 
 updateSuggestionAsReviewed:
@@ -334,7 +509,7 @@ updateSuggestionAsReviewed:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /host/Activity_Hub/OnBoarding/update-suggestion-reviewed
+        path: /Activity_Hub/OnBoarding/update-suggestion-reviewed
         method: patch
 
 resendOTPmail:
@@ -351,3 +526,155 @@ resendOTPmail:
     - httpApi:
         path: /resend-otp
         method: post
+
+mediaUploadTos3:
+  handler: src/modules/host/handlers/mediaUploadToS3.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/mediaUploadToS3/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /media/upload/activity/{activityXid}
+        method: post
+
+venueMediaUploadTos3:
+  handler: src/modules/host/handlers/mediaUploadForVenueToS3.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/mediaUploadForVenueToS3/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /media/upload/venue/activity/{activityXid}
+        method: post
+
+mediaDeleteFroms3:
+  handler: src/modules/host/handlers/mediaDeleteFromS3.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/mediaDeleteFromS3/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /media/delete
+        method: delete
+
+createSchedulingForAct:
+  handler: src/modules/host/handlers/Activity_Hub/Scheduling/createSchedulingOfAct.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/Scheduling/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /scheduling/create
+        method: post
+
+getActivitiesByStatus:
+  handler: src/modules/host/handlers/Activity_Hub/Scheduling/getSchedulingOfAct.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/Scheduling/getSchedulingOfAct.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /scheduling/get-all-activities
+        method: get
+
+getVenueDurationByAct:
+  handler: src/modules/host/handlers/Activity_Hub/Scheduling/getVenueDurationByAct.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/Scheduling/getVenueDurationByAct.*'
+      - 'src/modules/host/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /scheduling/get-venue-duration/{activityXid}
+        method: get
+
+cancelSlotForActivity:
+  handler: src/modules/host/handlers/Activity_Hub/Scheduling/cancelSlot.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/Scheduling/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /scheduling/cancel-slot
+        method: post
+
+openCanceledSlotForActivity:
+  handler: src/modules/host/handlers/Activity_Hub/Scheduling/openCanceledSlot.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/Scheduling/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /scheduling/open-canceled-slot
+        method: patch
+
+createActivityAndAllQuestionsEntry:
+  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/createActivityAndAllQuestionsEntry.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/createActivityAndAllQuestionsEntry**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /Activity_Hub/OnBoarding/create-activity
+        method: post
+
+submitPQAnswer:
+  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQAnswer.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQAnswer**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /Activity_Hub/OnBoarding/submit-pq-answer
+        method: patch

serverless/functions/minglaradmin.yml

@@ -13,7 +13,7 @@ minglarRegistration:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/registration
+        path: /registration
         method: post
 
 minglarLoginForAdmin:
@@ -28,7 +28,7 @@ minglarLoginForAdmin:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/login
+        path: /login
         method: post
 
 minglarCreatePassword:
@@ -43,7 +43,7 @@ minglarCreatePassword:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/create-password
+        path: /create-password
         method: post
 
 updateMinglarProfile:
@@ -60,7 +60,7 @@ updateMinglarProfile:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/update-profile
+        path: /update-profile
         method: patch
 
 prepopulateRole:
@@ -75,7 +75,7 @@ prepopulateRole:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/prepopulate-Roles
+        path: /prepopulate-Roles
         method: get
 
 getHostDetailsById:
@@ -90,7 +90,7 @@ getHostDetailsById:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/get-host-details/{host_xid}
+        path: /hosthub/hosts/get-host-details/{host_xid}
         method: get
 
 inviteTeammate:
@@ -105,7 +105,7 @@ inviteTeammate:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/settings/teammates/invite-teammate
+        path: /settings/teammates/invite-teammate
         method: post
 
 getAllHostApplication:
@@ -121,7 +121,7 @@ getAllHostApplication:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/get-all-host-applications-am
+        path: /hosthub/hosts/get-all-host-applications-am
         method: get
 
 getAllHostActivityForAdmin:
@@ -137,7 +137,7 @@ getAllHostActivityForAdmin:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/get-all-activity-of-host/{id}
+        path: /get-all-activity-of-host/{id}
         method: get
 
 getAllOnboardingHostApplications:
@@ -153,7 +153,7 @@ getAllOnboardingHostApplications:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/get-all-host-applications-admin
+        path: /hosthub/onboarding/get-all-host-applications-admin
         method: get
 
 getAllOnboardingHostApplications_New:
@@ -169,7 +169,7 @@ getAllOnboardingHostApplications_New:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/get-all-host-applications-admin-new
+        path: /hosthub/onboarding/get-all-host-applications-admin-new
         method: get
 
 getAllInvitationDetails:
@@ -184,7 +184,7 @@ getAllInvitationDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/settings/teammates/get-all-invitation-details
+        path: /settings/teammates/get-all-invitation-details
         method: get
 
 addSuggestion:
@@ -200,7 +200,7 @@ addSuggestion:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/add-suggestion
+        path: /hosthub/hosts/add-suggestion
         method: post
 
 getAllCoadminAndAMDetails:
@@ -215,7 +215,7 @@ getAllCoadminAndAMDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/settings/teammates/get-all-coadmin-am
+        path: /settings/teammates/get-all-coadmin-am
         method: get
 
 getAllInvitedCoadminAndAMDetails:
@@ -230,7 +230,7 @@ getAllInvitedCoadminAndAMDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/settings/teammates/get-all-invited-coadmin-am
+        path: /settings/teammates/get-all-invited-coadmin-am
         method: get
 
 getAmDetailsbyId:
@@ -245,7 +245,7 @@ getAmDetailsbyId:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/settings/teammates/get-am-details-by-id/{amXid}
+        path: /settings/teammates/get-am-details-by-id/{amXid}
         method: get
 
 assignAMToHost:
@@ -261,7 +261,7 @@ assignAMToHost:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/assign-am
+        path: /hosthub/onboarding/assign-am
         method: patch
 
 editAgreementDetailsAndAccept:
@@ -277,7 +277,7 @@ editAgreementDetailsAndAccept:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/edit-agreement-accept-host
+        path: /hosthub/onboarding/edit-agreement-accept-host
         method: patch
 
 getAllPqqQuesAnsForAM:
@@ -292,7 +292,7 @@ getAllPqqQuesAnsForAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/get-all-pqq-ques-ans-for-am
+        path: /hosthub/onboarding/get-all-pqq-ques-ans-for-am
         method: get
 
 acceptHostApplication:
@@ -308,7 +308,7 @@ acceptHostApplication:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/accept-host-application
+        path: /hosthub/hosts/accept-host-application
         method: patch
 
 RejectPQQByAM:
@@ -324,7 +324,23 @@ RejectPQQByAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/reject-pq-by-am
+        path: /hosthub/hosts/reject-pq-by-am
+        method: patch
+
+rejectActivityDetailsApplicationByAM:
+  handler: src/modules/minglaradmin/handlers/hosthub/hosts/rejectActivityApplicationByAM.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/minglaradmin/handlers/hosthub/hosts/rejectActivityApplicationByAM**'
+      - 'src/modules/minglaradmin/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /hosthub/hosts/reject-activity-application-by-am
         method: patch
 
 acceptPQByAM:
@@ -340,7 +356,23 @@ acceptPQByAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/accept-pq-by-am
+        path: /hosthub/hosts/accept-pq-by-am
+        method: patch
+
+acceptActivityDetailsApplicationByAM:
+  handler: src/modules/minglaradmin/handlers/hosthub/hosts/acceptActivityApplicationByAM.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/minglaradmin/handlers/hosthub/hosts/acceptActivityApplicationByAM**'
+      - 'src/modules/minglaradmin/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /hosthub/hosts/accept-activity-application-by-am
         method: patch
 
 rejectHostApplication:
@@ -356,7 +388,7 @@ rejectHostApplication:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/reject-host-application
+        path: /hosthub/onboarding/reject-host-application
         method: patch
 
 rejectHostApplicationAM:
@@ -372,7 +404,7 @@ rejectHostApplicationAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/reject-host-application-am
+        path: /hosthub/hosts/reject-host-application-am
         method: patch
 
 addPQQSuggestion:
@@ -388,7 +420,23 @@ addPQQSuggestion:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/hosts/add-Pqq-suggestion
+        path: /hosthub/hosts/add-Pqq-suggestion
+        method: post
+
+addActivitySuggestion:
+  handler: src/modules/minglaradmin/handlers/hosthub/hosts/addActivtiySuggestion.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/minglaradmin/handlers/hosthub/hosts/**'
+      - 'src/modules/minglaradmin/services/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /hosthub/hosts/add-Activity-suggestion
         method: post
 
 getAllPQPDetailsForAM:
@@ -404,10 +452,9 @@ getAllPQPDetailsForAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/pqp/pqp-details-for-am/{activityXid}
+        path: /hosthub/pqp/pqp-details-for-am/{activityXid}
         method: get
 
-
 getSuggestionsForAM:
   handler: src/modules/minglaradmin/handlers/hosthub/onboarding/showSuggestionToAM.handler
   memorySize: 384
@@ -421,5 +468,5 @@ getSuggestionsForAM:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /minglaradmin/hosthub/onboarding/show-suggestion-to-am/{hostXid}
+        path: /hosthub/onboarding/show-suggestion-to-am/{hostXid}
         method: get

serverless/functions/operator.yml

@@ -0,0 +1,198 @@
+# Operator Module Functions
+
+operatorSignUp:
+  handler: src/modules/host/handlers/operator/signUp.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorAuth.service.ts'
+      - 'src/modules/host/services/token.service.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /signup
+        method: post
+
+operatorVerifyOtp:
+  handler: src/modules/host/handlers/operator/verifyOtp.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorAuth.service.ts'
+      - 'src/modules/host/services/token.service.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-otp
+        method: post
+
+operatorCreatePassword:
+  handler: src/modules/host/handlers/operator/createPassword.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorAuth.service.ts'
+      - 'src/modules/host/services/token.service.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /create-password
+        method: post
+
+operatorLogin:
+  handler: src/modules/host/handlers/operator/login.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorAuth.service.ts'
+      - 'src/modules/host/services/token.service.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /login
+        method: post
+
+operatorVerifyPassword:
+  handler: src/modules/host/handlers/operator/verifyPassword.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorAuth.service.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-password
+        method: post
+
+operatorGetActivitiesByDate:
+  handler: src/modules/host/handlers/operator/getActivitiesByDate.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities-by-date
+        method: get
+
+operatorGetReservationByCheckInCode:
+  handler: src/modules/host/handlers/operator/getReservationByCheckInCode.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /reservation-by-checkin-code
+        method: get
+
+operatorSendOtpCheckIn:
+  handler: src/modules/host/handlers/operator/sendOtpCheckIn.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /send-otp-checkin
+        method: post
+
+operatorSendOtpCheckout:
+  handler: src/modules/host/handlers/operator/sendOtpCheckout.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /send-otp-checkout
+        method: post
+
+operatorVerifyOtpCheckIn:
+  handler: src/modules/host/handlers/operator/verifyOtpCheckIn.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-otp-checkin
+        method: post
+
+operatorVerifyOtpCheckout:
+  handler: src/modules/host/handlers/operator/verifyOtpCheckout.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/host/handlers/operator/**'
+      - 'src/modules/host/services/operatorActivity.service.ts'
+      - 'src/modules/host/dto/operator.activity.dto.ts'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-otp-checkout
+        method: post

serverless/functions/pqq.yml

@@ -1,29 +0,0 @@
-createActivityAndAllQuestionsEntry:
-  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/createActivityAndAllQuestionsEntry.handler
-  memorySize: 384
-  package:
-    patterns:
-      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/createActivityAndAllQuestionsEntry**'
-      - ${file(./serverless/patterns/base.yml):pattern1}
-      - ${file(./serverless/patterns/base.yml):pattern2}
-      - ${file(./serverless/patterns/base.yml):pattern3}
-      - ${file(./serverless/patterns/base.yml):pattern4}
-  events:
-    - httpApi:
-        path: /host/Activity_Hub/OnBoarding/create-activity
-        method: post
-
-submitPQAnswer:
-  handler: src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQAnswer.handler
-  memorySize: 384
-  package:
-    patterns:
-      - 'src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQAnswer**'
-      - ${file(./serverless/patterns/base.yml):pattern1}
-      - ${file(./serverless/patterns/base.yml):pattern2}
-      - ${file(./serverless/patterns/base.yml):pattern3}
-      - ${file(./serverless/patterns/base.yml):pattern4}
-  events:
-    - httpApi:
-        path: /host/Activity_Hub/OnBoarding/submit-pq-answer
-        method: patch

serverless/functions/prepopulate.yml

@@ -13,7 +13,7 @@ getAllBankAndCurrencyDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-all-bank-currency-details
+        path: /get-all-bank-currency-details
         method: get
 
 getCityByState:
@@ -29,7 +29,7 @@ getCityByState:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-city-by-state
+        path: /get-city-by-state
         method: get
 
 getBranchByBankXid:
@@ -45,7 +45,7 @@ getBranchByBankXid:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-branch-by-bank
+        path: /get-branch-by-bank
         method: get
 
 getAllDocumentCountryStateCityDetails:
@@ -60,7 +60,7 @@ getAllDocumentCountryStateCityDetails:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-all-doc-country
+        path: /get-all-doc-country
         method: get
 
 getAllPqqQuesAns:
@@ -75,7 +75,7 @@ getAllPqqQuesAns:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-all-pqq-ques-ans
+        path: /get-all-pqq-ques-ans
         method: get
 
 getFrequenciesOfActivity:
@@ -90,7 +90,7 @@ getFrequenciesOfActivity:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-all-Frequencies
+        path: /get-all-Frequencies
         method: get
 
 getAddActivityPrePopulate:
@@ -105,5 +105,5 @@ getAddActivityPrePopulate:
       - ${file(./serverless/patterns/base.yml):pattern4}
   events:
     - httpApi:
-        path: /prepopulate/get-add-activity-prepopulate
+        path: /get-add-activity-prepopulate
         method: get

serverless/functions/user.yml

@@ -0,0 +1,589 @@
+# Prepopulate Module Functions
+# Reference data and lookup endpoints
+
+registerUser:
+  handler: src/modules/user/handlers/authentication/registration.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /register
+        method: post
+
+submitPersonalInfo:
+  handler: src/modules/user/handlers/authentication/submitPersonalInfo.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /submit-personal-info
+        method: post
+
+verifyOtpForUser:
+  handler: src/modules/user/handlers/authentication/verifyOtpForUser.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-otp
+        method: post
+
+generateAccessFromRefreshToken:
+  handler: src/modules/user/handlers/authentication/generateRefereshToAccess.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /generate-access-from-refresh
+        method: post
+
+      
+setPasscodeForMobile:
+  handler: src/modules/user/handlers/authentication/setPasscodeForMobile.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /set-passcode
+        method: post
+
+
+verifyPasscode:
+  handler: src/modules/user/handlers/authentication/verifyPasscode.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /verify-passcode
+        method: post
+
+setUserInterest:
+  handler: src/modules/user/handlers/authentication/SetuserInterest.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /set-interests
+        method: post
+
+setUserLocationss:
+  handler: src/modules/user/handlers/authentication/SetLocationofUser.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /set-location-user
+        method: post
+
+getLandingPageDetails:
+  handler: src/modules/user/handlers/activities/landingPageAllDetails.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-landing-page-details
+        method: get
+
+getSurpriseMePageDetails:
+  handler: src/modules/user/handlers/activities/surpriseMePage.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-surprise-me-page-details
+        method: get
+
+getActivityDetailsById:
+  handler: src/modules/user/handlers/activities/getByIdActivityDetails.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-activity-details-by-id/{activity_xid}
+        method: get
+
+checkAvailabilityDetails:
+  handler: src/modules/user/handlers/activities/checkAvailabilityDetails.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/check-availability/{activity_xid}
+        method: get
+
+searchActivities:
+  handler: src/modules/user/handlers/activities/getSpecificSearchApi.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/specific-search
+        method: get
+
+searchSchoolsAndCompanies:
+  handler: src/modules/user/handlers/connections/getSchoolCompanyName.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/search-schools-companies
+        method: get
+
+searchCities:
+  handler: src/modules/user/handlers/connections/searchCities.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/search-cities
+        method: get
+
+addSchoolCompanyDetail:
+  handler: src/modules/user/handlers/connections/addSchoolCompanyDetail.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/add-school-company
+        method: post
+
+removeConnectionDetails:
+  handler: src/modules/user/handlers/connections/removeConnectionDetails.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/remove-connection-details
+        method: delete
+
+getAllConnectionOfUser:
+  handler: src/modules/user/handlers/connections/getAllConnectionDetailsOfUser.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/get-all-connections-details
+        method: get
+
+getActivityFromConnectionsInterest:
+  handler: src/modules/user/handlers/connections/getActivityFromConnectionsInterest.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/get-activity-from-connections-interest
+        method: get
+
+searchConnectionPeople:
+  handler: src/modules/user/handlers/connections/searchConnectionPeople.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/connections/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /connections/search-connection-people
+        method: get
+
+viewMoreActivitiesByInterest:
+  handler: src/modules/user/handlers/activities/viewMoreActivities.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/view-more-activities
+        method: get
+
+viewMoreActivitiesUpperSection:
+  handler: src/modules/user/handlers/activities/viewMoreUpperSection.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/view-more-activities-upper-section
+        method: get
+
+getRandomActiveActivity:
+  handler: src/modules/user/handlers/activities/getRandomActiveActivity.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-random-active-activity
+        method: get
+
+getNearbyActivities:
+  handler: src/modules/user/handlers/activities/getNearbyActivities.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-nearby-activities
+        method: get
+
+addActivityToBucketInterested:
+  handler: src/modules/user/handlers/activities/addToBucketInterested.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/add-to-bucket-interested
+        method: post
+
+removeActivityFromBucketInterested:
+  handler: src/modules/user/handlers/activities/removeFromBucketInterested.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/user/handlers/activities/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/remove-from-bucket-interested
+        method: post
+
+getFilteredLandingPageAllDetails:
+  handler: src/modules/user/handlers/activities/filteredLandingPageAllDetails.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-filtered-landing-page-details
+        method: get
+
+getAllBucketActivities:
+  handler: src/modules/user/handlers/activities/getAllBucketActivities.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /activities/get-all-bucket-activities
+        method: get
+
+getUserItineraryDetails:
+  handler: src/modules/user/handlers/itinerary/getUserItineraryDetails.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/get-user-itinerary-details
+        method: get
+
+getItineraryCheckoutDetails:
+  handler: src/modules/user/handlers/itinerary/getItineraryCheckoutDetails.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/get-itinerary-checkout-details
+        method: get
+
+saveUserItinerary:
+  handler: src/modules/user/handlers/itinerary/saveUserItinerary.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/save-user-itinerary
+        method: post
+
+saveItineraryActivitySelections:
+  handler: src/modules/user/handlers/itinerary/saveItineraryActivitySelections.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/save-itinerary-activity-selections
+        method: post
+
+getAllUserSavedItineraries:
+  handler: src/modules/user/handlers/itinerary/getAllUserSavedItineraries.handler
+  memorySize: 1024
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/get-all-user-saved-itineraries
+        method: get
+
+cancelUserItinerary:
+  handler: src/modules/user/handlers/itinerary/cancelUserItinerary.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/cancel-itinerary
+        method: post
+
+afterBookingFromCalendar:
+  handler: src/modules/user/handlers/itinerary/afterBookingFromCalendar.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/after-booking-from-calendar
+        method: post
+
+createRazorpayOrder:
+  handler: src/modules/user/handlers/payment/createOrder.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /payment/create-order
+        method: post
+
+verifyRazorpayPayment:
+  handler: src/modules/user/handlers/payment/verifyPayment.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /payment/verify-payment
+        method: post
+
+razorpayWebhook:
+  handler: src/modules/user/handlers/payment/razorpayWebhook.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /payment/webhook/razorpay
+        method: post
+
+getMatchingBucketInterestedActivities:
+  handler: src/modules/user/handlers/itinerary/getMatchingBucketInterestedActivities.handler
+  memorySize: 512
+  package:
+    patterns:
+      - 'src/modules/user/**'
+      - ${file(./serverless/patterns/base.yml):pattern1}
+      - ${file(./serverless/patterns/base.yml):pattern2}
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - httpApi:
+        path: /itinerary/get-matching-bucket-interested-activities
+        method: post

serverless/functions/websocket.yml

@@ -0,0 +1,64 @@
+websocketConnect:
+  handler: src/modules/websocket/handlers/connect.handler
+  memorySize: 256
+  package:
+    patterns:
+      - 'src/modules/websocket/**'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - websocket:
+        route: $connect
+
+websocketDisconnect:
+  handler: src/modules/websocket/handlers/disconnect.handler
+  memorySize: 256
+  package:
+    patterns:
+      - 'src/modules/websocket/**'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - websocket:
+        route: $disconnect
+
+websocketDefault:
+  handler: src/modules/websocket/handlers/default.handler
+  memorySize: 256
+  package:
+    patterns:
+      - 'src/modules/websocket/**'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - websocket:
+        route: $default
+
+websocketSendMessage:
+  handler: src/modules/websocket/handlers/sendMessage.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/websocket/**'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - websocket:
+        route: sendMessage
+
+websocketGetMessages:
+  handler: src/modules/websocket/handlers/getMessages.handler
+  memorySize: 384
+  package:
+    patterns:
+      - 'src/modules/websocket/**'
+      - 'src/common/**'
+      - ${file(./serverless/patterns/base.yml):pattern3}
+      - ${file(./serverless/patterns/base.yml):pattern4}
+  events:
+    - websocket:
+        route: getMessages

src/common/database/prisma.module.ts

@@ -1,5 +1,5 @@
 import { Global, Module } from '@nestjs/common';
-import { PrismaService } from './prisma.lambda.service';
+import { PrismaService } from './prisma.service'; // correct export location
 
 @Global()
 @Module({

src/common/middlewares/jwt/authForAny.ts

@@ -0,0 +1,78 @@
+import jwt from 'jsonwebtoken';
+import httpStatus from 'http-status';
+import ApiError from '../../utils/helper/ApiError';
+import config from '../../../config/config';
+import { ROLE } from '@/common/utils/constants/common.constant';
+import { prisma } from '../../database/prisma.client';
+
+interface DecodedToken {
+  id?: number;
+  sub?: string | number;
+  role?: string;
+  iat: number;
+  exp: number;
+}
+
+export async function verifyAnyToken(
+  token: string
+): Promise<{ id: number; roleXid: number; role?: string }> {
+  if (!token) {
+    throw new ApiError(httpStatus.UNAUTHORIZED, 'Please authenticate');
+  }
+
+  try {
+    const decoded = jwt.verify(token, config.jwt.secret) as unknown as DecodedToken;
+
+    const userId = decoded.id ?? (decoded.sub ? Number(decoded.sub) : null);
+    if (!userId) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'Invalid token payload');
+    }
+
+    const user = await prisma.user.findUnique({
+      where: { id: userId },
+      include: { role: true },
+    });
+
+    const latestToken = await prisma.token.findFirst({
+      where: { userXid: userId },
+      orderBy: { id: 'desc' },
+    });
+
+    if (latestToken?.isBlackListed === true) {
+      throw new ApiError(401, 'This session is expired. Please login.');
+    }
+
+    if (!user) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'User not found');
+    }
+
+    if (user.isActive === false) {
+      throw new ApiError(
+        httpStatus.FORBIDDEN,
+        'Your account is deactivated by admin.'
+      );
+    }
+
+    if (user.roleXid !== ROLE.USER && user.roleXid !== ROLE.HOST) {
+      throw new ApiError(httpStatus.FORBIDDEN, 'Access denied.');
+    }
+
+    return { id: user.id, roleXid: user.roleXid || 0, role: user.role?.roleName };
+  } catch (error) {
+    if (error instanceof jwt.TokenExpiredError) {
+      throw new ApiError(
+        httpStatus.UNAUTHORIZED,
+        'Your session has expired. Please log in again.'
+      );
+    }
+
+    if (error instanceof ApiError) {
+      throw error;
+    }
+
+    throw new ApiError(
+      httpStatus.FORBIDDEN,
+      'Invalid or expired authentication token.'
+    );
+  }
+}

src/common/middlewares/jwt/authForHost.ts

@@ -1,10 +1,10 @@
-import jwt from 'jsonwebtoken';
-import httpStatus from 'http-status';
-import { Request, Response, NextFunction } from 'express';
-import ApiError from '../../utils/helper/ApiError';
-import config from '../../../config/config';
 import { ROLE } from '@/common/utils/constants/common.constant';
+import { NextFunction, Request, Response } from 'express';
+import httpStatus from 'http-status';
+import jwt from 'jsonwebtoken';
+import config from '../../../config/config';
 import { prisma } from '../../database/prisma.client';
+import ApiError from '../../utils/helper/ApiError';
 
 interface DecodedToken {
   id?: number;
@@ -29,6 +29,68 @@ declare module 'express-serve-static-core' {
  * Core authentication function - verifies JWT and validates Host user
  * Can be used by both Express middleware and Lambda handlers
  */
+/**
+ * Verifies JWT and validates Operator user (role_xid = 5)
+ */
+export async function verifyOperatorToken(token: string): Promise<{ id: number; role?: string }> {
+  if (!token) {
+    throw new ApiError(httpStatus.UNAUTHORIZED, 'Please authenticate');
+  }
+
+  try {
+    const decoded = jwt.verify(token, config.jwt.secret) as unknown as DecodedToken;
+
+    const userId = decoded.id ?? (decoded.sub ? Number(decoded.sub) : null);
+
+    if (!userId) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'Invalid token payload');
+    }
+
+    // ✅ Fetch user from Prisma (Operator user only)
+    const user = await prisma.user.findUnique({
+      where: { id: userId },
+      include: { role: true },
+    });
+
+    const latestToken = await prisma.token.findFirst({
+      where: {
+        userXid: userId
+      },
+      orderBy: { id: 'desc' }
+    })
+
+    if (latestToken?.isBlackListed == true) {
+      throw new ApiError(401, "This session is expired. Please login.")
+    }
+
+    if (!user) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'User not found');
+    }
+
+    // ✅ Check if user is active
+    if (user.isActive === false) {
+      throw new ApiError(httpStatus.FORBIDDEN, 'Your account is deactivated by admin.');
+    }
+
+    // ✅ Check Operator role (role_xid = 5)
+    if (user.roleXid !== ROLE.OPERATOR) {
+      throw new ApiError(httpStatus.FORBIDDEN, 'Access denied.');
+    }
+
+    return { id: user.id, role: user.role?.roleName };
+  } catch (error) {
+    if (error instanceof jwt.TokenExpiredError) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'Your session has expired. Please log in again.');
+    }
+
+    if (error instanceof ApiError) {
+      throw error;
+    }
+
+    throw new ApiError(httpStatus.FORBIDDEN, 'Invalid or expired authentication token.');
+  }
+}
+
 export async function verifyHostToken(token: string): Promise<{ id: number; role?: string }> {
   if (!token) {
     throw new ApiError(httpStatus.UNAUTHORIZED, 'Please authenticate');

src/common/middlewares/jwt/authForOperator.ts

@@ -0,0 +1,112 @@
+import jwt from 'jsonwebtoken';
+import httpStatus from 'http-status';
+import { NextFunction, Request, Response } from 'express';
+import { prisma } from '../../database/prisma.client';
+import ApiError from '../../utils/helper/ApiError';
+import config from '../../../config/config';
+import { ROLE } from '../../utils/constants/common.constant';
+
+interface DecodedToken {
+  id?: number;
+  sub?: string | number;
+  role?: string;
+  iat: number;
+  exp: number;
+}
+
+interface UserPayload {
+  id: string;
+  role?: string;
+}
+
+declare module 'express-serve-static-core' {
+  interface Request {
+    user?: UserPayload;
+  }
+}
+
+export async function verifyOperatorToken(
+  token: string,
+): Promise<{ id: number; role?: string }> {
+  if (!token) {
+    throw new ApiError(httpStatus.UNAUTHORIZED, 'Please authenticate');
+  }
+
+  try {
+    const decoded = jwt.verify(token, config.jwt.secret) as unknown as DecodedToken;
+    const userId = decoded.id ?? (decoded.sub ? Number(decoded.sub) : null);
+
+    if (!userId) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'Invalid token payload');
+    }
+
+    const user = await prisma.user.findUnique({
+      where: { id: userId },
+      include: { role: true },
+    });
+
+    const latestToken = await prisma.token.findFirst({
+      where: { userXid: userId },
+      orderBy: { id: 'desc' },
+    });
+
+    if (latestToken?.isBlackListed === true) {
+      throw new ApiError(401, 'This session is expired. Please login.');
+    }
+
+    if (!user) {
+      throw new ApiError(httpStatus.UNAUTHORIZED, 'User not found');
+    }
+
+    if (user.isActive === false) {
+      throw new ApiError(httpStatus.FORBIDDEN, 'Your account is deactivated by admin.');
+    }
+
+    if (user.roleXid !== ROLE.OPERATOR) {
+      throw new ApiError(httpStatus.FORBIDDEN, 'Access denied.');
+    }
+
+    return { id: user.id, role: user.role?.roleName };
+  } catch (error) {
+    if (error instanceof jwt.TokenExpiredError) {
+      throw new ApiError(
+        httpStatus.UNAUTHORIZED,
+        'Your session has expired. Please log in again.',
+      );
+    }
+
+    if (error instanceof ApiError) {
+      throw error;
+    }
+
+    throw new ApiError(httpStatus.FORBIDDEN, 'Invalid or expired authentication token.');
+  }
+}
+
+const verifyCallback = async (
+  req: Request,
+  resolve: (value?: unknown) => void,
+  reject: (reason?: Error) => void,
+) => {
+  const token = req.header('x-auth-token') || req.cookies?.accessToken;
+
+  try {
+    const userInfo = await verifyOperatorToken(token);
+    req.user = { id: userInfo.id.toString(), role: userInfo.role };
+    resolve();
+  } catch (error) {
+    return reject(error as Error);
+  }
+};
+
+const authForOperator =
+  () =>
+  async (req: Request, res: Response, next: NextFunction) => {
+    return new Promise((resolve, reject) => {
+      verifyCallback(req, resolve, reject);
+    })
+      .then(() => next())
+      .catch((err) => next(err));
+  };
+
+export default authForOperator;

src/common/services/chat.service.ts

@@ -0,0 +1,150 @@
+import { PrismaClient } from '@prisma/client';
+import ApiError from '../utils/helper/ApiError';
+
+interface SendMessageInput {
+  activityXid: number;
+  senderXid: number;
+  receiverXid: number;
+  message: string;
+  status?: string;
+}
+
+interface GetMessagesInput {
+  activityXid: number;
+  userXid: number;
+  otherUserXid: number;
+  limit?: number;
+}
+
+export class ChatService {
+  constructor(private prisma: PrismaClient) {}
+
+  private async getHostUserIdForActivity(activityXid: number): Promise<number> {
+    const activity = await this.prisma.activities.findUnique({
+      where: { id: activityXid },
+      select: { host: { select: { userXid: true } } },
+    });
+
+    if (!activity) {
+      throw new ApiError(404, 'Activity not found');
+    }
+
+    const hostUserXid = activity.host?.userXid;
+
+    if (!hostUserXid) {
+      throw new ApiError(400, 'Host user not found for activity');
+    }
+
+    return hostUserXid;
+  }
+
+  async sendMessage(input: SendMessageInput) {
+    if (!input.activityXid || isNaN(input.activityXid)) {
+      throw new ApiError(400, 'Valid activityXid is required');
+    }
+
+    if (!input.senderXid || isNaN(input.senderXid)) {
+      throw new ApiError(400, 'Valid senderXid is required');
+    }
+
+    if (!input.receiverXid || isNaN(input.receiverXid)) {
+      throw new ApiError(400, 'Valid receiverXid is required');
+    }
+
+    if (input.senderXid === input.receiverXid) {
+      throw new ApiError(400, 'Sender and receiver cannot be the same');
+    }
+
+    const message = input.message?.trim();
+    if (!message) {
+      throw new ApiError(400, 'Message is required');
+    }
+
+    const hostUserXid = await this.getHostUserIdForActivity(input.activityXid);
+
+    if (input.senderXid !== hostUserXid && input.receiverXid !== hostUserXid) {
+      throw new ApiError(
+        400,
+        'Sender or receiver must be the host for this activity'
+      );
+    }
+
+    const receiverExists = await this.prisma.user.findUnique({
+      where: { id: input.receiverXid },
+      select: { id: true },
+    });
+
+    if (!receiverExists) {
+      throw new ApiError(404, 'Receiver not found');
+    }
+
+    return this.prisma.activityMessages.create({
+      data: {
+        activityXid: input.activityXid,
+        senderXid: input.senderXid,
+        receivedXid: input.receiverXid,
+        message,
+        status: input.status?.trim() || 'unread',
+      },
+    });
+  }
+
+  async getMessages(input: GetMessagesInput) {
+    if (!input.activityXid || isNaN(input.activityXid)) {
+      throw new ApiError(400, 'Valid activityXid is required');
+    }
+
+    if (!input.userXid || isNaN(input.userXid)) {
+      throw new ApiError(400, 'Valid userXid is required');
+    }
+
+    if (!input.otherUserXid || isNaN(input.otherUserXid)) {
+      throw new ApiError(400, 'Valid otherUserXid is required');
+    }
+
+    if (input.userXid === input.otherUserXid) {
+      throw new ApiError(400, 'Invalid otherUserXid');
+    }
+
+    const hostUserXid = await this.getHostUserIdForActivity(input.activityXid);
+
+    if (input.userXid !== hostUserXid && input.otherUserXid !== hostUserXid) {
+      throw new ApiError(
+        400,
+        'Conversation must include the host for this activity'
+      );
+    }
+
+    const limit = Math.min(Math.max(input.limit || 50, 1), 200);
+
+    const messages = await this.prisma.activityMessages.findMany({
+      where: {
+        activityXid: input.activityXid,
+        OR: [
+          {
+            senderXid: input.userXid,
+            receivedXid: input.otherUserXid,
+          },
+          {
+            senderXid: input.otherUserXid,
+            receivedXid: input.userXid,
+          },
+        ],
+      },
+      orderBy: { createdAt: 'asc' },
+      take: limit,
+    });
+
+    await this.prisma.activityMessages.updateMany({
+      where: {
+        activityXid: input.activityXid,
+        senderXid: input.otherUserXid,
+        receivedXid: input.userXid,
+        status: 'unread',
+      },
+      data: { status: 'read' },
+    });
+
+    return messages;
+  }
+}

src/common/services/websocket.service.ts

@@ -0,0 +1,58 @@
+import { PrismaClient } from '@prisma/client';
+
+export class WebSocketService {
+  constructor(private prisma: PrismaClient) {}
+
+  async connect(params: {
+    connectionId: string;
+    userXid: number;
+    activityXid?: number | null;
+  }) {
+    const { connectionId, userXid, activityXid } = params;
+    return this.prisma.chatConnections.upsert({
+      where: { connectionId },
+      create: {
+        connectionId,
+        userXid,
+        activityXid: activityXid ?? null,
+        isActive: true,
+      },
+      update: {
+        userXid,
+        activityXid: activityXid ?? null,
+        isActive: true,
+        deletedAt: null,
+      },
+    });
+  }
+
+  async disconnect(connectionId: string) {
+    return this.prisma.chatConnections.updateMany({
+      where: { connectionId },
+      data: {
+        isActive: false,
+        deletedAt: new Date(),
+      },
+    });
+  }
+
+  async getConnectionById(connectionId: string) {
+    return this.prisma.chatConnections.findFirst({
+      where: { connectionId, isActive: true },
+    });
+  }
+
+  async getConnectionsForUser(params: {
+    userXid: number;
+    activityXid?: number | null;
+  }) {
+    const { userXid, activityXid } = params;
+    return this.prisma.chatConnections.findMany({
+      where: {
+        userXid,
+        isActive: true,
+        ...(activityXid ? { activityXid } : {}),
+      },
+    });
+  }
+}

src/common/utils/constants/agreementTemplate.ts

@@ -0,0 +1,357 @@
+export const AGREEMENT_TEMPLATE = `
+MINGLAR HOST AGREEMENT
+Effective Date: [EFFECTIVE_DATE]
+
+BETWEEN
+
+Minglar India Private Limited, a company incorporated under the Companies Act, 2013, having its registered office at 602, Aaradhya Avenue X Eve, Naidu Colony, Pant Nagar, Ghatkopar (East), Mumbai 400075 (hereinafter referred to as “Minglar India Private Limited”, which expression shall include its successors and permitted assigns);
+
+AND
+
+[HOST_LEGAL_NAME], a [COMPANY_TYPE], having its principal place of business at [FULL_ADDRESS] (hereinafter referred to as “Host”, which expression shall include its owners, partners, directors, employees, representatives, and permitted assigns).
+
+Minglar India Private Limited and Host are individually referred to as a “Party” and collectively as the “Parties”.
+
+1. PURPOSE AND RELATIONSHIP
+
+1.1 Platform Overview
+Minglar India Private Limited operates a curated digital marketplace under the brand “Minglar” that enables users (“Users”) to discover, review, and book experiential activities, events, workshops, tours, and related services (“Activities”) offered by independent Hosts.
+
+1.2 Engagement
+The Host desires to list and provide its Activities on the Minglar platform subject to the terms and standards set forth in this Agreement.
+
+1.3 Independent Contractor
+Nothing in this Agreement shall be construed as creating a partnership under the Indian Partnership Act, 1932, joint venture, agency, employment, franchise, or profit-sharing arrangement. The Host operates strictly as an independent contractor and shall have full operational control over execution of its Activities.
+
+2. TERM
+
+2.1 Duration
+This Agreement shall remain valid for a fixed term of [DURATION_TEXT] and shall automatically expire on [EXPIRY_DATE], unless terminated earlier in accordance with Section 16.
+
+2.2 Renewal
+Renewal shall be subject to mutual agreement. Commission adjustments, if any, shall apply only at renewal due to inflation or additional expenses incurred by Minglar India Private Limited for platform upgrades or new features.
+
+3. HOST RESPONSIBILITIES
+
+3.1 Legal Compliance and Document Submission
+3.1.1 Compliance
+The Host shall obtain, maintain, and keep valid at all times all licenses, permits, approvals, registrations, certifications, insurance policies, and governmental permissions required under applicable laws for the lawful conduct of the Activities.
+
+3.1.2 Document Upload
+The Host shall, at the time of onboarding on the Minglar platform, upload true, complete, and legible copies of licenses, permits, registrations, tax certificates (including GST registration, where applicable), identity proof, business registration documents, insurance certificates, and any other documents reasonably required by Minglar India Private Limited for verification purposes.
+
+3.1.3 Accuracy and Updates
+The Host represents and warrants that all documents submitted are authentic, valid, and up to date. The Host shall promptly upload updated copies whenever any document expires, is renewed, modified, or replaced. Failure to provide valid documentation may result in suspension, delisting, or termination of this Agreement at the sole discretion of Minglar India Private Limited.
+
+3.1.4 Verification
+Minglar India Private Limited shall have the right to verify such documents and request additional documentation if required for regulatory, compliance, safety, or audit purposes.
+
+3.2 Accurate Listing and Host Anonymity
+3.2.1 Activity Details
+The Host shall provide complete, accurate, and up-to-date descriptions for each Activity, including inclusions, exclusions, duration, safety requirements, pricing, and applicable tax percentages at the time of onboarding. The Host shall ensure that all information remains current throughout the term of this Agreement.
+
+3.2.2 Host Content
+Hosts retain ownership of original content they upload (such as activity descriptions, images, and videos).
+However, by uploading content, the Host grants Minglar a:
+- Worldwide
+- Non-exclusive
+- Royalty-free
+- Transferable
+- Sub-licensable
+license to use, reproduce, modify, adapt, publish, translate, distribute and display such content for purposes of operating, marketing and promoting the platform.
+This license continues for as long as the content remains on the platform.
+
+3.2.3 Unique Activity Name
+The Host shall provide a unique name for each Activity during onboarding. The Host’s actual company name, personal name, or brand shall not be visible to Users on the activity card or in any public-facing listing.
+
+3.2.4 Prohibition on Branding and Contact
+The Host shall not display, embed, or otherwise reveal its contact information, company name, logo, website, email, or other identifiable details in any photos, videos, descriptions, chat messages, or other content shared with Users via the Minglar platform.
+
+3.2.5 Breach and Suspension
+Any attempt to circumvent these provisions or display unauthorized branding or contact details shall be considered a material breach of this Agreement. Minglar India Private Limited reserves the right to suspend or delist the Activity immediately and take other remedial actions as necessary.
+
+3.3 Taxes
+3.3.1 Tax Responsibility
+The total Activity price listed shall be inclusive of all applicable taxes. Minglar India Private Limited shall collect such taxes from Users and transfer them to the Host. The Host shall be solely responsible for depositing and complying with tax obligations before local authorities.
+
+4. SAFETY AND OPERATIONAL STANDARDS
+
+4.1 General Duty of Care
+The Host shall conduct all Activities in a safe, hygienic, and controlled manner ensuring the well-being of Users at all times.
+
+4.2 Risk Management
+The Host shall conduct risk assessments, maintain standard operating procedures, provide safety briefings, and ensure trained and competent personnel supervise Activities.
+
+4.3 Transportation
+If the Host provides pick-up, drop-off, or in-Activity transportation, such transportation shall be safe, clean, reasonably comfortable, and legally compliant. The Host shall remain responsible for User safety during transport.
+
+4.4 SOS Emergency Protocol
+During execution of Activities, Minglar’s SOS feature shall be active. If activated by a User, the Host Operator shall receive immediate notification and live location details. The Host Operator shall immediately contact and reach the User. The emergency shall be cleared only after ensuring the User is safe. The Host Operator shall be the first point of contact for all emergencies.
+
+4.5 Equipment Standards
+The Host shall ensure that all equipment, tools, and materials used for conducting any Activity are:
+1. Maintained in accordance with the manufacturer’s recommendations and operational guidelines.
+2. Tested regularly to confirm they are safe and functional before each Activity.
+3. Kept clean, hygienic, and in good working order at all times.
+4. Adequate for the number of Users participating, ensuring no overuse or overcrowding that may compromise safety.
+The Host shall be solely responsible for any incidents, accidents, or injuries caused due to faulty, poorly maintained, unhygienic, or unsafe equipment. Failure to comply may result in suspension, delisting, or immediate termination of this Agreement under Section 16.
+
+5. QUALITY AND PUNCTUALITY
+
+5.1 Quality Standards
+The Host shall maintain consistently high service standards and continuously strive to improve user experience toward achieving five-star ratings.
+
+5.2 Timeliness
+The Host shall ensure timely check-in, commencement, and completion of Activities. Delays impacting Users’ onward travel or other bookings shall constitute service failure.
+
+6. INSURANCE
+
+The Host shall obtain, maintain, and keep valid insurance coverage appropriate for the risk associated with the respective Activities. Coverage shall be sufficient to protect Users, the Host, and Minglar India Private Limited against claims arising from accidents, injuries, fatalities, or property damage.
+
+6.1 Risk-Based Coverage
+The Host shall maintain Public Liability Insurance appropriate to the risk and scale of the respective Activities.
+
+6.2 Coverage Amount
+For high-risk or multi-participant Activities, coverage is recommended up to INR 5 Crores or an amount appropriate to cover potential claims arising from injury, death, or property damage.
+
+6.3 Additional Insured
+Policies shall name Minglar India Private Limited and Minglar Group Pte Ltd, Singapore as Additional Insured.
+
+6.4 Proof
+Valid insurance certificates must be submitted prior to onboarding and maintained throughout the Agreement term.
+
+7. USER WAIVERS
+The Host shall ensure that Users acknowledge and accept all standard waivers, terms, and risk disclosures prior to participation in any Activity, as provided by the Minglar platform.
+
+8. INDEMNITY
+The Host shall indemnify, defend, and hold harmless Minglar India Private Limited, its affiliates, employees, directors, and representatives from any claims, losses, damages, liabilities, fines, or expenses arising directly or indirectly from the Host’s failure to comply with laws, negligence, or breach of this Agreement.
+
+9. LIMITATION OF LIABILITY
+The total aggregate liability of Minglar India Private Limited arising out of or in connection with any claim relating to a specific Activity shall not exceed the total commission earned by Minglar India Private Limited from that particular Activity (or substantially similar activity category) conducted by the Host during the three (3) months immediately preceding the date of the claim.
+If the Host lists multiple different Activities, the liability cap applies only to the commission earned from the specific Activity giving rise to the claim and does not include commission earned from other unrelated Activities.
+Under no circumstances shall Minglar India Private Limited be liable for indirect, incidental, consequential, punitive, or special damages, including loss of profits, goodwill, reputation, or business opportunity.
+
+10. PAYMENT AND COMMISSION
+
+10.1 Commission
+10.1.1 Standard Commission
+A [COMMISSION_TEXT] commission shall be charged by Minglar India Private Limited on the Activity revenue (after deduction of applicable taxes).
+
+10.1.2 Fixed During Term
+The term of this agreement is [DURATION_TEXT]. This commission shall remain unchanged during the term of this Agreement.
+
+10.1.3 Renewal Adjustment
+At the time of renewal, Minglar India Private Limited reserves the right to adjust commission rates due to inflation or platform upgrades.
+
+10.2 Host Payout
+10.2.1 Timing
+Minglar India Private Limited shall remit payments to the Host 24 hours after check-in completion or no-show.
+
+10.2.2 Monthly Commission Invoice
+Minglar India Private Limited shall issue a monthly invoice to the Host detailing the commission earned. GST shall be charged extra.
+
+10.2.3 Banking and Gateway Charges
+All banking, payment gateway, and transaction fees arising from normal bookings shall be borne by the Host.
+
+11. BOOKING CANCELLATION
+
+11.1 Host-Related Cancellation
+If an Activity is cancelled due to host health, extreme weather, natural disasters, government restrictions, venue issues, equipment failure, team/partner unavailability, or other uncontrollable circumstances, the Host shall pay the applicable cancellation fee charged by the payment gateway. No payment will be remitted to the Host, and 100% of the booking amount including taxes shall be refunded to Users.
+
+11.2 User-Initiated Cancellation
+If Users cancel within the permitted period, the platform fee shall be deducted and the remaining amount refunded to Users. The Host will not receive payment for such cancellations.
+
+12. PARTICIPATION OF MINGLAR ACCOUNT MANAGER FOR AUDIT
+In case of low performance, low bookings, or safety/quality issues reported by Users that remain unresolved for more than one week, Minglar India Private Limited may send an Account Manager to audit the Activity at the Host’s location.
+The date and slot for such an audit shall be coordinated by the Account Manager and the Host.
+The participation of the Account Manager is free of charge. If the audit requires overnight stay or the Activity duration exceeds one day, the Host shall provide accommodation.
+Transportation costs for the Account Manager shall be shared 50% by the Host.
+Minglar India Private Limited reserves the right to send an Account Manager once per year or sooner in case of low performance, safety concerns, or user complaints with less than 2-star ratings.
+
+13. DATA PROTECTION, PRIVACY & INFORMATION SECURITY
+
+13.1 Compliance with Applicable Laws
+The Parties acknowledge that Minglar Group Pte. Ltd. (Singapore) and/or Minglar India Private Limited (India) collects and processes personal data in compliance with applicable laws, including:
+- The Personal Data Protection Act 2012 (“PDPA”); and
+- The Digital Personal Data Protection Act 2023 (“DPDP Act”).
+Each Party agrees to comply with all applicable privacy and data protection laws in the jurisdiction where the Activity is conducted.
+
+13.2 Roles of the Parties
+a) Minglar shall act as the Data Fiduciary / Data Controller for personal data collected via the Minglar platform.
+b) The Host shall act as a Data Processor / Authorized Data Recipient when processing User personal data solely for the purpose of conducting booked Activities.
+The Host shall not independently determine the purpose or means of processing User personal data without prior written authorization from Minglar.
+
+PART A – USER PERSONAL DATA
+
+13.3 Categories of User Data Collected
+The Host acknowledges that Minglar may collect and process the following categories of User personal data through the platform:
+a) Full name
+b) Date of birth
+c) Mobile number and email address
+d) Gender
+e) Height and weight (where Activity eligibility or safety restrictions apply)
+f) School and college information
+g) Profile photograph
+h) Home location and/or real-time GPS location
+i) Check-in and check-out data
+j) SOS or emergency alerts
+k) Payment method details and transaction information
+l) Spending preferences or monthly budget indicators
+m) Biometric verification data (including facial verification, where applicable)
+n) Medical conditions or health disclosures (Phase 2 implementation)
+o) Attendance logs and activity participation records
+
+13.4 Sensitive Personal Data
+Certain categories of data may constitute sensitive personal data, including:
+- Biometric data
+- Medical or health information
+- Real-time location data
+- Financial/payment information
+- Profile photographs capable of biometric identification
+Such data shall:
+a) Be processed only where necessary for safety, verification, compliance, or Activity execution;
+b) Be accessed strictly on a need-to-know basis;
+c) Be protected using enhanced security measures;
+d) Not be downloaded, stored externally, or retained by the Host beyond the Activity duration unless legally required.
+The Host shall not independently collect additional medical, biometric, or financial data outside the Minglar platform without prior written approval.
+
+13.5 Confidentiality and Use Restrictions
+The Host shall treat all User and platform data as strictly confidential, including attendance logs, SOS alerts, emergency records, and location data collected during Activities.
+User data shall:
+a) Be used solely for Activity execution and safety;
+b) Not be shared with third parties without prior written consent from Minglar India Private Limited;
+c) Not be used for independent marketing, profiling, or database creation;
+d) Not be retained after completion of the Activity unless legally required.
+The Host shall not contact Users outside the Minglar platform unless expressly authorized.
+
+13.6 Security Measures
+The Host shall implement reasonable technical and organizational measures to protect personal data from unauthorized access, alteration, misuse, or disclosure, including:
+- Secure password-protected systems;
+- Restricted employee access;
+- Confidentiality undertakings from employees and operators;
+- Secure handling of operator devices used for check-in/check-out;
+- Immediate reporting of lost or compromised devices.
+
+13.7 Data Breach Notification
+Any actual or suspected breach involving personal data — including medical, biometric, financial, or location data — shall be reported to Minglar India Private Limited immediately and in any event within twenty-four (24) hours of discovery.
+The Host shall fully cooperate in investigation, mitigation, and regulatory reporting obligations.
+
+13.8 Retention and Deletion
+The Host shall not retain personal data beyond the period necessary for conducting the Activity unless required by law.
+Upon termination of this Agreement, the Host shall delete all User data in its possession and confirm deletion upon request.
+
+13.9 User Responsibility for Medical Disclosures
+Users remain responsible for the accuracy and completeness of any medical or health information voluntarily disclosed.
+The Host may rely on such disclosures in good faith for safety and eligibility determinations.
+Minglar shall not be liable for losses arising from incomplete or inaccurate medical information provided by Users.
+
+PART B – HOST PERSONAL DATA
+
+13.10 Collection of Host Personal Data
+The Host acknowledges that Minglar may collect and process personal data relating to the Host and its directors, partners, employees, and authorized representatives for:
+- KYC verification and onboarding;
+- Regulatory compliance;
+- Risk assessment and fraud prevention;
+- Payment processing and settlement;
+- Audit and safety review;
+- Enforcement of this Agreement.
+
+13.11 Sharing and Cross-Border Transfers
+Host personal data may be shared:
+- Within Minglar Group entities;
+- With banks, payment processors, verification agencies, insurers, auditors, and professional advisors;
+- With regulatory or governmental authorities where legally required.
+The Host acknowledges that personal data may be transferred between Singapore, India, and other jurisdictions where Minglar operates, subject to compliance with applicable cross-border transfer laws.
+
+PART C – ACTIVITY LOCATION & OPERATIONAL DATA
+
+13.12 Collection of Activity Location and Operational Data
+The Host agrees that Minglar may collect and process operational data relating to Activities, including:
+- Venue address;
+- Check-in and check-out locations;
+- GPS coordinates;
+- Pick-up and drop-off locations;
+- Route and logistical details;
+- Activity schedules.
+Such data may include precise geo-location information.
+
+13.13 Use and Display of Location Data
+The Host expressly consents to Minglar:
+- Displaying Activity venue, pick-up, and drop-off details on the platform;
+- Using location data for navigation, safety monitoring, and emergency coordination;
+- Using such data for fraud prevention and verification.
+The Host warrants that all location data provided is accurate and lawful.
+Minglar shall not be liable for losses arising from inaccurate or misleading information provided by the Host.
+
+PART D – ANALYTICS & PLATFORM OPTIMIZATION
+
+13.14 Anonymized and Aggregated Data
+Minglar may use anonymized, aggregated, or de-identified data derived from User or Host activity for:
+- Platform improvement;
+- Artificial intelligence systems;
+- Recommendation engines;
+- Safety analytics;
+- Market research;
+- Business strategy and investor reporting.
+Such data shall not identify any individual User or Host.
+All analytics models, algorithms, insights, and derived data shall remain the exclusive intellectual property of Minglar.
+
+PART E – LIABILITY & SURVIVAL
+
+13.15 Indemnity
+The Host shall indemnify and hold harmless Minglar Group Pte. Ltd. and Minglar India Private Limited against any losses, penalties, regulatory actions, claims, damages, or costs arising from:
+- Unauthorized use of personal data;
+- Data breaches attributable to the Host;
+- Non-compliance with applicable data protection laws;
+- Inaccurate operational or location data provided by the Host.
+
+13.16 Survival
+This Section 13 shall survive termination or expiry of this Agreement.
+
+14. CONFIDENTIALITY
+The Host shall maintain strict confidentiality regarding all platform operations, processes, user data, and commercial information. These obligations survive five (5) years post-termination. Exceptions only apply if required by law.
+
+15. NON-EXCLUSIVITY
+This Agreement does not restrict the Host from offering Activities on other platforms. Minglar India Private Limited does not claim exclusivity. The Host shall not interfere with other platform operations or solicit Users to bypass Minglar.
+
+16. TERMINATION
+16.1 Immediate Termination
+Minglar India Private Limited may terminate immediately in case of breach, misrepresentation, failure to maintain safety or quality standards, or violation of this Agreement.
+16.2 Termination with Notice
+Either Party may terminate this Agreement by providing 30 days’ written notice.
+16.3 Post-Termination Obligations
+Upon termination, the Host must execute all bookings already made by Users. Minglar India Private Limited will block further bookings for the Host’s Activities.
+16.4 Commission Adjustment at Renewal
+Any change in commission shall only occur at renewal of this Agreement. No adjustments shall be made during the active term.
+16.5 Non-Exclusivity
+Termination or continuation of this Agreement does not prevent the Host from offering Activities elsewhere.
+
+17. GOVERNING LAW
+This Agreement shall be governed by the laws of India. Courts at the registered office jurisdiction of Minglar India Private Limited shall have exclusive jurisdiction.
+
+18. ENTIRE AGREEMENT
+This Agreement constitutes the complete understanding between the Parties and supersedes all prior communications.
+
+19. HOST ACKNOWLEDGMENT & ELECTRONIC CONSENT
+19.1 Electronic Acceptance
+By clicking the “I Agree” button, the Host acknowledges they have read, understood, and accepted the terms of this Agreement and the Minglar Privacy Policy.
+19.2 Binding Agreement
+Electronic acceptance constitutes a legally binding contract, equivalent to a wet signature.
+19.3 Host Obligations
+- Provide accurate and lawful data
+- Protect User data and follow emergency protocols
+- Notify Minglar of breaches or unauthorized access
+- Comply with applicable laws
+19.4 Electronic Records
+All electronic records and communications are valid and enforceable.
+19.5 Updates
+Continued use after updates constitutes acceptance of amended terms.
+
+Signed Electronically by:
+Minglar India Private Limited
+Authorized Signatory
+
+Host:
+[HOST_LEGAL_NAME]
+Date: [ACCEPT_DATE]
+`;

src/common/utils/constants/common.constant.ts

@@ -21,4 +21,9 @@ export const USER_STATUS = {
     ACTIVE: "Active",
     DE_ACTIVATED: "De-activated",
     REJECTED: "Rejected"
+}
+
+export const RESTRICTION_NAME = {
+    ABOVE: "Above",
+    BELOW: "Below",
 }

src/common/utils/constants/host.constant.ts

@@ -1,73 +1,111 @@
 export const HOST_STATUS_INTERNAL = {
-    HOST_SUBMITTED: "Host Submitted",
-    HOST_TO_UPDATE: "Host To Update",
-    REJECTED: "Rejected",
-    APPROVED: "Approved",
-    DRAFT: "Draft",
-}
+  HOST_SUBMITTED: 'Host Submitted',
+  HOST_TO_UPDATE: 'Host To Update',
+  REJECTED: 'Rejected',
+  APPROVED: 'Approved',
+  DRAFT: 'Draft',
+};
 
 export const HOST_STATUS_DISPLAY = {
-    DRAFT: "Draft",
-    UNDER_REVIEW: "Under Review",
-    ENHANCING: "Enhancing",
-    REJECTED: "Rejected",
-    APPROVED: "Approved",
-}
+  DRAFT: 'Draft',
+  UNDER_REVIEW: 'Under Review',
+  ENHANCING: 'Enhancing',
+  REJECTED: 'Rejected',
+  APPROVED: 'Approved',
+};
 
 export const STEPPER = {
-    NOT_SUBMITTED: 1,
-    UNDER_REVIEW: 2,
-    COMPANY_DETAILS_APPROVED: 3,
-    BANK_DETAILS_UPDATED: 4,
-    AGREEMENT_ACCEPTED: 5,
-    REJECTED: 6
-}
+  NOT_SUBMITTED: 1,
+  UNDER_REVIEW: 2,
+  COMPANY_DETAILS_APPROVED: 3,
+  BANK_DETAILS_UPDATED: 4,
+  AGREEMENT_ACCEPTED: 5,
+  REJECTED: 6,
+};
 
 export const ACTIVITY_INTERNAL_STATUS = {
-    DRAFT_PQ: 'Draft - PQ',
-    APPROVED: 'Approved',
-    REJECTED: 'Rejected',
-    DRAFT: 'Draft',
-    UNDER_REVIEW: 'Under-Review',
-    PQ_FAILED: 'PQ Failed',
-    PQ_TO_UPDATE: 'PQ To Update',
-    PQ_SUBMITTED: 'PQ Submitted',
-    PQ_APPROVED: 'PQ Approved'
-}
+  DRAFT_PQ: 'Draft - PQ',
+  APPROVED: 'Approved',
+  REJECTED: 'Rejected',
+  DRAFT: 'Draft',
+  UNDER_REVIEW: 'Under-Review',
+  PQ_FAILED: 'PQ Failed',
+  PQ_TO_UPDATE: 'PQ To Update',
+  PQ_SUBMITTED: 'PQ Submitted',
+  PQ_APPROVED: 'PQ Approved',
+
+  ACTIVITY_DRAFT: 'Draft - Activity',
+  ACTIVITY_SUBMITTED: 'Activity Submitted',
+  ACTIVITY_TO_REVIEW: 'Activity To Review',
+  ACTIVITY_REJECTED: 'Activity Rejected',
+  ACTIVITY_APPROVED: 'Activity Approved',
+  ACTIVITY_LISTED: 'Activity Listed',
+  ACTIVITY_UNLISTED: 'Activity UnListed ',
+  ACTIVITY_NOT_LISTED: 'Activity Not Listed',
+};
 
 export const ACTIVITY_DISPLAY_STATUS = {
-    DRAFT_PQ: 'Draft - PQ',
-    APPROVED: 'Approved',
-    REJECTED: 'Rejected',
-    DRAFT: 'Draft',
-    UNDER_REVIEW: 'Under-Review',
-    PQ_FAILED: 'PQ Failed',
-    ENHANCING: 'Enchancing',
-    PQ_IN_REVIEW: 'PQ In Review',
-    PQ_APPROVED: 'PQ Approved'
-}
+  DRAFT_PQ: 'Draft',
+  APPROVED: 'Approved',
+  REJECTED: 'Rejected',
+  DRAFT: 'Draft',
+  UNDER_REVIEW: 'Under-Review',
+  PQ_FAILED: 'PQ Failed',
+  ENHANCING: 'Enhancing',
+  PQ_IN_REVIEW: 'PQ In Review',
+  PQ_APPROVED: 'PQ Approved',
+
+  ACTIVITY_DRAFT: 'Draft',
+  ACTIVITY_IN_REVIEW: 'In Review',
+  ACTIVITY_TO_REVIEW: 'Re-submitted',
+  NOT_LISTED: 'Not Listed',
+  ACTIVITY_LISTED: 'Listed',
+  ACTIVITY_UNLISTED: 'Un Listed',
+};
 
 export const ACTIVITY_AM_INTERNAL_STATUS = {
-    DRAFT_PQ: 'Draft - PQ',
-    APPROVED: 'Approved',
-    REJECTED: 'Rejected',
-    DRAFT: 'Draft',
-    UNDER_REVIEW: 'Under-Review',
-    PQ_FAILED: 'PQ Failed',
-    PQ_REJECTED: 'PQ Rejected',
-    PQ_TO_REVIEW: 'PQ To Review',
-    PQ_APPROVED: 'PQ Approved'
-}
+  DRAFT_PQ: 'Draft - PQ',
+  APPROVED: 'Approved',
+  REJECTED: 'Rejected',
+  DRAFT: 'Draft',
+  UNDER_REVIEW: 'Under-Review',
+  PQ_FAILED: 'PQ Failed',
+  PQ_REJECTED: 'PQ Rejected',
+  PQ_TO_REVIEW: 'PQ To Review',
+  PQ_APPROVED: 'PQ Approved',
+
+  ACTIVITY_DRAFT: 'Draft - Activity',
+  ACTIVITY_TO_REVIEW: 'Activity To Review',
+  ACTIVITY_REJECTED: 'Activity Rejected',
+  ACTIVITY_APPROVED: 'Activity Approved',
+  ACTIVITY_LISTED: 'Activity Listed',
+  ACTIVITY_SUBMITED: 'Activity Submitted',
+};
 
 export const ACTIVITY_AM_DISPLAY_STATUS = {
-    DRAFT_PQ: 'Draft - PQ',
-    APPROVED: 'Approved',
-    REJECTED: 'Rejected',
-    DRAFT: 'Draft',
-    UNDER_REVIEW: 'Under-Review',
-    PQ_FAILED: 'PQ Failed',
-    ENHANCING: 'Enchancing',
-    NEW: 'New',
-    PQ_APPROVED: 'PQ Approved',
-    REVISED: 'Revised'
-}
+  DRAFT_PQ: 'Draft',
+  APPROVED: 'Approved',
+  REJECTED: 'Rejected',
+  DRAFT: 'Draft',
+  UNDER_REVIEW: 'Under-Review',
+  PQ_FAILED: 'PQ Failed',
+  ENHANCING: 'Enhancing',
+  NEW: 'New',
+  PQ_APPROVED: 'PQ Approved',
+  REVISED: 'Revised',
+
+  ACTIVITY_DRAFT: 'Draft',
+  ACTIVITY_NEW: 'New',
+  ACTIVITY_TO_REVIEW: 'Activity To Review',
+  ACTIVITY_ENHANCING: 'Enhancing',
+  NOT_LISTED: 'Not Listed',
+  ACTIVITY_LISTED: 'Listed',
+  ACTIVITY_REVISED: 'Activity Revised'
+};
+
+export const SCHEDULING_TYPE = {
+  ONCE: 'ONCE',
+  WEEKLY: 'WEEKLY',
+  MONTHLY: 'MONTHLY',
+  CUSTOM: 'CUSTOM',
+};

src/common/utils/constants/minglar.constant.ts

@@ -15,6 +15,7 @@ export const MINGLAR_STATUS_DISPLAY = {
   ENHANCING: 'Enhancing',
   APPROVED: 'Approved',
   REJECTED: 'Rejected',
+  RE_SUBMITTED: 'Re-submitted',
   DRAFT: 'Draft'
 };
 
@@ -34,7 +35,10 @@ export const ACTIVITY_TRACK_STATUS = {
   REJECTED_BY_AM: 'Rejected By AM',
   ACCEPTED_BY_AM: 'Accepted By AM',
   ENHANCING: 'Enhancing',
-  PQ_SUBMITTED: 'PQ Submitted'
+  PQ_SUBMITTED: 'PQ Submitted',
+  UNDER_REVIEW:'Under Review',
+  SUBMITTED:'Activity Submitted',
+  DRAFT:'Activity Draft'
 }
 
 // export const HOST_SUGGESTION_TITLES = {

src/common/utils/helper/resendOtpHelper.ts

@@ -12,7 +12,7 @@ export interface OtpResult {
 export async function resendOtpHelper(
   prisma: any,                            
   userId: number,
-  emailPurpose: "Register" | "Login" | "ForgotPassword",
+  emailPurpose: string,
   otpLength: 4 | 6 = 4,
   expiryMinutes: number = 5
 ): Promise<OtpResult> {

src/common/utils/helper/sendOtp.ts

@@ -16,7 +16,7 @@ export async function generateOtpHelper(
   prisma: any,                            // ⭐ Inject prisma
   userId: number,
   email: string,
-  emailPurpose: "Register" | "Login" | "ForgotPassword",
+  emailPurpose: string,
   otpLength: 4 | 6 = 4,
   expiryMinutes: number = 5
 ): Promise<OtpResult> {

src/common/utils/validation/host/createSchedulingOfAct.validation.ts

@@ -0,0 +1,76 @@
+import { z } from 'zod';
+import { SCHEDULING_TYPE } from '../../constants/host.constant';
+
+const WeekdayEnum = z.enum([
+    'MONDAY',
+    'TUESDAY',
+    'WEDNESDAY',
+    'THURSDAY',
+    'FRIDAY',
+    'SATURDAY',
+    'SUNDAY',
+]);
+
+export const scheduleActivity = z.object({
+    activityXid: z.number(),
+    listNow: z.boolean(),
+
+    scheduleType: z.enum([
+        SCHEDULING_TYPE.ONCE,
+        SCHEDULING_TYPE.WEEKLY,
+        SCHEDULING_TYPE.MONTHLY,
+        SCHEDULING_TYPE.CUSTOM,
+    ]),
+
+    dateRange: z.object({
+        startDate: z.string(),
+        endDate: z.string().nullable().optional(),
+    }),
+
+    rules: z.object({
+        weekdays: z.array(WeekdayEnum).optional(),
+        monthDates: z.array(z.number()).optional(),
+        customDates: z.array(z.string()).optional(),
+    }),
+
+    venues: z.array(
+        z.object({
+            venueXid: z.number(),
+            slots: z.array(
+                z.object({
+                    startTime: z.string(),
+                    endTime: z.string(),
+                    weekDay: WeekdayEnum.nullable().optional(),
+                    dayOfMonth: z.number().nullable().optional(),
+                    occurrenceDate: z.string().nullable().optional(),
+                    maxCapacity: z.number(),
+                })
+            ).optional().default([]),
+        })
+    ),
+
+    earlyCheckInMins: z.number().optional(),
+    bookingCutOffMins: z.number().optional(),
+    isLateCheckingAllowed: z.boolean().optional(),
+    isInstantBooking: z.boolean().optional(),
+})
+    .superRefine((data, ctx) => {
+        if (data.scheduleType === 'WEEKLY' && !data.rules.weekdays?.length) {
+            ctx.addIssue({ path: ['rules', 'weekdays'], message: 'Weekdays required for WEEKLY schedule', code: 'custom' });
+        }
+
+        if (data.scheduleType === 'MONTHLY' && !data.rules.monthDates?.length) {
+            ctx.addIssue({ path: ['rules', 'monthDates'], message: 'Month dates required for MONTHLY schedule', code: 'custom' });
+        }
+
+        if (
+            (data.scheduleType === 'CUSTOM' || data.scheduleType === 'ONCE') &&
+            !data.rules.customDates?.length
+        ) {
+            ctx.addIssue({ path: ['rules', 'customDates'], message: 'Custom dates required', code: 'custom' });
+        }
+    });
+
+export type ScheduleActivityDTO = z.infer<typeof scheduleActivity>;
+
+

src/common/utils/validation/host/hostCompanyDetails.validation.ts

@@ -46,6 +46,18 @@ export const parentCompanySchema = z.object({
   companyTypeXid: z.number()
     .optional(),
 
+  firstName: z.string()
+    .max(50, "First name cannot exceed 50 characters")
+    .optional(),
+
+  lastName: z.string()
+    .max(50, "Last name cannot exceed 50 characters")
+    .optional(),
+
+  mobileNumber: z.string()
+    .max(15, "Mobile number cannot exceed 15 characters")
+    .optional(),
+
   websiteUrl: z.string().nullable().optional(),
   instagramUrl: z.string().nullable().optional(),
   facebookUrl: z.string().nullable().optional(),

src/common/utils/validation/user/addPersonalInfo.validation.ts

@@ -0,0 +1,26 @@
+// validations/hostBankDetails.validation.ts
+import { z } from "zod";
+
+export const userPersonalInfoSchema = z.object({
+    firstName: z
+        .string()
+        .nonempty("First name is required"),
+
+    lastName: z
+        .string()
+        .optional(),
+
+    genderName: z
+        .string()
+        .nonempty("Gender is required"),
+
+    dateOfBirth: z
+        .string()
+        .nonempty("Date of birth is required")
+        .refine(val => !isNaN(Date.parse(val)), {
+            message: "Date of birth must be a valid ISO date (YYYY-MM-DD)",
+        }),
+
+});
+
+export type UserPersonalInfoSchema = z.infer<typeof userPersonalInfoSchema>;

src/config/config.ts

@@ -83,7 +83,12 @@ const envVarsSchema = yup
 		BYPASS_OTP: yup.boolean().default(false).required('Bypass OTP is required'),
 		// Email links
 		AM_INVITATION_LINK: yup.string().required('Link to send in AM invitation mail is required'),
-		HOST_LINK: yup.string().required('Link to host panel is required')
+		AM_INTERFACE_LINK:yup.string().required('Link to am interface is required'),
+		HOST_LINK: yup.string().required('Link to host panel is required'),
+		HOST_LINK_PQ: yup.string().required('Link to host panel pqp is required'),
+		RAZORPAY_KEY_SECRET: yup.string().required('Razorpay key secret is required'),
+		RAZORPAY_KEY_ID: yup.string().required('Razorpay key id is required'),
+		RAZORPAY_WEBHOOK_SECRET: yup.string().required('Razorpay webhook secret is required'),
 	})
 	.noUnknown(true);
 
@@ -163,6 +168,12 @@ function getConfig() {
 			MinglarAdminName: envVars.MINGLAR_ADMIN_NAME,
 			AM_INVITATION_LINK: envVars.AM_INVITATION_LINK,
 			HOST_LINK: envVars.HOST_LINK,
+			HOST_LINK_PQ: envVars.HOST_LINK_PQ,
+			RAZORPAY_KEY_ID: envVars.RAZORPAY_KEY_ID,
+			RAZORPAY_KEY_SECRET: envVars.RAZORPAY_KEY_SECRET,
+			RAZORPAY_WEBHOOK_SECRET: envVars.RAZORPAY_WEBHOOK_SECRET,
+			AM_INTERFACE_LINK: envVars.AM_INTERFACE_LINK,
+
 			// oneSignal: {
 			// 	appID: envVars.ONESIGNAL_APPID,
 			// 	restApiKey: envVars.ONESIGNAL_REST_APIKEY,

src/modules/host/dto/createActivity.schema.ts

@@ -0,0 +1,176 @@
+import { z } from 'zod';
+
+/* ================= MEDIA ================= */
+export const MediaDto = z.object({
+  mediaType: z.string().optional(),
+  mediaFileName: z.string(),
+  isCoverImage: z.boolean().optional().default(false),
+});
+
+/* ================= PRICE ================= */
+export const PriceDto = z.object({
+  noOfSession: z.number().int().optional().default(1),
+  isPackage: z.boolean().optional().default(false),
+  sessionValidity: z.number().int().optional().default(0),
+  sessionValidityFrequency: z.string().optional().default('Days'),
+  basePrice: z.number().int().optional().default(0),
+  sellPrice: z.number().int(),
+});
+
+/* ================= VENUE ================= */
+export const VenueDto = z.object({
+  venueName: z.string(),
+  venueLabel: z.string(),
+  venueCapacity: z.number().int().optional().default(0),
+  availableSeats: z.number().int().optional().default(0),
+  isMinPeopleReqMandatory: z.boolean().optional().default(false),
+  minPeopleRequired: z.number().int().nullable().optional(),
+  minReqfullfilledBeforeMins: z.number().int().nullable().optional(),
+  venueDescription: z.string().optional(),
+  media: z.array(MediaDto).optional().default([]),
+  prices: z.array(PriceDto).optional().default([]),
+});
+
+/* ================= PICKUP / DROP ================= */
+export const PickupDetailDto = z.object({
+  isPickUp: z.boolean().optional().default(false),
+  locationLat: z.number().nullable().optional(),
+  locationLong: z.number().nullable().optional(),
+  locationAddress: z.string().nullable().optional(),
+  transportTotalPrice: z.number().int().min(0),
+});
+
+export const PickupTransportDto = z.object({
+  transportModeXid: z.number().int(),
+});
+
+/* ================= EQUIPMENT ================= */
+export const EquipmentDto = z.object({
+  equipmentName: z.string(),
+  isEquipmentChargeable: z.boolean().optional(),
+  equipmentBasePrice: z.number().int().optional().default(0),
+  equipmentTotalPrice: z.number().int().optional().default(0),
+});
+
+/* ================= NAVIGATION MODE ================= */
+export const NavigationModeDto = z.object({
+  navigationModeName: z.string().optional(),
+  isChargeable: z.boolean().optional(),
+  totalPrice: z.number().int().optional().default(0),
+});
+
+/* ================= ELIGIBILITY ================= */
+export const EligibilityDto = z.object({
+  isAgeRestriction: z.boolean().optional().default(false),
+  ageRestrictionName: z.string().nullable().optional(),
+  ageEntered: z.number().int().nullable().optional(),
+  ageIn: z.string().nullable().optional(),
+  minAge: z.number().int().nullable().optional(),
+  maxAge: z.number().int().nullable().optional(),
+
+  isWeightRestriction: z.boolean().optional().default(false),
+  weightRestrictionName: z.string().nullable().optional(),
+  weightEntered: z.number().int().nullable().optional(),
+  weightIn: z.string().nullable().optional(),
+  minWeight: z.number().int().nullable().optional(),
+  maxWeight: z.number().int().nullable().optional(),
+
+  isHeightRestriction: z.boolean().optional().default(false),
+  heightRestrictionName: z.string().nullable().optional(),
+  heightEntered: z.number().int().nullable().optional(),
+  heightIn: z.string().nullable().optional(),
+  minHeight: z.number().int().nullable().optional(),
+  maxHeight: z.number().int().nullable().optional(),
+});
+
+/* ================= OTHER DETAILS ================= */
+export const OtherDetailsDto = z.object({
+  exclusiveNotes: z.string().optional(),
+  safetyInstruction: z.string().optional(),
+  dosNotes: z.string().optional(),
+  dontsNotes: z.string().optional(),
+  tipsNotes: z.string().optional(),
+  termsAndCondition: z.string().optional(),
+  cancellations: z.string().optional(),
+});
+
+/* ================= CREATE ACTIVITY ================= */
+export const CreateActivityDto = z.object({
+  activityXid: z.number().int(),
+
+  activityTypeXid: z.number().int().optional(),
+  frequenciesXid: z.number().int().nullable().optional(),
+  activityTitle: z.string().optional(),
+  activityDescription: z.string().optional(),
+
+  checkInLat: z.number().nullable().optional(),
+  checkInLong: z.number().nullable().optional(),
+  checkInAddress: z.string().nullable().optional(),
+  isCheckOutSame: z.boolean().optional().default(true),
+  checkOutLat: z.number().nullable().optional(),
+  checkOutLong: z.number().nullable().optional(),
+  checkOutAddress: z.string().nullable().optional(),
+  checkInStateName: z.string().nullable().optional(),
+  checkInCityName: z.string().nullable().optional(),
+  checkInCountryName: z.string().nullable().optional(),
+  checkOutStateName: z.string().nullable().optional(),
+  checkOutCityName: z.string().nullable().optional(),
+  checkOutCountryName: z.string().nullable().optional(),
+
+  energyLevelXid: z.number().int().nullable().optional(),
+  durationDays: z.number().int().optional(),
+  durationHours: z.number().int().optional(),
+  durationMins: z.number().int().optional(),
+
+  foodAvailable: z.boolean().nullable().optional(),
+  foodIsChargeable: z.boolean().optional().default(false),
+  alcoholAvailable: z.boolean().nullable().optional(),
+
+  trainerAvailable: z.boolean().nullable().optional(),
+  trainerIsChargeable: z.boolean().optional().default(false),
+
+  pickUpDropAvailable: z.boolean().nullable().optional(),
+  pickUpDropIsChargeable: z.boolean().optional().default(false),
+
+  inActivityAvailable: z.boolean().nullable().optional(),
+  inActivityIsChargeable: z.boolean().optional().default(false),
+
+  equipmentAvailable: z.boolean().nullable().optional(),
+  equipmentIsChargeable: z.boolean().optional().default(false),
+
+  cancellationAvailable: z.boolean().nullable().optional(),
+  cancellationAllowedBeforeMins: z.number().int().nullable().optional(),
+
+  currencyXid: z.number().int().nullable().optional(),
+  sustainabilityScore: z.number().int().nullable().optional(),
+  safetyScore: z.number().int().nullable().optional(),
+  isInstantBooking: z.boolean().optional().default(false),
+
+  taxXids: z.array(z.number().int()).optional().default([]),
+
+  media: z.array(MediaDto).optional().default([]),
+  venues: z.array(VenueDto).optional().default([]),
+
+  foodTypeIds: z.array(z.number().int()).optional().default([]),
+  cuisineIds: z.array(z.number().int()).optional().default([]),
+  pickupTransports: z.array(PickupTransportDto).optional().default([]),
+  pickupDetails: z.array(PickupDetailDto).optional().default([]),
+
+  navigationModes: z
+    .array(NavigationModeDto)
+    .optional()
+    .default([]),
+
+  equipments: z.array(EquipmentDto).optional().default([]),
+  amenitiesIds: z.array(z.number().int()).optional().default([]),
+
+  foodTotalAmount: z.number().int().optional().default(0),
+
+  eligibility: EligibilityDto.optional(),
+  otherDetails: OtherDetailsDto.optional(),
+
+  allowedEntryTypes: z.array(z.number().int()).optional().default([]),
+  trainerTotalAmount: z.number().int().optional().default(0),
+});
+
+export type CreateActivityInput = z.infer<typeof CreateActivityDto>;

src/modules/host/dto/createSchedulingOfAct.dto.ts

@@ -0,0 +1,39 @@
+export interface ScheduleSlotDTO {
+    startTime: string;
+    endTime: string;
+    weekDay?: 'MONDAY' | 'TUESDAY' | 'WEDNESDAY' | 'THURSDAY' | 'FRIDAY' | 'SATURDAY' | 'SUNDAY' | null;
+    dayOfMonth?: number | null;    // 1–31
+    occurrenceDate?: string | null;
+    maxCapacity: number;
+}
+
+export interface ScheduleVenueDTO {
+    venueXid: number;
+    slots: ScheduleSlotDTO[];
+}
+
+// export interface ScheduleActivityDTO {
+//     activityXid: number;
+//     scheduleType: 'ONCE' | 'WEEKLY' | 'MONTHLY' | 'CUSTOM';
+
+//     dateRange: {
+//         startDate: string;
+//         endDate?: string | null;
+//     };
+
+//     rules: {
+//         weekdays?: (
+//             'MONDAY' | 'TUESDAY' | 'WEDNESDAY' |
+//             'THURSDAY' | 'FRIDAY' | 'SATURDAY' | 'SUNDAY'
+//         )[];
+//         monthDates?: number[];
+//         customDates?: string[];
+//     };
+
+//     venues: ScheduleVenueDTO[];
+
+//     earlyCheckInMins?: number;
+//     bookingCutOffMins?: number;
+//     isLateCheckingAllowed?: boolean;
+//     isInstantBooking?: boolean;
+// }

src/modules/host/dto/operator.activity.dto.ts

@@ -0,0 +1,113 @@
+export class GetActivitiesByDateRequestDTO {
+  activityDate?: string; // ISO date format: YYYY-MM-DD (optional, defaults to today)
+}
+
+export class GetReservationByCheckInCodeRequestDTO {
+  checkInCode!: string;
+}
+
+export class OperatorReservationVerificationOtpRequestDTO {
+  checkInCode!: string;
+}
+
+export class OperatorReservationVerifyOtpRequestDTO {
+  checkInCode!: string;
+  otp!: string;
+}
+
+export class DateBreakdownDTO {
+  date: string;
+  count: number;
+}
+
+export class ActivitySummaryDTO {
+  activityName: string;
+  activityImage: string | null;
+  activityImagePreSignedUrl: string | null;
+  count: number;
+  dateBreakdown: DateBreakdownDTO[]; // Booking count for each scheduled date
+}
+
+export class GetActivitiesByDateResponseDTO {
+  success: boolean;
+  message: string;
+  data: {
+    date: string;
+    activities: ActivitySummaryDTO[];
+    totalCount: number;
+  };
+}
+
+export class OperatorReservationPersonalDetailsDTO {
+  fullName: string;
+  firstName: string | null;
+  lastName: string | null;
+  role: string | null;
+  mobileNumber: string | null;
+  profileImage: string | null;
+  profileImagePreSignedUrl: string | null;
+  tags: string[];
+}
+
+export class OperatorReservationBookingInformationDTO {
+  activityName: string | null;
+  slot: string | null;
+  startTime: string | null;
+  endTime: string | null;
+  track: string | null;
+  trackLabel: string | null;
+  date: string | null;
+  dateLabel: string | null;
+  bookedOn: string | null;
+  bookedOnLabel: string | null;
+}
+
+export class OperatorReservationBookingIncludedDTO {
+  food: string;
+  selectedFoodTypes: string[];
+  equipment: string;
+  selectedEquipments: string[];
+  trainerOrGuide: string;
+  pickupLocation: string | null;
+}
+
+export class OperatorReservationByCheckInCodeDTO {
+  itineraryHeaderXid: number;
+  itineraryActivityXid: number;
+  bookingId: string | null;
+  checkInCode: string | null;
+  reservationStatus: string | null;
+  personalDetails: OperatorReservationPersonalDetailsDTO;
+  bookingInformation: OperatorReservationBookingInformationDTO;
+  bookingIncluded: OperatorReservationBookingIncludedDTO;
+}
+
+export class GetReservationByCheckInCodeResponseDTO {
+  success: boolean;
+  message: string;
+  data: OperatorReservationByCheckInCodeDTO;
+}
+
+export class OperatorReservationVerificationOtpResponseDTO {
+  itineraryActivityXid: number;
+  itineraryMemberXid: number;
+  activityName: string | null;
+  checkInCode: string;
+  verificationType: 'check-in' | 'checkout';
+  requestedChannel: 'email' | 'mobile';
+  deliveryChannel: 'email';
+  destination: string;
+  reservationStatus: string | null;
+  expiresInMinutes: number;
+  deliveryNote: string | null;
+}
+
+export class OperatorReservationVerifyOtpResponseDTO {
+  itineraryActivityXid: number;
+  itineraryMemberXid: number;
+  activityName: string | null;
+  checkInCode: string;
+  verificationType: 'check-in' | 'checkout';
+  verified: boolean;
+  reservationStatus: string;
+}

src/modules/host/handlers/Activity_Hub/OnBoarding/CreateNewActivity.ts

@@ -0,0 +1,117 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import {
+  CreateActivityDto,
+  CreateActivityInput,
+} from '../../../dto/createActivity.schema';
+import { HostService } from '../../../services/host.service';
+
+const hostService = new HostService(prismaClient);
+
+export const handler = safeHandler(
+  async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
+
+    /* 1️⃣ AUTH */
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(401, 'Missing auth token');
+    }
+
+    const userInfo = await verifyHostToken(token);
+
+    /* 2️⃣ PARSE JSON BODY */
+    if (!event.body) {
+      throw new ApiError(400, 'Request body is required');
+    }
+
+    let body: any;
+    try {
+      body = JSON.parse(event.body);
+    } catch {
+      throw new ApiError(400, 'Invalid JSON body');
+    }
+
+    const {
+      activity,
+      media = [],
+      isDraft = false,
+    } = body;
+
+    if (!activity) {
+      throw new ApiError(400, 'activity payload is required');
+    }
+
+    /* 3️⃣ NORMALIZE ACTIVITY ID */
+    if (activity.activityXid) {
+      activity.activityXid = Number(activity.activityXid);
+    }
+
+    /* 4️⃣ ATTACH ACTIVITY MEDIA (S3 URLs) */
+    if (!Array.isArray(media)) {
+      throw new ApiError(400, 'media must be an array');
+    }
+
+    activity.media = media.map((m: any) => ({
+      mediaType: m.mediaType ?? 'image',
+      mediaFileName: m.mediaFileName,
+      isCoverImage: m.isCoverImage ?? false,
+    }));
+
+    /* 4.1️⃣ ATTACH SAFETY INSTRUCTIONS (string only) */
+    if (activity.safetyInstruction !== undefined && activity.safetyInstruction !== null) {
+      if (typeof activity.safetyInstruction !== 'string') {
+        throw new ApiError(400, 'safetyInstruction must be a string');
+      }
+    }
+
+    /* 4.2️⃣ ATTACH CANCELLATIONS (string only) */
+    if (activity.cancellations !== undefined && activity.cancellations !== null) {
+      if (typeof activity.cancellations !== 'string') {
+        throw new ApiError(400, 'cancellations must be a string');
+      }
+    }
+
+    /* 5️⃣ VALIDATION */
+    let parsedDto: CreateActivityInput;
+
+    if (!isDraft) {
+      const parsed = CreateActivityDto.safeParse(activity);
+      if (!parsed.success) {
+        throw new ApiError(
+          400,
+          parsed.error.issues.map((i) => i.message).join(', ')
+        );
+      }
+      parsedDto = parsed.data;
+    } else {
+      parsedDto = activity as CreateActivityInput;
+    }
+
+    /* 6️⃣ SAVE TO DB */
+    const result = await hostService.createOrUpdateActivity(
+      userInfo.id,
+      parsedDto,
+      isDraft
+    );
+
+    /* 7️⃣ RESPONSE */
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: isDraft
+          ? 'Activity saved as draft successfully'
+          : 'Activity submitted successfully',
+        data: result,
+      }),
+    };
+  }
+);

src/modules/host/handlers/Activity_Hub/OnBoarding/getAllActivityType.ts

@@ -25,7 +25,7 @@ export const handler = safeHandler(async (
     }
 
     // Verify token and get user info
-    const userInfo = await verifyHostToken(token);
+    await verifyHostToken(token);
 
 
     // Read optional search query (supports ?search= or ?q=)

src/modules/host/handlers/Activity_Hub/OnBoarding/getAllDetailsOfActivityAndVenue.ts

@@ -0,0 +1,47 @@
+import { verifyMinglarAdminHostToken } from '../../../../../common/middlewares/jwt/authForMinglarAdminHost';
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { HostService } from '../../../services/host.service';
+
+const hostService = new HostService(prismaClient);
+
+/**
+ * Add suggestion handler for host applications
+ * Allows Minglar Admin, Co_Admin, and Account Manager to add suggestions
+ * Types: Setup Profile, Review Account, Add Payment Details, Agreement
+ */
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    // Verify authentication token
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+        throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+    }
+
+    // Verify token and get user info
+    await verifyMinglarAdminHostToken(token);
+
+    const activityXid = event.pathParameters?.activityXid
+    if (!activityXid) {
+        throw new ApiError(400, 'activityXid is required in path parameters');
+    }
+
+    const data = await hostService.getAllDetailsOfActivityAndVenue(Number(activityXid));
+
+    return {
+        statusCode: 200,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Data retrieved successfully',
+            data,
+        }),
+    };
+});

src/modules/host/handlers/Activity_Hub/OnBoarding/getPQQScore.ts

@@ -8,6 +8,7 @@ import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHo
 import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../../common/utils/helper/ApiError';
 import { HostService } from '../../../services/host.service';
+import { sendPQPEmailToAM } from '../../../services/sendHostResubmitEmailToAM.service';
 
 const hostService = new HostService(prismaClient);
 
@@ -177,6 +178,15 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
 
         const getAllUpdatedQuestionResponse = await hostService.getAllPQUpdatedResponse(activityXid)
 
+        const details = await hostService.getSuggestionDetails(user.id);
+
+        await sendPQPEmailToAM(
+            details.hostDetails.accountManager.emailAddress,
+            details.hostDetails.accountManager.firstName,
+            details.hostDetails.companyName,
+            details.hostDetails.user.userRefNumber,
+        )
+
         // CASE 2 — NO deletion & NO new files => DO NOTHING to existing files
 
         return {

src/modules/host/handlers/Activity_Hub/OnBoarding/saveActivity_ForPQQ.ts

@@ -1,50 +1,50 @@
-import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
-import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
-import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
-import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
-import ApiError from '../../../../../common/utils/helper/ApiError';
-import { HostService } from '../../../services/host.service';
+// import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+// import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+// import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+// import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+// import ApiError from '../../../../../common/utils/helper/ApiError';
+// import { HostService } from '../../../services/host.service';
 
-const hostService = new HostService(prismaClient);
+// const hostService = new HostService(prismaClient);
 
-export const handler = safeHandler(async (
-  event: APIGatewayProxyEvent,
-  context?: Context
-): Promise<APIGatewayProxyResult> => {
-  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
-  if (!token) throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+// export const handler = safeHandler(async (
+//   event: APIGatewayProxyEvent,
+//   context?: Context
+// ): Promise<APIGatewayProxyResult> => {
+//   const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+//   if (!token) throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
 
-  const userInfo = await verifyHostToken(token);
+//   const userInfo = await verifyHostToken(token);
 
-  let body: any = {};
-  try {
-    body = event.body ? JSON.parse(event.body) : {};
-  } catch (err) {
-    throw new ApiError(400, 'Invalid JSON in request body');
-  }
+//   let body: any = {};
+//   try {
+//     body = event.body ? JSON.parse(event.body) : {};
+//   } catch (err) {
+//     throw new ApiError(400, 'Invalid JSON in request body');
+//   }
 
-  const { activityTypeXid, frequenciesXid } = body;
+//   const { activityTypeXid, frequenciesXid } = body;
 
-  if (!activityTypeXid) {
-    throw new ApiError(400, 'activityTypeXid is required');
-  }
+//   if (!activityTypeXid) {
+//     throw new ApiError(400, 'activityTypeXid is required');
+//   }
 
-  await hostService.createActivity(
-    userInfo.id,
-    Number(activityTypeXid),
-    frequenciesXid ? Number(frequenciesXid) : undefined,
-  );
+//   await hostService.createActivity(
+//     userInfo.id,
+//     Number(activityTypeXid),
+//     frequenciesXid ? Number(frequenciesXid) : undefined,
+//   );
 
-  return {
-    statusCode: 201,
-    headers: {
-      'Content-Type': 'application/json',
-      'Access-Control-Allow-Origin': '*',
-    },
-    body: JSON.stringify({
-      success: true,
-      message: 'Activity created successfully',
-      data: null,
-    }),
-  };
-});
+//   return {
+//     statusCode: 201,
+//     headers: {
+//       'Content-Type': 'application/json',
+//       'Access-Control-Allow-Origin': '*',
+//     },
+//     body: JSON.stringify({
+//       success: true,
+//       message: 'Activity created successfully',
+//       data: null,
+//     }),
+//   };
+// });

src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQAnswer.ts

@@ -13,6 +13,40 @@ const hostService = new HostService(prismaClient);
 
 const s3 = new AWS.S3({ region: config.aws.region });
 
+function parseMultipartFieldValue(val: string) {
+    if (val === '' || val === 'null' || val === 'undefined') return null;
+
+    const cleaned = val.trim();
+    const looksLikeJson =
+        (cleaned.startsWith('{') && cleaned.endsWith('}')) ||
+        (cleaned.startsWith('[') && cleaned.endsWith(']')) ||
+        (cleaned.startsWith('"') && cleaned.endsWith('"'));
+
+    if (!looksLikeJson) return val;
+
+    try {
+        return JSON.parse(cleaned);
+    } catch {
+        return val;
+    }
+}
+
+function normalizeComments(comments: unknown): string | null {
+    if (comments === null || comments === undefined || comments === '') return null;
+
+    const value = String(comments).trim();
+    if (!value) return null;
+
+    if (
+        (value.startsWith('"') && value.endsWith('"')) ||
+        (value.startsWith("'") && value.endsWith("'"))
+    ) {
+        return value.slice(1, -1);
+    }
+
+    return value;
+}
+
 // Function to extract S3 key from URL
 function getS3KeyFromUrl(url: string): string {
     const bucketBaseUrl = `https://${config.aws.bucketName}.s3.${config.aws.region}.amazonaws.com/`;
@@ -122,22 +156,7 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
 
             bb.on("field", (fieldname, val) => {
                 console.log(`FIELD RAW: ${fieldname} =`, val);
-                if (val === '' || val === 'null' || val === 'undefined') fields[fieldname] = null;
-                else {
-                    try {
-                        const cleaned = val.trim();
-
-                        // If it starts and ends with quotes, remove them
-                        const withoutQuotes =
-                            (cleaned.startsWith('"') && cleaned.endsWith('"'))
-                                ? cleaned.slice(1, -1)
-                                : cleaned;
-
-                        fields[fieldname] = JSON.parse(withoutQuotes);
-                    } catch {
-                        fields[fieldname] = val;
-                    }
-                }
+                fields[fieldname] = parseMultipartFieldValue(val);
             });
 
             bb.on("close", () => resolve());
@@ -154,11 +173,11 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
         const activityXid = Number(fields.activityXid);
         const pqqQuestionXid = Number(fields.pqqQuestionXid);
         const pqqAnswerXid = Number(fields.pqqAnswerXid);
-        const comments = fields.comments || null;
+        const comments = normalizeComments(fields.comments);
 
-        if (!activityXid || isNaN(activityXid)) throw new ApiError(400, "Valid activityXid is required");
-        if (!pqqQuestionXid || isNaN(pqqQuestionXid)) throw new ApiError(400, "Valid pqqQuestionXid is required");
-        if (!pqqAnswerXid || isNaN(pqqAnswerXid)) throw new ApiError(400, "Valid pqqAnswerXid is required");
+        if (!activityXid || isNaN(activityXid)) throw new ApiError(400, "Please provide a valid activity");
+        if (!pqqQuestionXid || isNaN(pqqQuestionXid)) throw new ApiError(400, "Please select a valid question");
+        if (!pqqAnswerXid || isNaN(pqqAnswerXid)) throw new ApiError(400, "Please select a valid answer");
 
         // 6) UPSERT header
         const existingHeader = await hostService.findHeaderByCompositeKey(

src/modules/host/handlers/Activity_Hub/OnBoarding/submitPQQ_Answer.ts

@@ -147,9 +147,9 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
     const pqqAnswerXid = Number(fields.pqqAnswerXid);
     const comments = fields.comments || null;
 
-    if (!activityXid || isNaN(activityXid)) throw new ApiError(400, "Valid activityXid is required");
-    if (!pqqQuestionXid || isNaN(pqqQuestionXid)) throw new ApiError(400, "Valid pqqQuestionXid is required");
-    if (!pqqAnswerXid || isNaN(pqqAnswerXid)) throw new ApiError(400, "Valid pqqAnswerXid is required");
+    if (!activityXid || isNaN(activityXid)) throw new ApiError(400, "Please provide a valid activity");
+    if (!pqqQuestionXid || isNaN(pqqQuestionXid)) throw new ApiError(400, "Please select a valid question");
+    if (!pqqAnswerXid || isNaN(pqqAnswerXid)) throw new ApiError(400, "Please select a valid answer");
 
     // 6) UPSERT header
     const existingHeader = await pqqService.findHeaderByCompositeKey(

src/modules/host/handlers/Activity_Hub/Scheduling/cancelSlot.ts

@@ -0,0 +1,100 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { SchedulingService } from '../../../services/activityScheduling.service';
+import { HostService } from '../../../services/host.service';
+
+const schedulingService = new SchedulingService(prismaClient);
+const hostService = new HostService(prismaClient);
+
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    // Extract token from headers
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token']
+    if (!token) {
+        throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+    }
+
+    // Authenticate user using the shared authForHost function
+    const userInfo = await verifyHostToken(token);
+    const hostId = userInfo.id;
+
+    if (Number.isNaN(hostId)) {
+        throw new ApiError(400, 'Host id must be a number');
+    }
+
+    const host = await hostService.getHostIdByUserXid(hostId);
+    if (!host) {
+        throw new ApiError(404, 'Host not found');
+    }
+
+    let body: {
+        activityXid: number;
+        venueXid: number;
+        cancellations: {
+            scheduleHeaderXid: number;
+            occurenceDate: string;
+            startTime: string;
+            endTime: string;
+            cancellationReason: string
+        }[]
+    };
+
+    try {
+        body = event.body ? JSON.parse(event.body) : {};
+    } catch {
+        throw new ApiError(400, 'Invalid JSON payload');
+    }
+
+    if (!body.activityXid || !body.venueXid || !Array.isArray(body.cancellations) || body.cancellations.length === 0) {
+        throw new ApiError(400, 'Missing required fields');
+    }
+
+    const activity = await schedulingService.getActivityByXid(body.activityXid);
+    if (!activity) {
+        throw new ApiError(404, "Activity not found");
+    }
+
+    const venueExists = await schedulingService.getVenueFromVenueXid(
+        body.venueXid,
+        body.activityXid
+    );
+
+    if (!venueExists) {
+        throw new ApiError(
+            404,
+            `Venue not found for this activity`
+        )
+    }
+
+
+    await schedulingService.cancelMultipleSlotsForActivity(
+        body.cancellations.map((item: any) => ({
+            scheduleHeaderXid: Number(item.scheduleHeaderXid),
+            occurenceDate: item.occurenceDate,
+            startTime: item.startTime,
+            endTime: item.endTime,
+            cancellationReason: item.cancellationReason
+        }))
+    );
+
+
+    const result = await schedulingService.getVenueDurationByAct(Number(body.activityXid), Number(hostId));
+
+    return {
+        statusCode: 200,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Slot blocked successfully',
+            data: result
+        }),
+    };
+});

src/modules/host/handlers/Activity_Hub/Scheduling/createSchedulingOfAct.ts

@@ -0,0 +1,89 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { SchedulingService } from '../../../services/activityScheduling.service';
+import { HostService } from '../../../services/host.service';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+import { scheduleActivity } from '../../../../../common/utils/validation/host/createSchedulingOfAct.validation';
+import { z } from 'zod';
+
+const schedulingService = new SchedulingService(prismaClient);
+const hostService = new HostService(prismaClient);
+
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    // Extract token from headers
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token']
+    if (!token) {
+        throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+    }
+
+    // Authenticate user using the shared authForHost function
+    const userInfo = await verifyHostToken(token);
+    const hostId = userInfo.id;
+
+    if (Number.isNaN(hostId)) {
+        throw new ApiError(400, 'Host id must be a number');
+    }
+
+    const host = await hostService.getHostIdByUserXid(hostId);
+    if (!host) {
+        throw new ApiError(404, 'Host not found');
+    }
+
+    let body: unknown;
+    try {
+        body = event.body ? JSON.parse(event.body) : {};
+    } catch {
+        throw new ApiError(400, 'Invalid JSON payload');
+    }
+
+    // ✅ Validate payload using Zod
+
+    const parsed = scheduleActivity.safeParse(body);
+
+    if (!parsed.success) {
+        const msg = parsed.error.issues
+            .map(e => e.message)
+            .join(', ');
+        throw new ApiError(400, `Validation failed: ${msg}`);
+    }
+
+    const activity = await schedulingService.getActivityByXid(parsed.data.activityXid);
+    if (!activity) {
+        throw new ApiError(404, "Activity not found");
+    }
+
+    if (parsed.data.venues && parsed.data.venues.length > 0) {
+        for (const venue of parsed.data.venues) {
+            const venueExists = await schedulingService.getVenueFromVenueXid(
+                venue.venueXid,
+                parsed.data.activityXid
+            );
+
+            if (!venueExists) {
+                throw new ApiError(
+                    404,
+                    `Venue with xid ${venue.venueXid} not found for this activity`
+                );
+            }
+        }
+    }
+
+
+    await schedulingService.addSchedulingForActivity(parsed.data);
+    return {
+        statusCode: 200,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Scheduling details updated successfully',
+        }),
+    };
+});

src/modules/host/handlers/Activity_Hub/Scheduling/getSchedulingOfAct.ts

@@ -0,0 +1,64 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyMinglarAdminHostToken } from '../../../../../common/middlewares/jwt/authForMinglarAdminHost';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { SchedulingService } from '../../../services/activityScheduling.service';
+import { ACTIVITY_INTERNAL_STATUS } from '../../../../../common/utils/constants/host.constant';
+
+const schedulingService = new SchedulingService(prismaClient);
+
+/**
+ * GET /activities
+ * Query Parameters:
+ *   - status: Listed | Unlisted | Not_Listed (optional - if not provided, returns all)
+ *   - hostId: ID of host (required from token)
+ * 
+ * Returns activities based on status filter
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context
+): Promise<APIGatewayProxyResult> => {
+  // Get and verify token
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+  }
+
+  const userInfo = await verifyMinglarAdminHostToken(token);
+  const userId = Number(userInfo.id);
+
+  // Get status filter from query parameters
+  const status = event.queryStringParameters?.status as string | undefined;
+
+  const hostId = await schedulingService.getHostIdByUserId(userId);
+  
+  // Validate status if provided
+  const validStatuses = [ACTIVITY_INTERNAL_STATUS.ACTIVITY_APPROVED, ACTIVITY_INTERNAL_STATUS.ACTIVITY_UNLISTED, ACTIVITY_INTERNAL_STATUS.ACTIVITY_LISTED];
+  if (status && !validStatuses.includes(status)) {
+    throw new ApiError(400, `Invalid status. Must be one of: ${validStatuses.join(', ')}`);
+  }
+
+  // Get activities from service
+  const activities = await schedulingService.getActivitiesByStatus(hostId, status);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Activities retrieved successfully',
+      data: {
+        total: activities.length,
+        activities: activities,
+        filter: {
+          status: status || 'All',
+        },
+      },
+    }),
+  };
+});

src/modules/host/handlers/Activity_Hub/Scheduling/getVenueDurationByAct.ts

@@ -0,0 +1,52 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { SchedulingService } from '../../../services/activityScheduling.service';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+
+const schedulingService = new SchedulingService(prismaClient);
+
+/**
+ * GET /activities
+ * Query Parameters:
+ *   - status: Listed | Unlisted | Not_Listed (optional - if not provided, returns all)
+ *   - hostId: ID of host (required from token)
+ * 
+ * Returns activities based on status filter
+ */
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    // Get and verify token
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+        throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+    }
+
+    const userInfo = await verifyHostToken(token);
+    const userId = Number(userInfo.id);
+    
+    const activityXid = event.pathParameters?.activityXid
+    if (!activityXid) {
+        throw new ApiError(400, 'activityXid is required in path parameters');
+    }
+
+    const hostId = await schedulingService.getHostIdByUserId(userId);
+
+    const result = await schedulingService.getVenueDurationByAct(Number(activityXid), Number(hostId));
+
+    return {
+        statusCode: 200,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Details retrieved successfully',
+            data: result,
+        }),
+    };
+});

src/modules/host/handlers/Activity_Hub/Scheduling/openCanceledSlot.ts

@@ -0,0 +1,103 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { SchedulingService } from '../../../services/activityScheduling.service';
+import { HostService } from '../../../services/host.service';
+
+const schedulingService = new SchedulingService(prismaClient);
+const hostService = new HostService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    // Extract token from headers
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    // Authenticate user using the shared authForHost function
+    const userInfo = await verifyHostToken(token);
+    const hostId = userInfo.id;
+
+    if (Number.isNaN(hostId)) {
+      throw new ApiError(400, 'Host id must be a number');
+    }
+
+    const host = await hostService.getHostIdByUserXid(hostId);
+    if (!host) {
+      throw new ApiError(404, 'Host not found');
+    }
+
+    let body: {
+      activityXid: number;
+      venueXid: number;
+      cancellations: { cancellationXid: number; }[];
+    };
+
+    try {
+      body = event.body ? JSON.parse(event.body) : {};
+    } catch {
+      throw new ApiError(400, 'Invalid JSON payload');
+    }
+
+    if (
+      !body.activityXid ||
+      !body.venueXid ||
+      !Array.isArray(body.cancellations) ||
+      body.cancellations.length === 0
+    ) {
+      throw new ApiError(400, 'Missing required fields');
+    }
+
+    const activity = await schedulingService.getActivityByXid(body.activityXid);
+    if (!activity) {
+      throw new ApiError(404, 'Activity not found');
+    }
+
+    const venueExists = await schedulingService.getVenueFromVenueXid(
+      body.venueXid,
+      body.activityXid,
+    );
+
+    if (!venueExists) {
+      throw new ApiError(404, `Venue not found for this activity`);
+    }
+
+    await schedulingService.openCanceledSlot(
+      body.cancellations.map((item: any) => ({
+        cancellationXid: Number(item.cancellationXid),
+      })),
+    );
+
+    const result = await schedulingService.getVenueDurationByAct(
+      Number(body.activityXid),
+      Number(hostId),
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Slot opened successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/Host_Admin/onboarding/acceptAggrement.ts

@@ -1,6 +1,6 @@
-import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
 import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
 import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
 import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../../common/utils/helper/ApiError';
 import { HostService } from '../../../services/host.service';
@@ -25,9 +25,8 @@ export const handler = safeHandler(async (
     // Verify token and get user info
     const userInfo = await verifyHostToken(token);
 
-
-    // Add suggestion using service
-    await hostService.acceptMinglarAgreement(userInfo.id);
+    // Accept agreement and get dynamic fields and PDF URL
+    const result = await hostService.acceptMinglarAgreement(userInfo.id);
 
     return {
         statusCode: 200,
@@ -38,7 +37,10 @@ export const handler = safeHandler(async (
         body: JSON.stringify({
             success: true,
             message: 'Application accepted successfully',
-            data: null,
+            data: {
+                filePath: result.filePath,
+                dynamicFields: result.dynamicFields,
+            },
         }),
     };
 });

src/modules/host/handlers/Host_Admin/onboarding/createPassword.ts

@@ -4,6 +4,7 @@ import { prismaClient } from '../../../../../common/database/prisma.lambda.servi
 import { HostService } from '../../../services/host.service';
 import ApiError from '../../../../../common/utils/helper/ApiError';
 import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
+import { sendWelcomeEmailToHost } from '../../../services/sendOTPEmail.service';
 
 const hostService = new HostService(prismaClient);
 
@@ -46,7 +47,8 @@ export const handler = safeHandler(async (
     throw new ApiError(400, 'Password must be at least 8 characters long');
   }
 
-  await hostService.createPassword(user_xid, password);
+  const result = await hostService.createPassword(user_xid, password);
+  await sendWelcomeEmailToHost(result.emailAddress);
 
   return {
     statusCode: 200,

src/modules/host/handlers/Host_Admin/onboarding/getAllActvitySuggestion.ts

@@ -0,0 +1,54 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { MinglarService } from '../../../../minglaradmin/services/minglar.service';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { verifyMinglarAdminHostToken } from '../../../../../common/middlewares/jwt/authForMinglarAdminHost';
+
+const minglarService = new MinglarService(prismaClient);
+
+/**
+ * Get suggestions handler
+ * Retrieves suggestions based on user's role and host assignments
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context
+): Promise<APIGatewayProxyResult> => {
+  // ✅ Verify authentication token
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+  }
+
+  // ✅ Verify token and extract user info
+  const userInfo = await verifyMinglarAdminHostToken(token);
+
+  // ✅ Extract activityXid from query parameters
+  const activityXidParam = event.queryStringParameters?.activityXid;
+  if (!activityXidParam) {
+    throw new ApiError(400, 'Missing required query parameter: activityXid');
+  }
+
+  const activityXid = Number(activityXidParam);
+  if (isNaN(activityXid) || activityXid <= 0) {
+    throw new ApiError(400, 'Invalid activityXid provided. Must be a positive number.');
+  }
+
+  // ✅ Fetch suggestions from the service
+  const suggestions = await minglarService.getHostSuggestionsForActivity(activityXid);
+
+  // ✅ Return response
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Suggestions retrieved successfully',
+      data: suggestions,
+    }),
+  };
+});

src/modules/host/handlers/Host_Admin/onboarding/getLatestAgreement.ts

@@ -0,0 +1,54 @@
+import { verifyMinglarAdminHostToken } from '../../../../../common/middlewares/jwt/authForMinglarAdminHost';
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { HostService } from '../../../services/host.service';
+
+const hostService = new HostService(prismaClient);
+
+/**
+ * Get latest active agreement for a specific host by hostXid.
+ * Accessible for Minglar Admin / Host Admin using admin-host token.
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+  }
+
+  // Validate admin/host admin token
+  await verifyMinglarAdminHostToken(token);
+
+  const hostXidParam =
+    event.queryStringParameters?.hostXid ?? event.queryStringParameters?.host_xid;
+
+  const hostXid = Number(hostXidParam);
+
+  if (!hostXidParam) {
+    throw new ApiError(400, 'hostXid is required');
+  }
+
+  if (Number.isNaN(hostXid)) {
+    throw new ApiError(400, 'Invalid hostXid format');
+  }
+
+  const agreement = await hostService.getLatestHostAgreement(hostXid);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Latest host agreement retrieved successfully',
+      data: agreement,
+    }),
+  };
+});
+

src/modules/host/handlers/Host_Admin/onboarding/signUp.ts

@@ -4,13 +4,9 @@ import { prismaClient } from '../../../../../common/database/prisma.lambda.servi
 import { ROLE } from '../../../../../common/utils/constants/common.constant';
 import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../../common/utils/helper/ApiError';
-import { encryptUserId } from '../../../../../common/utils/helper/CodeGenerator';
 import { OtpGeneratorSixDigit } from '../../../../../common/utils/helper/OtpGenerator';
-import { HostService } from '../../../services/host.service';
 import { sendOtpEmailForHost } from '@/modules/host/services/sendOTPEmail.service';
 
-const hostService = new HostService(prismaClient);
-
 export async function generateHostRefNumber(tx: any) {
   const lastrecord = await tx.user.findFirst({
     orderBy: {
@@ -23,7 +19,7 @@ export async function generateHostRefNumber(tx: any) {
 
   const nextId = lastrecord ? lastrecord.id + 1 : 1;
 
-  return `HS-${String(nextId).padStart(6, '0')}`;;
+  return `076-H-${String(nextId).padStart(6, '0')}`;;
 }
 
 export const handler = safeHandler(async (
@@ -45,13 +41,23 @@ export const handler = safeHandler(async (
     throw new ApiError(400, 'Email is required');
   }
 
-  const emailToLowerCase = email.toLowerCase()
+  const emailToLowerCase = email.trim().toLowerCase();
+
+  if (!emailToLowerCase) {
+    throw new ApiError(400, 'Email is required');
+  }
 
   // Use a single transaction for user creation/lookup and OTP storage
   const transactionResult = await prismaClient.$transaction(async (tx) => {
     const user = await tx.user.findUnique({
       where: { emailAddress: emailToLowerCase },
-      select: { emailAddress: true, id: true, userPassword: true },
+      select: {
+        emailAddress: true,
+        id: true,
+        userPassword: true,
+        dataConsentAccepted: true,
+        dataConsentAcceptedOn: true,
+      },
     });
 
     if (user && user.userPassword) {
@@ -93,9 +99,18 @@ export const handler = safeHandler(async (
       },
     });
 
-    const encryptedId = encryptUserId(String(newUserLocal.id));
+    await tx.user.update({
+      where: { id: Number(newUserLocal.id) },
+      data: {
+        dataConsentAccepted: true,
+        dataConsentAcceptedOn:
+          user?.dataConsentAccepted && user?.dataConsentAcceptedOn
+            ? user.dataConsentAcceptedOn
+            : new Date(),
+      },
+    });
 
-    return { newUser: newUserLocal, otp, encryptedId };
+    return { newUser: newUserLocal, otp };
   });
 
   if (!transactionResult || !transactionResult.otp) {

src/modules/host/handlers/Host_Admin/onboarding/submitCompanyDetails.ts

@@ -142,6 +142,10 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
 
     const deletedFiles = normalizeJsonField(fields, "deletedFiles") || [];
     const parentDeletedFiles = normalizeJsonField(fields, "parentDeletedFiles") || [];
+    const deleteCompanyLogo =
+      fields.deleteCompanyLogo === 'true' || fields.deleteCompanyLogo === true;
+    const deleteParentCompanyLogo =
+      fields.deleteParentCompanyLogo === 'true' || fields.deleteParentCompanyLogo === true;
 
     /** 4) Extract and clean isDraft flag */
     const isDraft = fields.isDraft === 'true' || fields.isDraft === true;
@@ -172,14 +176,46 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
     if (fields.userProfile) {
       const userProfileRaw = normalizeJsonField(fields, 'userProfile');
       if (userProfileRaw) {
-        const { firstName, lastName, mobileNumber } = userProfileRaw;
+        const firstName =
+          typeof userProfileRaw.firstName === 'string'
+            ? userProfileRaw.firstName.trim()
+            : undefined;
+        const lastName =
+          typeof userProfileRaw.lastName === 'string'
+            ? userProfileRaw.lastName.trim()
+            : undefined;
+        const mobileNumber =
+          typeof userProfileRaw.mobileNumber === 'string'
+            ? userProfileRaw.mobileNumber.trim()
+            : undefined;
+
+        if (mobileNumber) {
+          const existingUser = await prismaClient.user.findFirst({
+            where: {
+              mobileNumber,
+              id: {
+                not: Number(userInfo.id),
+              },
+            },
+            select: {
+              id: true,
+            },
+          });
+
+          if (existingUser) {
+            throw new ApiError(
+              409,
+              'Mobile number already exists for another user. Please use a different mobile number.',
+            );
+          }
+        }
 
         await prismaClient.user.update({
           where: { id: userInfo.id },
           data: {
-            ...(firstName && { firstName }),
-            ...(lastName && { lastName }),
-            ...(mobileNumber && { mobileNumber }),
+            ...(firstName !== undefined && { firstName }),
+            ...(lastName !== undefined && { lastName }),
+            ...(mobileNumber !== undefined && { mobileNumber }),
           },
         });
       }
@@ -379,6 +415,63 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
       });
     }
 
+    /** DELETE EXISTING LOGO IF REQUESTED */
+    if (deleteCompanyLogo) {
+      const existingHost = await prismaClient.hostHeader.findFirst({
+        where: { userXid: userInfo.id },
+        select: { logoPath: true },
+      });
+
+      if (existingHost?.logoPath) {
+        try {
+          const s3Key = getS3KeyFromUrl(existingHost.logoPath);
+          await deleteFromS3(s3Key);
+        } catch (e) {
+          console.error('S3 delete failed for company logo:', existingHost.logoPath, e);
+        }
+      }
+
+      parsedCompany.logoPath = null;
+    }
+
+    /** DELETE EXISTING PARENT COMPANY LOGO IF REQUESTED */
+    if (deleteParentCompanyLogo && parsedCompany.isSubsidairy) {
+      const existingHost = await prismaClient.hostHeader.findFirst({
+        where: { userXid: userInfo.id },
+        select: {
+          id: true,
+          hostParent: {
+            select: {
+              id: true,
+              logoPath: true,
+            },
+            take: 1,
+          },
+        },
+      });
+
+      const existingParent = Array.isArray(existingHost?.hostParent)
+        ? existingHost.hostParent[0]
+        : existingHost?.hostParent;
+
+      if (existingParent?.logoPath) {
+        try {
+          const s3Key = getS3KeyFromUrl(existingParent.logoPath);
+          await deleteFromS3(s3Key);
+        } catch (e) {
+          console.error('S3 delete failed for parent company logo:', existingParent.logoPath, e);
+        }
+      }
+
+      if (parsedParentCompany) {
+        parsedParentCompany.logoPath = null;
+      } else {
+        parsedParentCompany = {
+          logoPath: null,
+        };
+      }
+    }
+
     /** UPLOAD LOGO (if provided) */
     const logoFile = files.find(
       (f) => f.fieldName === 'companyLogo' || f.fieldName === 'companyLogoFile'
@@ -449,6 +542,7 @@ export const handler = safeHandler(async (event: APIGatewayProxyEvent): Promise<
       parsedParentCompany,
       uploadedParentDocs,
       isDraft,
+      { deleteCompanyLogo, deleteParentCompanyLogo },
     );
 
     if (!createdOrUpdated) throw new ApiError(400, 'Failed to add/update company details.');

src/modules/host/handlers/getStepper.ts

@@ -39,6 +39,7 @@ export const handler = safeHandler(async (
       data: {
         stepper: host?.host?.stepper || null,
         emailAddress: host.user?.emailAddress || null,
+        hostId: host.user?.userRefNumber || null,
       },
     }),
   };

src/modules/host/handlers/mediaDeleteFromS3.ts

@@ -0,0 +1,107 @@
+import { APIGatewayProxyHandler } from 'aws-lambda';
+import { S3Client, DeleteObjectCommand } from '@aws-sdk/client-s3';
+import config from '../../../config/config';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { verifyHostToken } from '../../../common/middlewares/jwt/authForHost';
+import { prismaClient } from '../../../common/database/prisma.lambda.service';
+
+const s3 = new S3Client({ region: config.aws.region });
+
+function extractS3Key(input: string): string {
+  if (input.startsWith('s3://')) {
+    return input.replace(`s3://${config.aws.bucketName}/`, '');
+  }
+
+  if (input.startsWith('https://')) {
+    const url = new URL(input);
+    return url.pathname.replace(/^\/+/, '');
+  }
+
+  return input;
+}
+
+export const handler: APIGatewayProxyHandler = async (event) => {
+  try {
+    /* ---------------- AUTH ---------------- */
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) throw new ApiError(401, 'Missing token.');
+    await verifyHostToken(token);
+
+    /* ---------------- BODY ---------------- */
+    const body = JSON.parse(event.body || '{}');
+    const { key, mediaSource, mediaId } = body;
+
+    if (mediaSource && mediaId) {
+
+      if (!['ACTIVITY', 'VENUE'].includes(mediaSource)) {
+        throw new ApiError(400, 'Invalid mediaSource');
+      }
+
+      /* ---------------- DB DELETE ---------------- */
+      if (mediaSource === 'ACTIVITY') {
+        const media = await prismaClient.activitiesMedia.findUnique({
+          where: { id: Number(mediaId) },
+        });
+
+        if (!media) throw new ApiError(404, 'Activity media not found');
+
+        await prismaClient.activitiesMedia.delete({
+          where: { id: media.id },
+        });
+      }
+
+      if (mediaSource === 'VENUE') {
+        const media = await prismaClient.activityVenueArtifacts.findUnique({
+          where: { id: Number(mediaId) },
+        });
+
+        if (!media) throw new ApiError(404, 'Venue media not found');
+
+        await prismaClient.activityVenueArtifacts.delete({
+          where: { id: media.id },
+        });
+      }
+
+    }
+
+    const s3Key = extractS3Key(key);
+
+    /* ---------------- PATH SAFETY ---------------- */
+    const allowedPrefixes = ['ActivityOnboarding/'];
+    if (!allowedPrefixes.some((p) => s3Key.startsWith(p))) {
+      throw new ApiError(403, 'Unauthorized delete path');
+    }
+
+    /* ---------------- S3 DELETE ---------------- */
+    await s3.send(
+      new DeleteObjectCommand({
+        Bucket: config.aws.bucketName!,
+        Key: s3Key,
+      }),
+    );
+
+    return response(200, {
+      success: true,
+      message: 'Media deleted from DB and S3 successfully',
+    });
+  } catch (err: any) {
+    console.error('ERROR:', err);
+
+    if (err instanceof ApiError) {
+      return response(err.statusCode, err.message);
+    }
+
+    return response(500, 'Internal server error');
+  }
+};
+
+function response(statusCode: number, body: any) {
+  return {
+    statusCode,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify(body),
+  };
+}

src/modules/host/handlers/mediaUploadForVenueToS3.ts

@@ -0,0 +1,104 @@
+import { APIGatewayProxyHandler } from 'aws-lambda';
+import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3';
+import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
+import { v4 as uuid } from 'uuid';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { prismaClient } from '../../../common/database/prisma.lambda.service';
+import { HostService } from '../services/host.service';
+import config from '../../../config/config';
+import { verifyHostToken } from '../../../common/middlewares/jwt/authForHost';
+
+const s3 = new S3Client({ region: config.aws.region });
+const hostService = new HostService(prismaClient);
+
+export const handler: APIGatewayProxyHandler = async (event) => {
+    try {
+
+        const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+        if (!token) throw new ApiError(401, 'Missing token.');
+        await verifyHostToken(token);
+
+        const body = JSON.parse(event.body || '{}');
+        const { files, venueTempId } = body;
+
+        if (!venueTempId) {
+            throw new ApiError(400, 'venueTempId is required');
+        }
+
+        if (!Array.isArray(files) || files.length === 0) {
+            throw new ApiError(400, 'files array is required');
+        }
+
+        const activityXid = event.pathParameters?.activityXid;
+        if (!activityXid) {
+            throw new ApiError(400, 'activityXid is required in path parameters');
+        }
+
+        const activityDetails = await hostService.getActivityDetailsById(Number(activityXid));
+        if (!activityDetails) {
+            throw new ApiError(404, 'Activity not found');
+        }
+
+        const results: Array<any> = [];
+
+        for (const file of files) {
+            const { fileName, mimeType } = file;
+
+            if (!fileName || !mimeType) {
+                throw new ApiError(400, 'Each file must have fileName and mimeType');
+            }
+
+            const safeFileName = fileName
+                .trim()
+                .replace(/\s+/g, '_')
+                .replace(/[^a-zA-Z0-9._-]/g, '')
+                .toLowerCase();
+
+            const key = `ActivityOnboarding/Activity_${activityXid}/Venues/${venueTempId}/${uuid()}_${safeFileName}`;
+
+            const command = new PutObjectCommand({
+                Bucket: config.aws.bucketName!,
+                Key: key,
+                ContentType: mimeType,
+            });
+
+            const uploadUrl = await getSignedUrl(s3, command, {
+                expiresIn: 300, // 5 minutes
+            });
+
+            results.push({
+                uploadUrl,
+                key,
+                fileUrl: `https://${config.aws.bucketName}.s3.${config.aws.region}.amazonaws.com/${key}`,
+            });
+        }
+
+        return response(200, {
+            venueTempId,
+            files: results,
+        });
+
+    } catch (err: any) {
+        console.error('ERROR:', err);
+
+        // If it's your ApiError, return its status & message
+        if (err instanceof ApiError) {
+            return response(err.statusCode, err.message);
+        }
+
+        // Fallback for unknown errors
+        return response(500, 'Internal server error');
+    }
+
+};
+
+function response(statusCode: number, body: any) {
+    return {
+        statusCode,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify(body),
+    };
+}

src/modules/host/handlers/mediaUploadToS3.ts

@@ -0,0 +1,98 @@
+import { APIGatewayProxyHandler } from 'aws-lambda';
+import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3';
+import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
+import { v4 as uuid } from 'uuid';
+import { prismaClient } from '../../../common/database/prisma.lambda.service';
+import { HostService } from '../services/host.service';
+import ApiError from '../../../common/utils/helper/ApiError';
+import config from '../../../config/config';
+import { verifyHostToken } from '../../../common/middlewares/jwt/authForHost';
+
+const s3 = new S3Client({ region: config.aws.region });
+const hostService = new HostService(prismaClient);
+
+export const handler: APIGatewayProxyHandler = async (event) => {
+  try {
+
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) throw new ApiError(401, 'Missing token.');
+    await verifyHostToken(token);
+
+
+    const body = JSON.parse(event.body || '{}');
+    const { files } = body;
+
+    if (!Array.isArray(files) || files.length === 0) {
+      throw new ApiError(400, 'files array is required');
+    }
+
+    const activityXid = event.pathParameters?.activityXid;
+    if (!activityXid) {
+      throw new ApiError(400, 'activityXid is required in path parameters');
+    }
+
+    const activityDetails = await hostService.getActivityDetailsById(Number(activityXid));
+    if (!activityDetails) {
+      throw new ApiError(404, 'Activity not found');
+    }
+
+    const results = [];
+
+    for (const file of files) {
+      const { fileName, mimeType } = file;
+
+      if (!fileName || !mimeType) {
+        throw new ApiError(400, 'Each file must have fileName and mimeType');
+      }
+
+      const safeFileName = fileName
+        .trim()
+        .replace(/\s+/g, '_')
+        .replace(/[^a-zA-Z0-9._-]/g, '')
+        .toLowerCase();
+
+      const key = `ActivityOnboarding/Activity_${activityXid}/Artifacts/${uuid()}_${safeFileName}`;
+
+      const command = new PutObjectCommand({
+        Bucket: config.aws.bucketName!,
+        Key: key,
+        ContentType: mimeType,
+      });
+
+      const uploadUrl = await getSignedUrl(s3, command, {
+        expiresIn: 300,
+      });
+
+      results.push({
+        uploadUrl,
+        key,
+        fileUrl: `https://${config.aws.bucketName}.s3.${config.aws.region}.amazonaws.com/${key}`,
+      });
+    }
+
+    return response(200, { files: results });
+
+  } catch (err: any) {
+    console.error('ERROR:', err);
+
+    // If it's your ApiError, return its status & message
+    if (err instanceof ApiError) {
+      return response(err.statusCode, err.message);
+    }
+
+    // Fallback for unknown errors
+    return response(500, 'Internal server error');
+  }
+
+};
+
+function response(statusCode: number, body: any) {
+  return {
+    statusCode,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify(body),
+  };
+}

src/modules/host/handlers/operator/createPassword.ts

@@ -0,0 +1,58 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForOperator';
+import { OperatorAuthService } from '../../services/operatorAuth.service';
+
+const operatorAuthService = new OperatorAuthService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+  }
+
+  const userInfo = await verifyOperatorToken(token);
+
+  let body: { password?: string; confirmPassword?: string };
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { password, confirmPassword } = body;
+
+  if (!password || !confirmPassword) {
+    throw new ApiError(400, 'Password and confirm password are required');
+  }
+
+  if (password !== confirmPassword) {
+    throw new ApiError(400, 'Password and confirm password do not match');
+  }
+
+  if (password.length < 8) {
+    throw new ApiError(400, 'Password must be at least 8 characters long');
+  }
+
+  await operatorAuthService.createOperatorPassword(userInfo.id, password);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Password created successfully',
+      data: null,
+    }),
+  };
+});

src/modules/host/handlers/operator/getActivitiesByDate.ts

@@ -0,0 +1,59 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { GetActivitiesByDateRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  try {
+    // Extract token from headers
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+    }
+
+    // Verify token and get operator info
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    // Get activityDate from query parameters
+    const { activityDate } = event.queryStringParameters || {};
+
+    const requestDTO: GetActivitiesByDateRequestDTO = {
+      activityDate: activityDate?.trim(),
+    };
+
+    // Fetch activities by date and operator
+    const result = await operatorActivityService.getActivitiesByDate(
+      operatorId,
+      requestDTO.activityDate,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Activities fetched successfully',
+        data: result,
+      }),
+    };
+  } catch (error) {
+    // Error will be handled by safeHandler
+    throw error;
+  }
+});

src/modules/host/handlers/operator/getReservationByCheckInCode.ts

@@ -0,0 +1,65 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { GetReservationByCheckInCodeRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || Number.isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    const requestDTO: GetReservationByCheckInCodeRequestDTO = {
+      checkInCode:
+        event.queryStringParameters?.checkInCode?.trim() ||
+        event.queryStringParameters?.offlineCode?.trim() ||
+        '',
+    };
+
+    if (!requestDTO.checkInCode) {
+      throw new ApiError(400, 'checkInCode is required.');
+    }
+
+    const result = await operatorActivityService.getReservationByCheckInCode(
+      operatorId,
+      requestDTO.checkInCode,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Reservation details fetched successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/operator/login.ts

@@ -0,0 +1,55 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { GetHostLoginResponseDTO } from '../../dto/host.dto';
+import { OperatorAuthService } from '../../services/operatorAuth.service';
+import { TokenService } from '../../services/token.service';
+
+const operatorAuthService = new OperatorAuthService(prismaClient);
+const tokenService = new TokenService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  let body: { emailAddress?: string; userPassword?: string };
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { emailAddress, userPassword } = body;
+
+  if (!emailAddress || !userPassword) {
+    throw new ApiError(400, 'Email and password are required');
+  }
+
+  const operator = await operatorAuthService.loginForOperator(
+    emailAddress.trim().toLowerCase(),
+    userPassword,
+  );
+
+  const generatedToken = await tokenService.generateAuthToken(operator.id);
+
+  const response = new GetHostLoginResponseDTO(
+    operator,
+    generatedToken.access.token,
+    generatedToken.refresh.token,
+  );
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Login successful',
+      data: response,
+    }),
+  };
+});

src/modules/host/handlers/operator/sendOtpCheckIn.ts

@@ -0,0 +1,70 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorReservationVerificationOtpRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || Number.isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    let body: OperatorReservationVerificationOtpRequestDTO;
+
+    try {
+      body = event.body ? JSON.parse(event.body) : { checkInCode: '' };
+    } catch (error) {
+      throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const requestDTO: OperatorReservationVerificationOtpRequestDTO = {
+      checkInCode: body?.checkInCode?.trim() || '',
+    };
+
+    if (!requestDTO.checkInCode) {
+      throw new ApiError(400, 'checkInCode is required.');
+    }
+
+    const result = await operatorActivityService.sendOtpCheckIn(
+      operatorId,
+      requestDTO.checkInCode,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Check-in OTP sent successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/operator/sendOtpCheckout.ts

@@ -0,0 +1,70 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorReservationVerificationOtpRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || Number.isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    let body: OperatorReservationVerificationOtpRequestDTO;
+
+    try {
+      body = event.body ? JSON.parse(event.body) : { checkInCode: '' };
+    } catch (error) {
+      throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const requestDTO: OperatorReservationVerificationOtpRequestDTO = {
+      checkInCode: body?.checkInCode?.trim() || '',
+    };
+
+    if (!requestDTO.checkInCode) {
+      throw new ApiError(400, 'checkInCode is required.');
+    }
+
+    const result = await operatorActivityService.sendOtpCheckout(
+      operatorId,
+      requestDTO.checkInCode,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Checkout OTP sent successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/operator/signUp.ts

@@ -0,0 +1,53 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorAuthService } from '../../services/operatorAuth.service';
+
+const operatorAuthService = new OperatorAuthService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  let body: {
+    firstName?: string;
+    lastName?: string;
+    emailAddress?: string;
+    isdCode?: string;
+    mobileNumber?: string;
+  };
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { firstName, lastName, emailAddress, isdCode, mobileNumber } = body;
+
+  if (!emailAddress && !mobileNumber) {
+    throw new ApiError(400, 'Email address or mobile number is required');
+  }
+
+  const signupResponse = await operatorAuthService.signUpOperator({
+    firstName,
+    lastName,
+    emailAddress,
+    isdCode,
+    mobileNumber,
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'OTP sent successfully',
+      data: signupResponse,
+    }),
+  };
+});

src/modules/host/handlers/operator/verifyOtp.ts

@@ -0,0 +1,51 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorAuthService } from '../../services/operatorAuth.service';
+import { TokenService } from '../../services/token.service';
+
+const operatorAuthService = new OperatorAuthService(prismaClient);
+const tokenService = new TokenService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  let body: { emailAddress?: string; mobileNumber?: string; otp?: string };
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { emailAddress, mobileNumber, otp } = body;
+
+  if ((!emailAddress && !mobileNumber) || !otp) {
+    throw new ApiError(400, 'Email address or mobile number and OTP are required');
+  }
+
+  const operator = await operatorAuthService.verifyOperatorOtp({
+    emailAddress,
+    mobileNumber,
+    otp,
+  });
+
+  const generatedToken = await tokenService.generateAuthToken(operator.id);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'OTP verified successfully',
+      accessToken: generatedToken.access.token,
+      refreshToken: generatedToken.refresh.token,
+      data: null,
+    }),
+  };
+});

src/modules/host/handlers/operator/verifyOtpCheckIn.ts

@@ -0,0 +1,72 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorReservationVerifyOtpRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || Number.isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    let body: OperatorReservationVerifyOtpRequestDTO;
+
+    try {
+      body = event.body ? JSON.parse(event.body) : { checkInCode: '', otp: '' };
+    } catch (error) {
+      throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const requestDTO: OperatorReservationVerifyOtpRequestDTO = {
+      checkInCode: body?.checkInCode?.trim() || '',
+      otp: body?.otp?.trim() || '',
+    };
+
+    if (!requestDTO.checkInCode || !requestDTO.otp) {
+      throw new ApiError(400, 'checkInCode and otp are required.');
+    }
+
+    const result = await operatorActivityService.verifyOtpCheckIn(
+      operatorId,
+      requestDTO.checkInCode,
+      requestDTO.otp,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Check-in OTP verified successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/operator/verifyOtpCheckout.ts

@@ -0,0 +1,72 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyOperatorToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorReservationVerifyOtpRequestDTO } from '../../dto/operator.activity.dto';
+import { OperatorActivityService } from '../../services/operatorActivity.service';
+
+const operatorActivityService = new OperatorActivityService(prismaClient);
+
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    const operatorInfo = await verifyOperatorToken(token);
+    const operatorId = Number(operatorInfo.id);
+
+    if (!operatorId || Number.isNaN(operatorId)) {
+      throw new ApiError(400, 'Invalid operator ID');
+    }
+
+    let body: OperatorReservationVerifyOtpRequestDTO;
+
+    try {
+      body = event.body ? JSON.parse(event.body) : { checkInCode: '', otp: '' };
+    } catch (error) {
+      throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const requestDTO: OperatorReservationVerifyOtpRequestDTO = {
+      checkInCode: body?.checkInCode?.trim() || '',
+      otp: body?.otp?.trim() || '',
+    };
+
+    if (!requestDTO.checkInCode || !requestDTO.otp) {
+      throw new ApiError(400, 'checkInCode and otp are required.');
+    }
+
+    const result = await operatorActivityService.verifyOtpCheckout(
+      operatorId,
+      requestDTO.checkInCode,
+      requestDTO.otp,
+    );
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Checkout OTP verified successfully',
+        data: result,
+      }),
+    };
+  },
+);

src/modules/host/handlers/operator/verifyPassword.ts

@@ -0,0 +1,44 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { OperatorAuthService } from '../../services/operatorAuth.service';
+
+const operatorAuthService = new OperatorAuthService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  let body: { emailAddress?: string; userPassword?: string };
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { emailAddress, userPassword } = body;
+
+  if (!emailAddress || !userPassword) {
+    throw new ApiError(400, 'Email and password are required');
+  }
+
+  const isPasswordValid = await operatorAuthService.verifyPasswordForOperator(
+    emailAddress.trim().toLowerCase(),
+    userPassword,
+  );
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: isPasswordValid ? 'Password is valid' : 'Password is invalid',
+      data: { isValid: isPasswordValid },
+    }),
+  };
+});

src/modules/host/handlers/settings/getAllInvitedCoadminAndOperator.ts

@@ -0,0 +1,61 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { paginationService } from '../../../../common/utils/pagination/pagination.service';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { HostMemberService } from '../../services/hostMember.service';
+
+const hostMemberService = new HostMemberService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  const userInfo = await verifyHostToken(token);
+  const search = event.queryStringParameters?.search || '';
+
+  const paginationParams = paginationService.getPaginationFromEvent(event);
+  const paginationOptions =
+    paginationService.parsePaginationParams(paginationParams);
+
+  const { data, totalCount } =
+    await hostMemberService.getAllInvitedCoadminAndOperator({
+      hostUserXid: userInfo.id,
+      search,
+      paginationOptions,
+    });
+
+  const paginatedResponse = paginationService.createPaginatedResponse(
+    data,
+    totalCount,
+    paginationOptions,
+  );
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Invited co-admin and operator members fetched successfully',
+      ...paginatedResponse,
+    }),
+  };
+});

src/modules/host/handlers/settings/getMemberPermissions.ts

@@ -0,0 +1,58 @@
+import {
+    APIGatewayProxyEvent,
+    APIGatewayProxyResult,
+    Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { HostRolePermissionService } from '../../services/hostRolePermission.service';
+
+const hostRolePermissionService = new HostRolePermissionService(prismaClient);
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  const userInfo = await verifyHostToken(token);
+
+  const memberUserXid = event.pathParameters?.memberUserXid;
+
+  if (!memberUserXid) {
+    throw new ApiError(400, 'memberUserXid  is required.');
+  }
+
+  const memberUserId = parseInt(memberUserXid, 10);
+  if (isNaN(memberUserId)) {
+    throw new ApiError(400, 'Invalid memberUserXid. Must be a number.');
+  }
+
+  const result = await hostRolePermissionService.getMemberPermissions({
+    hostUserXid: userInfo.id,
+    memberUserXid: memberUserId,
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Member permissions retrieved successfully',
+      data: result,
+    }),
+  };
+});

src/modules/host/handlers/settings/getMemberRoles.ts

@@ -0,0 +1,59 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { ROLE } from '../../../../common/utils/constants/common.constant';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  await verifyHostToken(token);
+
+  const roles = await prismaClient.roles.findMany({
+    where: {
+      id: {
+        in: [ROLE.CO_ADMIN, ROLE.OPERATOR],
+      },
+      isActive: true,
+      deletedAt: null,
+    },
+    select: {
+      id: true,
+      roleName: true,
+    },
+    orderBy: {
+      id: 'asc',
+    },
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Host member roles fetched successfully',
+      data: {
+        roles,
+      },
+    }),
+  };
+});

src/modules/host/handlers/settings/getPermissionMasters.ts

@@ -0,0 +1,60 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  await verifyHostToken(token);
+
+  const permissionMasters = await prismaClient.hostPermissionMasters.findMany({
+    where: {
+      isActive: true,
+      deletedAt: null,
+    },
+    select: {
+      id: true,
+      permissionKey: true,
+      permissionGroup: true,
+      permissionSection: true,
+      permissionAction: true,
+      displayLabel: true,
+      displayOrder: true,
+    },
+    orderBy: {
+      displayOrder: 'asc',
+    },
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Permission masters fetched successfully',
+      data: {
+        permissionMasters,
+      },
+    }),
+  };
+});

src/modules/host/handlers/settings/inviteMember.ts

@@ -0,0 +1,111 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { HostMemberService } from '../../services/hostMember.service';
+import { sendHostMemberInvitationEmail } from '../../services/sendHostMemberInvitationEmail.service';
+
+const hostMemberService = new HostMemberService(prismaClient);
+
+interface InviteMemberBody {
+  emailAddress: string;
+  roleXid: number;
+  permissionMasterXid: number;
+  activityXids: number[];
+}
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  const userInfo = await verifyHostToken(token);
+
+  let body: Partial<InviteMemberBody> = {};
+  if (event.body) {
+    try {
+      body = JSON.parse(event.body);
+    } catch {
+      throw new ApiError(400, 'Invalid JSON body');
+    }
+  }
+
+  const emailAddress =
+    typeof body.emailAddress === 'string' ? body.emailAddress.trim() : '';
+  const roleXid = Number(body.roleXid);
+  const permissionMasterXid = Number(body.permissionMasterXid);
+  const activityXids = Array.isArray(body.activityXids)
+    ? body.activityXids
+    : [];
+
+  if (!emailAddress) {
+    throw new ApiError(400, 'emailAddress is required.');
+  }
+
+  if (!Number.isInteger(roleXid) || roleXid <= 0) {
+    throw new ApiError(400, 'roleXid is required.');
+  }
+
+  if (!Number.isInteger(permissionMasterXid) || permissionMasterXid <= 0) {
+    throw new ApiError(400, 'permissionMasterXid is required.');
+  }
+
+  if (!activityXids.length) {
+    throw new ApiError(400, 'activityXids is required.');
+  }
+
+  const inviteResult = await hostMemberService.inviteMember({
+    inviterUserXid: userInfo.id,
+    emailAddress,
+    roleXid,
+    permissionMasterXid,
+    activityXids,
+  });
+
+  await sendHostMemberInvitationEmail(
+    inviteResult.user.emailAddress ?? emailAddress,
+    inviteResult.host.companyName,
+    inviteResult.permissionMaster.role.roleName,
+    inviteResult.permissionDetails.map((permission) => permission.displayLabel),
+    inviteResult.activities.map((activity) => activity.activityTitle ?? `Activity #${activity.id}`),
+  );
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Host member invited successfully',
+      data: {
+        hostMemberId: inviteResult.hostMember.id,
+        hostXid: inviteResult.hostMember.hostXid,
+        userXid: inviteResult.hostMember.userXid,
+        emailAddress: inviteResult.user.emailAddress,
+        roleXid: inviteResult.hostMember.roleXid,
+        permissionMasterXid: inviteResult.hostMember.hostRolePermissionMasterXid,
+        permissionMasterXids: inviteResult.permissionMaster.permissionMasterXids,
+        permissionLabels: inviteResult.permissionDetails.map((permission) => permission.displayLabel),
+        activityXids: inviteResult.activities.map((activity) => activity.id),
+        activityNames: inviteResult.activities.map((activity) => activity.activityTitle ?? null),
+        memberStatus: inviteResult.hostMember.memberStatus,
+      },
+    }),
+  };
+});

src/modules/host/handlers/settings/saveRolePermissions.ts

@@ -0,0 +1,81 @@
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
+
+import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../../common/middlewares/jwt/authForHost';
+import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../common/utils/helper/ApiError';
+import { HostRolePermissionService } from '../../services/hostRolePermission.service';
+
+const hostRolePermissionService = new HostRolePermissionService(prismaClient);
+
+interface SaveRolePermissionsBody {
+  roleXid: number;
+  permissionMasterXids: number[];
+}
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+
+  if (!token) {
+    throw new ApiError(
+      400,
+      'This is a protected route. Please provide a valid token.',
+    );
+  }
+
+  const userInfo = await verifyHostToken(token);
+
+  let body: Partial<SaveRolePermissionsBody> = {};
+  if (event.body) {
+    try {
+      body = JSON.parse(event.body);
+    } catch {
+      throw new ApiError(400, 'Invalid JSON body');
+    }
+  }
+
+  const roleXid = Number(body.roleXid);
+  const permissionMasterXids = Array.isArray(body.permissionMasterXids)
+    ? body.permissionMasterXids
+    : [];
+
+  if (!Number.isInteger(roleXid) || roleXid <= 0) {
+    throw new ApiError(400, 'roleXid is required.');
+  }
+
+  if (!permissionMasterXids.length) {
+    throw new ApiError(400, 'permissionMasterXids is required.');
+  }
+
+  const result = await hostRolePermissionService.saveRolePermissions({
+    hostUserXid: userInfo.id,
+    roleXid,
+    permissionMasterXids,
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Role permissions saved successfully',
+      data: {
+        permissionMasterXid: result.saved.id,
+        hostXid: result.saved.hostXid,
+        roleXid: result.saved.roleXid,
+        permissionMasterXids: result.saved.permissionMasterXids,
+        selectedPermissions: result.selectedPermissions,
+      },
+    }),
+  };
+});

src/modules/host/handlers/updateHostProfile.ts

@@ -0,0 +1,344 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import AWS from 'aws-sdk';
+import dayjs from 'dayjs';
+import { z } from 'zod';
+import { prismaClient } from '../../../common/database/prisma.lambda.service';
+import { verifyHostToken } from '../../../common/middlewares/jwt/authForHost';
+import { ROLE } from '../../../common/utils/constants/common.constant';
+import { safeHandler } from '../../../common/utils/handlers/safeHandler';
+import ApiError from "../../../common/utils/helper/ApiError";
+import { parseMultipartFormData } from '../../../common/utils/helper/parseMultipartFormData';
+import config from '../../../config/config';
+
+const s3 = new AWS.S3({
+  region: config.aws.region,
+});
+
+const updateHostProfileSchema = z
+  .strictObject({
+    // Personal
+    fullName: z.string().min(1).optional(),
+    firstName: z.string().min(1).optional(),
+    lastName: z.string().min(1).optional(),
+    isdCode: z.string().min(1).max(6).optional(),
+    mobileNumber: z.string().min(5).max(15).optional(),
+    dateOfBirth: z.string().min(1).optional(),
+
+    profileImage: z.string().url().optional(),
+
+    // Address
+    address1: z.string().min(1).optional(),
+    address2: z.string().min(1).optional(),
+    countryXid: z.number().int().positive().optional(),
+    stateXid: z.number().int().positive().optional(),
+    cityXid: z.number().int().positive().optional(),
+    pinCode: z.string().min(1).optional(),
+
+    // explicitly forbidden
+    emailAddress: z.any().optional(),
+  })
+  .strip();
+
+async function uploadProfileImageToS3(buffer: Buffer, mimeType: string, originalName: string, userId: number) {
+  const sanitizeFileName = (name: string) => {
+    return name
+      .toLowerCase()
+      .replace(/[^a-z0-9.]/g, '_')
+      .replace(/_+/g, '_')
+      .replace(/^_+|_+$/g, '');
+  };
+
+  const fileExtension = originalName.split('.').pop() || 'jpg';
+  const fileName = `profile_image.${fileExtension}`;
+  const sanitizedFileName = sanitizeFileName(fileName);
+  const s3Key = `Host/ProfileImages/${userId}/${sanitizedFileName}`;
+
+  await s3
+    .upload({
+      Bucket: config.aws.bucketName,
+      Key: s3Key,
+      Body: buffer,
+      ContentType: mimeType,
+      ACL: 'private',
+    })
+    .promise();
+
+  return `https://${config.aws.bucketName}.s3.${config.aws.region}.amazonaws.com/${s3Key}`;
+}
+
+function parseDob(dateOfBirth: string): Date {
+  const parsed = dayjs(dateOfBirth, ['YYYY-MM-DD', 'MM/DD/YYYY', 'DD/MM/YYYY'], true);
+  if (!parsed.isValid()) {
+    throw new ApiError(400, 'Invalid dateOfBirth. Use YYYY-MM-DD (recommended) or MM/DD/YYYY.');
+  }
+  return parsed.toDate();
+}
+
+function splitFullName(fullName: string): { firstName: string; lastName: string | null } {
+  const parts = fullName.trim().split(/\s+/).filter(Boolean);
+  const firstName = parts[0] || '';
+  const lastName = parts.length > 1 ? parts.slice(1).join(' ') : null;
+  return { firstName, lastName };
+}
+
+function getAuthToken(event: APIGatewayProxyEvent): string {
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
+  }
+  return token;
+}
+
+function parseJsonBody(event: APIGatewayProxyEvent): any {
+  try {
+    return event.body ? JSON.parse(event.body) : {};
+  } catch {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+}
+
+function validateBody(body: any) {
+  const parsed = updateHostProfileSchema.safeParse(body);
+  if (!parsed.success) {
+    throw new ApiError(400, parsed.error.issues.map((i) => i.message).join(', '));
+  }
+  if (parsed.data.emailAddress !== undefined) {
+    throw new ApiError(400, 'Email address cannot be updated.');
+  }
+  return parsed.data;
+}
+
+function normalizeNameFields(data: any): { firstName?: string; lastName?: string | null } {
+  if (data.fullName && !data.firstName && !data.lastName) {
+    const split = splitFullName(data.fullName);
+    return { firstName: split.firstName, lastName: split.lastName };
+  }
+  return { firstName: data.firstName, lastName: data.lastName };
+}
+
+function buildAddressInput(data: any) {
+  return {
+    address1: data.address1,
+    address2: data.address2,
+    countryXid: data.countryXid,
+    stateXid: data.stateXid,
+    cityXid: data.cityXid,
+    pinCode: data.pinCode,
+  };
+}
+
+function hasAnyDefined(obj: Record<string, unknown>) {
+  return Object.values(obj).some((v) => v !== undefined);
+}
+
+async function ensureHostUser(tx: any, userId: number) {
+  const user = await tx.user.findUnique({
+    where: { id: userId, isActive: true },
+    select: { id: true, roleXid: true },
+  });
+
+  if (!user) throw new ApiError(404, 'User not found');
+  if (user.roleXid !== ROLE.HOST) throw new ApiError(403, 'Access denied.');
+}
+
+async function updateUserIfNeeded(
+  tx: any,
+  userId: number,
+  input: {
+    firstName?: string;
+    lastName?: string | null;
+    isdCode?: string;
+    mobileNumber?: string;
+    dateOfBirth?: string;
+    profileImage?: string;
+  },
+) {
+  const userUpdateData: any = {};
+  if (input.firstName !== undefined) userUpdateData.firstName = input.firstName || null;
+  if (input.lastName !== undefined) userUpdateData.lastName = input.lastName;
+  if (input.isdCode !== undefined) userUpdateData.isdCode = input.isdCode || null;
+  if (input.mobileNumber !== undefined) userUpdateData.mobileNumber = input.mobileNumber || null;
+  if (input.dateOfBirth !== undefined) {
+    userUpdateData.dateOfBirth = input.dateOfBirth ? parseDob(input.dateOfBirth) : null;
+  }
+  if (input.profileImage !== undefined) {
+    userUpdateData.profileImage = input.profileImage || null;
+  }
+
+  if (!hasAnyDefined(userUpdateData)) return;
+
+  await tx.user.update({
+    where: { id: userId },
+    data: {
+      ...userUpdateData,
+      isProfileUpdated: true,
+    },
+  });
+}
+
+async function upsertAddressIfNeeded(tx: any, userId: number, addressData: Record<string, any>) {
+  if (!hasAnyDefined(addressData)) return;
+
+  const existingAddress = await tx.userAddressDetails.findFirst({
+    where: { userXid: userId, isActive: true },
+    select: { id: true },
+  });
+
+  const addressUpdateData: any = {};
+  if (addressData.address1 !== undefined) addressUpdateData.address1 = addressData.address1;
+  if (addressData.address2 !== undefined) addressUpdateData.address2 = addressData.address2;
+  if (addressData.countryXid !== undefined) addressUpdateData.countryXid = addressData.countryXid;
+  if (addressData.stateXid !== undefined) addressUpdateData.stateXid = addressData.stateXid;
+  if (addressData.cityXid !== undefined) addressUpdateData.cityXid = addressData.cityXid;
+  if (addressData.pinCode !== undefined) addressUpdateData.pinCode = addressData.pinCode;
+
+  if (existingAddress) {
+    await tx.userAddressDetails.update({
+      where: { id: existingAddress.id },
+      data: addressUpdateData,
+    });
+    return;
+  }
+
+  const required = ['address1', 'countryXid', 'stateXid', 'cityXid', 'pinCode'] as const;
+  const missing = required.filter((k) => addressData[k] === undefined);
+  if (missing.length) {
+    throw new ApiError(400, `Missing required address fields: ${missing.join(', ')}`);
+  }
+
+  await tx.userAddressDetails.create({
+    data: {
+      userXid: userId,
+      ...addressUpdateData,
+    },
+  });
+}
+
+async function getProfileSnapshot(tx: any, userId: number) {
+  const updated = await tx.user.findUnique({
+    where: { id: userId },
+    select: {
+      id: true,
+      firstName: true,
+      lastName: true,
+      emailAddress: true,
+      isdCode: true,
+      mobileNumber: true,
+      dateOfBirth: true,
+      profileImage: true,
+      isProfileUpdated: true,
+      userAddressDetails: {
+        where: { isActive: true },
+        take: 1,
+        select: {
+          id: true,
+          address1: true,
+          address2: true,
+          countryXid: true,
+          stateXid: true,
+          cityXid: true,
+          pinCode: true,
+        },
+      },
+    },
+  });
+
+  return {
+    user: updated,
+    address: updated?.userAddressDetails?.[0] ?? null,
+  };
+}
+
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context,
+): Promise<APIGatewayProxyResult> => {
+  const token = getAuthToken(event);
+  const userInfo = await verifyHostToken(token);
+  const userId = Number(userInfo.id);
+  if (!userId || Number.isNaN(userId)) {
+    throw new ApiError(400, 'Invalid user id');
+  }
+
+  const contentType = event.headers['Content-Type'] || event.headers['content-type'] || '';
+  const isMultipart = contentType.includes('multipart/form-data');
+
+  let body: any;
+
+  if (isMultipart) {
+    const isBase64Encoded = event.isBase64Encoded || false;
+    const { fields, files } = parseMultipartFormData(event.body || null, contentType, isBase64Encoded);
+
+    const multipartBody: any = {};
+
+    const copyIfPresent = (key: string) => {
+      if (fields[key] !== undefined) {
+        multipartBody[key] = fields[key];
+      }
+    };
+
+    ['fullName', 'firstName', 'lastName', 'isdCode', 'mobileNumber', 'dateOfBirth', 'address1', 'address2', 'pinCode'].forEach(
+      copyIfPresent,
+    );
+
+    const parseNumberField = (key: string) => {
+      if (fields[key] !== undefined) {
+        const value = Number(fields[key]);
+        if (!Number.isNaN(value)) {
+          multipartBody[key] = value;
+        }
+      }
+    };
+
+    ['countryXid', 'stateXid', 'cityXid'].forEach(parseNumberField);
+
+    const profileImageFile = files.find((f) => f.fieldName === 'profileImage');
+    if (profileImageFile) {
+      const uploadedUrl = await uploadProfileImageToS3(
+        profileImageFile.data,
+        profileImageFile.contentType,
+        profileImageFile.fileName,
+        userId,
+      );
+      multipartBody.profileImage = uploadedUrl;
+    } else if (fields.profileImage) {
+      multipartBody.profileImage = fields.profileImage;
+    }
+
+    body = multipartBody;
+  } else {
+    body = parseJsonBody(event);
+  }
+
+  const data = validateBody(body);
+  const name = normalizeNameFields(data);
+  const address = buildAddressInput(data);
+
+  const result = await prismaClient.$transaction(async (tx) => {
+    await ensureHostUser(tx, userId);
+    await updateUserIfNeeded(tx, userId, {
+      firstName: name.firstName,
+      lastName: name.lastName,
+      isdCode: data.isdCode,
+      mobileNumber: data.mobileNumber,
+      dateOfBirth: data.dateOfBirth,
+      profileImage: data.profileImage,
+    });
+    await upsertAddressIfNeeded(tx, userId, address);
+    return getProfileSnapshot(tx, userId);
+  });
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Profile updated successfully',
+      data : null// no data payload per request
+    }),
+  };
+});
+

src/modules/host/services/activityScheduling.service.ts

@@ -0,0 +1,743 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+import { getPresignedUrl } from '../../../common/middlewares/aws/getPreSignedUrl';
+import {
+  ACTIVITY_AM_DISPLAY_STATUS,
+  ACTIVITY_AM_INTERNAL_STATUS,
+  ACTIVITY_DISPLAY_STATUS,
+  ACTIVITY_INTERNAL_STATUS,
+  SCHEDULING_TYPE,
+} from '../../../common/utils/constants/host.constant';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { ScheduleActivityDTO } from '../../../common/utils/validation/host/createSchedulingOfAct.validation';
+import config from '../../../config/config';
+
+const bucket = config.aws.bucketName;
+
+@Injectable()
+export class SchedulingService {
+  constructor(private prisma: PrismaClient) { }
+
+  async getHostIdByUserId(userId: number) {
+    const host = await this.prisma.hostHeader.findFirst({
+      where: {
+        userXid: userId,
+        isActive: true,
+      },
+      select: {
+        id: true,
+      },
+    });
+
+    if (!host) {
+      throw new ApiError(404, 'Host not found for the given user.');
+    }
+
+    return host.id;
+  }
+
+  async addSchedulingForActivity(data: ScheduleActivityDTO) {
+    const {
+      activityXid,
+      listNow,
+      scheduleType,
+      dateRange,
+      rules,
+      venues,
+      earlyCheckInMins,
+      bookingCutOffMins,
+      isLateCheckingAllowed,
+      isInstantBooking,
+    } = data;
+
+    return this.prisma.$transaction(async (tx) => {
+      const venueXids = venues.map((v) => v.venueXid);
+
+      /* ----------------------------------
+               🧹 0️⃣ DELETE OLD SCHEDULING (PER ACTIVITY + VENUES)
+            ---------------------------------- */
+
+      const oldHeaders = await tx.scheduleHeader.findMany({
+        where: {
+          activityXid,
+          activityVenueXid: { in: venueXids },
+          isActive: true,
+        },
+        select: { id: true },
+      });
+
+      const headerIds = oldHeaders.map((h) => h.id);
+
+      if (headerIds.length) {
+        // Delete in correct FK order
+        await tx.cancellations.deleteMany({
+          where: { scheduleHeaderXid: { in: headerIds } },
+        });
+
+        await tx.scheduleDetails.deleteMany({
+          where: { scheduleHeaderXid: { in: headerIds } },
+        });
+
+        await tx.scheduleOccurences.deleteMany({
+          where: { scheduleHeaderXid: { in: headerIds } },
+        });
+
+        await tx.scheduleRecurrence.deleteMany({
+          where: { scheduleHeaderXid: { in: headerIds } },
+        });
+
+        await tx.scheduleHeader.deleteMany({
+          where: { id: { in: headerIds } },
+        });
+      }
+
+      /* ----------------------------------
+               ➕ 1️⃣ CREATE NEW SCHEDULING
+            ---------------------------------- */
+      const createdHeaders: number[] = [];
+
+      if (
+        isInstantBooking !== undefined ||
+        isLateCheckingAllowed !== undefined
+      ) {
+        await tx.activities.update({
+          where: { id: activityXid, isActive: true },
+          data: { isInstantBooking, isLateCheckingAllowed },
+        });
+      }
+
+      if (listNow) {
+        await tx.activities.update({
+          where: { id: activityXid, isActive: true },
+          data: {
+            activityInternalStatus: ACTIVITY_INTERNAL_STATUS.ACTIVITY_LISTED,
+            activityDisplayStatus: ACTIVITY_DISPLAY_STATUS.ACTIVITY_LISTED,
+            amInternalStatus: ACTIVITY_AM_INTERNAL_STATUS.ACTIVITY_LISTED,
+            amDisplayStatus: ACTIVITY_AM_DISPLAY_STATUS.ACTIVITY_LISTED,
+          },
+        });
+      }
+
+      for (const venue of venues) {
+        if (!venue.slots || venue.slots.length === 0) {
+          continue;
+        }
+
+        const header = await tx.scheduleHeader.create({
+          data: {
+            activityXid,
+            activityVenueXid: venue.venueXid,
+            scheduleType,
+            startDate: new Date(dateRange.startDate),
+            endDate: dateRange.endDate ? new Date(dateRange.endDate) : null,
+            earlyCheckInMins,
+            bookingCutOffMins,
+            isActive: true,
+          },
+        });
+
+        createdHeaders.push(header.id);
+
+        // WEEKLY
+        if (scheduleType === SCHEDULING_TYPE.WEEKLY) {
+          const uniqueWeekdays = [
+            ...new Set(
+              venue.slots
+                .map((s) => s.weekDay)
+                .filter(
+                  (
+                    d,
+                  ): d is
+                    | 'MONDAY'
+                    | 'TUESDAY'
+                    | 'WEDNESDAY'
+                    | 'THURSDAY'
+                    | 'FRIDAY'
+                    | 'SATURDAY'
+                    | 'SUNDAY' => !!d,
+                ),
+            ),
+          ];
+
+          if (!uniqueWeekdays.length) {
+            throw new ApiError(
+              400,
+              'Weekly schedule requires weekDay in slots',
+            );
+          }
+
+          await tx.scheduleRecurrence.createMany({
+            data: uniqueWeekdays.map((day) => ({
+              scheduleHeaderXid: header.id,
+              weekDay: day,
+              isActive: true,
+            })),
+          });
+        }
+
+        // MONTHLY
+        if (scheduleType === SCHEDULING_TYPE.MONTHLY) {
+          const uniqueDays = [
+            ...new Set(
+              venue.slots
+                .map((s) => s.dayOfMonth)
+                .filter((d): d is number => d !== null && d !== undefined),
+            ),
+          ];
+
+          if (!uniqueDays.length) {
+            throw new ApiError(
+              400,
+              'Monthly schedule requires dayOfMonth in slots',
+            );
+          }
+
+          await tx.scheduleRecurrence.createMany({
+            data: uniqueDays.map((day) => ({
+              scheduleHeaderXid: header.id,
+              dayOfMonth: day,
+              isActive: true,
+            })),
+          });
+        }
+
+        // CUSTOM / ONCE
+        if (
+          scheduleType === SCHEDULING_TYPE.CUSTOM ||
+          scheduleType === SCHEDULING_TYPE.ONCE
+        ) {
+          const uniqueDates = [
+            ...new Set(
+              venue.slots.map((s) => s.occurrenceDate).filter(Boolean),
+            ),
+          ];
+
+          await tx.scheduleOccurences.createMany({
+            data: uniqueDates.map((d) => ({
+              scheduleHeaderXid: header.id,
+              occurenceDate: new Date(d!),
+              isActive: true,
+            })),
+          });
+        }
+
+        // Slots
+        for (const slot of venue.slots) {
+          await tx.scheduleDetails.create({
+            data: {
+              scheduleHeaderXid: header.id,
+              occurenceDate: slot.occurrenceDate
+                ? new Date(slot.occurrenceDate)
+                : null,
+              weekDay: slot.weekDay ?? null,
+              dayOfMonth: slot.dayOfMonth ?? null,
+              startTime: slot.startTime,
+              endTime: slot.endTime,
+              maxCapacity: slot.maxCapacity,
+              isActive: true,
+            },
+          });
+        }
+      }
+
+      return { success: true, scheduleHeaderIds: createdHeaders };
+    });
+  }
+
+  async getAvailableSlotsForDate(activityXid: number, selectedDate: string) {
+    const date = new Date(selectedDate);
+
+    if (isNaN(date.getTime())) {
+      throw new ApiError(400, 'Invalid date format');
+    }
+
+    const weekDay = date
+      .toLocaleDateString('en-US', { weekday: 'long' })
+      .toUpperCase();
+    const dayOfMonth = date.getDate();
+
+    /* --------------------------------
+           1️⃣ FETCH ACTIVE SCHEDULE HEADERS
+        -------------------------------- */
+    const scheduleHeaders = await this.prisma.scheduleHeader.findMany({
+      where: {
+        activityXid,
+        isActive: true,
+        startDate: { lte: date },
+        OR: [{ endDate: null }, { endDate: { gte: date } }],
+      },
+      include: {
+        activityVenue: {
+          select: {
+            id: true,
+            venueName: true,
+            venueLabel: true,
+            venueCapacity: true,
+          },
+        },
+        scheduleRecurrences: {
+          where: { isActive: true },
+        },
+        ScheduleDetails: {
+          where: {
+            isActive: true,
+            OR: [
+              { occurenceDate: date }, // ONLY_ONCE / CUSTOM
+              { weekDay: weekDay }, // WEEKLY
+              { dayOfMonth: dayOfMonth }, // MONTHLY
+            ],
+          },
+        },
+        Cancellations: {
+          where: {
+            occurenceDate: date,
+            isActive: true,
+          },
+        },
+      },
+    });
+
+    if (!scheduleHeaders.length) {
+      return [];
+    }
+
+    /* --------------------------------
+           2️⃣ BUILD RESPONSE
+        -------------------------------- */
+    const response = [];
+
+    for (const header of scheduleHeaders) {
+
+      // Build cancellation set using time matching
+      const cancelledSlots = new Set(
+        header.Cancellations.map(
+          (c) => `${c.startTime}-${c.endTime}`
+        )
+      );
+
+      const slots = header.ScheduleDetails
+        .filter(
+          (slot) =>
+            !cancelledSlots.has(`${slot.startTime}-${slot.endTime}`)
+        )
+        .map((slot) => ({
+          slotId: slot.id,
+          startTime: slot.startTime,
+          endTime: slot.endTime,
+          maxCapacity: slot.maxCapacity,
+        }));
+
+      if (!slots.length) continue;
+
+      response.push({
+        venueXid: header.activityVenue.id,
+        venueName: header.activityVenue.venueName,
+        venueLabel: header.activityVenue.venueLabel,
+        venueCapacity: header.activityVenue.venueCapacity,
+        slots,
+      });
+    }
+
+    return response;
+  }
+
+  /**
+   * Return full schedule header + venue + slots for a given activity and date
+   */
+  async getScheduleDetailsForDate(activityXid: number, selectedDate: string) {
+    const date = new Date(selectedDate);
+
+    if (isNaN(date.getTime())) {
+      throw new ApiError(400, 'Invalid date format');
+    }
+
+    const weekDay = date
+      .toLocaleDateString('en-US', { weekday: 'long' })
+      .toUpperCase();
+    const dayOfMonth = date.getDate();
+
+    const scheduleHeaders = await this.prisma.scheduleHeader.findMany({
+      where: {
+        activityXid,
+        isActive: true,
+        startDate: { lte: date },
+        OR: [{ endDate: null }, { endDate: { gte: date } }],
+        ScheduleDetails: {
+          some: {}
+        }
+      },
+      include: {
+        activityVenue: {
+          select: {
+            id: true,
+            venueName: true,
+            venueLabel: true,
+            venueCapacity: true,
+          },
+        },
+        scheduleRecurrences: {
+          where: { isActive: true },
+        },
+        ScheduleDetails: {
+          where: {
+            isActive: true,
+            OR: [
+              { occurenceDate: date },
+              { weekDay: weekDay },
+              { dayOfMonth: dayOfMonth },
+            ],
+          },
+        },
+        Cancellations: {
+          where: {
+            occurenceDate: date,
+            isActive: true,
+          },
+        },
+      },
+    });
+
+    if (!scheduleHeaders.length) return [];
+
+    const response = scheduleHeaders.map((header) => {
+
+      // Match cancelled slots using startTime + endTime
+      const cancelledSlots = new Set(
+        header.Cancellations.map(
+          (c) => `${c.startTime}-${c.endTime}`
+        )
+      );
+
+      const slots = header.ScheduleDetails
+        .filter(
+          (slot) =>
+            !cancelledSlots.has(`${slot.startTime}-${slot.endTime}`)
+        )
+        .map((slot) => ({
+          slotId: slot.id,
+          occurenceDate: slot.occurenceDate,
+          weekDay: slot.weekDay,
+          dayOfMonth: slot.dayOfMonth,
+          startTime: slot.startTime,
+          endTime: slot.endTime,
+          maxCapacity: slot.maxCapacity,
+        }));
+
+      return {
+        scheduleHeaderXid: header.id,
+        scheduleType: header.scheduleType,
+        startDate: header.startDate,
+        endDate: header.endDate,
+        earlyCheckInMins: header.earlyCheckInMins,
+        bookingCutOffMins: header.bookingCutOffMins,
+        activityVenue: {
+          venueXid: header.activityVenue.id,
+          venueName: header.activityVenue.venueName,
+          venueLabel: header.activityVenue.venueLabel,
+          venueCapacity: header.activityVenue.venueCapacity,
+        },
+        slots, // only active slots, no cancellation flag
+      };
+    });
+
+    return response;
+  }
+
+  async getVenueFromVenueXid(venueXid: number, activityXid: number) {
+    return await this.prisma.activityVenues.findUnique({
+      where: { id: venueXid, activityXid: activityXid, isActive: true },
+      select: {
+        id: true,
+        venueName: true,
+        venueLabel: true,
+        venueCapacity: true,
+      },
+    });
+  }
+
+  async getActivityByXid(activityXid: number) {
+    return await this.prisma.activities.findUnique({
+      where: { id: activityXid, isActive: true },
+      select: {
+        id: true,
+        activityTitle: true,
+      },
+    });
+  }
+
+  /**
+   * Get activities by status and host ID
+   * @param hostId - ID of the host
+   * @param status - Filter by status (Listed, Unlisted, Not_Listed) - optional
+   * @returns Array of activities matching the criteria
+   */
+  async getActivitiesByStatus(hostId: number, status?: string) {
+    // Build where clause
+    const whereClause: any = {
+      hostXid: hostId,
+      isActive: true,
+      deletedAt: null,
+      activityInternalStatus: {
+        in: [
+          ACTIVITY_INTERNAL_STATUS.ACTIVITY_APPROVED,
+          ACTIVITY_INTERNAL_STATUS.ACTIVITY_UNLISTED,
+          ACTIVITY_INTERNAL_STATUS.ACTIVITY_LISTED,
+        ],
+      },
+    };
+
+    // Add status filter if provided
+    if (status) {
+      whereClause.activityInternalStatus = status;
+    }
+
+    // Query activities
+    const activities = await this.prisma.activities.findMany({
+      where: whereClause,
+      select: {
+        id: true,
+        activityRefNumber: true,
+        activityTitle: true,
+        activityDescription: true,
+        activityDisplayStatus: true,
+        activityInternalStatus: true,
+        ActivitiesMedia: {
+          where: { isActive: true },
+          select: {
+            id: true,
+            mediaFileName: true,
+            mediaType: true,
+          },
+        },
+        ScheduleHeader: {
+          where: { isActive: true },
+          select: {
+            id: true,
+            scheduleType: true,
+            startDate: true,
+          },
+          orderBy: { createdAt: 'desc' },
+        },
+      },
+      orderBy: {
+        createdAt: 'desc',
+      },
+    });
+
+    for (const activity of activities) {
+      if (activity.ActivitiesMedia?.length) {
+        for (const media of activity.ActivitiesMedia) {
+          if (!media.mediaFileName) continue;
+
+          const key = media.mediaFileName.startsWith('http')
+            ? media.mediaFileName.split('.com/')[1]
+            : media.mediaFileName;
+
+          (media as any).presignedUrl = await getPresignedUrl(bucket, key);
+        }
+      }
+    }
+
+    // Transform response
+    return activities.map((activity) => ({
+      activityId: activity.id,
+      activityRefNumber: activity.activityRefNumber,
+      activityName: activity.activityTitle,
+      activityDescription: activity.activityDescription,
+      activityInternalStatus: activity.activityInternalStatus,
+      activityDisplayStatus: activity.activityDisplayStatus,
+      media: activity.ActivitiesMedia,
+      scheduleType: activity.ScheduleHeader?.length
+        ? activity.ScheduleHeader[0].scheduleType
+        : null,
+      scheduleStartDate: activity.ScheduleHeader?.length
+        ? activity.ScheduleHeader[0].startDate
+        : null,
+    }));
+  }
+
+  async getVenueDurationByAct(activityXid: number, hostId: number) {
+    const result = await this.prisma.activities.findUnique({
+      where: { id: activityXid, hostXid: hostId, isActive: true },
+      select: {
+        id: true,
+        activityDurationMins: true,
+        activityTitle: true,
+        activityRefNumber: true,
+        isLateCheckingAllowed: true,
+        isInstantBooking: true,
+        frequenciesXid: true,
+        frequency: {
+          where: { isActive: true },
+          select: {
+            id: true,
+            frequencyName: true,
+          },
+        },
+        ActivityVenues: {
+          where: { isActive: true },
+          select: {
+            id: true,
+            venueName: true,
+            venueLabel: true,
+            ScheduleHeader: {
+              where: { isActive: true },
+              select: {
+                id: true,
+                scheduleType: true,
+                startDate: true,
+                endDate: true,
+                earlyCheckInMins: true,
+                bookingCutOffMins: true,
+                ScheduleDetails: {
+                  where: { isActive: true },
+                  select: {
+                    id: true,
+                    occurenceDate: true,
+                    weekDay: true,
+                    dayOfMonth: true,
+                    startTime: true,
+                    endTime: true,
+                  },
+                },
+                Cancellations: {
+                  where: { isActive: true },
+                  select: {
+                    id: true,
+                    cancellationReason: true,
+                    occurenceDate: true,
+                    startTime: true,
+                    endTime: true,
+                  },
+                },
+                scheduleOccurences: {
+                  where: { isActive: true },
+                  select: {
+                    id: true,
+                    occurenceDate: true,
+                  },
+                },
+                scheduleRecurrences: {
+                  where: { isActive: true },
+                  select: {
+                    id: true,
+                    weekDay: true,
+                    dayOfMonth: true,
+                  },
+                },
+              },
+            },
+          },
+        },
+        ActivitiesMedia: {
+          where: { isActive: true },
+          select: {
+            id: true,
+            mediaFileName: true,
+            mediaType: true,
+          },
+        },
+      },
+    });
+
+    if (!result) return null;
+
+    if (result.ActivitiesMedia?.length) {
+      for (const media of result.ActivitiesMedia) {
+        if (!media.mediaFileName) continue;
+
+        const key = media.mediaFileName.startsWith('http')
+          ? media.mediaFileName.split('.com/')[1]
+          : media.mediaFileName;
+
+        (media as any).presignedUrl = await getPresignedUrl(bucket, key);
+      }
+    }
+
+    for (const venue of result.ActivityVenues ?? []) {
+      for (const header of venue.ScheduleHeader ?? []) {
+
+        /* -------------------------------
+                   📅 FRONTEND FRIENDLY META
+                -------------------------------- */
+
+        // WEEKLY → send weekdays
+        if (header.scheduleType === 'WEEKLY') {
+          (header as any).scheduleDays = [
+            ...new Set(
+              header.scheduleRecurrences?.map((r) => r.weekDay).filter(Boolean),
+            ),
+          ];
+        }
+
+        // MONTHLY → send dates (1–31)
+        if (header.scheduleType === 'MONTHLY') {
+          (header as any).scheduleDates = [
+            ...new Set(
+              header.scheduleRecurrences
+                ?.map((r) => r.dayOfMonth)
+                .filter(Boolean),
+            ),
+          ];
+        }
+
+        // CUSTOM / ONCE → send exact dates
+        if (
+          header.scheduleType === 'CUSTOM' ||
+          header.scheduleType === 'ONCE'
+        ) {
+          (header as any).scheduleDates = [
+            ...new Set(
+              header.scheduleOccurences
+                ?.map((o) => o.occurenceDate?.toISOString().split('T')[0])
+                .filter(Boolean),
+            ),
+          ];
+        }
+      }
+    }
+
+    (result as any).availableScheduleTypes = [
+      'ONCE',
+      'WEEKLY',
+      'MONTHLY',
+      'CUSTOM',
+    ];
+
+    return result;
+  }
+
+  async cancelMultipleSlotsForActivity(
+    cancellations: {
+      scheduleHeaderXid: number;
+      occurenceDate: string;
+      startTime: string;
+      endTime: string;
+      cancellationReason?: string;
+    }[],
+  ) {
+    return await this.prisma.cancellations.createMany({
+      data: cancellations.map((item) => ({
+        scheduleHeaderXid: item.scheduleHeaderXid,
+        occurenceDate: item.occurenceDate,
+        startTime: item.startTime,
+        endTime: item.endTime,
+        cancellationReason: item.cancellationReason || 'No reason provided',
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  async openCanceledSlot(
+    cancellations: { cancellationXid: number; }[],
+  ) {
+    return await this.prisma.cancellations.updateMany({
+      where: {
+        id: { in: cancellations.map((c) => c.cancellationXid) },
+      },
+      data: {
+        isActive: false,
+      },
+    });
+  }
+}

src/modules/host/services/hostMember.service.ts

@@ -0,0 +1,497 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+
+import { ROLE, USER_STATUS } from '../../../common/utils/constants/common.constant';
+import { PaginationOptions } from '../../../common/utils/pagination/pagination.types';
+import ApiError from '../../../common/utils/helper/ApiError';
+
+const ALLOWED_MEMBER_ROLES = new Set([ROLE.CO_ADMIN, ROLE.OPERATOR]);
+
+function normalizeIdArray(values: unknown): number[] {
+  if (!Array.isArray(values)) {
+    return [];
+  }
+
+  return Array.from(
+    new Set(
+      values
+        .map((item) => Number(item))
+        .filter((item) => Number.isInteger(item) && item > 0),
+    ),
+  );
+}
+
+@Injectable()
+export class HostMemberService {
+  constructor(private prisma: PrismaClient) {}
+
+  async getAllInvitedCoadminAndOperator(input: {
+    hostUserXid: number;
+    search?: string;
+    paginationOptions?: PaginationOptions;
+  }) {
+    const host = await this.prisma.hostHeader.findFirst({
+      where: {
+        userXid: input.hostUserXid,
+        isActive: true,
+        deletedAt: null,
+      },
+      select: {
+        id: true,
+        companyName: true,
+      },
+    });
+
+    if (!host) {
+      throw new ApiError(404, 'Host company not found for the logged-in user.');
+    }
+
+    const filters: any = {
+      hostXid: host.id,
+      roleXid: {
+        in: [ROLE.CO_ADMIN, ROLE.OPERATOR],
+      },
+      memberStatus: 'invited',
+      isActive: true,
+      deletedAt: null,
+      user: {
+        isActive: true,
+        deletedAt: null,
+      },
+    };
+
+    if (input.search?.trim()) {
+      const term = input.search.trim();
+      filters.user = {
+        ...filters.user,
+        OR: [
+          { emailAddress: { contains: term, mode: 'insensitive' as const } },
+          { firstName: { contains: term, mode: 'insensitive' as const } },
+          { lastName: { contains: term, mode: 'insensitive' as const } },
+          { mobileNumber: { contains: term, mode: 'insensitive' as const } },
+          { userRefNumber: { contains: term, mode: 'insensitive' as const } },
+        ],
+      };
+    }
+
+    const totalCount = await this.prisma.hostMembers.count({
+      where: filters,
+    });
+
+    const members = await this.prisma.hostMembers.findMany({
+      where: filters,
+      select: {
+        id: true,
+        hostXid: true,
+        userXid: true,
+        roleXid: true,
+        memberStatus: true,
+        invitedOn: true,
+        acceptedOn: true,
+        hostRolePermissionMasterXid: true,
+        user: {
+          select: {
+            id: true,
+            firstName: true,
+            lastName: true,
+            emailAddress: true,
+            mobileNumber: true,
+            userRefNumber: true,
+            userStatus: true,
+            role: {
+              select: {
+                id: true,
+                roleName: true,
+              },
+            },
+          },
+        },
+        role: {
+          select: {
+            id: true,
+            roleName: true,
+          },
+        },
+        invitedBy: {
+          select: {
+            id: true,
+            firstName: true,
+            lastName: true,
+            emailAddress: true,
+          },
+        },
+        hostRolePermissionMaster: {
+          select: {
+            id: true,
+            permissionMasterXids: true,
+          },
+        },
+        managedActivities: {
+          where: {
+            isActive: true,
+            deletedAt: null,
+          },
+          select: {
+            activityXid: true,
+            activity: {
+              select: {
+                id: true,
+                activityTitle: true,
+              },
+            },
+          },
+          orderBy: {
+            activityXid: 'asc',
+          },
+        },
+      },
+      orderBy: {
+        invitedOn: 'desc',
+      },
+      skip: input.paginationOptions?.skip ?? 0,
+      take: input.paginationOptions?.limit ?? 10,
+    });
+
+    const permissionIds = Array.from(
+      new Set(
+        members.flatMap((member) =>
+          normalizeIdArray(member.hostRolePermissionMaster?.permissionMasterXids),
+        ),
+      ),
+    );
+
+    const permissionMasters = permissionIds.length
+      ? await this.prisma.hostPermissionMasters.findMany({
+          where: {
+            id: { in: permissionIds },
+            isActive: true,
+            deletedAt: null,
+          },
+          select: {
+            id: true,
+            displayLabel: true,
+          },
+        })
+      : [];
+
+    const permissionLabelMap = new Map(
+      permissionMasters.map((permission) => [permission.id, permission.displayLabel]),
+    );
+
+    const data = members.map((member) => {
+      const permissionMasterXids = normalizeIdArray(
+        member.hostRolePermissionMaster?.permissionMasterXids,
+      );
+
+      return {
+        hostMemberId: member.id,
+        hostXid: member.hostXid,
+        hostCompanyName: host.companyName,
+        userXid: member.userXid,
+        roleXid: member.roleXid,
+        roleName: member.role?.roleName ?? member.user.role?.roleName ?? null,
+        permissionMasterXid: member.hostRolePermissionMasterXid,
+        permissionMasterXids,
+        permissionLabels: permissionMasterXids
+          .map((permissionId) => permissionLabelMap.get(permissionId))
+          .filter(Boolean),
+        memberStatus: member.memberStatus,
+        invitedOn: member.invitedOn,
+        acceptedOn: member.acceptedOn,
+        invitedBy: member.invitedBy
+          ? {
+              id: member.invitedBy.id,
+              firstName: member.invitedBy.firstName,
+              lastName: member.invitedBy.lastName,
+              emailAddress: member.invitedBy.emailAddress,
+            }
+          : null,
+        user: {
+          id: member.user.id,
+          firstName: member.user.firstName,
+          lastName: member.user.lastName,
+          emailAddress: member.user.emailAddress,
+          mobileNumber: member.user.mobileNumber,
+          userRefNumber: member.user.userRefNumber,
+          userStatus: member.user.userStatus,
+        },
+        activities: member.managedActivities.map((activityLink) => ({
+          id: activityLink.activity.id,
+          activityXid: activityLink.activityXid,
+          activityTitle: activityLink.activity.activityTitle,
+        })),
+      };
+    });
+
+    return {
+      data,
+      totalCount,
+    };
+  }
+
+  async inviteMember(input: {
+    inviterUserXid: number;
+    emailAddress: string;
+    roleXid: number;
+    permissionMasterXid: number;
+    activityXids: unknown;
+  }) {
+    const normalizedEmail = input.emailAddress.trim().toLowerCase();
+    const roleXid = Number(input.roleXid);
+    const permissionMasterXid = Number(input.permissionMasterXid);
+    const activityXids = normalizeIdArray(input.activityXids);
+
+    if (!normalizedEmail) {
+      throw new ApiError(400, 'emailAddress is required.');
+    }
+
+    if (!Number.isInteger(roleXid) || !ALLOWED_MEMBER_ROLES.has(roleXid)) {
+      throw new ApiError(
+        400,
+        'roleXid must be one of CO_ADMIN or OPERATOR.',
+      );
+    }
+
+    if (!Number.isInteger(permissionMasterXid) || permissionMasterXid <= 0) {
+      throw new ApiError(400, 'permissionMasterXid is required.');
+    }
+
+    if (!activityXids.length) {
+      throw new ApiError(400, 'At least one activity is required.');
+    }
+
+    return this.prisma.$transaction(async (tx) => {
+      const host = await tx.hostHeader.findFirst({
+        where: {
+          userXid: input.inviterUserXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          companyName: true,
+          userXid: true,
+        },
+      });
+
+      if (!host) {
+        throw new ApiError(404, 'Host company not found for the logged-in user.');
+      }
+
+      if (host.userXid !== input.inviterUserXid) {
+        throw new ApiError(403, 'Only the host owner can invite members.');
+      }
+
+      const permissionMaster = await tx.hostRolePermissionMasters.findFirst({
+        where: {
+          id: permissionMasterXid,
+          hostXid: host.id,
+          roleXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          hostXid: true,
+          roleXid: true,
+          permissionMasterXids: true,
+          role: {
+            select: {
+              id: true,
+              roleName: true,
+            },
+          },
+        },
+      });
+
+      if (!permissionMaster) {
+        throw new ApiError(
+          404,
+          'Permission master not found for the selected host and role.',
+        );
+      }
+
+      const selectedPermissionMasterXids = normalizeIdArray(
+        permissionMaster.permissionMasterXids,
+      );
+
+      const permissionDetails = await tx.hostPermissionMasters.findMany({
+        where: {
+          id: { in: selectedPermissionMasterXids },
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          permissionKey: true,
+          permissionGroup: true,
+          permissionSection: true,
+          permissionAction: true,
+          displayLabel: true,
+          displayOrder: true,
+        },
+        orderBy: {
+          displayOrder: 'asc',
+        },
+      });
+
+      if (permissionDetails.length !== selectedPermissionMasterXids.length) {
+        throw new ApiError(
+          400,
+          'One or more saved permission XIDs no longer exist in the master table.',
+        );
+      }
+
+      const activities = await tx.activities.findMany({
+        where: {
+          id: { in: activityXids },
+          hostXid: host.id,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          activityTitle: true,
+        },
+      });
+
+      if (activities.length !== activityXids.length) {
+        throw new ApiError(
+          400,
+          'One or more selected activities are invalid for this host.',
+        );
+      }
+
+      const existingUser = await tx.user.findFirst({
+        where: {
+          emailAddress: normalizedEmail,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          emailAddress: true,
+          roleXid: true,
+          userStatus: true,
+        },
+      });
+
+      let user =
+        existingUser ??
+        (await tx.user.create({
+          data: {
+            emailAddress: normalizedEmail,
+            roleXid: ROLE.HOST,
+            userStatus: USER_STATUS.INVITED,
+            isActive: true,
+          },
+          select: {
+            id: true,
+            emailAddress: true,
+            roleXid: true,
+            userStatus: true,
+          },
+        }));
+
+      if (existingUser && existingUser.roleXid !== ROLE.HOST) {
+        user = await tx.user.update({
+          where: { id: existingUser.id },
+          data: {
+            roleXid: ROLE.HOST,
+            userStatus: USER_STATUS.INVITED,
+            isActive: true,
+          },
+          select: {
+            id: true,
+            emailAddress: true,
+            roleXid: true,
+            userStatus: true,
+          },
+        });
+      }
+
+      const existingMembership = await tx.hostMembers.findFirst({
+        where: {
+          userXid: user.id,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          hostXid: true,
+        },
+      });
+
+      if (existingMembership && existingMembership.hostXid !== host.id) {
+        throw new ApiError(
+          409,
+          'This person is already invited or assigned to another host company.',
+        );
+      }
+
+      const membershipData = {
+        hostXid: host.id,
+        userXid: user.id,
+        roleXid,
+        hostRolePermissionMasterXid: permissionMaster.id,
+        memberStatus: 'invited',
+        invitedByXid: input.inviterUserXid,
+        invitedOn: new Date(),
+        acceptedOn: null,
+        isActive: true,
+      };
+
+      const hostMember = existingMembership
+        ? await tx.hostMembers.update({
+            where: { id: existingMembership.id },
+            data: membershipData,
+            select: {
+              id: true,
+              hostXid: true,
+              userXid: true,
+              roleXid: true,
+              hostRolePermissionMasterXid: true,
+              memberStatus: true,
+              invitedByXid: true,
+              invitedOn: true,
+            },
+          })
+        : await tx.hostMembers.create({
+            data: membershipData,
+            select: {
+              id: true,
+              hostXid: true,
+              userXid: true,
+              roleXid: true,
+              hostRolePermissionMasterXid: true,
+              memberStatus: true,
+              invitedByXid: true,
+              invitedOn: true,
+            },
+          });
+
+      await tx.hostMemberActivities.deleteMany({
+        where: {
+          hostMemberXid: hostMember.id,
+        },
+      });
+
+      await tx.hostMemberActivities.createMany({
+        data: activities.map((activity) => ({
+          hostMemberXid: hostMember.id,
+          activityXid: activity.id,
+          isActive: true,
+        })),
+      });
+
+      return {
+        host,
+        user,
+        hostMember,
+        permissionMaster,
+        permissionDetails,
+        activities,
+      };
+    });
+  }
+}

src/modules/host/services/hostRolePermission.service.ts

@@ -0,0 +1,254 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+import { ROLE } from '../../../common/utils/constants/common.constant';
+
+import ApiError from '../../../common/utils/helper/ApiError';
+
+function normalizeIdArray(values: unknown): number[] {
+  if (!Array.isArray(values)) {
+    return [];
+  }
+
+  return Array.from(
+    new Set(
+      values
+        .map((item) => Number(item))
+        .filter((item) => Number.isInteger(item) && item > 0),
+    ),
+  );
+}
+
+@Injectable()
+export class HostRolePermissionService {
+  constructor(private prisma: PrismaClient) {}
+
+  async saveRolePermissions(input: {
+    hostUserXid: number;
+    roleXid: number;
+    permissionMasterXids: unknown;
+  }) {
+    const permissionMasterXids = normalizeIdArray(input.permissionMasterXids);
+
+    if (!permissionMasterXids.length) {
+      throw new ApiError(400, 'permissionMasterXids is required.');
+    }
+
+    return this.prisma.$transaction(async (tx) => {
+      const host = await tx.hostHeader.findFirst({
+        where: {
+          userXid: input.hostUserXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          companyName: true,
+          userXid: true,
+        },
+      });
+
+      if (!host) {
+        throw new ApiError(404, 'Host company not found for the logged-in user.');
+      }
+
+      const role = await tx.roles.findFirst({
+        where: {
+          id: input.roleXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          roleName: true,
+        },
+      });
+
+      if (!role) {
+        throw new ApiError(400, 'Invalid roleXid.');
+      }
+
+      const selectedPermissions = await tx.hostPermissionMasters.findMany({
+        where: {
+          id: { in: permissionMasterXids },
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          permissionKey: true,
+          permissionGroup: true,
+          permissionSection: true,
+          permissionAction: true,
+          displayLabel: true,
+          displayOrder: true,
+        },
+        orderBy: {
+          displayOrder: 'asc',
+        },
+      });
+
+      if (selectedPermissions.length !== permissionMasterXids.length) {
+        throw new ApiError(400, 'One or more permissionMasterXids are invalid.');
+      }
+
+      const saved = await tx.hostRolePermissionMasters.upsert({
+        where: {
+          hostXid_roleXid: {
+            hostXid: host.id,
+            roleXid: role.id,
+          },
+        },
+        create: {
+          hostXid: host.id,
+          roleXid: role.id,
+          permissionMasterXids,
+          isActive: true,
+        },
+        update: {
+          permissionMasterXids,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          hostXid: true,
+          roleXid: true,
+          permissionMasterXids: true,
+          createdAt: true,
+          updatedAt: true,
+        },
+      });
+
+      return {
+        host,
+        role,
+        saved,
+        selectedPermissions,
+      };
+    });
+  }
+
+  async getMemberPermissions(input: {
+    hostUserXid: number;
+    memberUserXid: number;
+  }) {
+    return this.prisma.$transaction(async (tx) => {
+      // Find the host
+      const host = await tx.hostHeader.findFirst({
+        where: {
+          userXid: input.hostUserXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          companyName: true,
+          userXid: true,
+        },
+      });
+
+      if (!host) {
+        throw new ApiError(404, 'Host company not found for the logged-in user.');
+      }
+
+      // Find the host member
+      const hostMember = await tx.hostMembers.findFirst({
+        where: {
+          hostXid: host.id,
+          userXid: input.memberUserXid,
+          isActive: true,
+          deletedAt: null,
+          memberStatus: 'accepted',
+        },
+        select: {
+          id: true,
+          userXid: true,
+          roleXid: true,
+          role: {
+            select: {
+              id: true,
+              roleName: true,
+            },
+          },
+          hostRolePermissionMasterXid: true,
+        },
+      });
+
+      if (!hostMember) {
+        throw new ApiError(404, 'Host member not found or not active.');
+      }
+
+      // Check if role is operator or co-admin
+      if (hostMember.roleXid !== ROLE.CO_ADMIN && hostMember.roleXid !== ROLE.OPERATOR) {
+        throw new ApiError(400, 'Member is not an operator or co-admin.');
+      }
+
+      if (!hostMember.hostRolePermissionMasterXid) {
+        // Return empty permissions if no role permissions assigned
+        return {
+          host,
+          member: {
+            userXid: hostMember.userXid,
+            role: hostMember.role,
+          },
+          permissions: [],
+        };
+      }
+
+      // Get the role permissions
+      const rolePermissions = await tx.hostRolePermissionMasters.findFirst({
+        where: {
+          id: hostMember.hostRolePermissionMasterXid,
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          permissionMasterXids: true,
+        },
+      });
+
+      if (!rolePermissions) {
+        return {
+          host,
+          member: {
+            userXid: hostMember.userXid,
+            role: hostMember.role,
+          },
+          permissions: [],
+        };
+      }
+
+      // Get the actual permissions
+      const permissionIds = rolePermissions.permissionMasterXids as number[];
+      const permissions = await tx.hostPermissionMasters.findMany({
+        where: {
+          id: { in: permissionIds },
+          isActive: true,
+          deletedAt: null,
+        },
+        select: {
+          id: true,
+          permissionKey: true,
+          permissionGroup: true,
+          permissionSection: true,
+          permissionAction: true,
+          displayLabel: true,
+          displayOrder: true,
+        },
+        orderBy: {
+          displayOrder: 'asc',
+        },
+      });
+
+      return {
+        host,
+        member: {
+          userXid: hostMember.userXid,
+          role: hostMember.role,
+        },
+        permissions,
+      };
+    });
+  }
+}

src/modules/host/services/operatorActivity.service.ts

@@ -0,0 +1,992 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+import * as bcrypt from 'bcryptjs';
+import { brevoService } from '../../../common/email/brevoApi';
+import { getPresignedUrl } from '../../../common/middlewares/aws/getPreSignedUrl';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { generateOtpHelper } from '../../../common/utils/helper/sendOtp';
+import config from '../../../config/config';
+import {
+  ActivitySummaryDTO,
+  OperatorReservationByCheckInCodeDTO,
+  OperatorReservationVerificationOtpResponseDTO,
+  OperatorReservationVerifyOtpResponseDTO,
+} from '../dto/operator.activity.dto';
+
+const formatDateOnly = (date: Date): string => date.toISOString().split('T')[0];
+
+const formatReadableDateTime = (date: Date): string =>
+  new Intl.DateTimeFormat('en-US', {
+    weekday: 'long',
+    year: 'numeric',
+    month: 'long',
+    day: 'numeric',
+    hour: 'numeric',
+    minute: '2-digit',
+    hour12: true,
+  }).format(date);
+
+const formatReadableDate = (date: Date): string =>
+  new Intl.DateTimeFormat('en-US', {
+    weekday: 'long',
+    year: 'numeric',
+    month: 'long',
+    day: 'numeric',
+  }).format(date);
+
+const getDateLabel = (date: Date): string => {
+  const today = new Date();
+  return formatDateOnly(today) === formatDateOnly(date)
+    ? 'Today'
+    : formatReadableDate(date);
+};
+
+const buildFullName = (
+  firstName?: string | null,
+  lastName?: string | null,
+): string => `${firstName ?? ''} ${lastName ?? ''}`.trim();
+
+type ReservationVerificationPurpose = 'CheckInVerify' | 'CheckOutVerify';
+type ReservationVerificationRequestChannel = 'email' | 'mobile';
+
+@Injectable()
+export class OperatorActivityService {
+  constructor(private prisma: PrismaClient) {}
+
+  private async getAcceptedHostXidsForOperator(
+    operatorId: number,
+  ): Promise<number[]> {
+    const hostMembers = await this.prisma.hostMembers.findMany({
+      where: {
+        userXid: operatorId,
+        isActive: true,
+        memberStatus: 'accepted',
+        deletedAt: null,
+      },
+      select: {
+        hostXid: true,
+      },
+    });
+
+    return hostMembers.map((member) => member.hostXid);
+  }
+
+  private maskEmailAddress(emailAddress: string): string {
+    const [localPart, domainPart = ''] = emailAddress.split('@');
+
+    if (!localPart) {
+      return emailAddress;
+    }
+
+    if (localPart.length <= 2) {
+      return `${localPart[0] ?? '*'}*@${domainPart}`;
+    }
+
+    return `${localPart[0]}${'*'.repeat(
+      Math.max(localPart.length - 2, 1),
+    )}${localPart[localPart.length - 1]}@${domainPart}`;
+  }
+
+  private async sendReservationVerificationOtpEmail(input: {
+    emailAddress: string;
+    otp: string;
+    checkInCode: string;
+    verificationType: 'check-in' | 'checkout';
+    firstName?: string | null;
+  }): Promise<void> {
+    const subject =
+      input.verificationType === 'check-in'
+        ? 'Your Minglar check-in verification code'
+        : 'Your Minglar checkout verification code';
+
+    const greetingName = input.firstName?.trim() || 'there';
+    const htmlContent = `
+      <p>Hi ${greetingName},</p>
+      <p>Your ${input.verificationType} verification code for Minglar is:</p>
+      <p><strong>${input.otp}</strong></p>
+      <p>Check-in code: <strong>${input.checkInCode}</strong></p>
+      <p>This code is valid for the next 5 minutes.</p>
+      <p>If you did not request this code, you can ignore this email.</p>
+      <p>Warm regards,<br />Team Minglar</p>
+    `;
+
+    try {
+      await brevoService.sendEmail({
+        recipients: [{ email: input.emailAddress }],
+        subject,
+        htmlContent,
+      });
+    } catch (error) {
+      console.error('Reservation OTP email send failed:', error);
+      throw new ApiError(500, 'Failed to send OTP to the registered email address.');
+    }
+  }
+
+  private async findReservationForOperatorByCheckInCode(
+    operatorId: number,
+    checkInCode: string,
+  ) {
+    const hostXids = await this.getAcceptedHostXidsForOperator(operatorId);
+
+    if (hostXids.length === 0) {
+      throw new ApiError(404, 'Reservation not found for this check-in code');
+    }
+
+    const reservation = await this.prisma.itineraryDetails.findFirst({
+      where: {
+        offlineCode: checkInCode,
+        itineraryKind: 'ACTIVITY',
+        isActive: true,
+        deletedAt: null,
+        itineraryActivity: {
+          itineraryType: 'ACTIVITY',
+          isActive: true,
+          deletedAt: null,
+          activity: {
+            hostXid: {
+              in: hostXids,
+            },
+            isActive: true,
+            deletedAt: null,
+          },
+        },
+      },
+      select: {
+        id: true,
+        itineraryMemberXid: true,
+        offlineCode: true,
+        activityStatus: true,
+        itineraryMember: {
+          select: {
+            id: true,
+            member: {
+              select: {
+                id: true,
+                firstName: true,
+                lastName: true,
+                emailAddress: true,
+                mobileNumber: true,
+              },
+            },
+          },
+        },
+        itineraryActivity: {
+          select: {
+            id: true,
+            bookingStatus: true,
+            activity: {
+              select: {
+                activityTitle: true,
+              },
+            },
+          },
+        },
+      },
+    });
+
+    if (!reservation) {
+      throw new ApiError(404, 'Reservation not found for this check-in code');
+    }
+
+    return reservation;
+  }
+
+  private async verifyReservationOtp(
+    operatorId: number,
+    checkInCode: string,
+    otp: string,
+    input: {
+      otpType: ReservationVerificationPurpose;
+      verificationType: 'check-in' | 'checkout';
+      nextStatus: 'checked_in' | 'checked_out';
+    },
+  ): Promise<OperatorReservationVerifyOtpResponseDTO> {
+    const normalizedCheckInCode = checkInCode.trim();
+    const trimmedOtp = otp.trim();
+
+    if (!normalizedCheckInCode) {
+      throw new ApiError(400, 'checkInCode is required');
+    }
+
+    if (!trimmedOtp) {
+      throw new ApiError(400, 'otp is required');
+    }
+
+    const reservation = await this.findReservationForOperatorByCheckInCode(
+      operatorId,
+      normalizedCheckInCode,
+    );
+
+    const member = reservation.itineraryMember?.member;
+    if (!member?.id) {
+      throw new ApiError(404, 'User not found for this reservation');
+    }
+
+    const currentStatus = (
+      reservation.activityStatus ??
+      reservation.itineraryActivity.bookingStatus ??
+      ''
+    )
+      .trim()
+      .toLowerCase();
+
+    if (input.verificationType === 'check-in') {
+      if (currentStatus === 'checked_in') {
+        throw new ApiError(400, 'This user is already checked in.');
+      }
+
+      if (currentStatus === 'checked_out') {
+        throw new ApiError(400, 'This user has already checked out.');
+      }
+    }
+
+    if (input.verificationType === 'checkout') {
+      if (currentStatus === 'checked_out') {
+        throw new ApiError(400, 'This user is already checked out.');
+      }
+
+      if (currentStatus !== 'checked_in') {
+        throw new ApiError(
+          400,
+          'Check-in verification must be completed before checkout.',
+        );
+      }
+    }
+
+    const latestOtp = await this.prisma.userOtp.findFirst({
+      where: {
+        userXid: member.id,
+        otpType: input.otpType,
+        isActive: true,
+        isVerified: false,
+      },
+      orderBy: {
+        createdAt: 'desc',
+      },
+    });
+
+    if (!latestOtp) {
+      throw new ApiError(400, 'No OTP found.');
+    }
+
+    if (new Date() > latestOtp.expiresOn) {
+      throw new ApiError(400, 'OTP has expired.');
+    }
+
+    const isMatch = await bcrypt.compare(trimmedOtp, latestOtp.otpCode);
+
+    if (!isMatch) {
+      throw new ApiError(400, 'Invalid OTP.');
+    }
+
+    await this.prisma.$transaction(async (tx) => {
+      await tx.userOtp.update({
+        where: {
+          id: latestOtp.id,
+        },
+        data: {
+          isVerified: true,
+          verifiedOn: new Date(),
+          isActive: false,
+        },
+      });
+
+      await tx.itineraryDetails.update({
+        where: {
+          id: reservation.id,
+        },
+        data: {
+          activityStatus: input.nextStatus,
+          updatedOn: new Date(),
+        },
+      });
+    });
+
+    return {
+      itineraryActivityXid: reservation.itineraryActivity.id,
+      itineraryMemberXid: reservation.itineraryMemberXid,
+      activityName: reservation.itineraryActivity.activity?.activityTitle ?? null,
+      checkInCode: normalizedCheckInCode,
+      verificationType: input.verificationType,
+      verified: true,
+      reservationStatus: input.nextStatus,
+    };
+  }
+
+  private async requestReservationVerificationOtp(
+    operatorId: number,
+    checkInCode: string,
+    input: {
+      otpType: ReservationVerificationPurpose;
+      verificationType: 'check-in' | 'checkout';
+      requestedChannel: ReservationVerificationRequestChannel;
+    },
+  ): Promise<OperatorReservationVerificationOtpResponseDTO> {
+    const normalizedCheckInCode = checkInCode.trim();
+
+    if (!normalizedCheckInCode) {
+      throw new ApiError(400, 'checkInCode is required');
+    }
+
+    const reservation = await this.findReservationForOperatorByCheckInCode(
+      operatorId,
+      normalizedCheckInCode,
+    );
+
+    const member = reservation.itineraryMember?.member;
+    if (!member?.id) {
+      throw new ApiError(404, 'User not found for this reservation');
+    }
+
+    const emailAddress = member.emailAddress?.trim().toLowerCase() || null;
+    const mobileNumber = member.mobileNumber?.trim() || null;
+
+    if (!emailAddress && !mobileNumber) {
+      throw new ApiError(
+        400,
+        'No registered mobile number or email address found for this user.',
+      );
+    }
+
+    if (!emailAddress) {
+      throw new ApiError(
+        501,
+        'SMS OTP delivery is not configured yet for reservation verification. Please add a registered email address for this user.',
+      );
+    }
+
+    const deliveryNote =
+      input.requestedChannel === 'mobile'
+        ? 'SMS OTP delivery is not configured yet, so the OTP was sent to the registered email address instead.'
+        : null;
+
+    const otpResult = await generateOtpHelper(
+      this.prisma,
+      member.id,
+      emailAddress,
+      input.otpType,
+      6,
+      5,
+    );
+
+    await this.sendReservationVerificationOtpEmail({
+      emailAddress,
+      otp: otpResult.otp,
+      checkInCode: normalizedCheckInCode,
+      verificationType: input.verificationType,
+      firstName: member.firstName,
+    });
+
+    return {
+      itineraryActivityXid: reservation.itineraryActivity.id,
+      itineraryMemberXid: reservation.itineraryMemberXid,
+      activityName: reservation.itineraryActivity.activity?.activityTitle ?? null,
+      checkInCode: normalizedCheckInCode,
+      verificationType: input.verificationType,
+      requestedChannel: input.requestedChannel,
+      deliveryChannel: 'email',
+      destination: this.maskEmailAddress(emailAddress),
+      reservationStatus:
+        reservation.activityStatus ?? reservation.itineraryActivity.bookingStatus,
+      expiresInMinutes: 5,
+      deliveryNote,
+    };
+  }
+
+  private async attachPresignedUrl(
+    fileName?: string | null,
+  ): Promise<string | null> {
+    if (!fileName) {
+      return null;
+    }
+
+    try {
+      return await getPresignedUrl(config.aws.bucketName, fileName);
+    } catch (error) {
+      console.error(`Failed to generate presigned URL for ${fileName}:`, error);
+      return null;
+    }
+  }
+
+  async getActivitiesByDate(
+    operatorId: number,
+    activityDate?: string,
+  ): Promise<{
+    date: string;
+    activities: ActivitySummaryDTO[];
+    totalCount: number;
+  }> {
+    try {
+      // Get operator's assigned hosts
+      const hostMembers = await this.prisma.hostMembers.findMany({
+        where: {
+          userXid: operatorId,
+          isActive: true,
+          memberStatus: 'accepted', // Only accepted memberships
+        },
+        select: {
+          hostXid: true,
+        },
+      });
+
+      if (hostMembers.length === 0) {
+        return {
+          date: new Date().toISOString().split('T')[0],
+          activities: [],
+          totalCount: 0,
+        };
+      }
+
+      const hostXids = hostMembers.map((m) => m.hostXid);
+
+      // Use today's date if not provided
+      const queryDate = activityDate ? new Date(activityDate) : new Date();
+
+      // Validate date format
+      if (isNaN(queryDate.getTime())) {
+        throw new ApiError(400, 'Invalid date format. Use YYYY-MM-DD format');
+      }
+
+      // Set time to start of day (UTC)
+      queryDate.setUTCHours(0, 0, 0, 0);
+
+      // Set end of day
+      const endOfDay = new Date(queryDate);
+      endOfDay.setUTCHours(23, 59, 59, 999);
+
+      // Get all schedule occurrences from today onwards (not just query date)
+      // This includes future dates to show all scheduled dates
+      const allScheduleOccurrences =
+        await this.prisma.scheduleOccurences.findMany({
+          where: {
+            occurenceDate: {
+              gte: queryDate,
+            },
+            isActive: true,
+            scheduleHeader: {
+              activity: {
+                hostXid: {
+                  in: hostXids,
+                },
+              },
+            },
+          },
+          include: {
+            scheduleHeader: {
+              include: {
+                activity: {
+                  select: {
+                    id: true,
+                    activityTitle: true,
+                    isActive: true,
+                    ActivitiesMedia: {
+                      where: {
+                        isCoverImage: true,
+                        isActive: true,
+                      },
+                      select: {
+                        mediaFileName: true,
+                      },
+                      take: 1,
+                    },
+                  },
+                },
+              },
+            },
+          },
+          orderBy: {
+            occurenceDate: 'asc',
+          },
+        });
+
+      if (allScheduleOccurrences.length === 0) {
+        return {
+          date: queryDate.toISOString().split('T')[0],
+          activities: [],
+          totalCount: 0,
+        };
+      }
+
+      // Group activities by activity ID with all scheduled dates
+      const activityMap = new Map<
+        number,
+        {
+          activityTitle: string;
+          coverImage: string | null;
+          coverImageUrl: string | null;
+          activityId: number;
+          scheduledDates: Date[];
+        }
+      >();
+
+      // Process all schedule occurrences to build activity list with all scheduled dates
+      for (const occurrence of allScheduleOccurrences) {
+        const activity = occurrence.scheduleHeader.activity;
+
+        if (!activityMap.has(activity.id)) {
+          let coverImage: string | null = null;
+          let coverImageUrl: string | null = null;
+
+          if (activity.ActivitiesMedia.length > 0) {
+            coverImage = activity.ActivitiesMedia[0].mediaFileName;
+            try {
+              // Generate presigned URL for the image
+              coverImageUrl = await getPresignedUrl(
+                config.aws.bucketName,
+                coverImage,
+              );
+            } catch (error) {
+              console.error(
+                `Failed to generate presigned URL for ${coverImage}:`,
+                error,
+              );
+              coverImageUrl = null;
+            }
+          }
+
+          activityMap.set(activity.id, {
+            activityTitle: activity.activityTitle || 'Unknown Activity',
+            coverImage,
+            coverImageUrl,
+            activityId: activity.id,
+            scheduledDates: [new Date(occurrence.occurenceDate)],
+          });
+        } else {
+          // Add to scheduled dates if not already present
+          const existingActivity = activityMap.get(activity.id)!;
+          const occurrenceDateStr = new Date(occurrence.occurenceDate)
+            .toISOString()
+            .split('T')[0];
+          const dateExists = existingActivity.scheduledDates.some(
+            (d) => d.toISOString().split('T')[0] === occurrenceDateStr,
+          );
+          if (!dateExists) {
+            existingActivity.scheduledDates.push(
+              new Date(occurrence.occurenceDate),
+            );
+          }
+        }
+      }
+
+      // Get all unique scheduled dates for all activities
+      const allScheduledDates = new Set<string>();
+      activityMap.forEach((activity) => {
+        activity.scheduledDates.forEach((date) => {
+          allScheduledDates.add(date.toISOString().split('T')[0]);
+        });
+      });
+
+      // Get all activity IDs
+      const activityIds = Array.from(activityMap.keys());
+
+      // Query all bookings for these activities from query date onwards
+      const allBookings = await this.prisma.itineraryActivities.findMany({
+        where: {
+          activityXid: {
+            in: activityIds,
+          },
+          occurenceDate: {
+            gte: queryDate,
+          },
+          isActive: true,
+        },
+        select: {
+          activityXid: true,
+          itineraryHeaderXid: true,
+          occurenceDate: true,
+        },
+      });
+
+      // Count bookings by activity and date
+      const bookingsByActivityAndDate = new Map<
+        number,
+        Map<string, Set<number>>
+      >();
+
+      allBookings.forEach((booking) => {
+        if (booking.activityXid) {
+          if (!bookingsByActivityAndDate.has(booking.activityXid)) {
+            bookingsByActivityAndDate.set(booking.activityXid, new Map());
+          }
+
+          const dateStr = new Date(booking.occurenceDate)
+            .toISOString()
+            .split('T')[0];
+          const dateMap = bookingsByActivityAndDate.get(booking.activityXid)!;
+
+          if (!dateMap.has(dateStr)) {
+            dateMap.set(dateStr, new Set());
+          }
+
+          dateMap.get(dateStr)!.add(booking.itineraryHeaderXid);
+        }
+      });
+
+      // Convert map to array format with date breakdown
+      const activities: ActivitySummaryDTO[] = Array.from(
+        activityMap.values(),
+      ).map((activity) => {
+        const activityBookings = bookingsByActivityAndDate.get(
+          activity.activityId,
+        );
+
+        // Get bookings for each scheduled date
+        const dateBreakdown = Array.from(allScheduledDates)
+          .sort()
+          .map((dateStr) => {
+            const count = activityBookings?.get(dateStr)?.size || 0;
+            return {
+              date: dateStr,
+              count,
+            };
+          });
+
+        // Count for the query date only
+        const queryDateStr = queryDate.toISOString().split('T')[0];
+        const countForQueryDate =
+          activityBookings?.get(queryDateStr)?.size || 0;
+
+        return {
+          activityName: activity.activityTitle,
+          activityImage: activity.coverImage,
+          activityImagePreSignedUrl: activity.coverImageUrl,
+          count: countForQueryDate,
+          dateBreakdown,
+        };
+      });
+
+      // Total count is bookings for the requested date only
+      const queryDateStr = queryDate.toISOString().split('T')[0];
+      const totalCount = allBookings.filter(
+        (b) =>
+          new Date(b.occurenceDate).toISOString().split('T')[0] ===
+          queryDateStr,
+      ).length;
+
+      return {
+        date: queryDateStr,
+        activities,
+        totalCount,
+      };
+    } catch (error) {
+      if (error instanceof ApiError) {
+        throw error;
+      }
+      throw new ApiError(
+        500,
+        error instanceof Error ? error.message : 'Error fetching activities',
+      );
+    }
+  }
+
+  async getReservationByCheckInCode(
+    operatorId: number,
+    checkInCode: string,
+  ): Promise<OperatorReservationByCheckInCodeDTO> {
+    try {
+      const normalizedCheckInCode = checkInCode.trim();
+      if (!normalizedCheckInCode) {
+        throw new ApiError(400, 'checkInCode is required');
+      }
+
+      const hostMembers = await this.prisma.hostMembers.findMany({
+        where: {
+          userXid: operatorId,
+          isActive: true,
+          memberStatus: 'accepted',
+          deletedAt: null,
+        },
+        select: {
+          hostXid: true,
+        },
+      });
+
+      const hostXids = hostMembers.map((member) => member.hostXid);
+      if (hostXids.length === 0) {
+        throw new ApiError(404, 'Reservation not found for this check-in code');
+      }
+
+      const reservation = await this.prisma.itineraryDetails.findFirst({
+        where: {
+          offlineCode: normalizedCheckInCode,
+          itineraryKind: 'ACTIVITY',
+          isActive: true,
+          deletedAt: null,
+          itineraryActivity: {
+            itineraryType: 'ACTIVITY',
+            isActive: true,
+            deletedAt: null,
+            activity: {
+              hostXid: {
+                in: hostXids,
+              },
+              isActive: true,
+              deletedAt: null,
+            },
+          },
+        },
+        select: {
+          id: true,
+          itineraryMemberXid: true,
+          offlineCode: true,
+          activityStatus: true,
+          createdAt: true,
+          paidOn: true,
+          itineraryMember: {
+            select: {
+              id: true,
+              memberRole: true,
+              member: {
+                select: {
+                  id: true,
+                  firstName: true,
+                  lastName: true,
+                  mobileNumber: true,
+                  profileImage: true,
+                },
+              },
+            },
+          },
+          itineraryActivity: {
+            select: {
+              id: true,
+              occurenceDate: true,
+              startTime: true,
+              endTime: true,
+              bookingStatus: true,
+              venue: {
+                select: {
+                  id: true,
+                  venueName: true,
+                  venueLabel: true,
+                },
+              },
+              itineraryHeader: {
+                select: {
+                  id: true,
+                  itineraryNo: true,
+                  createdAt: true,
+                },
+              },
+              activity: {
+                select: {
+                  id: true,
+                  activityTitle: true,
+                  checkInAddress: true,
+                  ActivityPickUpDetails: {
+                    where: {
+                      isActive: true,
+                      deletedAt: null,
+                    },
+                    select: {
+                      id: true,
+                      isPickUp: true,
+                      locationAddress: true,
+                    },
+                  },
+                },
+              },
+              itineraryActivitySelections: {
+                where: {
+                  isActive: true,
+                  deletedAt: null,
+                },
+                select: {
+                  id: true,
+                  itineraryMemberXid: true,
+                  isFoodOpted: true,
+                  isTrainerOpted: true,
+                  selectedFoodTypes: {
+                    where: {
+                      isActive: true,
+                      deletedAt: null,
+                    },
+                    select: {
+                      id: true,
+                      activityFoodType: {
+                        select: {
+                          foodType: {
+                            select: {
+                              foodTypeName: true,
+                            },
+                          },
+                        },
+                      },
+                    },
+                  },
+                  selectedEquipments: {
+                    where: {
+                      isActive: true,
+                      deletedAt: null,
+                    },
+                    select: {
+                      id: true,
+                      activityEquipment: {
+                        select: {
+                          equipmentName: true,
+                        },
+                      },
+                    },
+                  },
+                },
+              },
+            },
+          },
+        },
+      });
+
+      if (!reservation) {
+        throw new ApiError(404, 'Reservation not found for this check-in code');
+      }
+
+      const activitySelection =
+        reservation.itineraryActivity.itineraryActivitySelections.find(
+          (selection) =>
+            selection.itineraryMemberXid === reservation.itineraryMemberXid,
+        ) ?? null;
+
+      const selectedFoodTypes = (activitySelection?.selectedFoodTypes ?? [])
+        .map(
+          (selectedFoodType) =>
+            selectedFoodType.activityFoodType.foodType.foodTypeName,
+        )
+        .filter(Boolean);
+      const selectedEquipments = (activitySelection?.selectedEquipments ?? [])
+        .map(
+          (selectedEquipment) =>
+            selectedEquipment.activityEquipment.equipmentName,
+        )
+        .filter(Boolean);
+
+      const pickupLocation =
+        reservation.itineraryActivity.activity.ActivityPickUpDetails.find(
+          (detail) => detail.isPickUp && detail.locationAddress,
+        )?.locationAddress ??
+        reservation.itineraryActivity.activity.ActivityPickUpDetails.find(
+          (detail) => detail.locationAddress,
+        )?.locationAddress ??
+        reservation.itineraryActivity.activity.checkInAddress ??
+        null;
+
+      const member = reservation.itineraryMember.member;
+      const fullName =
+        buildFullName(member.firstName, member.lastName) || 'Guest';
+      const profileImagePreSignedUrl = await this.attachPresignedUrl(
+        member.profileImage,
+      );
+      const occurenceDate = new Date(
+        reservation.itineraryActivity.occurenceDate,
+      );
+      const bookedOnDate =
+        reservation.paidOn ??
+        reservation.createdAt ??
+        reservation.itineraryActivity.itineraryHeader.createdAt;
+
+      return {
+        itineraryHeaderXid: reservation.itineraryActivity.itineraryHeader.id,
+        itineraryActivityXid: reservation.itineraryActivity.id,
+        bookingId: reservation.itineraryActivity.itineraryHeader.itineraryNo,
+        checkInCode: reservation.offlineCode,
+        reservationStatus:
+          reservation.activityStatus ??
+          reservation.itineraryActivity.bookingStatus,
+        personalDetails: {
+          fullName,
+          firstName: member.firstName,
+          lastName: member.lastName,
+          role: reservation.itineraryMember.memberRole,
+          mobileNumber: member.mobileNumber,
+          profileImage: member.profileImage,
+          profileImagePreSignedUrl,
+          tags: [],
+        },
+        bookingInformation: {
+          activityName: reservation.itineraryActivity.activity.activityTitle,
+          slot:
+            reservation.itineraryActivity.startTime &&
+            reservation.itineraryActivity.endTime
+              ? `${reservation.itineraryActivity.startTime} - ${reservation.itineraryActivity.endTime}`
+              : null,
+          startTime: reservation.itineraryActivity.startTime,
+          endTime: reservation.itineraryActivity.endTime,
+          track: reservation.itineraryActivity.venue?.venueName ?? null,
+          trackLabel: reservation.itineraryActivity.venue?.venueLabel ?? null,
+          date: formatDateOnly(occurenceDate),
+          dateLabel: getDateLabel(occurenceDate),
+          bookedOn: bookedOnDate ? bookedOnDate.toISOString() : null,
+          bookedOnLabel: bookedOnDate
+            ? formatReadableDateTime(bookedOnDate)
+            : null,
+        },
+        bookingIncluded: {
+          food:
+            selectedFoodTypes.length > 0 ? selectedFoodTypes.join(', ') : 'No',
+          selectedFoodTypes,
+          equipment: selectedEquipments.length > 0 ? 'Yes' : 'No',
+          selectedEquipments,
+          trainerOrGuide: activitySelection?.isTrainerOpted ? 'Yes' : 'No',
+          pickupLocation,
+        },
+        // description1: null,
+        // description2: null,
+      };
+    } catch (error) {
+      if (error instanceof ApiError) {
+        throw error;
+      }
+
+      throw new ApiError(
+        500,
+        error instanceof Error
+          ? error.message
+          : 'Error fetching reservation details',
+      );
+    }
+  }
+
+  async sendOtpCheckIn(
+    operatorId: number,
+    checkInCode: string,
+  ): Promise<OperatorReservationVerificationOtpResponseDTO> {
+    return this.requestReservationVerificationOtp(operatorId, checkInCode, {
+      otpType: 'CheckInVerify',
+      verificationType: 'check-in',
+      requestedChannel: 'email',
+    });
+  }
+
+  async sendOtpCheckout(
+    operatorId: number,
+    checkInCode: string,
+  ): Promise<OperatorReservationVerificationOtpResponseDTO> {
+    return this.requestReservationVerificationOtp(operatorId, checkInCode, {
+      otpType: 'CheckOutVerify',
+      verificationType: 'checkout',
+      requestedChannel: 'mobile',
+    });
+  }
+
+  async verifyOtpCheckIn(
+    operatorId: number,
+    checkInCode: string,
+    otp: string,
+  ): Promise<OperatorReservationVerifyOtpResponseDTO> {
+    return this.verifyReservationOtp(operatorId, checkInCode, otp, {
+      otpType: 'CheckInVerify',
+      verificationType: 'check-in',
+      nextStatus: 'checked_in',
+    });
+  }
+
+  async verifyOtpCheckout(
+    operatorId: number,
+    checkInCode: string,
+    otp: string,
+  ): Promise<OperatorReservationVerifyOtpResponseDTO> {
+    return this.verifyReservationOtp(operatorId, checkInCode, otp, {
+      otpType: 'CheckOutVerify',
+      verificationType: 'checkout',
+      nextStatus: 'checked_out',
+    });
+  }
+}

src/modules/host/services/operatorAuth.service.ts

@@ -0,0 +1,286 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+import * as bcrypt from 'bcryptjs';
+import { ROLE, USER_STATUS } from '../../../common/utils/constants/common.constant';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { OtpGeneratorSixDigit } from '../../../common/utils/helper/OtpGenerator';
+
+type OperatorSignupInput = {
+  firstName?: string;
+  lastName?: string;
+  emailAddress?: string;
+  isdCode?: string;
+  mobileNumber?: string;
+};
+
+@Injectable()
+export class OperatorAuthService {
+  constructor(private prisma: PrismaClient) {}
+
+  async findInvitedOperator(input: {
+    emailAddress?: string;
+    mobileNumber?: string;
+  }) {
+    const emailAddress = input.emailAddress?.trim().toLowerCase();
+    const mobileNumber = input.mobileNumber?.trim();
+
+    if (!emailAddress && !mobileNumber) {
+      throw new ApiError(400, 'Email address or mobile number is required');
+    }
+
+    const invitedOperator = await this.prisma.user.findFirst({
+      where: {
+        roleXid: ROLE.OPERATOR,
+        isActive: true,
+        OR: [
+          ...(emailAddress ? [{ emailAddress }] : []),
+          ...(mobileNumber ? [{ mobileNumber }] : []),
+        ],
+      },
+      select: {
+        id: true,
+        firstName: true,
+        lastName: true,
+        emailAddress: true,
+        isdCode: true,
+        mobileNumber: true,
+        roleXid: true,
+        userPassword: true,
+        isEmailVerfied: true,
+        userStatus: true,
+      },
+    });
+
+    if (!invitedOperator) {
+      throw new ApiError(
+        403,
+        'Operator record not found. Please contact your host.',
+      );
+    }
+
+    return invitedOperator;
+  }
+
+  async signUpOperator(input: OperatorSignupInput) {
+    const emailAddress = input.emailAddress?.trim().toLowerCase();
+    const mobileNumber = input.mobileNumber?.trim();
+    const invitedOperator = await this.findInvitedOperator({
+      emailAddress,
+      mobileNumber,
+    });
+
+    if (invitedOperator.userPassword) {
+      return {
+        userId: invitedOperator.id,
+        emailAddress: emailAddress || invitedOperator.emailAddress,
+        mobileNumber: mobileNumber || invitedOperator.mobileNumber,
+        otp: null,
+        expiresOn: null,
+        isNewOperator: false,
+      };
+    }
+
+    const otp = OtpGeneratorSixDigit.generateOtp();
+    const hashedOtp = await bcrypt.hash(otp, 10);
+    const expiry = new Date(Date.now() + 5 * 60 * 1000);
+
+    await this.prisma.$transaction(async (tx) => {
+      await tx.user.update({
+        where: { id: invitedOperator.id },
+        data: {
+          firstName: input.firstName?.trim() || invitedOperator.firstName || null,
+          lastName: input.lastName?.trim() || invitedOperator.lastName || null,
+          emailAddress: emailAddress || invitedOperator.emailAddress,
+          isdCode: input.isdCode?.trim() || invitedOperator.isdCode || null,
+          mobileNumber: mobileNumber || invitedOperator.mobileNumber,
+          userStatus: USER_STATUS.INVITED,
+        },
+      });
+
+      await tx.userOtp.updateMany({
+        where: {
+          userXid: invitedOperator.id,
+          otpType: 'Register',
+          isActive: true,
+        },
+        data: {
+          isActive: false,
+          isVerified: true,
+        },
+      });
+
+      await tx.userOtp.create({
+        data: {
+          userXid: invitedOperator.id,
+          otpType: 'Register',
+          otpCode: hashedOtp,
+          expiresOn: expiry,
+          isVerified: false,
+          isActive: true,
+        },
+      });
+    });
+
+    return {
+      isNewOperator: true,
+    };
+  }
+
+  async verifyOperatorOtp(input: { emailAddress?: string; mobileNumber?: string; otp: string }) {
+    const emailAddress = input.emailAddress?.trim().toLowerCase();
+    const mobileNumber = input.mobileNumber?.trim();
+    const otp = input.otp.trim();
+
+    const invitedOperator = await this.findInvitedOperator({
+      emailAddress,
+      mobileNumber,
+    });
+
+    const latestOtp = await this.prisma.userOtp.findFirst({
+      where: {
+        userXid: invitedOperator.id,
+        otpType: 'Register',
+        isActive: true,
+        isVerified: false,
+      },
+      orderBy: { createdAt: 'desc' },
+    });
+
+    if (!latestOtp) {
+      throw new ApiError(400, 'No OTP found.');
+    }
+
+    if (new Date() > latestOtp.expiresOn) {
+      throw new ApiError(400, 'OTP has expired.');
+    }
+
+    const isMatch = await bcrypt.compare(otp, latestOtp.otpCode);
+
+    if (!isMatch) {
+      throw new ApiError(400, 'Invalid OTP.');
+    }
+
+    await this.prisma.userOtp.update({
+      where: { id: latestOtp.id },
+      data: {
+        isVerified: true,
+        verifiedOn: new Date(),
+        isActive: false,
+      },
+    });
+
+    await this.prisma.user.update({
+      where: { id: invitedOperator.id },
+      data: {
+        isEmailVerfied: emailAddress ? true : invitedOperator.isEmailVerfied,
+      },
+    });
+
+    return invitedOperator;
+  }
+
+  async createOperatorPassword(userId: number, password: string) {
+    const user = await this.prisma.user.findFirst({
+      where: {
+        id: userId,
+        roleXid: ROLE.OPERATOR,
+        isActive: true,
+      },
+      select: {
+        id: true,
+        emailAddress: true,
+        userPassword: true,
+      },
+    });
+
+    if (!user) {
+      throw new ApiError(404, 'Operator not found');
+    }
+
+    if (user.userPassword) {
+      throw new ApiError(400, 'Password already created. Please login.');
+    }
+
+    const saltRounds = parseInt(process.env.SALT_ROUNDS || '10', 10);
+    const hashedPassword = await bcrypt.hash(password, saltRounds);
+
+    await this.prisma.user.update({
+      where: { id: user.id },
+      data: {
+        userPassword: hashedPassword,
+        userStatus: USER_STATUS.ACTIVE,
+        isEmailVerfied: true,
+      },
+    });
+
+    return {
+      id: user.id,
+      emailAddress: user.emailAddress,
+    };
+  }
+
+  async loginForOperator(emailAddress: string, userPassword: string) {
+    const existingOperator = await this.prisma.user.findFirst({
+      where: {
+        emailAddress,
+        roleXid: ROLE.OPERATOR,
+        isActive: true,
+        userStatus: USER_STATUS.ACTIVE,
+      },
+      select: {
+        id: true,
+        firstName: true,
+        lastName: true,
+        emailAddress: true,
+        mobileNumber: true,
+        roleXid: true,
+        isActive: true,
+        userStatus: true,
+        userPassword: true,
+      },
+    });
+
+    if (!existingOperator) {
+      throw new ApiError(404, 'Operator not found');
+    }
+
+    const isPasswordMatched = await bcrypt.compare(
+      userPassword,
+      existingOperator.userPassword || '',
+    );
+
+    if (!isPasswordMatched) {
+      throw new ApiError(401, 'Invalid credentials');
+    }
+
+    delete existingOperator.userPassword;
+
+    return existingOperator;
+  }
+
+  async verifyPasswordForOperator(emailAddress: string, userPassword: string) {
+    const existingOperator = await this.prisma.user.findFirst({
+      where: {
+        emailAddress,
+        roleXid: ROLE.OPERATOR,
+        isActive: true,
+        userStatus: USER_STATUS.ACTIVE,
+      },
+      select: {
+        id: true,
+        userPassword: true,
+      },
+    });
+
+    if (!existingOperator) {
+      throw new ApiError(404, 'Operator not found');
+    }
+
+    const isPasswordMatched = await bcrypt.compare(
+      userPassword,
+      existingOperator.userPassword || '',
+    );
+
+    return isPasswordMatched;
+  }
+}

src/modules/host/services/resendOTPEmail.service.ts

@@ -10,13 +10,16 @@ export async function resendOtpEmail(
   //  messageId: string
 }> {
 
-  const subject = "New OTP from Minglar Team";
+  const subject = "Your Minglar Verification Code";
 
   const htmlContent = `
-    <p>Dear ${role},</p>
-    <p>Your new OTP is: <strong>${otp}</strong></p>
-    <p>This code will be valid for the next 5 minutes.</p>
-    <p>Warm regards,<br/>Minglar Team</p>
+    <p>Hi ${role},</p>
+    <p>Here's your verification code to get started:</p>
+    <p><strong>${otp}</strong></p>
+    <p>This code is valid for the next 5 minutes.</p>
+    <p>Once verified, you can continue setting up your Minglar account. If you didn't request this, you can safely ignore this email.</p>
+    <p>Need help? Reach out to us at info@minglargroup.com.</p>
+    <p>Warm regards,<br/>Team Minglar</p>
   `;
 
   try {
@@ -37,3 +40,5 @@ export async function resendOtpEmail(
     throw new ApiError(500, "Failed to send OTP to host via email.");
   }
 }
+
+

src/modules/host/services/sendHostMemberInvitationEmail.service.ts

@@ -0,0 +1,51 @@
+import { brevoService } from '../../../common/email/brevoApi';
+import ApiError from '../../../common/utils/helper/ApiError';
+import config from '../../../config/config';
+
+export async function sendHostMemberInvitationEmail(
+  emailAddress: string,
+  hostName: string,
+  memberRole: string,
+  permissionLabels: string[],
+  activityNames: string[],
+): Promise<{
+  sent: boolean;
+}> {
+  const subject = `Invitation to join ${hostName} on Minglar Host`;
+
+  const permissionsHtml = permissionLabels.length
+    ? `<ul>${permissionLabels.map((permission) => `<li>${permission}</li>`).join('')}</ul>`
+    : '<p>No permissions were assigned.</p>';
+
+  const activitiesHtml = activityNames.length
+    ? `<ul>${activityNames.map((activity) => `<li>${activity}</li>`).join('')}</ul>`
+    : '<p>No activities were assigned.</p>';
+
+  const htmlContent = `
+    <p>Hi there,</p>
+    <p>You have been invited by <strong>${hostName}</strong> to join the Minglar Host portal as <strong>${memberRole}</strong>.</p>
+    <p>The following permissions have been assigned to your account:</p>
+    ${permissionsHtml}
+    <p>The following activities have been assigned to you:</p>
+    ${activitiesHtml}
+    <p>You can access the host portal using the link below:</p>
+    <p><a href="${config.HOST_LINK}" target="_blank">${config.HOST_LINK}</a></p>
+    <p>If you were not expecting this invitation, you can ignore this email.</p>
+    <p>Warm regards,<br/>Team Minglar</p>
+  `;
+
+  try {
+    await brevoService.sendEmail({
+      recipients: [{ email: emailAddress }],
+      subject,
+      htmlContent,
+    });
+
+    return {
+      sent: true,
+    };
+  } catch (err) {
+    console.error('Brevo email send failed:', err);
+    throw new ApiError(500, 'Failed to send host member invitation email.');
+  }
+}

src/modules/host/services/sendHostResubmitEmailToAM.service.ts

@@ -1,24 +1,40 @@
 import { brevoService } from "@/common/email/brevoApi";
 import ApiError from "@/common/utils/helper/ApiError";
+import config from '../../../config/config';
 
 export async function sendEmailToAM(
     emailAddress: string,
     amName: string,
     hostCompanyName: string,
-    hostRefNumber: string
+    activityName: string
 ): Promise<{
     sent: boolean;
     //  messageId: string
 }> {
 
-    const subject = `Host Application Re-Submited : ${hostCompanyName}`;
+    const subject = `${hostCompanyName} Has Resubmitted Their Application`;
 
-    const htmlContent = `
-    <p>Dear ${amName},</p>
-    <p>Host ${hostCompanyName} with reference number: <strong>${hostRefNumber}</strong> has re-submited the application with implimented suggestions.</p>
-    <p>Please review their appliaction and take the necessary action.</p>
-    <p>Best regards,<br/>Minglar Team</p>
-  `;
+  const htmlContent = `
+  <p>Hello ${amName},</p>
+
+  <p>
+    ${hostCompanyName} has updated and re-submitted their pre-qualification details of ${activityName} for your review.
+  </p>
+
+  <p>
+    Please click on the link below to log in to your dashboard to review the revised submission and proceed with the necessary action.
+  </p>
+
+  <p>
+    <strong>Review Application</strong><br/>
+    <a href="${config.AM_INTERFACE_LINK}" target="_blank">${config.AM_INTERFACE_LINK}</a>
+  </p>
+
+  <p>
+    Thank you,<br/>
+    Minglar Team
+  </p>
+`;
 
     try {
         const result = await brevoService.sendEmail({
@@ -49,13 +65,14 @@ export async function sendEmailToMinglarAdmin(
     //  messageId: string
 }> {
 
-    const subject = `New Host Application Recieved : ${hostCompanyName}`;
+    const subject = "New Host Application Submitted for Review";
 
     const htmlContent = `
-    <p>Dear ${minglarAdminName},</p>
-    <p>Host ${hostCompanyName} with reference number: <strong>${hostRefNumber}</strong> has submited their application.</p>
-    <p>Please review their appliaction and take the necessary action.</p>
-    <p>Best regards,<br/>Minglar Team</p>
+    <p>Hi ${minglarAdminName},</p>
+    <p>${hostCompanyName} has submitted their application and is awaiting your review.</p>
+    <p>Reference number: <strong>${hostRefNumber}</strong></p>
+    <p>Please log in to your dashboard to review the submission and take the necessary action.</p>
+    <p>Thank you,<br/>Minglar Team</p>
   `;
 
     try {
@@ -76,3 +93,57 @@ export async function sendEmailToMinglarAdmin(
         throw new ApiError(500, "Failed to send OTP to host via email.");
     }
 }
+
+export async function sendPQPEmailToAM(
+    emailAddress: string,
+    minglarAdminName: string,
+    hostCompanyName: string,
+    activityName: string
+): Promise<{
+    sent: boolean;
+    //  messageId: string
+}> {
+
+    const subject = "New Host Application Submitted for Review";
+
+   const htmlContent = `
+  <p>Hi ${minglarAdminName},</p>
+
+  <p>
+    ${hostCompanyName} has submitted the pre-qualification details for ${activityName} and is awaiting your review.
+  </p>
+
+  <p>
+    Please click the link below to log in to your dashboard, review the submission, and take the necessary action:
+  </p>
+
+  <p>
+    <strong>Review Application</strong><br/>
+    <a href="${config.HOST_LINK_PQ}" target="_blank">${config.HOST_LINK_PQ}</a>
+  </p>
+
+  <p>
+    Thank you,<br/>
+    Minglar Team
+  </p>
+`;
+
+    try {
+        const result = await brevoService.sendEmail({
+            recipients: [{ email: emailAddress }],
+            subject,
+            htmlContent,
+        });
+
+        // console.log("📧 Email sent successfully:", result);
+
+        return {
+            sent: true,
+            // messageId: result.messageId
+        };
+    } catch (err) {
+        console.error("Brevo email send failed:", err);
+        throw new ApiError(500, "Failed to send OTP to host via email.");
+    }
+}
+

src/modules/host/services/sendOTPEmail.service.ts

@@ -1,22 +1,24 @@
-import { brevoService } from "@/common/email/brevoApi";
-import ApiError from "@/common/utils/helper/ApiError";
+import { brevoService } from '../../../common/email/brevoApi';
+import ApiError from '../../../common/utils/helper/ApiError';
+import config from '../../../config/config';
 
 export async function sendOtpEmailForHost(
   emailAddress: string,
-  otp: string | number
+  otp: string | number,
 ): Promise<{
   sent: boolean;
   //  messageId: string
 }> {
-
-  const subject = "OTP for Host Registration";
+  const subject = 'Your Minglar Verification Code';
 
   const htmlContent = `
-    <p>Dear Host,</p>
-    <p>You’re almost all set! 🎉</p>
-    <p>Enter <strong>${otp}</strong> to wrap your registration.</p>
-    <p>This code will be valid for the next 5 minutes.</p>
-    <p>Warm regards,<br/>Minglar Team</p>
+    <p>Hi there 👋</p>
+    <p>Here’s your verification code to get started:</p>
+    <p><strong>${otp}</strong></p>
+    <p>This code is valid for the next 5 minutes.</p>
+    <p>Once verified, you can continue setting up your Minglar account. If you didn’t request this, you can safely ignore this email.</p>
+    <p>Need help? Reach out to us at info@minglargroup.com.</p>
+    <p>Warm regards,<br />Team Minglar</p>
   `;
 
   try {
@@ -33,7 +35,67 @@ export async function sendOtpEmailForHost(
       // messageId: result.messageId
     };
   } catch (err) {
-    console.error("Brevo email send failed:", err);
-    throw new ApiError(500, "Failed to send OTP to host via email.");
+    console.error('Brevo email send failed:', err);
+    throw new ApiError(500, 'Failed to send OTP to host via email.');
+  }
+}
+
+export async function sendWelcomeEmailToHost(emailAddress: string): Promise<{
+  sent: boolean;
+  //  messageId: string
+}> {
+  const subject = 'Get Started as a Minglar Host';
+
+  const htmlContent = `
+  <p>Hi ${emailAddress},</p>
+
+  <p>We’re excited to have you join Minglar as a host. Welcome aboard! 🌟</p>
+
+  <p>To get started and bring your activities live, here’s what comes next:</p>
+
+  <p><strong>Your next steps:</strong></p>
+
+  <p>1. Complete your host profile</p>
+  <p>2. Complete the pre-qualification process for all your activities</p>
+  <p>3. Submit your activity details for review</p>
+  <p>4. Go live and start receiving bookings</p>
+
+  <p>
+    👉 <strong>Access your Host Portal:</strong><br/>
+    <a href="${config.HOST_LINK}" target="_blank">${config.HOST_LINK}</a>
+  </p>
+
+  <p>
+    If you need any support along the way, our team is always here to help.
+    You can reach us anytime at
+    <a href="mailto:info@minglargroup.com">info@minglargroup.com</a>.
+  </p>
+
+  <p>
+    We’re looking forward to seeing your experiences come to life on Minglar.
+  </p>
+
+  <p>
+    Warm regards,<br/>
+    Team Minglar
+  </p>
+`;
+
+  try {
+    const result = await brevoService.sendEmail({
+      recipients: [{ email: emailAddress }],
+      subject,
+      htmlContent,
+    });
+
+    // console.log("📧 Email sent successfully:", result);
+
+    return {
+      sent: true,
+      // messageId: result.messageId
+    };
+  } catch (err) {
+    console.error('Brevo email send failed:', err);
+    throw new ApiError(500, 'Failed to send OTP to host via email.');
   }
 }

src/modules/host/services/token.service.ts

@@ -53,10 +53,10 @@ export class TokenService {
       config.jwt.secret
     );
 
-    await this.prisma.token.deleteMany({
-      where: { userXid: user_xid }
-    })
-
+    // Optionally keep existing refresh tokens alive instead of deleting
+    // Removed deleteMany call so the same refresh token can be used multiple
+    // times. If you want to limit refresh tokens later you can implement
+    // rotation or blacklist logic elsewhere.
     await this.prisma.token.create({
       data: {
         token: refreshToken.token,

src/modules/minglaradmin/handlers/addPQQSuggestion.ts

@@ -0,0 +1,91 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { safeHandler } from '../../../common/utils/handlers/safeHandler';
+import { PrismaService } from '../../../common/database/prisma.service';
+import { MinglarService } from '../services/minglar.service';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { verifyMinglarAdminToken } from '../../../common/middlewares/jwt/authForMinglarAdmin';
+import { HOST_SUGGESTION_TITLES } from '../../../common/utils/constants/minglar.constant';
+
+const prismaService = new PrismaService();
+const minglarService = new MinglarService(prismaService);
+
+interface AddSuggestionBody {
+  hostXid: number;
+  title: string;
+  comments: string;
+  activity_pqq_header_xid:number
+}
+
+/**
+ * Add suggestion handler for host applications
+ * Allows Minglar Admin, Co_Admin, and Account Manager to add suggestions
+ * Types: Setup Profile, Review Account, Add Payment Details, Agreement
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context
+): Promise<APIGatewayProxyResult> => {
+  // Verify authentication token
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+  }
+
+  // Verify token and get user info
+  const userInfo = await verifyMinglarAdminToken(token);
+
+  // Get user details
+  const user = await prismaService.user.findUnique({
+    where: { id: userInfo.id },
+    select: { id: true, roleXid: true }
+  });
+
+  if (!user) {
+    throw new ApiError(404, 'User not found');
+  }
+
+  // Parse request body
+  let body: AddSuggestionBody;
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { title, comments , activity_pqq_header_xid} = body;
+
+  if (!title) {
+    throw new ApiError(400, 'Title is required');
+  }
+
+  if (!comments) {
+    throw new ApiError(400, 'Comments are required');
+  }
+
+  if(!activity_pqq_header_xid){
+    throw new ApiError(400 , "Activity Pqq HeaderXid Required");
+  }
+
+  // Validate title is one of the allowed types
+  const allowedTitles = Object.values(HOST_SUGGESTION_TITLES);
+  if (!allowedTitles.includes(title)) {
+    throw new ApiError(400, `Invalid title. Allowed values: ${allowedTitles.join(', ')}`);
+  }
+
+  // Add suggestion using service
+  await minglarService.addPqqSuggestion(title, comments, activity_pqq_header_xid);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Suggestion added successfully',
+      data: null,
+    }),
+  };
+});

src/modules/minglaradmin/handlers/hosthub/hosts/acceptActivityApplicationByAM.ts

@@ -0,0 +1,55 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyMinglarAdminToken } from '../../../../../common/middlewares/jwt/authForMinglarAdmin';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { MinglarService } from '../../../services/minglar.service';
+
+const minglarService = new MinglarService(prismaClient);
+
+interface Body {
+    activityId: number;
+}
+
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+
+    const userInfo = await verifyMinglarAdminToken(token);
+
+    // Parse request body
+    let body: Body;
+
+    try {
+        body = event.body ? JSON.parse(event.body) : {};
+    } catch (error) {
+        throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const { activityId } = body;
+
+    if (!activityId) {
+        throw new ApiError(400, 'activityId is required');
+    }
+
+    await minglarService.acceptActivityApplicationByAM(
+        Number(activityId),
+        Number(userInfo.id)
+    );
+
+    return {
+        statusCode: 201,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Approved activity details application successfully',
+            data: null,
+        }),
+    };
+});

src/modules/minglaradmin/handlers/hosthub/hosts/addActivtiySuggestion.ts

@@ -0,0 +1,89 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyMinglarAdminToken } from '../../../../../common/middlewares/jwt/authForMinglarAdmin';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { MinglarService } from '../../../services/minglar.service';
+// import { HOST_SUGGESTION_TITLES } from '../../../../../common/utils/constants/minglar.constant';
+
+const minglarService = new MinglarService(prismaClient);
+
+interface AddSuggestionBody {
+  title: string;
+  comments: string;
+  activity_xid:number
+}
+
+/**
+ * Add suggestion handler for host applications
+ * Allows Minglar Admin, Co_Admin, and Account Manager to add suggestions
+ * Types: Setup Profile, Review Account, Add Payment Details, Agreement
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context
+): Promise<APIGatewayProxyResult> => {
+  // Verify authentication token
+  const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+  if (!token) {
+    throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+  }
+
+  // Verify token and get user info
+  const userInfo = await verifyMinglarAdminToken(token);
+
+  // Get user details
+  const user = await prismaClient.user.findUnique({
+    where: { id: userInfo.id },
+    select: { id: true, roleXid: true }
+  });
+
+  if (!user) {
+    throw new ApiError(404, 'User not found');
+  }
+
+  // Parse request body
+  let body: AddSuggestionBody;
+
+  try {
+    body = event.body ? JSON.parse(event.body) : {};
+  } catch (error) {
+    throw new ApiError(400, 'Invalid JSON in request body');
+  }
+
+  const { title, comments , activity_xid} = body;
+
+  if (!title) {
+    throw new ApiError(400, 'Title is required');
+  }
+
+  if (!comments) {
+    throw new ApiError(400, 'Comments are required');
+  }
+
+  if(!activity_xid){
+    throw new ApiError(400 , "Activity Pqq HeaderXid Required");
+  }
+
+  // Validate title is one of the allowed types
+  // const allowedTitles = Object.values(HOST_SUGGESTION_TITLES);
+  // if (!allowedTitles.includes(title)) {
+  //   throw new ApiError(400, `Invalid title. Allowed values: ${allowedTitles.join(', ')}`);
+  // }
+
+  // Add suggestion using service
+  await minglarService.addActivtiySuggestion(title, comments, activity_xid,user.id);
+
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'application/json',
+      'Access-Control-Allow-Origin': '*',
+    },
+    body: JSON.stringify({
+      success: true,
+      message: 'Suggestion added successfully',
+      data: null,
+    }),
+  };
+});

src/modules/minglaradmin/handlers/hosthub/hosts/rejectActivityApplicationByAM.ts

@@ -0,0 +1,59 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
+import { verifyMinglarAdminToken } from '../../../../../common/middlewares/jwt/authForMinglarAdmin';
+import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
+import ApiError from '../../../../../common/utils/helper/ApiError';
+import { sendActivityRejectionMailtoHost } from '../../../../minglaradmin/services/rejectionMailtoHost.service';
+import { MinglarService } from '../../../services/minglar.service';
+
+const minglarService = new MinglarService(prismaClient);
+
+interface Body {
+    activityId: number;
+}
+
+export const handler = safeHandler(async (
+    event: APIGatewayProxyEvent,
+    context?: Context
+): Promise<APIGatewayProxyResult> => {
+    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) throw new ApiError(401, 'This is a protected route. Please provide a valid token.');
+
+    const userInfo = await verifyMinglarAdminToken(token);
+
+    // Parse request body
+    let body: Body;
+
+    try {
+        body = event.body ? JSON.parse(event.body) : {};
+    } catch (error) {
+        throw new ApiError(400, 'Invalid JSON in request body');
+    }
+
+    const { activityId } = body;
+
+    if (!activityId) {
+        throw new ApiError(400, 'activityId is required');
+    }
+
+    await minglarService.rejectActivityApplicationByAM(
+        Number(activityId),
+        Number(userInfo.id)
+    );
+    const hostXid = await minglarService.getHostXidByActivityId(activityId)
+    const hostDetails = await minglarService.getUserDetails(hostXid)
+    await sendActivityRejectionMailtoHost(hostDetails.emailAddress, hostDetails.firstName)
+
+    return {
+        statusCode: 201,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Rejected activity details application successfully',
+            data: null,
+        }),
+    };
+});