MinglarBackendNestJS/src/modules/host/handlers/operator/verifyOtp.ts

import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
import { prismaClient } from '../../../../common/database/prisma.lambda.service';
import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
import ApiError from '../../../../common/utils/helper/ApiError';
import { OperatorAuthService } from '../../services/operatorAuth.service';
import { TokenService } from '../../services/token.service';

const operatorAuthService = new OperatorAuthService(prismaClient);
const tokenService = new TokenService(prismaClient);

export const handler = safeHandler(async (
  event: APIGatewayProxyEvent,
  context?: Context,
): Promise<APIGatewayProxyResult> => {
  let body: { emailAddress?: string; mobileNumber?: string; otp?: string };

  try {
    body = event.body ? JSON.parse(event.body) : {};
  } catch (error) {
    throw new ApiError(400, 'Invalid JSON in request body');
  }

  const { emailAddress, mobileNumber, otp } = body;

  if ((!emailAddress && !mobileNumber) || !otp) {
    throw new ApiError(400, 'Email address or mobile number and OTP are required');
  }

  const operator = await operatorAuthService.verifyOperatorOtp({
    emailAddress,
    mobileNumber,
    otp,
  });

  const generatedToken = await tokenService.generateAuthToken(operator.id);

  return {
    statusCode: 200,
    headers: {
      'Content-Type': 'application/json',
      'Access-Control-Allow-Origin': '*',
    },
    body: JSON.stringify({
      success: true,
      message: 'OTP verified successfully',
      accessToken: generatedToken.access.token,
      refreshToken: generatedToken.refresh.token,
      data: null,
    }),
  };
});