This code is valid for 10 minutes.
- If you didn't request this code, please ignore this email.
- `;
-
- // Log OTP prominently in development/test for easy access
- if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- logger.info(`๐ง EMAIL OTP for ${email}`);
- logger.info(`๐ CODE: ${code}`);
- logger.info(`โฐ Valid for: 10 minutes`);
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- }
-
- return this.sendEmail(email, subject, body);
- }
-
- /**
- * Send password reset link
- */
- async sendPasswordResetLink(email: string, resetToken: string): Promise {
- const subject = 'SwapLink - Password Reset Request';
- const resetLink = `${envConfig.FRONTEND_URL}/reset-password?token=${resetToken}`;
- const body = `
- Password Reset Request
- You requested to reset your password. Click the link below to proceed:
- Reset Password
- This link is valid for 15 minutes.
- If you didn't request this, please ignore this email.
- `;
-
- // Log reset token prominently in development/test for easy access
- if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- logger.info(`๐ง PASSWORD RESET for ${email}`);
- logger.info(`๐ Reset Token: ${resetToken}`);
- logger.info(`๐ Reset Link: ${resetLink}`);
- logger.info(`โฐ Valid for: 15 minutes`);
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- }
-
- return this.sendEmail(email, subject, body);
- }
-
- /**
- * Send welcome email after registration
- */
- async sendWelcomeEmail(email: string, firstName: string): Promise {
- const subject = 'Welcome to SwapLink!';
- const body = `
- Welcome to SwapLink, ${firstName}!
- Thank you for joining SwapLink. We're excited to have you on board.
- To get started, please verify your email address.
- If you have any questions, feel free to contact our support team.
- `;
- return this.sendEmail(email, subject, body);
- }
-}
-
-export const emailService = new EmailService();
diff --git a/src/lib/services/otp.service.ts b/src/lib/services/otp.service.ts
deleted file mode 100644
index 84e55e6..0000000
--- a/src/lib/services/otp.service.ts
+++ /dev/null
@@ -1,108 +0,0 @@
-import { prisma, OtpType } from '../../database';
-
-import { BadRequestError } from '../utils/api-error';
-import logger from '../utils/logger';
-import { ISmsService } from './sms.service';
-import { IEmailService } from './email.service';
-
-export class OtpService {
- private smsService: ISmsService;
- private emailService: IEmailService;
-
- constructor(smsService?: ISmsService, emailService?: IEmailService) {
- // Lazy load to avoid circular dependency
- this.smsService = smsService || require('./sms.service').smsService;
- this.emailService = emailService || require('./email.service').emailService;
- }
-
- /**
- * Generate and Store OTP
- */
- async generateOtp(identifier: string, type: OtpType, userId?: string) {
- // 1. Generate secure 6 digit code
- const code = Math.floor(100000 + Math.random() * 900000).toString();
- const expiresAt = new Date(Date.now() + 10 * 60 * 1000); // 10 minutes
-
- // 2. Invalidate previous OTPs
- // We use updateMany instead of delete to keep audit history,
- // but ensure 'isUsed' is true so they can't be used again.
- await prisma.otp.updateMany({
- where: { identifier, type, isUsed: false },
- data: { isUsed: true },
- });
-
- // 3. Create new OTP
- const otpRecord = await prisma.otp.create({
- data: {
- identifier,
- code,
- type,
- expiresAt,
- },
- });
-
- // 4. Send OTP via appropriate channel
- try {
- await this.sendOtp(identifier, code, type);
- } catch (error) {
- logger.error(`[OTP] Failed to send OTP to ${identifier}:`, error);
- // We don't throw here to prevent OTP generation failure
- // The OTP is still valid in the database
- }
-
- return otpRecord;
- }
-
- /**
- * Send OTP via appropriate channel (SMS or Email)
- */
- private async sendOtp(identifier: string, code: string, type: OtpType): Promise {
- switch (type) {
- case OtpType.PHONE_VERIFICATION:
- case OtpType.TWO_FACTOR:
- case OtpType.WITHDRAWAL_CONFIRMATION:
- // Send via SMS for phone-related OTPs
- await this.smsService.sendOtp(identifier, code);
- break;
-
- case OtpType.EMAIL_VERIFICATION:
- case OtpType.PASSWORD_RESET:
- // Send via Email for email-related OTPs
- await this.emailService.sendOtp(identifier, code);
- break;
-
- default:
- logger.warn(`[OTP] Unknown OTP type: ${type}`);
- }
- }
-
- /**
- * Verify OTP
- */
- async verifyOtp(identifier: string, code: string, type: OtpType) {
- // 1. Find valid OTP
- const otpRecord = await prisma.otp.findFirst({
- where: {
- identifier,
- code,
- type,
- isUsed: false,
- expiresAt: { gt: new Date() }, // Check expiration in DB query
- },
- });
-
- if (!otpRecord) {
- throw new BadRequestError('Invalid or expired OTP');
- }
-
- // 2. Mark as used immediately to prevent replay attacks
- await prisma.otp.update({
- where: { id: otpRecord.id },
- data: { isUsed: true },
- });
-
- return true;
- }
-}
-
-export const otpService = new OtpService();
diff --git a/src/lib/services/sms.service.ts b/src/lib/services/sms.service.ts
deleted file mode 100644
index dca91bf..0000000
--- a/src/lib/services/sms.service.ts
+++ /dev/null
@@ -1,58 +0,0 @@
-import logger from '../utils/logger';
-import { envConfig } from '../../config/env.config';
-
-/**
- * SMS Service Interface
- * This will be implemented with actual SMS providers (Twilio, Termii, etc.) later
- */
-export interface ISmsService {
- sendSms(phoneNumber: string, message: string): Promise;
- sendOtp(phoneNumber: string, code: string): Promise;
-}
-
-/**
- * Mock SMS Service for Development/Testing
- * Replace this with actual implementation when integrating with SMS providers
- */
-export class SmsService implements ISmsService {
- /**
- * Send a generic SMS message
- */
- async sendSms(phoneNumber: string, message: string): Promise {
- try {
- // TODO: Integrate with actual SMS provider (Twilio, Termii, etc.)
-
- // In development/test, log the message for debugging
- if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
- logger.info(`[SMS Service] ๐ฑ SMS to ${phoneNumber}`);
- logger.info(`[SMS Service] Message: ${message}`);
- }
-
- // Simulate SMS sending
- return true;
- } catch (error) {
- logger.error(`[SMS Service] Failed to send SMS to ${phoneNumber}:`, error);
- throw new Error('Failed to send SMS');
- }
- }
-
- /**
- * Send OTP via SMS
- */
- async sendOtp(phoneNumber: string, code: string): Promise {
- const message = `Your SwapLink verification code is: ${code}. Valid for 10 minutes. Do not share this code.`;
-
- // Log OTP prominently in development/test for easy access
- if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- logger.info(`๐ฑ SMS OTP for ${phoneNumber}`);
- logger.info(`๐ CODE: ${code}`);
- logger.info(`โฐ Valid for: 10 minutes`);
- logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
- }
-
- return this.sendSms(phoneNumber, message);
- }
-}
-
-export const smsService = new SmsService();
diff --git a/src/lib/services/wallet.service.ts b/src/lib/services/wallet.service.ts
deleted file mode 100644
index 07bdd74..0000000
--- a/src/lib/services/wallet.service.ts
+++ /dev/null
@@ -1,241 +0,0 @@
-import { prisma, Prisma } from '../../database'; // Singleton
-import { NotFoundError, BadRequestError, InternalError } from '../utils/api-error';
-import { TransactionType } from '../../database/generated/prisma';
-import { UserId } from '../../types/query.types';
-
-// DTOs
-interface FetchTransactionOptions {
- userId: UserId;
- page?: number;
- limit?: number;
- type?: TransactionType;
-}
-
-export class WalletService {
- // --- Helpers ---
-
- private calculateAvailableBalance(balance: number, lockedBalance: number): number {
- return Number(balance) - Number(lockedBalance);
- }
-
- // --- Main Methods ---
-
- /**
- * Create Wallet for a new user (Single NGN wallet)
- * Accepts an optional transaction client to run inside AuthService.register
- */
- async setUpWallet(userId: string, tx: Prisma.TransactionClient) {
- try {
- // 1. Create the Local Wallet
- const wallet = await tx.wallet.create({
- data: {
- userId,
- balance: 0.0, // Prisma Decimal
- lockedBalance: 0.0, // Prisma Decimal
- // Note: We do NOT create the Virtual Account Number here.
- // That happens in the background to keep registration fast.
- },
- });
-
- return wallet;
- } catch (error) {
- // Log the specific error for debugging
- console.error(`Error creating wallet for user ${userId}:`, error);
- throw new InternalError('Failed to initialize user wallet system');
- }
- }
-
- async getWalletBalance(userId: UserId) {
- const wallet = await prisma.wallet.findUnique({
- where: { userId },
- });
-
- if (!wallet) {
- throw new NotFoundError('Wallet not found');
- }
-
- return {
- id: wallet.id,
- balance: Number(wallet.balance),
- lockedBalance: Number(wallet.lockedBalance),
- availableBalance: this.calculateAvailableBalance(wallet.balance, wallet.lockedBalance),
- };
- }
-
- async getWallet(userId: string) {
- const wallet = await prisma.wallet.findUnique({
- where: { userId },
- });
-
- if (!wallet) {
- throw new NotFoundError('Wallet not found');
- }
-
- return {
- id: wallet.id,
- balance: Number(wallet.balance),
- lockedBalance: Number(wallet.lockedBalance),
- availableBalance: this.calculateAvailableBalance(wallet.balance, wallet.lockedBalance),
- createdAt: wallet.createdAt,
- updatedAt: wallet.updatedAt,
- };
- }
-
- async getTransactions(params: FetchTransactionOptions) {
- const { userId, page = 1, limit = 20, type } = params;
- const skip = (page - 1) * limit;
-
- const where: Prisma.TransactionWhereInput = { userId };
- if (type) where.type = type;
-
- const [transactions, total] = await Promise.all([
- prisma.transaction.findMany({
- where,
- skip,
- take: limit,
- orderBy: { createdAt: 'desc' },
- select: {
- id: true,
- type: true,
- amount: true,
- status: true,
- reference: true,
- balanceBefore: true,
- balanceAfter: true,
- createdAt: true,
- metadata: true,
- description: true,
- },
- }),
- prisma.transaction.count({ where }),
- ]);
-
- return {
- transactions,
- pagination: {
- total,
- page,
- limit,
- totalPages: Math.ceil(total / limit),
- },
- };
- }
-
- async hasSufficientBalance(userId: UserId, amount: number): Promise {
- const wallet = await prisma.wallet.findUnique({
- where: { userId },
- });
-
- if (!wallet) return false;
-
- const availableBalance = Number(wallet.balance) - Number(wallet.lockedBalance);
- return availableBalance >= amount;
- }
-
- // ==========================================
- // CRITICAL: Money Movement Methods
- // ==========================================
-
- /**
- * Credit a wallet (Deposit)
- * Atomically updates balance and creates a transaction record
- */
- async creditWallet(userId: string, amount: number, metadata: any = {}) {
- return prisma.$transaction(async tx => {
- // 1. Get Wallet (using unique constraint)
- const wallet = await tx.wallet.findUnique({
- where: { userId },
- });
-
- if (!wallet) throw new NotFoundError('Wallet not found');
-
- const balanceBefore = Number(wallet.balance);
- const balanceAfter = balanceBefore + amount;
-
- // 2. Update Balance
- await tx.wallet.update({
- where: { id: wallet.id },
- data: { balance: { increment: amount } },
- });
-
- // 3. Create Transaction Record
- const reference = `TX-CR-${Date.now()}-${Math.random()
- .toString(36)
- .substring(2, 7)
- .toUpperCase()}`;
-
- const transaction = await tx.transaction.create({
- data: {
- userId,
- walletId: wallet.id,
- type: 'DEPOSIT',
- amount,
- balanceBefore,
- balanceAfter,
- status: 'COMPLETED',
- reference,
- metadata,
- },
- });
-
- return transaction;
- });
- }
-
- /**
- * Debit a wallet (Withdrawal/Payment)
- * Atomically checks balance, deducts amount, and creates record
- */
- async debitWallet(userId: string, amount: number, metadata: any = {}) {
- return prisma.$transaction(async tx => {
- // 1. Get Wallet
- const wallet = await tx.wallet.findUnique({
- where: { userId },
- });
-
- if (!wallet) throw new NotFoundError('Wallet not found');
-
- const balanceBefore = Number(wallet.balance);
- const locked = Number(wallet.lockedBalance);
- const available = balanceBefore - locked;
-
- // 2. Check Sufficient Funds
- if (available < amount) {
- throw new BadRequestError('Insufficient funds');
- }
-
- const balanceAfter = balanceBefore - amount;
-
- // 3. Deduct Balance
- await tx.wallet.update({
- where: { id: wallet.id },
- data: { balance: { decrement: amount } },
- });
-
- // 4. Create Transaction Record
- const reference = `TX-DR-${Date.now()}-${Math.random()
- .toString(36)
- .substring(2, 7)
- .toUpperCase()}`;
-
- const transaction = await tx.transaction.create({
- data: {
- userId,
- walletId: wallet.id,
- type: 'WITHDRAWAL',
- amount,
- balanceBefore,
- balanceAfter,
- status: 'COMPLETED',
- reference,
- metadata,
- },
- });
-
- return transaction;
- });
- }
-}
-
-export const walletService = new WalletService(); // Export singleton
-export default walletService;
diff --git a/src/lib/utils/database.ts b/src/lib/utils/database.ts
deleted file mode 100644
index 331c072..0000000
--- a/src/lib/utils/database.ts
+++ /dev/null
@@ -1,66 +0,0 @@
-import { envConfig } from '../../config/env.config';
-import { PrismaClient } from '../../database/generated/prisma';
-import logger from './logger';
-
-// Prevent multiple instances in development
-const globalForPrisma = global as unknown as { prisma: PrismaClient };
-
-const isDevEnv = envConfig.NODE_ENV === 'development';
-const isProdEnv = envConfig.NODE_ENV === 'production';
-const isTestEnv = envConfig.NODE_ENV === 'test';
-
-function getPrismaInstance() {
- // Log which database we're using (for debugging)
- logger.debug(`๐ง Environment: ${envConfig.NODE_ENV || 'development'}`);
- logger.debug(`๐๏ธ Database: ${isTestEnv ? 'TEST' : 'DEVELOPMENT'}`);
- logger.debug(`๐๏ธ Database URL: ${envConfig.DATABASE_URL}`);
-
- return new PrismaClient({
- datasources: {
- db: {
- url: envConfig.DATABASE_URL,
- },
- },
- log: isDevEnv ? ['query', 'info', 'warn', 'error'] : ['error'],
- errorFormat: 'pretty',
- });
-}
-
-export const prisma = globalForPrisma.prisma || getPrismaInstance();
-
-if (!isProdEnv) globalForPrisma.prisma = prisma;
-
-// Connection health check
-export const checkDatabaseConnection = async (): Promise => {
- try {
- const result = await prisma.$queryRaw<
- Array<{ current_database: string }>
- >`SELECT current_database()`;
- const dbName = result[0]?.current_database;
-
- logger.debug(`โ
Database connected: ${dbName} (${envConfig.NODE_ENV || 'unknown'})`);
-
- // Verify we're using the correct database for the environment
- if (isTestEnv && !dbName?.includes('test')) {
- logger.warn('โ ๏ธ Warning: Tests running on non-test database!');
- return false;
- }
-
- return true;
- } catch (error) {
- logger.error(`โ Database connection failed:`, error);
- return false;
- }
-};
-
-// Graceful shutdown
-process.on('beforeExit', async () => {
- await prisma.$disconnect();
-});
-
-process.on('SIGINT', async () => {
- await prisma.$disconnect();
- process.exit(0);
-});
-
-export default prisma;
diff --git a/src/lib/utils/functions.ts b/src/lib/utils/functions.ts
deleted file mode 100644
index fbf8933..0000000
--- a/src/lib/utils/functions.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-export function isEmpty(data: any) {
- return !data;
-}
-
-export function formatUserInfo(user: any) {
- const { password: _, wallet, ...userWithoutPassword } = user;
- return {
- ...userWithoutPassword,
- wallet: wallet
- ? {
- id: wallet.id,
- balance: Number(wallet.balance),
- lockedBalance: Number(wallet.lockedBalance),
- }
- : null,
- };
-}
diff --git a/src/modules/.gitkeep b/src/modules/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/src/modules/auth/__tests__/auth.service.integration.test.ts b/src/modules/auth/__tests__/auth.service.integration.test.ts
deleted file mode 100644
index 9d6383b..0000000
--- a/src/modules/auth/__tests__/auth.service.integration.test.ts
+++ /dev/null
@@ -1,371 +0,0 @@
-import prisma from '../../../lib/utils/database';
-import authService from '../auth.service';
-import { otpService } from '../../../lib/services/otp.service';
-import { TestUtils } from '../../../test/utils';
-import { ConflictError, NotFoundError, UnauthorizedError } from '../../../lib/utils/api-error';
-import { OtpType } from '../../../database';
-
-describe('AuthService - Integration Tests', () => {
- beforeEach(async () => {
- // Clean up database before each test
- await prisma.otp.deleteMany();
- await prisma.transaction.deleteMany();
- await prisma.wallet.deleteMany();
- await prisma.user.deleteMany();
- });
-
- describe('register', () => {
- it('should register a new user with wallet', async () => {
- const userData = TestUtils.generateUserData();
-
- const result = await authService.register(userData);
-
- expect(result.user).toBeDefined();
- expect(result.user.email).toBe(userData.email.toLowerCase());
- expect(result.user.firstName).toBe(userData.firstName);
- expect(result.user.isVerified).toBe(false);
- expect(result.token).toBeDefined();
- expect(result.refreshToken).toBeDefined();
- expect(result.expiresIn).toBe(86400);
-
- // Verify wallet was created (single NGN wallet)
- const wallet = await prisma.wallet.findUnique({
- where: { userId: result.user.id },
- });
-
- expect(wallet).toBeDefined();
- expect(wallet?.balance).toBe(0);
- expect(wallet?.lockedBalance).toBe(0);
- });
-
- it('should hash the password', async () => {
- const userData = TestUtils.generateUserData({
- password: 'PlainTextPassword123!',
- });
-
- const result = await authService.register(userData);
-
- const user = await prisma.user.findUnique({
- where: { id: result.user.id },
- });
-
- expect(user?.password).not.toBe('PlainTextPassword123!');
- expect(user?.password).toMatch(/^\$2[aby]\$/); // bcrypt hash pattern
- });
-
- it('should throw ConflictError if email already exists', async () => {
- const userData = TestUtils.generateUserData();
-
- await authService.register(userData);
-
- await expect(authService.register(userData)).rejects.toThrow(ConflictError);
- });
-
- it('should throw ConflictError if phone already exists', async () => {
- const userData1 = TestUtils.generateUserData();
- const userData2 = TestUtils.generateUserData({
- phone: userData1.phone,
- });
-
- await authService.register(userData1);
-
- await expect(authService.register(userData2)).rejects.toThrow(ConflictError);
- });
-
- it('should create user and wallet in a transaction', async () => {
- const userData = TestUtils.generateUserData();
-
- await authService.register(userData);
-
- const user = await prisma.user.findUnique({
- where: { email: userData.email },
- include: { wallet: true },
- });
-
- expect(user).toBeDefined();
- expect(user?.wallet).toBeDefined();
- expect(user?.wallet?.balance).toBe(0);
- });
- });
-
- describe('login', () => {
- it('should login with valid credentials', async () => {
- const password = 'Password123!';
- const userData = TestUtils.generateUserData({ password });
-
- const registered = await authService.register(userData);
-
- const result = await authService.login({
- email: userData.email,
- password,
- });
-
- expect(result.user.id).toBe(registered.user.id);
- expect(result.user.email).toBe(userData.email.toLowerCase());
- expect(result.token).toBeDefined();
- expect(result.refreshToken).toBeDefined();
- });
-
- it('should throw UnauthorizedError for invalid email', async () => {
- await expect(
- authService.login({
- email: 'nonexistent@example.com',
- password: 'Password123!',
- })
- ).rejects.toThrow(UnauthorizedError);
- });
-
- it('should throw UnauthorizedError for invalid password', async () => {
- const userData = TestUtils.generateUserData();
- await authService.register(userData);
-
- await expect(
- authService.login({
- email: userData.email,
- password: 'WrongPassword123!',
- })
- ).rejects.toThrow(UnauthorizedError);
- });
-
- it('should throw UnauthorizedError for deactivated account', async () => {
- const userData = TestUtils.generateUserData();
- const registered = await authService.register(userData);
-
- // Deactivate the account
- await prisma.user.update({
- where: { id: registered.user.id },
- data: { isActive: false },
- });
-
- await expect(
- authService.login({
- email: userData.email,
- password: userData.password,
- })
- ).rejects.toThrow(UnauthorizedError);
- });
-
- it('should update lastLogin timestamp', async () => {
- const userData = TestUtils.generateUserData();
- await authService.register(userData);
-
- const beforeLogin = new Date();
-
- await authService.login({
- email: userData.email,
- password: userData.password,
- });
-
- // Wait a bit for async update
- await new Promise(resolve => setTimeout(resolve, 100));
-
- const user = await prisma.user.findUnique({
- where: { email: userData.email },
- });
-
- expect(user?.lastLogin).toBeDefined();
- expect(user?.lastLogin!.getTime()).toBeGreaterThanOrEqual(beforeLogin.getTime());
- });
- });
-
- describe('getUser', () => {
- it('should return user without password', async () => {
- const userData = TestUtils.generateUserData();
- const registered = await authService.register(userData);
-
- const user = await authService.getUser(registered.user.id);
-
- expect(user.id).toBe(registered.user.id);
- expect(user.email).toBe(userData.email.toLowerCase());
- expect(user.wallet).toBeDefined();
- });
-
- it('should throw NotFoundError for non-existent user', async () => {
- await expect(authService.getUser('non-existent-id')).rejects.toThrow(NotFoundError);
- });
- });
-
- describe('OTP Flow', () => {
- describe('sendOtp and verifyOtp', () => {
- it('should send and verify phone OTP', async () => {
- const userData = TestUtils.generateUserData();
- await authService.register(userData);
-
- // Send OTP
- const sendResult = await authService.sendOtp(userData.phone, 'phone');
- expect(sendResult.expiresIn).toBe(600);
-
- // Get the OTP from database (in real scenario, it would be sent via SMS)
- const otpRecord = await prisma.otp.findFirst({
- where: {
- identifier: userData.phone,
- type: OtpType.PHONE_VERIFICATION,
- isUsed: false,
- },
- orderBy: { createdAt: 'desc' },
- });
-
- expect(otpRecord).toBeDefined();
- expect(otpRecord?.code).toMatch(/^\d{6}$/);
-
- // Verify OTP
- const verifyResult = await authService.verifyOtp(
- userData.phone,
- otpRecord!.code,
- 'phone'
- );
-
- expect(verifyResult.success).toBe(true);
-
- // Check user is verified
- const user = await prisma.user.findUnique({
- where: { phone: userData.phone },
- });
-
- expect(user?.isVerified).toBe(true);
- });
-
- it('should send and verify email OTP', async () => {
- const userData = TestUtils.generateUserData();
- await authService.register(userData);
-
- // Send OTP
- await authService.sendOtp(userData.email, 'email');
-
- // Get the OTP from database
- const otpRecord = await prisma.otp.findFirst({
- where: {
- identifier: userData.email,
- type: OtpType.EMAIL_VERIFICATION,
- isUsed: false,
- },
- orderBy: { createdAt: 'desc' },
- });
-
- expect(otpRecord).toBeDefined();
-
- // Verify OTP
- const verifyResult = await authService.verifyOtp(
- userData.email,
- otpRecord!.code,
- 'email'
- );
-
- expect(verifyResult.success).toBe(true);
-
- // Check user is verified
- const user = await prisma.user.findUnique({
- where: { email: userData.email },
- });
-
- expect(user?.isVerified).toBe(true);
- });
-
- it('should invalidate previous OTPs when generating new one', async () => {
- const userData = TestUtils.generateUserData();
- await authService.register(userData);
-
- // Generate first OTP
- await authService.sendOtp(userData.email, 'email');
- const firstOtp = await prisma.otp.findFirst({
- where: { identifier: userData.email, type: OtpType.EMAIL_VERIFICATION },
- orderBy: { createdAt: 'desc' },
- });
-
- // Generate second OTP
- await authService.sendOtp(userData.email, 'email');
-
- // First OTP should be marked as used
- const invalidatedOtp = await prisma.otp.findUnique({
- where: { id: firstOtp!.id },
- });
-
- expect(invalidatedOtp?.isUsed).toBe(true);
- });
- });
-
- describe('Password Reset Flow', () => {
- it('should complete password reset flow', async () => {
- const userData = TestUtils.generateUserData();
- const registered = await authService.register(userData);
-
- // Request password reset
- await authService.requestPasswordReset(userData.email);
-
- // Get OTP from database
- const otpRecord = await prisma.otp.findFirst({
- where: {
- identifier: userData.email,
- type: OtpType.PASSWORD_RESET,
- isUsed: false,
- },
- orderBy: { createdAt: 'desc' },
- });
-
- expect(otpRecord).toBeDefined();
-
- // Verify reset OTP
- const { resetToken } = await authService.verifyResetOtp(
- userData.email,
- otpRecord!.code
- );
-
- expect(resetToken).toBeDefined();
-
- // Reset password
- const newPassword = 'NewPassword123!';
- await authService.resetPassword(resetToken, newPassword);
-
- // Verify can login with new password
- const loginResult = await authService.login({
- email: userData.email,
- password: newPassword,
- });
-
- expect(loginResult.user.id).toBe(registered.user.id);
-
- // Verify cannot login with old password
- await expect(
- authService.login({
- email: userData.email,
- password: userData.password,
- })
- ).rejects.toThrow(UnauthorizedError);
- });
-
- it('should silently fail for non-existent email', async () => {
- await expect(
- authService.requestPasswordReset('nonexistent@example.com')
- ).resolves.toBeUndefined();
-
- const otpRecord = await prisma.otp.findFirst({
- where: { identifier: 'nonexistent@example.com' },
- });
-
- expect(otpRecord).toBeNull();
- });
- });
- });
-
- describe('submitKyc', () => {
- it('should update KYC status', async () => {
- const userData = TestUtils.generateUserData();
- const registered = await authService.register(userData);
-
- const result = await authService.submitKyc(registered.user.id, {
- documentType: 'passport',
- documentNumber: 'A12345678',
- });
-
- expect(result.kycLevel).toBe('BASIC');
- expect(result.status).toBe('APPROVED');
-
- const user = await prisma.user.findUnique({
- where: { id: registered.user.id },
- });
-
- expect(user?.kycLevel).toBe('BASIC');
- expect(user?.kycStatus).toBe('APPROVED');
- });
- });
-});
diff --git a/src/modules/auth/__tests__/auth.service.unit.test.ts b/src/modules/auth/__tests__/auth.service.unit.test.ts
deleted file mode 100644
index 48aec2d..0000000
--- a/src/modules/auth/__tests__/auth.service.unit.test.ts
+++ /dev/null
@@ -1,340 +0,0 @@
-import bcrypt from 'bcryptjs';
-import { prisma, KycLevel, KycStatus, OtpType } from '../../../database';
-import authService from '../auth.service';
-import { otpService } from '../../../lib/services/otp.service';
-import walletService from '../../../lib/services/wallet.service';
-import { JwtUtils } from '../../../lib/utils/jwt-utils';
-import { ConflictError, NotFoundError, UnauthorizedError } from '../../../lib/utils/api-error';
-
-// Mock dependencies
-jest.mock('../../../database', () => ({
- prisma: {
- user: {
- findFirst: jest.fn(),
- findUnique: jest.fn(),
- create: jest.fn(),
- update: jest.fn(),
- },
- $transaction: jest.fn(),
- },
- KycLevel: { NONE: 'NONE', BASIC: 'BASIC', ADVANCED: 'ADVANCED' },
- KycStatus: { PENDING: 'PENDING', APPROVED: 'APPROVED', REJECTED: 'REJECTED' },
- OtpType: {
- PHONE_VERIFICATION: 'PHONE_VERIFICATION',
- EMAIL_VERIFICATION: 'EMAIL_VERIFICATION',
- PASSWORD_RESET: 'PASSWORD_RESET',
- },
-}));
-
-jest.mock('../../../lib/services/otp.service');
-jest.mock('../../../lib/services/wallet.service');
-jest.mock('../../../lib/utils/jwt-utils');
-jest.mock('bcryptjs');
-
-describe('AuthService - Unit Tests', () => {
- beforeEach(() => {
- jest.clearAllMocks();
- });
-
- describe('register', () => {
- const mockUserData = {
- email: 'test@example.com',
- phone: '+2341234567890',
- password: 'Password123!',
- firstName: 'John',
- lastName: 'Doe',
- };
-
- it('should successfully register a new user', async () => {
- const hashedPassword = 'hashed_password';
- const mockUser = {
- id: 'user-123',
- email: mockUserData.email,
- phone: mockUserData.phone,
- firstName: mockUserData.firstName,
- lastName: mockUserData.lastName,
- kycLevel: KycLevel.NONE,
- isVerified: false,
- createdAt: new Date(),
- };
-
- const mockTokens = {
- token: 'access_token',
- refreshToken: 'refresh_token',
- expiresIn: 86400,
- };
-
- (prisma.user.findFirst as jest.Mock).mockResolvedValue(null);
- (bcrypt.hash as jest.Mock).mockResolvedValue(hashedPassword);
- (prisma.$transaction as jest.Mock).mockImplementation(async callback => {
- return callback({
- user: {
- create: jest.fn().mockResolvedValue(mockUser),
- },
- });
- });
- (JwtUtils.signAccessToken as jest.Mock).mockReturnValue(mockTokens.token);
- (JwtUtils.signRefreshToken as jest.Mock).mockReturnValue(mockTokens.refreshToken);
- (walletService.setUpWallet as jest.Mock).mockResolvedValue(undefined);
-
- const result = await authService.register(mockUserData);
-
- expect(prisma.user.findFirst).toHaveBeenCalledWith({
- where: { OR: [{ email: mockUserData.email }, { phone: mockUserData.phone }] },
- });
- expect(bcrypt.hash).toHaveBeenCalledWith(mockUserData.password, 12);
- expect(result.user).toEqual(mockUser);
- expect(result.token).toBe(mockTokens.token);
- expect(result.refreshToken).toBe(mockTokens.refreshToken);
- });
-
- it('should throw ConflictError if user already exists', async () => {
- (prisma.user.findFirst as jest.Mock).mockResolvedValue({ id: 'existing-user' });
-
- await expect(authService.register(mockUserData)).rejects.toThrow(ConflictError);
- await expect(authService.register(mockUserData)).rejects.toThrow(
- 'User with this email or phone already exists'
- );
- });
- });
-
- describe('login', () => {
- const mockLoginData = {
- email: 'test@example.com',
- password: 'Password123!',
- };
-
- const mockUser = {
- id: 'user-123',
- email: mockLoginData.email,
- password: 'hashed_password',
- isActive: true,
- wallet: null,
- };
-
- it('should successfully login a user', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(mockUser);
- (bcrypt.compare as jest.Mock).mockResolvedValue(true);
- (JwtUtils.signAccessToken as jest.Mock).mockReturnValue('access_token');
- (JwtUtils.signRefreshToken as jest.Mock).mockReturnValue('refresh_token');
- (prisma.user.update as jest.Mock).mockResolvedValue({});
-
- const result = await authService.login(mockLoginData);
-
- expect(prisma.user.findUnique).toHaveBeenCalledWith({
- where: { email: mockLoginData.email },
- include: { wallet: true },
- });
- expect(bcrypt.compare).toHaveBeenCalledWith(mockLoginData.password, mockUser.password);
- expect(result.user).toBeDefined();
- expect('password' in result.user).toBe(false);
- expect(result.token).toBe('access_token');
- });
-
- it('should throw UnauthorizedError if user not found', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(null);
-
- await expect(authService.login(mockLoginData)).rejects.toThrow(UnauthorizedError);
- await expect(authService.login(mockLoginData)).rejects.toThrow(
- 'Invalid email or password'
- );
- });
-
- it('should throw UnauthorizedError if password is incorrect', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(mockUser);
- (bcrypt.compare as jest.Mock).mockResolvedValue(false);
-
- await expect(authService.login(mockLoginData)).rejects.toThrow(UnauthorizedError);
- await expect(authService.login(mockLoginData)).rejects.toThrow(
- 'Invalid email or password'
- );
- });
-
- it('should throw UnauthorizedError if account is deactivated', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue({
- ...mockUser,
- isActive: false,
- });
- (bcrypt.compare as jest.Mock).mockResolvedValue(true);
-
- await expect(authService.login(mockLoginData)).rejects.toThrow(UnauthorizedError);
- await expect(authService.login(mockLoginData)).rejects.toThrow(
- 'Account is deactivated'
- );
- });
- });
-
- describe('getUser', () => {
- it('should return user without password', async () => {
- const mockUser = {
- id: 'user-123',
- email: 'test@example.com',
- password: 'hashed_password',
- wallet: null,
- };
-
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(mockUser);
-
- const result = await authService.getUser('user-123');
-
- expect('password' in result).toBe(false);
- expect(result.id).toBe('user-123');
- });
-
- it('should throw NotFoundError if user not found', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(null);
-
- await expect(authService.getUser('non-existent')).rejects.toThrow(NotFoundError);
- });
- });
-
- describe('sendOtp', () => {
- it('should send phone OTP', async () => {
- (otpService.generateOtp as jest.Mock).mockResolvedValue({});
-
- const result = await authService.sendOtp('+2341234567890', 'phone');
-
- expect(otpService.generateOtp).toHaveBeenCalledWith(
- '+2341234567890',
- OtpType.PHONE_VERIFICATION
- );
- expect(result.expiresIn).toBe(600);
- });
-
- it('should send email OTP', async () => {
- (otpService.generateOtp as jest.Mock).mockResolvedValue({});
-
- const result = await authService.sendOtp('test@example.com', 'email');
-
- expect(otpService.generateOtp).toHaveBeenCalledWith(
- 'test@example.com',
- OtpType.EMAIL_VERIFICATION
- );
- expect(result.expiresIn).toBe(600);
- });
- });
-
- describe('verifyOtp', () => {
- it('should verify phone OTP and update user', async () => {
- (otpService.verifyOtp as jest.Mock).mockResolvedValue(true);
- (prisma.user.update as jest.Mock).mockResolvedValue({});
-
- const result = await authService.verifyOtp('+2341234567890', '123456', 'phone');
-
- expect(otpService.verifyOtp).toHaveBeenCalledWith(
- '+2341234567890',
- '123456',
- OtpType.PHONE_VERIFICATION
- );
- expect(prisma.user.update).toHaveBeenCalledWith({
- where: { phone: '+2341234567890' },
- data: { isVerified: true },
- });
- expect(result.success).toBe(true);
- });
-
- it('should verify email OTP and update user', async () => {
- (otpService.verifyOtp as jest.Mock).mockResolvedValue(true);
- (prisma.user.update as jest.Mock).mockResolvedValue({});
-
- const result = await authService.verifyOtp('test@example.com', '123456', 'email');
-
- expect(otpService.verifyOtp).toHaveBeenCalledWith(
- 'test@example.com',
- '123456',
- OtpType.EMAIL_VERIFICATION
- );
- expect(prisma.user.update).toHaveBeenCalledWith({
- where: { email: 'test@example.com' },
- data: { isVerified: true },
- });
- expect(result.success).toBe(true);
- });
- });
-
- describe('requestPasswordReset', () => {
- it('should generate OTP for existing user', async () => {
- const mockUser = { id: 'user-123', email: 'test@example.com' };
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(mockUser);
- (otpService.generateOtp as jest.Mock).mockResolvedValue({});
-
- await authService.requestPasswordReset('test@example.com');
-
- expect(otpService.generateOtp).toHaveBeenCalledWith(
- 'test@example.com',
- OtpType.PASSWORD_RESET,
- 'user-123'
- );
- });
-
- it('should silently fail for non-existent user', async () => {
- (prisma.user.findUnique as jest.Mock).mockResolvedValue(null);
-
- await expect(
- authService.requestPasswordReset('nonexistent@example.com')
- ).resolves.toBeUndefined();
- expect(otpService.generateOtp).not.toHaveBeenCalled();
- });
- });
-
- describe('verifyResetOtp', () => {
- it('should verify OTP and return reset token', async () => {
- const mockResetToken = 'reset_token_123';
- (otpService.verifyOtp as jest.Mock).mockResolvedValue(true);
- (JwtUtils.signResetToken as jest.Mock).mockReturnValue(mockResetToken);
-
- const result = await authService.verifyResetOtp('test@example.com', '123456');
-
- expect(otpService.verifyOtp).toHaveBeenCalledWith(
- 'test@example.com',
- '123456',
- OtpType.PASSWORD_RESET
- );
- expect(result.resetToken).toBe(mockResetToken);
- });
- });
-
- describe('resetPassword', () => {
- it('should reset password with valid token', async () => {
- const mockDecoded = { email: 'test@example.com' };
- const hashedPassword = 'new_hashed_password';
-
- (JwtUtils.verifyResetToken as jest.Mock).mockReturnValue(mockDecoded);
- (bcrypt.hash as jest.Mock).mockResolvedValue(hashedPassword);
- (prisma.user.update as jest.Mock).mockResolvedValue({});
-
- await authService.resetPassword('valid_reset_token', 'NewPassword123!');
-
- expect(JwtUtils.verifyResetToken).toHaveBeenCalledWith('valid_reset_token');
- expect(bcrypt.hash).toHaveBeenCalledWith('NewPassword123!', 12);
- expect(prisma.user.update).toHaveBeenCalledWith({
- where: { email: 'test@example.com' },
- data: { password: hashedPassword },
- });
- });
- });
-
- describe('submitKyc', () => {
- it('should update user KYC status', async () => {
- const mockUpdatedUser = {
- id: 'user-123',
- kycLevel: KycLevel.BASIC,
- kycStatus: KycStatus.APPROVED,
- };
-
- (prisma.user.update as jest.Mock).mockResolvedValue(mockUpdatedUser);
-
- const result = await authService.submitKyc('user-123', { document: 'passport' });
-
- expect(prisma.user.update).toHaveBeenCalledWith({
- where: { id: 'user-123' },
- data: {
- kycLevel: KycLevel.BASIC,
- kycStatus: KycStatus.APPROVED,
- },
- });
- expect(result.kycLevel).toBe(KycLevel.BASIC);
- expect(result.status).toBe(KycStatus.APPROVED);
- });
- });
-});
diff --git a/src/modules/auth/auth.controller.ts b/src/modules/auth/auth.controller.ts
deleted file mode 100644
index 42ff11c..0000000
--- a/src/modules/auth/auth.controller.ts
+++ /dev/null
@@ -1,179 +0,0 @@
-import { Request, Response, NextFunction } from 'express';
-import { sendCreated, sendSuccess } from '../../lib/utils/api-response';
-import { HttpStatusCode } from '../../lib/utils/http-status-codes';
-import authService from './auth.service';
-
-class AuthController {
- register = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const result = await authService.register(req.body);
-
- sendCreated(
- res,
- {
- user: result.user,
- tokens: {
- accessToken: result.token,
- refreshToken: result.refreshToken,
- expiresIn: result.expiresIn,
- },
- },
- 'User registered successfully'
- );
- } catch (error) {
- next(error);
- }
- };
-
- login = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const result = await authService.login(req.body);
-
- sendSuccess(
- res,
- {
- user: result.user,
- tokens: {
- accessToken: result.token,
- refreshToken: result.refreshToken,
- expiresIn: result.expiresIn,
- },
- },
- 'User logged in successfully',
- HttpStatusCode.OK
- );
- } catch (error) {
- next(error);
- }
- };
-
- me = async (req: Request, res: Response, next: NextFunction) => {
- try {
- // Assuming your 'authenticate' middleware attaches user to req
- const userId = (req as any).user.userId;
- const user = await authService.getUser(userId);
-
- sendSuccess(res, { user }, 'User profile retrieved successfully');
- } catch (error) {
- next(error);
- }
- };
-
- // --- OTP Handling ---
-
- sendPhoneOtp = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { phone } = req.body;
- const result = await authService.sendOtp(phone, 'phone');
- sendSuccess(res, result, 'OTP sent successfully');
- } catch (error) {
- next(error);
- }
- };
-
- verifyPhoneOtp = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { phone, otp } = req.body;
- const result = await authService.verifyOtp(phone, otp, 'phone');
- sendSuccess(res, result, 'Phone verified successfully');
- } catch (error) {
- next(error);
- }
- };
-
- sendEmailOtp = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { email } = req.body;
- const result = await authService.sendOtp(email, 'email');
- sendSuccess(res, result, 'OTP sent successfully');
- } catch (error) {
- next(error);
- }
- };
-
- verifyEmailOtp = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { email, otp } = req.body;
- const result = await authService.verifyOtp(email, otp, 'email');
- sendSuccess(res, result, 'Email verified successfully');
- } catch (error) {
- next(error);
- }
- };
-
- // --- Password Reset ---
-
- requestPasswordReset = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { email } = req.body;
- await authService.requestPasswordReset(email);
- // Always return success message for security (prevent email enumeration)
- sendSuccess(res, { message: 'If email exists, OTP sent' }, 'Password reset initiated');
- } catch (error) {
- next(error);
- }
- };
-
- verifyResetOtp = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { email, otp } = req.body;
- const result = await authService.verifyResetOtp(email, otp);
- sendSuccess(res, result, 'OTP verified');
- } catch (error) {
- next(error);
- }
- };
-
- resetPassword = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { resetToken, newPassword } = req.body;
- await authService.resetPassword(resetToken, newPassword);
- sendSuccess(res, null, 'Password reset successful');
- } catch (error) {
- next(error);
- }
- };
-
- // --- KYC ---
-
- submitKyc = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const userId = (req as any).user.userId;
- const result = await authService.submitKyc(userId, req.body);
- sendSuccess(res, result, 'KYC submitted successfully');
- } catch (error) {
- next(error);
- }
- };
-
- getVerificationStatus = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const userId = (req as any).user.userId;
- // Since we didn't explicitly create getVerificationStatus in the service refactor,
- // we can reuse getUser to get the status fields
- const user = await authService.getUser(userId);
-
- const statusData = {
- kycLevel: user.kycLevel,
- kycStatus: user.kycStatus, // Assuming this field exists on user
- isVerified: user.isVerified,
- };
-
- sendSuccess(res, statusData, 'Verification status retrieved');
- } catch (error) {
- next(error);
- }
- };
-
- refreshToken = async (req: Request, res: Response, next: NextFunction) => {
- try {
- const { refreshToken } = req.body;
- const result = await authService.refreshToken(refreshToken);
- sendSuccess(res, result, 'Token refreshed successfully');
- } catch (error) {
- next(error);
- }
- };
-}
-
-export default new AuthController();
diff --git a/src/modules/auth/auth.routes.ts b/src/modules/auth/auth.routes.ts
deleted file mode 100644
index e8b86ba..0000000
--- a/src/modules/auth/auth.routes.ts
+++ /dev/null
@@ -1,105 +0,0 @@
-import express, { Router } from 'express';
-import authController from './auth.controller';
-import rateLimiters from '../../middlewares/rate-limit.middleware';
-import { authenticate } from '../../middlewares/auth.middleware';
-import { uploadKyc, uploadAvatar } from '../../middlewares/upload.middleware'; // You need this for KYC!
-// import { validateBody } from '../../middlewares/validation';
-// import { AuthSchema } from './auth.validation';
-
-const router: Router = express.Router();
-
-// Mock validation for now (Replace with Zod/Joi later)
-const validateBody = (schema: any) => (req: any, res: any, next: any) => next();
-const AuthSchema = {};
-
-// ======================================================
-// 1. Onboarding & Authentication
-// ======================================================
-
-router.post(
- '/register',
- rateLimiters.auth, // Strict limit (prevents mass account creation)
- validateBody(AuthSchema),
- authController.register
-);
-
-router.post(
- '/login',
- rateLimiters.auth, // Strict limit (prevents credential stuffing)
- validateBody(AuthSchema),
- authController.login
-);
-
-router.post(
- '/refresh-token',
- rateLimiters.auth,
- validateBody(AuthSchema),
- authController.refreshToken
-);
-
-router.get('/me', authenticate, authController.me);
-
-// ======================================================
-// 2. OTP Services (Dual Layer Protection)
-// ======================================================
-// We apply Source + Target limits to BOTH Phone and Email
-// to save costs and prevent harassment.
-
-// --- Phone ---
-router.post(
- '/otp/phone',
- [rateLimiters.otpSource, rateLimiters.otpTarget], // <--- Fixed Accessor
- authController.sendPhoneOtp
-);
-
-router.post(
- '/verify/phone',
- rateLimiters.auth, // Verification attempts should be strict (prevents brute force guessing)
- authController.verifyPhoneOtp
-);
-
-// --- Email ---
-router.post(
- '/otp/email',
- [rateLimiters.otpSource, rateLimiters.otpTarget], // <--- Added Dual Layer here too
- authController.sendEmailOtp
-);
-
-router.post('/verify/email', rateLimiters.auth, authController.verifyEmailOtp);
-
-// ======================================================
-// 3. Password Management
-// ======================================================
-
-router.post('/password/reset-request', authController.requestPasswordReset);
-
-router.post(
- '/password/verify-otp',
- rateLimiters.auth, // Strict check for the OTP itself
- authController.verifyResetOtp
-);
-
-router.post('/password/reset', authController.resetPassword);
-
-// ======================================================
-// 4. KYC & Compliance
-// ======================================================
-
-router.post(
- '/kyc',
- authenticate,
- rateLimiters.global,
- uploadKyc.single('document'), // Expects form-data with key 'document'
- authController.submitKyc
-);
-
-// router.post(
-// '/profile/avatar',
-// authenticate,
-// uploadAvatar.single('avatar'),
-// authController.updateAvatar
-// );
-
-router.get('/verification-status', authenticate, authController.getVerificationStatus);
-
-export default router;
diff --git a/src/modules/auth/auth.service.ts b/src/modules/auth/auth.service.ts
deleted file mode 100644
index 782c96d..0000000
--- a/src/modules/auth/auth.service.ts
+++ /dev/null
@@ -1,235 +0,0 @@
-import bcrypt from 'bcryptjs';
-import { prisma, KycLevel, KycStatus, OtpType, User } from '../../database'; // Adjust imports based on your index.ts
-import { ConflictError, NotFoundError, UnauthorizedError } from '../../lib/utils/api-error';
-import { JwtUtils } from '../../lib/utils/jwt-utils';
-import { otpService } from '../../lib/services/otp.service';
-import walletService from '../../lib/services/wallet.service';
-import logger from '../../lib/utils/logger';
-import { formatUserInfo } from '../../lib/utils/functions';
-
-// DTOs
-interface AuthDTO {
- email: string;
- phone: string;
- password: string;
- firstName: string;
- lastName: string;
-}
-
-type LoginDto = Pick;
-
-class AuthService {
- // --- Helpers ---
-
- private generateTokens(user: Pick) {
- const tokenPayload = { userId: user.id, email: user.email };
-
- const token = JwtUtils.signAccessToken(tokenPayload);
- const refreshToken = JwtUtils.signRefreshToken({ userId: user.id });
-
- return {
- token,
- refreshToken,
- expiresIn: 86400, // 24h in seconds
- };
- }
-
- // --- Main Methods ---
-
- async register(dto: AuthDTO) {
- const { email, phone, password, firstName, lastName } = dto;
-
- // 1. Check existing user
- const existingUser = await prisma.user.findFirst({
- where: { OR: [{ email }, { phone }] },
- });
-
- if (existingUser) {
- throw new ConflictError('User with this email or phone already exists');
- }
-
- // 2. Hash Password
- const hashedPassword = await bcrypt.hash(password, 12);
-
- // 3. Create User & Wallet
- const result = await prisma.$transaction(async tx => {
- const user = await tx.user.create({
- data: {
- email,
- phone,
- password: hashedPassword,
- firstName,
- lastName,
- kycLevel: KycLevel.NONE,
- isVerified: false,
- },
- select: {
- id: true,
- email: true,
- phone: true,
- firstName: true,
- lastName: true,
- kycLevel: true,
- isVerified: true,
- createdAt: true,
- },
- });
-
- await walletService.setUpWallet(user.id, tx);
-
- return user;
- });
-
- // 4. Generate Tokens via Utils
- const tokens = this.generateTokens(result);
-
- return { user: result, ...tokens };
- }
-
- async login(dto: LoginDto) {
- const { email, password } = dto;
-
- const user = await prisma.user.findUnique({
- where: { email },
- include: { wallet: true },
- });
-
- if (!user) {
- throw new UnauthorizedError('Invalid email or password');
- }
-
- const passwordMatch = await bcrypt.compare(password, user.password);
- if (!passwordMatch) {
- throw new UnauthorizedError('Invalid email or password');
- }
-
- if (!user.isActive) {
- throw new UnauthorizedError('Account is deactivated');
- }
-
- // Fire & Forget update
- prisma.user
- .update({
- where: { id: user.id },
- data: { lastLogin: new Date() },
- })
- .catch(err => logger.error('Failed to update last login', err));
-
- // Generate Tokens via Utils
- const tokens = this.generateTokens(user);
-
- return {
- user: formatUserInfo(user),
- ...tokens,
- };
- }
-
- async getUser(id: string) {
- const user = await prisma.user.findUnique({
- where: { id },
- include: { wallet: true },
- });
-
- if (!user) {
- throw new NotFoundError('User not found');
- }
-
- return formatUserInfo(user);
- }
-
- async sendOtp(identifier: string, type: 'phone' | 'email') {
- const otpType = type === 'phone' ? OtpType.PHONE_VERIFICATION : OtpType.EMAIL_VERIFICATION;
- await otpService.generateOtp(identifier, otpType);
- return { expiresIn: 600 };
- }
-
- async verifyOtp(identifier: string, code: string, type: 'phone' | 'email') {
- const otpType = type === 'phone' ? OtpType.PHONE_VERIFICATION : OtpType.EMAIL_VERIFICATION;
-
- await otpService.verifyOtp(identifier, code, otpType);
-
- const whereClause = type === 'email' ? { email: identifier } : { phone: identifier };
-
- await prisma.user.update({
- where: whereClause,
- data: { isVerified: true },
- });
-
- return { success: true };
- }
-
- async requestPasswordReset(email: string) {
- const user = await prisma.user.findUnique({ where: { email } });
- if (!user) return; // Silent fail
-
- await otpService.generateOtp(email, OtpType.PASSWORD_RESET, user.id);
- }
-
- async verifyResetOtp(email: string, code: string) {
- await otpService.verifyOtp(email, code, OtpType.PASSWORD_RESET);
-
- // Sign specific reset token via Utils
- const resetToken = JwtUtils.signResetToken(email);
-
- return { resetToken };
- }
-
- async resetPassword(resetToken: string, newPassword: string) {
- // Verify specific reset token via Utils
- // This throws BadRequestError if invalid or expired
- const decoded = JwtUtils.verifyResetToken(resetToken);
-
- const hashedPassword = await bcrypt.hash(newPassword, 12);
-
- await prisma.user.update({
- where: { email: decoded.email },
- data: { password: hashedPassword },
- });
- }
-
- async submitKyc(id: string, data: any) {
- const updatedUser = await prisma.user.update({
- where: { id },
- data: {
- kycLevel: KycLevel.BASIC,
- kycStatus: KycStatus.APPROVED,
- },
- });
-
- return {
- kycLevel: updatedUser.kycLevel,
- status: updatedUser.kycStatus,
- };
- }
-
- async refreshToken(incomingRefreshToken: string) {
- // 1. Verify the incoming token signature & expiry
- // JwtUtils should throw a specific error if verification fails,
- // which globalErrorHandler will catch.
- const decoded = JwtUtils.verifyRefreshToken(incomingRefreshToken);
-
- // 2. Check if user still exists and is allowed to login
- // We fetch the user to ensure they weren't banned/deleted
- // since the last token was issued.
- const user = await prisma.user.findUnique({
- where: { id: decoded.userId },
- select: { id: true, email: true, isActive: true },
- });
-
- if (!user) {
- throw new UnauthorizedError('User no longer exists');
- }
-
- if (!user.isActive) {
- throw new UnauthorizedError('Account is deactivated');
- }
-
- // 3. Generate NEW set of tokens (Rotation)
- // This ensures the old refresh token is effectively discarded by the client
- const newTokens = this.generateTokens(user);
-
- return newTokens;
- }
-}
-
-export default new AuthService();
diff --git a/src/modules/routes.ts b/src/modules/routes.ts
deleted file mode 100644
index 0d77ca0..0000000
--- a/src/modules/routes.ts
+++ /dev/null
@@ -1,24 +0,0 @@
-import { Router } from 'express';
-import authRoutes from './auth/auth.routes';
-
-const router: Router = Router();
-
-/**
- * Central Route Aggregator
- *
- * This file aggregates all module/feature routes and mounts them
- * under their respective base paths.
- *
- * Pattern: /api/v1//
- */
-
-// Mount Auth Module Routes
-router.use('/auth', authRoutes);
-
-// TODO: Add more module routes as they are created
-// Example:
-// router.use('/wallet', walletRoutes);
-// router.use('/transactions', transactionRoutes);
-// router.use('/kyc', kycRoutes);
-
-export default router;
diff --git a/src/scripts/fix-stuck-order.ts b/src/scripts/fix-stuck-order.ts
new file mode 100644
index 0000000..4b4e110
--- /dev/null
+++ b/src/scripts/fix-stuck-order.ts
@@ -0,0 +1,188 @@
+import { prisma, OrderStatus, AdType, TransactionType, NotificationType } from '../shared/database';
+import { serviceRevenueService } from '../api/modules/revenue/service-revenue.service';
+import logger from '../shared/lib/utils/logger';
+
+const fixStuckOrder = async (orderId: string) => {
+ console.log(`Fixing stuck order ${orderId}...`);
+
+ const order = await prisma.p2POrder.findUnique({
+ where: { id: orderId },
+ include: { ad: true },
+ });
+
+ if (!order) {
+ console.error('Order not found');
+ return;
+ }
+
+ console.log(`Order status: ${order.status}`);
+
+ // Check if funds already moved
+ const existingTx = await prisma.transaction.findFirst({
+ where: { reference: `P2P-DEBIT-${orderId}` },
+ });
+
+ if (existingTx) {
+ console.log('Funds already released (Transaction exists).');
+ return;
+ }
+
+ console.log('Funds NOT released. Processing manual release...');
+
+ try {
+ await prisma.$transaction(async tx => {
+ // 1. Identify NGN Payer and Receiver
+ const isBuyFx = order.ad.type === AdType.BUY_FX;
+ const payerId = isBuyFx ? order.makerId : order.takerId;
+ const receiverId = isBuyFx ? order.takerId : order.makerId;
+
+ console.log(`Payer: ${payerId}, Receiver: ${receiverId}`);
+
+ // 2. Get Revenue Wallet
+ const revenueWallet = await serviceRevenueService.getRevenueWallet();
+
+ // 3. Debit Payer (From Locked Balance)
+ await tx.wallet.update({
+ where: { userId: payerId },
+ data: {
+ lockedBalance: { decrement: order.totalNgn },
+ },
+ });
+ console.log(`Debited payer locked balance: ${order.totalNgn}`);
+
+ // 4. Credit Receiver (Total - Fee)
+ await tx.wallet.update({
+ where: { userId: receiverId },
+ data: {
+ balance: { increment: Number(order.receiveAmount) },
+ },
+ });
+ console.log(`Credited receiver balance: ${order.receiveAmount}`);
+
+ // Update User Cumulative Inflow
+ await tx.user.update({
+ where: { id: receiverId },
+ data: {
+ cumulativeInflow: { increment: Number(order.receiveAmount) },
+ },
+ });
+
+ // 5. Credit Revenue (Fee)
+ await tx.wallet.update({
+ where: { id: revenueWallet.id },
+ data: {
+ balance: { increment: order.fee },
+ },
+ });
+
+ // 6. Create Transaction Records
+ // Fetch wallets with current balances
+ const payerWallet = await tx.wallet.findUniqueOrThrow({
+ where: { userId: payerId },
+ });
+ const receiverWallet = await tx.wallet.findUniqueOrThrow({
+ where: { userId: receiverId },
+ });
+
+ // Calculate balances (after the updates above)
+ const payerBalanceBefore =
+ Number(payerWallet.balance) + Number(payerWallet.lockedBalance);
+ const payerBalanceAfter = Number(payerWallet.balance);
+ const receiverBalanceBefore =
+ Number(receiverWallet.balance) - Number(order.receiveAmount);
+ const receiverBalanceAfter = Number(receiverWallet.balance);
+
+ // Payer Debit Transaction
+ await tx.transaction.create({
+ data: {
+ userId: payerId,
+ walletId: payerWallet.id,
+ type: TransactionType.TRANSFER,
+ amount: -order.totalNgn,
+ balanceBefore: payerBalanceBefore,
+ balanceAfter: payerBalanceAfter,
+ status: 'COMPLETED',
+ reference: `P2P-DEBIT-${order.id}`,
+ description: `P2P ${isBuyFx ? 'Purchase' : 'Sale'}: ${order.amount} ${
+ order.ad.currency
+ } @ โฆ${order.price}/${order.ad.currency}`,
+ metadata: {
+ orderId: order.id,
+ type: isBuyFx ? 'BUY_FX' : 'SELL_FX',
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ rate: order.price,
+ fee: order.fee,
+ counterpartyId: receiverId,
+ },
+ },
+ });
+
+ // Receiver Credit Transaction
+ await tx.transaction.create({
+ data: {
+ userId: receiverId,
+ walletId: receiverWallet.id,
+ type: TransactionType.DEPOSIT,
+ amount: Number(order.receiveAmount),
+ balanceBefore: receiverBalanceBefore,
+ balanceAfter: receiverBalanceAfter,
+ status: 'COMPLETED',
+ reference: `P2P-CREDIT-${order.id}`,
+ description: `P2P ${isBuyFx ? 'Sale' : 'Purchase'}: ${order.amount} ${
+ order.ad.currency
+ } @ โฆ${order.price}/${order.ad.currency} (Fee: โฆ${order.fee})`,
+ metadata: {
+ orderId: order.id,
+ type: isBuyFx ? 'SELL_FX' : 'BUY_FX',
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ rate: order.price,
+ grossAmount: order.totalNgn,
+ fee: order.fee,
+ netAmount: Number(order.receiveAmount),
+ counterpartyId: payerId,
+ },
+ },
+ });
+
+ // Fee Credit (Revenue)
+ await tx.transaction.create({
+ data: {
+ userId: revenueWallet.userId,
+ walletId: revenueWallet.id,
+ type: TransactionType.FEE,
+ amount: order.fee,
+ balanceBefore: 0,
+ balanceAfter: 0,
+ status: 'COMPLETED',
+ reference: `P2P-FEE-${order.id}`,
+ description: `P2P Transaction Fee: Order #${order.id.slice(0, 8)}`,
+ metadata: {
+ orderId: order.id,
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ },
+ },
+ });
+
+ // Ensure order is COMPLETED
+ await tx.p2POrder.update({
+ where: { id: orderId },
+ data: { status: OrderStatus.COMPLETED, completedAt: new Date() },
+ });
+ });
+
+ console.log('โ
Order fixed successfully!');
+ } catch (error) {
+ console.error('Error fixing order:', error);
+ }
+};
+
+// Run
+fixStuckOrder('8e05edc7-1665-42a7-b5a9-c181c1d572e9')
+ .then(() => process.exit(0))
+ .catch(e => {
+ console.error(e);
+ process.exit(1);
+ });
diff --git a/src/scripts/verify-p2p-flow.ts b/src/scripts/verify-p2p-flow.ts
new file mode 100644
index 0000000..0f37bb0
--- /dev/null
+++ b/src/scripts/verify-p2p-flow.ts
@@ -0,0 +1,121 @@
+import { prisma, AdType } from '../shared/database';
+import { P2PAdService } from '../api/modules/p2p/ad/p2p-ad.service';
+import { P2POrderService } from '../api/modules/p2p/order/p2p-order.service';
+import { P2PChatService } from '../api/modules/p2p/chat/p2p-chat.service';
+import logger from '../shared/lib/utils/logger';
+
+async function verifyP2PFlow() {
+ logger.info('๐ Starting P2P Verification Flow...');
+
+ try {
+ // 1. Setup Users
+ const makerEmail = `maker-${Date.now()}@test.com`;
+ const takerEmail = `taker-${Date.now()}@test.com`;
+
+ const maker = await prisma.user.create({
+ data: {
+ email: makerEmail,
+ password: 'password',
+ firstName: 'Maker',
+ lastName: 'Test',
+ wallet: { create: { balance: 500000, lockedBalance: 0 } }, // 500k NGN
+ },
+ include: { wallet: true },
+ });
+
+ const taker = await prisma.user.create({
+ data: {
+ email: takerEmail,
+ password: 'password',
+ firstName: 'Taker',
+ lastName: 'Test',
+ wallet: { create: { balance: 0, lockedBalance: 0 } },
+ },
+ include: { wallet: true },
+ });
+
+ logger.info(`โ
Users Created: Maker (${maker.id}), Taker (${taker.id})`);
+
+ // 2. Create Payment Method
+ const pm = await prisma.p2PPaymentMethod.create({
+ data: {
+ userId: maker.id,
+ currency: 'USD',
+ bankName: 'Chase',
+ accountNumber: '1234567890',
+ accountName: 'Maker Test',
+ details: { routingNumber: '021000021' },
+ isPrimary: true,
+ },
+ });
+ logger.info(`โ
Payment Method Created: ${pm.id}`);
+
+ // 3. Create Ad (BUY_FX)
+ // Maker wants to Buy 100 USD at 1500 NGN/USD. Total NGN needed = 150,000.
+ const ad = await P2PAdService.createAd(maker.id, {
+ type: AdType.BUY_FX,
+ currency: 'USD',
+ totalAmount: 100,
+ price: 1500,
+ minLimit: 10,
+ maxLimit: 100,
+ paymentMethodId: pm.id,
+ });
+
+ logger.info(`โ
Ad Created: ${ad.id}`);
+
+ // Verify Maker Lock
+ const makerWalletAfterAd = await prisma.wallet.findUnique({ where: { userId: maker.id } });
+ logger.info(
+ ` Maker Locked Balance: ${makerWalletAfterAd?.lockedBalance} (Expected: 150000)`
+ );
+
+ // 4. Create Order
+ // Taker sells 50 USD. Total NGN = 75,000.
+ const order = await P2POrderService.createOrder(taker.id, {
+ adId: ad.id,
+ amount: 50,
+ });
+
+ logger.info(`โ
Order Created: ${order.id}`);
+ logger.info(` Order Total NGN: ${order.totalNgn}`);
+ logger.info(` Order Fee: ${order.fee}`);
+ logger.info(` Receive Amount: ${order.receiveAmount}`);
+
+ // Verify Ad Balance
+ const adAfterOrder = await prisma.p2PAd.findUnique({ where: { id: ad.id } });
+ logger.info(` Ad Remaining: ${adAfterOrder?.remainingAmount} (Expected: 50)`);
+
+ // 5. Chat
+ await P2PChatService.saveMessage(taker.id, order.id, 'Hello, I have sent the FX.');
+ logger.info('โ
Chat Message Sent');
+
+ // 6. Mark as Paid
+ await P2POrderService.markAsPaid(taker.id, order.id, 'http://proof.url');
+ logger.info('โ
Order Marked as Paid');
+
+ // 7. Release Funds
+ await P2POrderService.confirmOrder(maker.id, order.id);
+ logger.info('โ
Funds Released (Order Confirmed)');
+
+ // 8. Verify Final Balances
+ const makerWalletFinal = await prisma.wallet.findUnique({ where: { userId: maker.id } });
+ const takerWalletFinal = await prisma.wallet.findUnique({ where: { userId: taker.id } });
+
+ // Maker: 500k - 150k (Locked) -> Released 75k. Remaining Locked 75k. Balance 350k.
+ // Taker: 0 + (75k - Fee).
+ // Fee = 1% of 75k = 750.
+ // Taker gets 74250.
+
+ logger.info(` Maker Final Locked: ${makerWalletFinal?.lockedBalance} (Expected: 75000)`);
+ logger.info(` Taker Final Balance: ${takerWalletFinal?.balance} (Expected: 74250)`);
+
+ logger.info('๐ Verification Complete!');
+ } catch (error) {
+ logger.error('โ Verification Failed:', error);
+ } finally {
+ await prisma.$disconnect();
+ }
+}
+
+verifyP2PFlow();
diff --git a/src/server.ts b/src/server.ts
deleted file mode 100644
index 1b91c15..0000000
--- a/src/server.ts
+++ /dev/null
@@ -1,57 +0,0 @@
-import app from './app';
-import { envConfig } from './config/env.config';
-import logger from './lib/utils/logger';
-import { prisma, checkDatabaseConnection } from './database';
-
-let server: any;
-const SERVER_URL = envConfig.SERVER_URL;
-const PORT = envConfig.PORT;
-
-const startServer = async () => {
- try {
- // 1. Check Database Connection
- // Prisma connects lazily (on first query), but we force it here
- // to fail fast if the DB is down on startup.
- const isConnected = await checkDatabaseConnection();
-
- if (!isConnected) {
- throw new Error('Could not establish database connection');
- }
-
- logger.debug('โ
Database connected successfully (Prisma)');
-
- // 2. Start Listening
- server = app.listen(PORT, () => {
- logger.info(`๐ Server running in ${envConfig.NODE_ENV} mode on port ${PORT}`);
- logger.debug(`๐ Health: ${SERVER_URL}:${PORT}/api/v1/health`);
- });
- } catch (error) {
- logger.error('โ Failed to start server:', error);
- process.exit(1);
- }
-};
-
-// Graceful Shutdown
-const handleShutdown = (signal: string) => {
- logger.info(`${signal} received. Closing server...`);
-
- if (server) {
- server.close(async () => {
- logger.info('Http server closed.');
-
- // 3. Disconnect Prisma
- await prisma.$disconnect();
- logger.debug('Prisma client disconnected.');
-
- process.exit(0);
- });
- } else {
- process.exit(0);
- }
-};
-
-process.on('SIGTERM', () => handleShutdown('SIGTERM'));
-process.on('SIGINT', () => handleShutdown('SIGINT'));
-
-// Start
-startServer();
diff --git a/src/shared/config/env.config.ts b/src/shared/config/env.config.ts
new file mode 100644
index 0000000..b84b492
--- /dev/null
+++ b/src/shared/config/env.config.ts
@@ -0,0 +1,221 @@
+import dotenv from 'dotenv';
+import path from 'path';
+
+import logger from '../lib/utils/logger';
+
+interface EnvConfig {
+ NODE_ENV: string;
+ PORT: number;
+ ENABLE_FILE_LOGGING: boolean;
+ SERVER_URL: string;
+
+ DB_HOST: string;
+ DB_USER: string;
+ DB_PASSWORD: string;
+ DB_NAME: string;
+ DATABASE_URL: string;
+
+ REDIS_URL: string;
+ REDIS_PORT: number;
+
+ JWT_SECRET: string;
+ JWT_ACCESS_EXPIRATION: string;
+ JWT_REFRESH_SECRET: string;
+ JWT_REFRESH_EXPIRATION: string;
+
+ GLOBUS_SECRET_KEY: string;
+ GLOBUS_WEBHOOK_SECRET: string;
+ GLOBUS_BASE_URL: string;
+ GLOBUS_CLIENT_ID: string;
+
+ CORS_URLS: string;
+
+ SMTP_HOST: string;
+ SMTP_PORT: number;
+ SMTP_USER: string;
+ SMTP_PASSWORD: string;
+ EMAIL_TIMEOUT: number;
+ FROM_EMAIL: string;
+ FRONTEND_URL: string;
+
+ // Resend Email Service
+ RESEND_API_KEY: string;
+
+ // SendGrid Email Service (for staging)
+ SENDGRID_API_KEY: string;
+
+ // Mailtrap Email Service (for staging - API)
+ MAILTRAP_API_TOKEN: string;
+
+ // Mailtrap SMTP (deprecated - kept for backward compatibility)
+ MAILTRAP_HOST: string;
+ MAILTRAP_PORT: number;
+ MAILTRAP_USER: string;
+ MAILTRAP_PASSWORD: string;
+
+ // Twilio SMS Service
+ TWILIO_ACCOUNT_SID: string;
+ TWILIO_AUTH_TOKEN: string;
+ TWILIO_PHONE_NUMBER: string;
+
+ // Cloudinary Storage Service
+ CLOUDINARY_CLOUD_NAME: string;
+ CLOUDINARY_API_KEY: string;
+ CLOUDINARY_API_SECRET: string;
+
+ // Storage (S3/Cloudflare R2)
+ AWS_ACCESS_KEY_ID: string;
+ AWS_SECRET_ACCESS_KEY: string;
+ AWS_REGION: string;
+ AWS_BUCKET_NAME: string;
+ AWS_ENDPOINT: string; // For Cloudflare R2
+
+ // System
+ SYSTEM_USER_ID: string;
+}
+
+import fs from 'fs';
+
+const loadEnv = () => {
+ const env = process.env.NODE_ENV || 'development';
+ const envFile = path.resolve(process.cwd(), `.env.${env}`);
+ const genericEnvFile = path.resolve(process.cwd(), `.env`);
+
+ // Check if specific env file exists
+ if (fs.existsSync(envFile)) {
+ const configResult = dotenv.config({ path: envFile });
+ if (configResult.error) {
+ logger.error(`Error loading env file (${envFile}):`, configResult.error.message);
+ }
+ } else {
+ // Only warn if we are NOT in production, because in production we expect env vars to be injected
+ if (env !== 'production') {
+ logger.warn(`Specific env file not found (${envFile}). Falling back to generic .env.`);
+ }
+
+ // Try generic .env
+ if (fs.existsSync(genericEnvFile)) {
+ dotenv.config({ path: genericEnvFile });
+ }
+ }
+};
+
+loadEnv();
+
+const getEnv = (key: string, defaultValue?: string): string => {
+ const value = process.env[key];
+ if (value === undefined) {
+ if (defaultValue !== undefined) {
+ return defaultValue;
+ }
+ throw new Error(`Missing required environment variable: ${key}`);
+ }
+ return value;
+};
+
+export const envConfig: EnvConfig = {
+ NODE_ENV: getEnv('NODE_ENV', 'development'),
+ PORT: parseInt(getEnv('PORT', '8080'), 10),
+ SERVER_URL: getEnv('SERVER_URL', 'http://localhost'),
+ ENABLE_FILE_LOGGING: getEnv('ENABLE_FILE_LOGGING', 'true') === 'true',
+ DB_HOST: getEnv('DB_HOST', 'localhost'),
+ DB_USER: getEnv('DB_USER', 'root'),
+ DB_PASSWORD: getEnv('DB_PASSWORD', 'password'),
+ DB_NAME: getEnv('DB_NAME', 'verivo_bkend'),
+ DATABASE_URL: getEnv('DATABASE_URL'),
+ REDIS_URL: getEnv('REDIS_URL', 'redis://localhost:6379'),
+ REDIS_PORT: parseInt(getEnv('REDIS_PORT', '6379'), 10),
+ JWT_SECRET: getEnv('JWT_SECRET', 'JWT_SECRET'),
+ JWT_ACCESS_EXPIRATION: getEnv('JWT_ACCESS_EXPIRATION', 'JWT_ACCESS_EXPIRATION'),
+ JWT_REFRESH_SECRET: getEnv('JWT_REFRESH_SECRET', 'JWT_REFRESH_SECRET'),
+ JWT_REFRESH_EXPIRATION: getEnv('JWT_REFRESH_EXPIRATION', 'JWT_REFRESH_EXPIRATION'),
+ GLOBUS_SECRET_KEY: getEnv('GLOBUS_SECRET_KEY'),
+ GLOBUS_WEBHOOK_SECRET: getEnv('GLOBUS_WEBHOOK_SECRET'),
+ GLOBUS_BASE_URL: getEnv('GLOBUS_BASE_URL'),
+ GLOBUS_CLIENT_ID: getEnv('GLOBUS_CLIENT_ID'),
+ CORS_URLS: getEnv('CORS_URLS', 'http://localhost:3000'),
+ SMTP_HOST: getEnv('SMTP_HOST', 'smtp.example.com'),
+ SMTP_PORT: parseInt(getEnv('SMTP_PORT', '587'), 10),
+ SMTP_USER: getEnv('SMTP_USER', 'smtp@example.com'),
+ SMTP_PASSWORD: getEnv('SMTP_PASSWORD', 'smtp-password'),
+ EMAIL_TIMEOUT: parseInt(getEnv('EMAIL_TIMEOUT', '10000'), 10),
+ FROM_EMAIL: getEnv('FROM_EMAIL', 'onboarding@resend.dev'),
+ FRONTEND_URL: getEnv('FRONTEND_URL', 'http://localhost:3000'),
+
+ RESEND_API_KEY: getEnv('RESEND_API_KEY', ''),
+
+ SENDGRID_API_KEY: getEnv('SENDGRID_API_KEY', ''),
+
+ MAILTRAP_API_TOKEN: getEnv('MAILTRAP_API_TOKEN', ''),
+
+ MAILTRAP_HOST: getEnv('MAILTRAP_HOST', 'sandbox.smtp.mailtrap.io'),
+ MAILTRAP_PORT: parseInt(getEnv('MAILTRAP_PORT', '2525'), 10),
+ MAILTRAP_USER: getEnv('MAILTRAP_USER', ''),
+ MAILTRAP_PASSWORD: getEnv('MAILTRAP_PASSWORD', ''),
+
+ TWILIO_ACCOUNT_SID: getEnv('TWILIO_ACCOUNT_SID', ''),
+ TWILIO_AUTH_TOKEN: getEnv('TWILIO_AUTH_TOKEN', ''),
+ TWILIO_PHONE_NUMBER: getEnv('TWILIO_PHONE_NUMBER', ''),
+
+ CLOUDINARY_CLOUD_NAME: getEnv('CLOUDINARY_CLOUD_NAME', ''),
+ CLOUDINARY_API_KEY: getEnv('CLOUDINARY_API_KEY', ''),
+ CLOUDINARY_API_SECRET: getEnv('CLOUDINARY_API_SECRET', ''),
+
+ AWS_ACCESS_KEY_ID: getEnv('AWS_ACCESS_KEY_ID', 'minioadmin'),
+ AWS_SECRET_ACCESS_KEY: getEnv('AWS_SECRET_ACCESS_KEY', 'minioadmin'),
+ AWS_REGION: getEnv('AWS_REGION', 'us-east-1'),
+ AWS_BUCKET_NAME: getEnv('AWS_BUCKET_NAME', 'bcdees'),
+ AWS_ENDPOINT: getEnv('AWS_ENDPOINT', 'http://localhost:9000'),
+
+ SYSTEM_USER_ID: getEnv('SYSTEM_USER_ID', 'system-wallet-user'),
+};
+
+/**
+ * Validates that all required environment variables are set.
+ * Throws an error if any are missing.
+ */
+export const validateEnv = (): void => {
+ const requiredKeys: (keyof EnvConfig)[] = [
+ 'DATABASE_URL',
+ 'JWT_SECRET',
+ 'JWT_ACCESS_EXPIRATION',
+ 'JWT_REFRESH_SECRET',
+ 'JWT_REFRESH_EXPIRATION',
+
+ 'CORS_URLS',
+ // 'SMTP_HOST',
+ // 'SMTP_PORT',
+ // 'SMTP_USER',
+ // 'SMTP_PASSWORD',
+ 'FROM_EMAIL',
+ 'SYSTEM_USER_ID',
+ ];
+
+ if (process.env.NODE_ENV === 'production') {
+ // Only require Globus credentials in true production
+ // In staging, we can use mock services for payment processing
+ const isStaging = process.env.STAGING === 'true';
+
+ if (!isStaging) {
+ requiredKeys.push(
+ 'GLOBUS_SECRET_KEY',
+ 'GLOBUS_WEBHOOK_SECRET',
+ 'GLOBUS_BASE_URL',
+ 'GLOBUS_CLIENT_ID'
+ );
+ }
+ }
+
+ const missingKeys = requiredKeys.filter(key => !process.env[key]);
+
+ if (missingKeys.length > 0) {
+ throw new Error(
+ `Missing required environment variables: ${missingKeys.join(
+ ', '
+ )}. Please check your .env file.`
+ );
+ }
+};
+
+// Validate environment variables early
+validateEnv();
diff --git a/src/shared/config/redis.config.ts b/src/shared/config/redis.config.ts
new file mode 100644
index 0000000..9b4cf5d
--- /dev/null
+++ b/src/shared/config/redis.config.ts
@@ -0,0 +1,46 @@
+import { envConfig } from './env.config';
+import IORedis from 'ioredis';
+import logger from '../lib/utils/logger';
+
+// Parse REDIS_URL or construct connection options
+const redisUrl = envConfig.REDIS_URL;
+
+export const redisConnection = new IORedis(redisUrl, {
+ maxRetriesPerRequest: null, // Required by BullMQ
+ retryStrategy: times => {
+ const delay = Math.min(times * 50, 2000);
+ if (times % 10 === 0) {
+ logger.warn(`Redis connection failed. Retrying in ${delay}ms... (Attempt ${times})`);
+ }
+ return delay;
+ },
+ reconnectOnError: err => {
+ const targetError = 'READONLY';
+ if (err.message.includes(targetError)) {
+ // Only reconnect when the error starts with "READONLY"
+ return true;
+ }
+ return false;
+ },
+});
+
+redisConnection.on('connect', () => {
+ logger.info('Redis connected successfully');
+});
+
+redisConnection.on('error', (err: any) => {
+ // Suppress ECONNREFUSED logs to avoid spamming, only log periodically via retryStrategy
+ if (err.code === 'ECONNREFUSED') {
+ // We rely on retryStrategy to log warnings
+ return;
+ }
+ logger.error('Redis connection error:', err);
+});
+
+redisConnection.on('ready', () => {
+ logger.info('Redis client is ready');
+});
+
+export const redisConfig = {
+ connection: redisConnection,
+};
diff --git a/src/config/security.config.ts b/src/shared/config/security.config.ts
similarity index 86%
rename from src/config/security.config.ts
rename to src/shared/config/security.config.ts
index 75dc9bb..b441bc0 100644
--- a/src/config/security.config.ts
+++ b/src/shared/config/security.config.ts
@@ -1,5 +1,6 @@
import { CorsOptions } from 'cors';
import { HelmetOptions } from 'helmet';
+import { ipKeyGenerator } from 'express-rate-limit';
import { envConfig } from './env.config';
import { CorsError } from '../lib/utils/api-error';
import { Request } from 'express';
@@ -20,7 +21,8 @@ export const rateLimitKeyGenerator = (req: Request | any): string => {
if (req.headers['x-device-id']) return `device:${req.headers['x-device-id']}`;
// 3. Fallback to IP (Least accurate on mobile data)
- return req.ip || '127.0.0.1';
+ // Use ipKeyGenerator helper to properly handle IPv6
+ return ipKeyGenerator(req);
};
// ======================================================
@@ -30,24 +32,25 @@ export const rateLimitConfig = {
global: {
windowMs: 15 * 60 * 1000,
max: 300,
- message: 'Too many requests.',
+ message: 'We are receiving too many requests from you.',
},
auth: {
windowMs: 15 * 60 * 1000,
max: 10,
- message: 'Too many login attempts.',
+ message:
+ 'Too many failed login attempts. For your security, please wait before trying again.',
},
// OTP Target: Prevents spamming ONE number
otpTarget: {
windowMs: 60 * 60 * 1000, // 1 hour
max: 5,
- message: 'Too many OTP requests for this number.',
+ message: 'You have requested too many OTPs for this number.',
},
// OTP Source: Prevents ONE device spamming ANY number
otpSource: {
windowMs: 60 * 60 * 1000, // 1 hour
max: 10,
- message: 'Suspicious OTP activity. Try again later.',
+ message: 'We have detected unusual activity. Please try again later.',
},
};
diff --git a/src/config/upload.config.ts b/src/shared/config/upload.config.ts
similarity index 68%
rename from src/config/upload.config.ts
rename to src/shared/config/upload.config.ts
index 4a0455d..798ee58 100644
--- a/src/config/upload.config.ts
+++ b/src/shared/config/upload.config.ts
@@ -11,4 +11,10 @@ export const uploadConfig = {
allowedMimeTypes: ['image/jpeg', 'image/png', 'image/jpg'],
fieldName: 'avatar',
},
+ // 5MB for Proof of Payment (No need for 4k profile pics)
+ proof: {
+ maxSize: 5 * 1024 * 1024,
+ allowedMimeTypes: ['image/jpeg', 'image/png', 'image/jpg'],
+ fieldName: 'proof',
+ },
};
diff --git a/src/database/database.errors.ts b/src/shared/database/database.errors.ts
similarity index 84%
rename from src/database/database.errors.ts
rename to src/shared/database/database.errors.ts
index eb93317..560e910 100644
--- a/src/database/database.errors.ts
+++ b/src/shared/database/database.errors.ts
@@ -1,4 +1,4 @@
-import { Prisma } from './generated/prisma';
+import { Prisma } from '@prisma/client';
export const PrismaClientKnownRequestError = Prisma.PrismaClientKnownRequestError;
export const PrismaClientValidationError = Prisma.PrismaClientValidationError;
diff --git a/src/shared/database/database.types.ts b/src/shared/database/database.types.ts
new file mode 100644
index 0000000..a899eac
--- /dev/null
+++ b/src/shared/database/database.types.ts
@@ -0,0 +1 @@
+export { type Prisma } from '@prisma/client';
diff --git a/src/database/index.ts b/src/shared/database/index.ts
similarity index 77%
rename from src/database/index.ts
rename to src/shared/database/index.ts
index 89b3bf7..afdb17d 100644
--- a/src/database/index.ts
+++ b/src/shared/database/index.ts
@@ -1,14 +1,16 @@
import logger from '../lib/utils/logger';
+
import { envConfig } from '../config/env.config';
-import { PrismaClient } from './generated/prisma';
+import { PrismaClient } from '@prisma/client';
-export * from './database.types';
export * from './database.errors';
+export * from '@prisma/client';
const isDevelopment = envConfig.NODE_ENV === 'development';
// 1. Define the Prisma Client type globally to prevent TS errors on 'global'
declare global {
+ // eslint-disable-next-line no-var
var prisma: PrismaClient | undefined;
}
@@ -17,6 +19,11 @@ declare global {
export const prisma =
global.prisma ||
new PrismaClient({
+ datasources: {
+ db: {
+ url: envConfig.DATABASE_URL,
+ },
+ },
log: isDevelopment ? ['query', 'info', 'warn', 'error'] : ['error'],
});
@@ -41,6 +48,10 @@ export const checkDatabaseConnection = async (): Promise => {
return true;
} catch (error) {
logger.error('Database connection check failed:', error);
+ if (error instanceof Error) {
+ logger.error(error.message);
+ logger.error(error.stack);
+ }
return false;
}
};
diff --git a/src/shared/lib/events/__tests__/event-bus.test.ts b/src/shared/lib/events/__tests__/event-bus.test.ts
new file mode 100644
index 0000000..bf34809
--- /dev/null
+++ b/src/shared/lib/events/__tests__/event-bus.test.ts
@@ -0,0 +1,81 @@
+import { eventBus, EventType } from '../event-bus';
+import { setupTransactionListeners } from '../listeners/transaction.listener';
+import { NotificationType } from '../../../database';
+import NotificationUtil from '../../services/notification/notification-utils';
+
+// Mock NotificationUtil
+jest.mock('../../services/notification/notification-utils', () => {
+ return {
+ __esModule: true,
+ default: {
+ sendToUser: jest.fn(),
+ },
+ };
+});
+
+// Mock Database Connection check in setup.ts
+jest.mock('../../../database', () => ({
+ checkDatabaseConnection: jest.fn().mockResolvedValue(true),
+ prisma: {
+ notification: {
+ create: jest.fn(),
+ },
+ },
+ NotificationType: {
+ TRANSACTION: 'TRANSACTION',
+ SYSTEM: 'SYSTEM',
+ },
+}));
+
+describe('Event Bus & Listeners', () => {
+ beforeAll(() => {
+ setupTransactionListeners();
+ });
+
+ afterEach(() => {
+ jest.clearAllMocks();
+ });
+
+ it('should handle TRANSACTION_COMPLETED event', async () => {
+ const payload = {
+ userId: 'user-123',
+ amount: 5000,
+ type: 'DEPOSIT',
+ counterpartyName: 'John Doe',
+ };
+
+ eventBus.publish(EventType.TRANSACTION_COMPLETED, payload);
+
+ // Wait for async event processing
+ await new Promise(resolve => setTimeout(resolve, 100));
+
+ expect(NotificationUtil.sendToUser).toHaveBeenCalledWith(
+ payload.userId,
+ 'Credit Alert',
+ `You received โฆ${payload.amount} from ${payload.counterpartyName}`,
+ payload,
+ NotificationType.TRANSACTION
+ );
+ });
+
+ it('should handle TRANSACTION_FAILED event', async () => {
+ const payload = {
+ userId: 'user-123',
+ amount: 2000,
+ reason: 'Insufficient funds',
+ };
+
+ eventBus.publish(EventType.TRANSACTION_FAILED, payload);
+
+ // Wait for async event processing
+ await new Promise(resolve => setTimeout(resolve, 100));
+
+ expect(NotificationUtil.sendToUser).toHaveBeenCalledWith(
+ payload.userId,
+ 'Transaction Failed',
+ `Your transaction of โฆ${payload.amount} failed. Reason: ${payload.reason}`,
+ payload,
+ NotificationType.TRANSACTION
+ );
+ });
+});
diff --git a/src/shared/lib/events/event-bus.ts b/src/shared/lib/events/event-bus.ts
new file mode 100644
index 0000000..081d007
--- /dev/null
+++ b/src/shared/lib/events/event-bus.ts
@@ -0,0 +1,60 @@
+import EventEmitter from 'events';
+import logger from '../utils/logger';
+
+export enum EventType {
+ // Auth Events
+ USER_REGISTERED = 'USER_REGISTERED',
+ USER_LOGGED_IN = 'USER_LOGGED_IN',
+ LOGIN_DETECTED = 'LOGIN_DETECTED',
+ PASSWORD_RESET_REQUESTED = 'PASSWORD_RESET_REQUESTED',
+ OTP_REQUESTED = 'OTP_REQUESTED',
+
+ // Transaction Events
+ TRANSACTION_COMPLETED = 'TRANSACTION_COMPLETED',
+ TRANSACTION_FAILED = 'TRANSACTION_FAILED',
+
+ // P2P Events
+ P2P_ORDER_CREATED = 'P2P_ORDER_CREATED',
+ P2P_ORDER_MATCHED = 'P2P_ORDER_MATCHED',
+ P2P_ORDER_COMPLETED = 'P2P_ORDER_COMPLETED',
+ P2P_DISPUTE_OPENED = 'P2P_DISPUTE_OPENED',
+
+ // KYC Events
+ KYC_SUBMITTED = 'KYC_SUBMITTED',
+ KYC_APPROVED = 'KYC_APPROVED',
+ KYC_REJECTED = 'KYC_REJECTED',
+ KYC_UPDATED = 'KYC_UPDATED',
+
+ // Audit Events
+ AUDIT_LOG = 'AUDIT_LOG',
+
+ // Security Events
+ FAILED_PIN_ATTEMPTS = 'FAILED_PIN_ATTEMPTS',
+}
+
+class EventBus extends EventEmitter {
+ constructor() {
+ super();
+ this.on('error', error => {
+ logger.error('EventBus Error:', error);
+ });
+ }
+
+ publish(event: EventType, data: any) {
+ logger.info(`[EventBus] Publishing event: ${event}`);
+ this.emit(event, data);
+ }
+
+ subscribe(event: EventType, callback: (data: any) => void) {
+ this.on(event, async data => {
+ try {
+ logger.info(`[EventBus] Processing event: ${event}`);
+ await callback(data);
+ } catch (error) {
+ logger.error(`[EventBus] Error processing event ${event}:`, error);
+ }
+ });
+ }
+}
+
+export const eventBus = new EventBus();
diff --git a/src/shared/lib/events/listeners/audit.listener.ts b/src/shared/lib/events/listeners/audit.listener.ts
new file mode 100644
index 0000000..24a5556
--- /dev/null
+++ b/src/shared/lib/events/listeners/audit.listener.ts
@@ -0,0 +1,39 @@
+import { eventBus, EventType } from '../event-bus';
+import logger from '../../utils/logger';
+import { prisma } from '../../../database';
+
+export interface AuditLogData {
+ userId?: string;
+ action: string;
+ resource: string;
+ resourceId?: string;
+ details?: any;
+ ipAddress?: string;
+ userAgent?: string;
+ status?: 'SUCCESS' | 'FAILURE';
+}
+
+export function setupAuditListeners() {
+ eventBus.subscribe(EventType.AUDIT_LOG, async (data: AuditLogData) => {
+ try {
+ logger.info(`[AuditListener] Processing audit log: ${data.action}`);
+
+ await prisma.auditLog.create({
+ data: {
+ userId: data.userId,
+ action: data.action,
+ resource: data.resource,
+ resourceId: data.resourceId,
+ details: data.details,
+ ipAddress: data.ipAddress,
+ userAgent: data.userAgent,
+ status: data.status || 'SUCCESS',
+ },
+ });
+
+ logger.info(`[AuditListener] Audit log saved: ${data.action}`);
+ } catch (error) {
+ logger.error('[AuditListener] Failed to save audit log:', error);
+ }
+ });
+}
diff --git a/src/shared/lib/events/listeners/auth.listener.ts b/src/shared/lib/events/listeners/auth.listener.ts
new file mode 100644
index 0000000..f3debc4
--- /dev/null
+++ b/src/shared/lib/events/listeners/auth.listener.ts
@@ -0,0 +1,52 @@
+import { eventBus, EventType } from '../event-bus';
+import NotificationUtil from '../../services/notification/notification-utils';
+import { NotificationType } from '../../../database';
+import { emailService } from '../../services/email-service/email.service';
+import { smsService } from '../../services/sms-service/sms.service';
+import logger from '../../utils/logger';
+
+export function setupAuthListeners() {
+ // User Registered (Welcome)
+ eventBus.subscribe(EventType.USER_REGISTERED, async data => {
+ const { userId, name } = data;
+
+ await NotificationUtil.sendToUser(
+ userId,
+ 'Welcome to SwapLink!',
+ `Hi ${name}, we are glad to have you on board.`,
+ data,
+ NotificationType.SYSTEM
+ );
+ });
+
+ // Login on New Device (Security Alert)
+ eventBus.subscribe(EventType.LOGIN_DETECTED, async data => {
+ const { userId, deviceId, ip, timestamp } = data;
+ await NotificationUtil.sendToUser(
+ userId,
+ 'New Login Detected',
+ `A new login was detected on your account from device ${
+ deviceId || 'Unknown'
+ } at ${new Date(timestamp).toLocaleString()}.`,
+ { ip, deviceId },
+ NotificationType.SECURITY
+ );
+ });
+
+ // OTP Requested
+ eventBus.subscribe(EventType.OTP_REQUESTED, async data => {
+ const { identifier, type, code, purpose } = data;
+
+ logger.info(`[AuthListener] Processing OTP request for ${identifier} (${type})`);
+
+ try {
+ if (type === 'email') {
+ await emailService.sendVerificationEmail(identifier, code);
+ } else if (type === 'phone') {
+ await smsService.sendOtp(identifier, code);
+ }
+ } catch (error) {
+ logger.error(`[AuthListener] Failed to send OTP to ${identifier}`, error);
+ }
+ });
+}
diff --git a/src/shared/lib/events/listeners/index.ts b/src/shared/lib/events/listeners/index.ts
new file mode 100644
index 0000000..8f6629d
--- /dev/null
+++ b/src/shared/lib/events/listeners/index.ts
@@ -0,0 +1,3 @@
+export * from './auth.listener';
+export * from './transaction.listener';
+export * from './audit.listener';
diff --git a/src/shared/lib/events/listeners/kyc-transaction.listener.ts b/src/shared/lib/events/listeners/kyc-transaction.listener.ts
new file mode 100644
index 0000000..c0a2a50
--- /dev/null
+++ b/src/shared/lib/events/listeners/kyc-transaction.listener.ts
@@ -0,0 +1,66 @@
+import { eventBus, EventType } from '../../../../shared/lib/events/event-bus';
+import {
+ prisma,
+ KycLevel,
+ NotificationType,
+ NotificationChannel,
+} from '../../../../shared/database';
+import NotificationUtil from '../../../../shared/lib/services/notification/notification-utils';
+import logger from '../../../../shared/lib/utils/logger';
+
+const TIER_1_LIMIT = 30000000; // 30 Million NGN
+
+export function setupKycTransactionListeners() {
+ eventBus.subscribe(EventType.TRANSACTION_COMPLETED, async data => {
+ const { userId, amount, type } = data;
+
+ // Only track inflows (Deposits or Transfers received)
+ // Assuming 'type' helps distinguish, or we need to know if userId is receiver.
+ // For now, let's assume if the event is emitted for a user, and it's a credit, it's an inflow.
+ // But the event bus might emit for both sender and receiver?
+ // Let's assume 'DEPOSIT' is always inflow. 'TRANSFER' could be in or out.
+ // If 'TRANSFER' and userId is the receiver...
+ // The event data usually contains context.
+ // Let's assume for this milestone that we just track DEPOSITs for simplicity,
+ // or check if the amount is positive?
+ // Actually, let's just update cumulativeInflow for DEPOSIT.
+
+ if (type === 'DEPOSIT') {
+ try {
+ const user = await prisma.user.findUnique({ where: { id: userId } });
+ if (!user) return;
+
+ const newCumulative = user.cumulativeInflow.add(amount);
+
+ await prisma.user.update({
+ where: { id: userId },
+ data: { cumulativeInflow: newCumulative },
+ });
+
+ // Check Limit
+ if (newCumulative.toNumber() > TIER_1_LIMIT && user.kycLevel !== KycLevel.FULL) {
+ // Restrict Account
+ await prisma.user.update({
+ where: { id: userId },
+ data: { isActive: false }, // Or a specific restriction flag
+ });
+
+ // Notify User
+ await NotificationUtil.sendToUser(
+ userId,
+ 'Account Restricted',
+ 'You have exceeded the cumulative inflow limit of 30 Million NGN. Please upgrade to Tier 2 (Full KYC) to continue.',
+ {},
+ NotificationType.KYC,
+ NotificationChannel.PUSH
+ );
+
+ // Alert Admin
+ logger.warn(`[KYC] User ${userId} restricted. Exceeded 30M inflow limit.`);
+ }
+ } catch (error) {
+ logger.error(`[KYC] Error processing transaction listener: ${error}`);
+ }
+ }
+ });
+}
diff --git a/src/shared/lib/events/listeners/kyc.listener.ts b/src/shared/lib/events/listeners/kyc.listener.ts
new file mode 100644
index 0000000..da5df8d
--- /dev/null
+++ b/src/shared/lib/events/listeners/kyc.listener.ts
@@ -0,0 +1,51 @@
+import { eventBus, EventType } from '../event-bus';
+import NotificationUtil from '../../services/notification/notification-utils';
+import { NotificationType, NotificationChannel } from '../../../database';
+import logger from '../../utils/logger';
+
+export function setupKycListeners() {
+ // KYC Submitted
+ eventBus.subscribe(EventType.KYC_SUBMITTED, async data => {
+ const { userId } = data;
+
+ await NotificationUtil.sendToUser(
+ userId,
+ 'KYC Submitted',
+ 'Your documents have been received and are under review.',
+ data,
+ NotificationType.KYC,
+ NotificationChannel.INAPP
+ );
+
+ // TODO: Notify Admin (e.g., via Slack or Admin Dashboard Notification)
+ logger.info(`[KYC Listener] Admin Alert: User ${userId} submitted KYC.`);
+ });
+
+ // KYC Approved
+ eventBus.subscribe(EventType.KYC_APPROVED, async data => {
+ const { userId, level } = data;
+
+ await NotificationUtil.sendToUser(
+ userId,
+ 'KYC Approved',
+ `Congratulations! Your account has been upgraded to ${level} level.`,
+ data,
+ NotificationType.KYC,
+ NotificationChannel.PUSH
+ );
+ });
+
+ // KYC Rejected
+ eventBus.subscribe(EventType.KYC_REJECTED, async data => {
+ const { userId, reason } = data;
+
+ await NotificationUtil.sendToUser(
+ userId,
+ 'KYC Rejected',
+ `Your KYC application was rejected. Reason: ${reason}`,
+ data,
+ NotificationType.KYC,
+ NotificationChannel.PUSH
+ );
+ });
+}
diff --git a/src/shared/lib/events/listeners/transaction.listener.ts b/src/shared/lib/events/listeners/transaction.listener.ts
new file mode 100644
index 0000000..082e8f7
--- /dev/null
+++ b/src/shared/lib/events/listeners/transaction.listener.ts
@@ -0,0 +1,31 @@
+import { eventBus, EventType } from '../event-bus';
+import { NotificationType } from '../../../database';
+import NotificationUtil from '../../services/notification/notification-utils';
+
+export function setupTransactionListeners() {
+ // Transaction Completed
+ eventBus.subscribe(EventType.TRANSACTION_COMPLETED, async data => {
+ const { userId, amount, type, counterpartyName } = data;
+
+ const title = type === 'DEPOSIT' ? 'Credit Alert' : 'Debit Alert';
+ const body =
+ type === 'DEPOSIT'
+ ? `You received โฆ${amount} from ${counterpartyName}`
+ : `You sent โฆ${amount} to ${counterpartyName}`;
+
+ await NotificationUtil.sendToUser(userId, title, body, data, NotificationType.TRANSACTION);
+ });
+
+ // Transaction Failed
+ eventBus.subscribe(EventType.TRANSACTION_FAILED, async data => {
+ const { userId, amount, reason } = data;
+
+ await NotificationUtil.sendToUser(
+ userId,
+ 'Transaction Failed',
+ `Your transaction of โฆ${amount} failed. Reason: ${reason}`,
+ data,
+ NotificationType.TRANSACTION
+ );
+ });
+}
diff --git a/src/shared/lib/init/service-initializer.ts b/src/shared/lib/init/service-initializer.ts
new file mode 100644
index 0000000..b605b17
--- /dev/null
+++ b/src/shared/lib/init/service-initializer.ts
@@ -0,0 +1,284 @@
+import { Queue } from 'bullmq';
+import { redisConnection } from '../../config/redis.config';
+import logger from '../utils/logger';
+import {
+ setupAuthListeners,
+ setupTransactionListeners,
+ setupAuditListeners,
+} from '../events/listeners';
+import { setupKycTransactionListeners } from '../events/listeners/kyc-transaction.listener';
+import { setupKycListeners } from '../events/listeners/kyc.listener';
+
+/**
+ * Service Initializer
+ *
+ * Centralized initialization for all services that require async setup.
+ * This prevents top-level module initialization issues and provides
+ * better error handling and logging.
+ */
+
+// Queue instances (initialized lazily)
+let onboardingQueue: Queue | null = null;
+let transferQueue: Queue | null = null;
+let bankingQueue: Queue | null = null;
+let p2pOrderQueue: Queue | null = null;
+let notificationQueue: Queue | null = null;
+let kycQueue: Queue | null = null;
+let p2pAdCleanupQueue: Queue | null = null;
+
+/**
+ * Initialize all BullMQ queues
+ */
+export async function initializeQueues(): Promise {
+ logger.info('๐ Initializing BullMQ queues...');
+
+ try {
+ // Onboarding Queue
+ logger.debug(' โ Initializing Onboarding Queue...');
+ onboardingQueue = new Queue('onboarding-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 5000,
+ },
+ removeOnComplete: true,
+ },
+ });
+ logger.info(' โ
Onboarding Queue initialized');
+
+ // Transfer Queue
+ logger.debug(' โ Initializing Transfer Queue...');
+ transferQueue = new Queue('transfer-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 5,
+ backoff: {
+ type: 'exponential',
+ delay: 2000,
+ },
+ removeOnComplete: {
+ count: 100,
+ age: 3600,
+ },
+ removeOnFail: {
+ count: 500,
+ },
+ },
+ });
+ logger.info(' โ
Transfer Queue initialized');
+
+ // Banking Queue
+ logger.debug(' โ Initializing Banking Queue...');
+ bankingQueue = new Queue('banking-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 5000,
+ },
+ removeOnComplete: true,
+ },
+ });
+ logger.info(' โ
Banking Queue initialized');
+
+ // P2P Order Queue
+ logger.debug(' โ Initializing P2P Order Queue...');
+ p2pOrderQueue = new Queue('p2p-order-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 1000,
+ },
+ removeOnComplete: true,
+ removeOnFail: false,
+ },
+ });
+ logger.info(' โ
P2P Order Queue initialized');
+
+ // Notification Queue
+ logger.debug(' โ Initializing Notification Queue...');
+ notificationQueue = new Queue('notification-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 2000,
+ },
+ removeOnComplete: true,
+ },
+ });
+ logger.info(' โ
Notification Queue initialized');
+
+ // KYC Queue
+ logger.debug(' โ Initializing KYC Queue...');
+ kycQueue = new Queue('kyc-verification', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 2000,
+ },
+ removeOnComplete: true,
+ },
+ });
+ logger.info(' โ
KYC Queue initialized');
+
+ // P2P Ad Cleanup Queue
+ logger.debug(' โ Initializing P2P Ad Cleanup Queue...');
+ p2pAdCleanupQueue = new Queue('p2p-ad-cleanup-queue', {
+ connection: redisConnection,
+ defaultJobOptions: {
+ attempts: 3,
+ backoff: {
+ type: 'exponential',
+ delay: 5000,
+ },
+ removeOnComplete: true,
+ },
+ });
+ logger.info(' โ
P2P Ad Cleanup Queue initialized');
+
+ logger.info('โ
All queues initialized successfully');
+ } catch (error) {
+ logger.error('โ Failed to initialize queues:', error);
+ throw new Error(
+ `Queue initialization failed: ${
+ error instanceof Error ? error.message : 'Unknown error'
+ }`
+ );
+ }
+}
+
+/**
+ * Initialize Listeners
+ */
+
+export async function initializeListeners(): Promise {
+ logger.info('๐ Initializing listeners...');
+
+ setupAuthListeners();
+ setupTransactionListeners();
+ setupAuditListeners();
+ setupKycTransactionListeners();
+ setupKycListeners();
+
+ logger.info('โ
All listeners initialized successfully');
+}
+
+/**
+ * Get Onboarding Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getOnboardingQueue(): Queue {
+ if (!onboardingQueue) {
+ throw new Error('Onboarding Queue not initialized. Call initializeQueues() first.');
+ }
+ return onboardingQueue;
+}
+
+/**
+ * Get Transfer Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getTransferQueue(): Queue {
+ if (!transferQueue) {
+ throw new Error('Transfer Queue not initialized. Call initializeQueues() first.');
+ }
+ return transferQueue;
+}
+
+/**
+ * Get Banking Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getBankingQueue(): Queue {
+ if (!bankingQueue) {
+ throw new Error('Banking Queue not initialized. Call initializeQueues() first.');
+ }
+ return bankingQueue;
+}
+
+/**
+ * Get P2P Order Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getP2POrderQueue(): Queue {
+ if (!p2pOrderQueue) {
+ throw new Error('P2P Order Queue not initialized. Call initializeQueues() first.');
+ }
+ return p2pOrderQueue;
+}
+
+/**
+ * Get Notification Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getNotificationQueue(): Queue {
+ if (!notificationQueue) {
+ throw new Error('Notification Queue not initialized. Call initializeQueues() first.');
+ }
+ return notificationQueue;
+}
+
+/**
+ * Get KYC Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getKycQueue(): Queue {
+ if (!kycQueue) {
+ throw new Error('KYC Queue not initialized. Call initializeQueues() first.');
+ }
+ return kycQueue;
+}
+
+/**
+ * Get P2P Ad Cleanup Queue instance
+ * @throws Error if queue is not initialized
+ */
+export function getP2PAdCleanupQueue(): Queue {
+ if (!p2pAdCleanupQueue) {
+ throw new Error('P2P Ad Cleanup Queue not initialized. Call initializeQueues() first.');
+ }
+ return p2pAdCleanupQueue;
+}
+
+/**
+ * Gracefully close all queues
+ */
+export async function closeQueues(): Promise {
+ logger.info('๐ Closing all queues...');
+
+ const closePromises: Promise[] = [];
+
+ if (onboardingQueue) {
+ closePromises.push(onboardingQueue.close());
+ }
+ if (transferQueue) {
+ closePromises.push(transferQueue.close());
+ }
+ if (bankingQueue) {
+ closePromises.push(bankingQueue.close());
+ }
+ if (p2pOrderQueue) {
+ closePromises.push(p2pOrderQueue.close());
+ }
+ if (notificationQueue) {
+ closePromises.push(notificationQueue.close());
+ }
+ if (kycQueue) {
+ closePromises.push(kycQueue.close());
+ }
+ if (p2pAdCleanupQueue) {
+ closePromises.push(p2pAdCleanupQueue.close());
+ }
+
+ await Promise.all(closePromises);
+ logger.info('โ
All queues closed');
+}
diff --git a/src/shared/lib/init/system-init.ts b/src/shared/lib/init/system-init.ts
new file mode 100644
index 0000000..dc2f47a
--- /dev/null
+++ b/src/shared/lib/init/system-init.ts
@@ -0,0 +1,77 @@
+import { UserRole } from '@prisma/client';
+import bcrypt from 'bcryptjs';
+import { prisma, KycLevel, KycStatus } from '../../database';
+import logger from '../utils/logger';
+
+/**
+ * Initialize System Resources
+ *
+ * Ensures that critical system accounts and configurations exist on startup.
+ */
+export async function initializeSystemResources(): Promise {
+ logger.info('๐ Initializing system resources...');
+
+ try {
+ await initializeSystemUser();
+ logger.info('โ
System resources initialized successfully');
+ } catch (error) {
+ logger.error('โ Failed to initialize system resources:', error);
+ // We don't exit here, as the server might still be usable, but it's critical to log.
+ // Depending on requirements, we might want to throw to stop startup.
+ throw error;
+ }
+}
+
+async function initializeSystemUser() {
+ const systemEmail = 'revenue@swaplink.com';
+ const systemPhone = '+2340000000000';
+
+ // 1. Check if System User exists
+ let systemUser = await prisma.user.findUnique({
+ where: { email: systemEmail },
+ });
+
+ if (!systemUser) {
+ logger.info(' โ Creating System Revenue User...');
+ const hashedPassword = await bcrypt.hash('SystemRevenue@123', 10);
+
+ systemUser = await prisma.user.create({
+ data: {
+ email: systemEmail,
+ phone: systemPhone,
+ password: hashedPassword,
+ firstName: 'System',
+ lastName: 'Revenue',
+ role: UserRole.SUPER_ADMIN,
+ isVerified: true,
+ emailVerified: true,
+ phoneVerified: true,
+ kycLevel: KycLevel.FULL,
+ kycStatus: KycStatus.APPROVED,
+ isActive: true,
+ },
+ });
+ logger.info(` โ
System User created: ${systemUser.id}`);
+ } else {
+ logger.debug(` โน๏ธ System User already exists: ${systemUser.id}`);
+ }
+
+ // 2. Check if Wallet exists
+ const wallet = await prisma.wallet.findUnique({
+ where: { userId: systemUser.id },
+ });
+
+ if (!wallet) {
+ logger.info(' โ Creating System Revenue Wallet...');
+ await prisma.wallet.create({
+ data: {
+ userId: systemUser.id,
+ balance: 0,
+ lockedBalance: 0,
+ },
+ });
+ logger.info(' โ
System Wallet created.');
+ } else {
+ logger.debug(' โน๏ธ System Wallet already exists.');
+ }
+}
diff --git a/src/shared/lib/interfaces/kyc-verification.interface.ts b/src/shared/lib/interfaces/kyc-verification.interface.ts
new file mode 100644
index 0000000..e0976ef
--- /dev/null
+++ b/src/shared/lib/interfaces/kyc-verification.interface.ts
@@ -0,0 +1,15 @@
+export interface KYCVerificationResult {
+ success: boolean;
+ data?: any;
+ error?: string;
+ providerRef?: string;
+}
+
+export interface KYCVerificationInterface {
+ verifyDocument(
+ userId: string,
+ documentType: string,
+ documentUrl: string
+ ): Promise;
+ verifyIdentity(userId: string, data: any): Promise;
+}
diff --git a/src/shared/lib/queues/__tests__/banking.queue.test.ts b/src/shared/lib/queues/__tests__/banking.queue.test.ts
new file mode 100644
index 0000000..a2e34d0
--- /dev/null
+++ b/src/shared/lib/queues/__tests__/banking.queue.test.ts
@@ -0,0 +1,71 @@
+import { bankingQueue } from '../banking.queue';
+import { bankingWorker } from '../../../../worker/banking.worker';
+import { prisma } from '../../../database';
+import { globusService } from '../../integrations/banking/globus.service';
+import { redisConnection } from '../../../config/redis.config';
+
+// Mock GlobusService
+jest.mock('../../integrations/banking/globus.service');
+
+describe('BankingQueue Integration', () => {
+ beforeAll(async () => {
+ // Ensure Redis is connected
+ if (redisConnection.status === 'close') {
+ await redisConnection.connect();
+ }
+ });
+
+ afterAll(async () => {
+ await bankingQueue.close();
+ await bankingWorker.close();
+ await redisConnection.quit();
+ });
+
+ it('should process account creation job and update database', async () => {
+ // 1. Setup Data
+ const user = await prisma.user.create({
+ data: {
+ email: `queue-test-${Date.now()}@example.com`,
+ phone: `080${Date.now()}`,
+ password: 'hashed_password',
+ firstName: 'Queue',
+ lastName: 'Test',
+ },
+ });
+
+ const wallet = await prisma.wallet.create({
+ data: { userId: user.id },
+ });
+
+ // 2. Mock Globus Response
+ (globusService.createAccount as jest.Mock).mockResolvedValue({
+ accountNumber: '1122334455',
+ accountName: 'SwapLink - Queue Test',
+ bankName: 'Globus Bank',
+ provider: 'GLOBUS',
+ });
+
+ // 3. Add Job to Queue
+ await bankingQueue.add('create-virtual-account', {
+ userId: user.id,
+ walletId: wallet.id,
+ });
+
+ // 4. Wait for Worker to Process (Poll DB)
+ let virtualAccount = null;
+ for (let i = 0; i < 10; i++) {
+ virtualAccount = await prisma.virtualAccount.findUnique({
+ where: { walletId: wallet.id },
+ });
+ if (virtualAccount) break;
+ await new Promise(r => setTimeout(r, 500)); // Wait 500ms
+ }
+
+ // 5. Assertions
+ expect(virtualAccount).not.toBeNull();
+ expect(virtualAccount?.accountNumber).toBe('1122334455');
+ expect(globusService.createAccount).toHaveBeenCalledWith(
+ expect.objectContaining({ id: user.id })
+ );
+ });
+});
diff --git a/src/shared/lib/queues/banking.queue.ts b/src/shared/lib/queues/banking.queue.ts
new file mode 100644
index 0000000..c427053
--- /dev/null
+++ b/src/shared/lib/queues/banking.queue.ts
@@ -0,0 +1,14 @@
+import { getBankingQueue } from '../init/service-initializer';
+
+export const BANKING_QUEUE_NAME = 'banking-queue';
+
+/**
+ * Get the Banking Queue instance
+ * @throws Error if queue is not initialized
+ */
+export const getQueue = getBankingQueue;
+
+export interface CreateAccountJob {
+ userId: string;
+ walletId: string;
+}
diff --git a/src/shared/lib/queues/onboarding.queue.ts b/src/shared/lib/queues/onboarding.queue.ts
new file mode 100644
index 0000000..1e14754
--- /dev/null
+++ b/src/shared/lib/queues/onboarding.queue.ts
@@ -0,0 +1,13 @@
+import { getOnboardingQueue } from '../init/service-initializer';
+
+export const ONBOARDING_QUEUE_NAME = 'onboarding-queue';
+
+/**
+ * Get the Onboarding Queue instance
+ * @throws Error if queue is not initialized
+ */
+export const getQueue = getOnboardingQueue;
+
+export interface SetupWalletJob {
+ userId: string;
+}
diff --git a/src/shared/lib/queues/p2p-ad-cleanup.queue.ts b/src/shared/lib/queues/p2p-ad-cleanup.queue.ts
new file mode 100644
index 0000000..11d9eac
--- /dev/null
+++ b/src/shared/lib/queues/p2p-ad-cleanup.queue.ts
@@ -0,0 +1,9 @@
+import { getP2PAdCleanupQueue } from '../init/service-initializer';
+
+export const P2P_AD_CLEANUP_QUEUE_NAME = 'p2p-ad-cleanup-queue';
+
+/**
+ * Get the P2P Ad Cleanup Queue instance
+ * @throws Error if queue is not initialized
+ */
+export const getQueue = getP2PAdCleanupQueue;
diff --git a/src/shared/lib/queues/p2p-order.queue.ts b/src/shared/lib/queues/p2p-order.queue.ts
new file mode 100644
index 0000000..460bce3
--- /dev/null
+++ b/src/shared/lib/queues/p2p-order.queue.ts
@@ -0,0 +1,9 @@
+import { getP2POrderQueue } from '../init/service-initializer';
+
+export const P2P_ORDER_QUEUE_NAME = 'p2p-order-queue';
+
+/**
+ * Get the P2P Order Queue instance
+ * @throws Error if queue is not initialized
+ */
+export const getQueue = getP2POrderQueue;
diff --git a/src/shared/lib/services/__tests__/audit.service.test.ts b/src/shared/lib/services/__tests__/audit.service.test.ts
new file mode 100644
index 0000000..119f7a1
--- /dev/null
+++ b/src/shared/lib/services/__tests__/audit.service.test.ts
@@ -0,0 +1,57 @@
+import { AuditService } from '../audit.service';
+import { eventBus, EventType } from '../../events/event-bus';
+import { prisma } from '../../../database';
+
+// Mock dependencies
+jest.mock('../../events/event-bus');
+jest.mock('../../../database', () => ({
+ prisma: {
+ auditLog: {
+ create: jest.fn(),
+ findMany: jest.fn(),
+ count: jest.fn(),
+ },
+ },
+}));
+
+describe('AuditService', () => {
+ afterEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('log', () => {
+ it('should publish AUDIT_LOG event', async () => {
+ const logData = {
+ userId: 'user-123',
+ action: 'TEST_ACTION',
+ resource: 'TestResource',
+ status: 'SUCCESS' as const,
+ };
+
+ await AuditService.log(logData);
+
+ expect(eventBus.publish).toHaveBeenCalledWith(EventType.AUDIT_LOG, logData);
+ });
+ });
+
+ describe('findAll', () => {
+ it('should retrieve audit logs with pagination', async () => {
+ const mockLogs = [{ id: '1', action: 'TEST_ACTION', createdAt: new Date() }];
+ const mockTotal = 1;
+
+ (prisma.auditLog.findMany as jest.Mock).mockResolvedValue(mockLogs);
+ (prisma.auditLog.count as jest.Mock).mockResolvedValue(mockTotal);
+
+ const result = await AuditService.findAll({ page: 1, limit: 10 });
+
+ expect(prisma.auditLog.findMany).toHaveBeenCalledWith(
+ expect.objectContaining({
+ skip: 0,
+ take: 10,
+ })
+ );
+ expect(result.logs).toEqual(mockLogs);
+ expect(result.meta.total).toBe(mockTotal);
+ });
+ });
+});
diff --git a/src/shared/lib/services/__tests__/beneficiary.service.test.ts b/src/shared/lib/services/__tests__/beneficiary.service.test.ts
new file mode 100644
index 0000000..b0b23fc
--- /dev/null
+++ b/src/shared/lib/services/__tests__/beneficiary.service.test.ts
@@ -0,0 +1,80 @@
+import { beneficiaryService } from '../../../../api/modules/wallet/beneficiary.service';
+import { prisma } from '../../../database';
+
+// Mock dependencies
+jest.mock('../../../database', () => ({
+ prisma: {
+ beneficiary: {
+ findUnique: jest.fn(),
+ create: jest.fn(),
+ update: jest.fn(),
+ findMany: jest.fn(),
+ },
+ },
+}));
+
+describe('BeneficiaryService', () => {
+ const mockUserId = 'user-123';
+ const mockData = {
+ userId: mockUserId,
+ accountNumber: '1234567890',
+ accountName: 'John Doe',
+ bankCode: '058',
+ bankName: 'GTBank',
+ isInternal: false,
+ };
+
+ beforeEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('createBeneficiary', () => {
+ it('should create new beneficiary if not exists', async () => {
+ (prisma.beneficiary.findUnique as jest.Mock).mockResolvedValue(null);
+ (prisma.beneficiary.create as jest.Mock).mockResolvedValue({
+ id: 'ben-1',
+ ...mockData,
+ });
+
+ const result = await beneficiaryService.createBeneficiary(mockData);
+
+ expect(result).toEqual({ id: 'ben-1', ...mockData });
+ expect(prisma.beneficiary.create).toHaveBeenCalledWith({ data: mockData });
+ });
+
+ it('should update existing beneficiary if exists', async () => {
+ (prisma.beneficiary.findUnique as jest.Mock).mockResolvedValue({
+ id: 'ben-1',
+ ...mockData,
+ });
+ (prisma.beneficiary.update as jest.Mock).mockResolvedValue({
+ id: 'ben-1',
+ ...mockData,
+ updatedAt: new Date(),
+ });
+
+ await beneficiaryService.createBeneficiary(mockData);
+
+ expect(prisma.beneficiary.update).toHaveBeenCalledWith({
+ where: { id: 'ben-1' },
+ data: { updatedAt: expect.any(Date) },
+ });
+ });
+ });
+
+ describe('getBeneficiaries', () => {
+ it('should return list of beneficiaries', async () => {
+ const mockList = [{ id: 'ben-1', ...mockData }];
+ (prisma.beneficiary.findMany as jest.Mock).mockResolvedValue(mockList);
+
+ const result = await beneficiaryService.getBeneficiaries(mockUserId);
+
+ expect(result).toEqual(mockList);
+ expect(prisma.beneficiary.findMany).toHaveBeenCalledWith({
+ where: { userId: mockUserId },
+ orderBy: { updatedAt: 'desc' },
+ take: 20,
+ });
+ });
+ });
+});
diff --git a/src/lib/services/__tests__/email.service.unit.test.ts b/src/shared/lib/services/__tests__/email.service.unit.test.ts
similarity index 97%
rename from src/lib/services/__tests__/email.service.unit.test.ts
rename to src/shared/lib/services/__tests__/email.service.unit.test.ts
index cb15849..6d33f3d 100644
--- a/src/lib/services/__tests__/email.service.unit.test.ts
+++ b/src/shared/lib/services/__tests__/email.service.unit.test.ts
@@ -129,7 +129,7 @@ describe('EmailService - Unit Tests', () => {
describe('sendPasswordResetLink', () => {
it('should send password reset email with reset link', async () => {
- (envConfig as any).FRONTEND_URL = 'https://swaplink.app';
+ (envConfig as any).FRONTEND_URL = 'https://bcdees.app';
const email = 'user@example.com';
const resetToken = 'reset_token_xyz';
@@ -146,7 +146,7 @@ describe('EmailService - Unit Tests', () => {
});
it('should include frontend URL in reset link', async () => {
- (envConfig as any).FRONTEND_URL = 'https://swaplink.app';
+ (envConfig as any).FRONTEND_URL = 'https://bcdees.app';
const email = 'user@example.com';
const resetToken = 'reset_token_xyz';
@@ -157,7 +157,7 @@ describe('EmailService - Unit Tests', () => {
expect(sendEmailSpy).toHaveBeenCalledWith(
email,
expect.any(String),
- expect.stringContaining('https://swaplink.app/reset-password?token=')
+ expect.stringContaining('https://bcdees.app/reset-password?token=')
);
});
diff --git a/src/shared/lib/services/__tests__/name-enquiry.service.test.ts b/src/shared/lib/services/__tests__/name-enquiry.service.test.ts
new file mode 100644
index 0000000..1b21ae7
--- /dev/null
+++ b/src/shared/lib/services/__tests__/name-enquiry.service.test.ts
@@ -0,0 +1,70 @@
+import { nameEnquiryService } from '../../../../api/modules/wallet/name-enquiry.service';
+import { prisma } from '../../../database';
+import { BadRequestError } from '../../utils/api-error';
+
+// Mock dependencies
+jest.mock('../../../database', () => ({
+ prisma: {
+ virtualAccount: {
+ findUnique: jest.fn(),
+ },
+ },
+}));
+
+jest.mock('../../utils/logger', () => ({
+ info: jest.fn(),
+ error: jest.fn(),
+}));
+
+describe('NameEnquiryService', () => {
+ const mockAccountNumber = '1234567890';
+ const mockBankCode = '058';
+
+ beforeEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('resolveAccount', () => {
+ it('should resolve internal account successfully', async () => {
+ (prisma.virtualAccount.findUnique as jest.Mock).mockResolvedValue({
+ accountNumber: mockAccountNumber,
+ accountName: 'Internal User',
+ wallet: {
+ user: {
+ firstName: 'Internal',
+ lastName: 'User',
+ },
+ },
+ });
+
+ const result = await nameEnquiryService.resolveAccount(mockAccountNumber, mockBankCode);
+
+ expect(result).toEqual({
+ accountName: 'Internal User',
+ bankName: 'SwapLink (Globus)',
+ isInternal: true,
+ });
+ });
+
+ it('should resolve external account successfully (mocked)', async () => {
+ (prisma.virtualAccount.findUnique as jest.Mock).mockResolvedValue(null);
+
+ const result = await nameEnquiryService.resolveAccount(mockAccountNumber, mockBankCode);
+
+ expect(result).toEqual({
+ accountName: 'MOCKED EXTERNAL USER',
+ bankName: 'External Bank',
+ isInternal: false,
+ sessionId: '999999999999',
+ });
+ });
+
+ it('should throw BadRequestError for invalid account number length', async () => {
+ (prisma.virtualAccount.findUnique as jest.Mock).mockResolvedValue(null);
+
+ await expect(nameEnquiryService.resolveAccount('123', mockBankCode)).rejects.toThrow(
+ BadRequestError
+ );
+ });
+ });
+});
diff --git a/src/lib/services/__tests__/otp.service.integration.test.ts b/src/shared/lib/services/__tests__/otp.service.integration.test.ts
similarity index 98%
rename from src/lib/services/__tests__/otp.service.integration.test.ts
rename to src/shared/lib/services/__tests__/otp.service.integration.test.ts
index 8fdd829..69fc031 100644
--- a/src/lib/services/__tests__/otp.service.integration.test.ts
+++ b/src/shared/lib/services/__tests__/otp.service.integration.test.ts
@@ -1,7 +1,7 @@
-import prisma from '../../../lib/utils/database';
+import prisma from '../../utils/database';
import { otpService } from '../otp.service';
-import authService from '../../../modules/auth/auth.service';
-import { TestUtils } from '../../../test/utils';
+import authService from '../../../../api/modules/account/auth/auth.service';
+import { TestUtils } from '../../../../test/utils';
import { OtpType } from '../../../database';
import { BadRequestError } from '../../utils/api-error';
@@ -404,7 +404,7 @@ describe('OtpService - Integration Tests', () => {
});
expect(allOtps).toHaveLength(2);
- expect(allOtps.every(otp => otp.isUsed)).toBe(true);
+ expect(allOtps.every((otp: any) => otp.isUsed)).toBe(true);
});
});
});
diff --git a/src/lib/services/__tests__/otp.service.unit.test.ts b/src/shared/lib/services/__tests__/otp.service.unit.test.ts
similarity index 100%
rename from src/lib/services/__tests__/otp.service.unit.test.ts
rename to src/shared/lib/services/__tests__/otp.service.unit.test.ts
diff --git a/src/shared/lib/services/__tests__/pin.service.test.ts b/src/shared/lib/services/__tests__/pin.service.test.ts
new file mode 100644
index 0000000..9081654
--- /dev/null
+++ b/src/shared/lib/services/__tests__/pin.service.test.ts
@@ -0,0 +1,135 @@
+import { pinService } from '../../../../api/modules/wallet/pin.service';
+import { prisma } from '../../../database';
+import bcrypt from 'bcrypt';
+import { BadRequestError, ForbiddenError, NotFoundError } from '../../utils/api-error';
+
+// Mock dependencies
+jest.mock('../../../database', () => ({
+ prisma: {
+ user: {
+ findUnique: jest.fn(),
+ update: jest.fn(),
+ },
+ },
+}));
+
+jest.mock('bcrypt', () => ({
+ hash: jest.fn(),
+ compare: jest.fn(),
+}));
+
+describe('PinService', () => {
+ const mockUserId = 'user-123';
+ const mockPin = '1234';
+ const mockHashedPin = 'hashed-pin';
+
+ beforeEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('setPin', () => {
+ it('should set PIN successfully for new user', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: null,
+ });
+ (bcrypt.hash as jest.Mock).mockResolvedValue(mockHashedPin);
+ (prisma.user.update as jest.Mock).mockResolvedValue({});
+
+ const result = await pinService.setPin(mockUserId, mockPin);
+
+ expect(result).toEqual({ message: 'Transaction PIN set successfully' });
+ expect(prisma.user.update).toHaveBeenCalledWith({
+ where: { id: mockUserId },
+ data: { transactionPin: mockHashedPin },
+ });
+ });
+
+ it('should throw BadRequestError if PIN already set', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: 'existing-pin',
+ });
+
+ await expect(pinService.setPin(mockUserId, mockPin)).rejects.toThrow(BadRequestError);
+ });
+
+ it('should throw BadRequestError for invalid PIN format', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: null,
+ });
+
+ await expect(pinService.setPin(mockUserId, '123')).rejects.toThrow(BadRequestError);
+ await expect(pinService.setPin(mockUserId, 'abc4')).rejects.toThrow(BadRequestError);
+ });
+ });
+
+ describe('verifyPin', () => {
+ it('should return true for correct PIN', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: mockHashedPin,
+ pinAttempts: 0,
+ pinLockedUntil: null,
+ });
+ (bcrypt.compare as jest.Mock).mockResolvedValue(true);
+
+ const result = await pinService.verifyPin(mockUserId, mockPin);
+
+ expect(result).toBe(true);
+ });
+
+ it('should throw ForbiddenError for incorrect PIN and increment attempts', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: mockHashedPin,
+ pinAttempts: 0,
+ pinLockedUntil: null,
+ });
+ (bcrypt.compare as jest.Mock).mockResolvedValue(false);
+
+ await expect(pinService.verifyPin(mockUserId, 'wrong')).rejects.toThrow(ForbiddenError);
+
+ expect(prisma.user.update).toHaveBeenCalledWith({
+ where: { id: mockUserId },
+ data: { pinAttempts: 1, pinLockedUntil: null },
+ });
+ });
+
+ it('should lock user after 3 failed attempts', async () => {
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: mockHashedPin,
+ pinAttempts: 2,
+ pinLockedUntil: null,
+ });
+ (bcrypt.compare as jest.Mock).mockResolvedValue(false);
+
+ await expect(pinService.verifyPin(mockUserId, 'wrong')).rejects.toThrow(ForbiddenError);
+
+ expect(prisma.user.update).toHaveBeenCalledWith({
+ where: { id: mockUserId },
+ data: {
+ pinAttempts: 3,
+ pinLockedUntil: expect.any(Date),
+ },
+ });
+ });
+
+ it('should throw ForbiddenError if user is locked', async () => {
+ const futureDate = new Date();
+ futureDate.setHours(futureDate.getHours() + 1);
+
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ id: mockUserId,
+ transactionPin: mockHashedPin,
+ pinAttempts: 3,
+ pinLockedUntil: futureDate,
+ });
+
+ await expect(pinService.verifyPin(mockUserId, mockPin)).rejects.toThrow(ForbiddenError);
+ expect(bcrypt.compare).not.toHaveBeenCalled();
+ });
+ });
+});
diff --git a/src/shared/lib/services/__tests__/sms.service.unit.test.ts b/src/shared/lib/services/__tests__/sms.service.unit.test.ts
new file mode 100644
index 0000000..b6d97ae
--- /dev/null
+++ b/src/shared/lib/services/__tests__/sms.service.unit.test.ts
@@ -0,0 +1,30 @@
+import { MockSmsService, SmsServiceFactory } from '../sms-service/sms.service';
+
+describe('SMS Service', () => {
+ describe('MockSmsService', () => {
+ let mockSmsService: MockSmsService;
+
+ beforeEach(() => {
+ mockSmsService = new MockSmsService();
+ });
+
+ it('should send SMS successfully', async () => {
+ const result = await mockSmsService.sendSms('+1234567890', 'Test message');
+ expect(result).toBe(true);
+ });
+
+ it('should send OTP successfully', async () => {
+ const result = await mockSmsService.sendOtp('+1234567890', '123456');
+ expect(result).toBe(true);
+ });
+ });
+
+ describe('SmsServiceFactory', () => {
+ it('should create a service instance', () => {
+ const service = SmsServiceFactory.create();
+ expect(service).toBeDefined();
+ expect(service.sendSms).toBeDefined();
+ expect(service.sendOtp).toBeDefined();
+ });
+ });
+});
diff --git a/src/shared/lib/services/__tests__/wallet-transaction.integration.test.ts b/src/shared/lib/services/__tests__/wallet-transaction.integration.test.ts
new file mode 100644
index 0000000..ad9ef38
--- /dev/null
+++ b/src/shared/lib/services/__tests__/wallet-transaction.integration.test.ts
@@ -0,0 +1,213 @@
+import request from 'supertest';
+import app from '../../../../api/app';
+import { prisma, UserRole } from '../../../database';
+import { JwtUtils } from '../../utils/jwt-utils';
+import bcrypt from 'bcrypt';
+
+describe('Wallet Module Integration Tests', () => {
+ let senderToken: string;
+ let receiverToken: string;
+ let senderId: string;
+ let receiverId: string;
+
+ beforeAll(async () => {
+ // Clean DB
+ await prisma.transaction.deleteMany();
+ await prisma.wallet.deleteMany();
+ await prisma.user.deleteMany();
+
+ // Create Sender
+ const sender = await prisma.user.create({
+ data: {
+ email: 'sender@test.com',
+ phone: '08011111111',
+ password: 'password',
+ firstName: 'Sender',
+ lastName: 'User',
+ transactionPin: await bcrypt.hash('1234', 10),
+ wallet: {
+ create: {
+ balance: 50000,
+ },
+ },
+ },
+ include: { wallet: true },
+ });
+ senderId = sender.id;
+ senderToken = JwtUtils.signAccessToken({
+ userId: sender.id,
+ email: sender.email,
+ role: UserRole.USER,
+ });
+
+ // Create Receiver (Internal)
+ const receiver = await prisma.user.create({
+ data: {
+ email: 'receiver@test.com',
+ phone: '08022222222',
+ password: 'password',
+ firstName: 'Receiver',
+ lastName: 'User',
+ wallet: {
+ create: {
+ balance: 0,
+ virtualAccount: {
+ create: {
+ accountNumber: '2222222222',
+ accountName: 'Receiver User',
+ },
+ },
+ },
+ },
+ },
+ include: { wallet: true },
+ });
+ receiverId = receiver.id;
+ receiverToken = JwtUtils.signAccessToken({
+ userId: receiver.id,
+ email: receiver.email,
+ role: UserRole.USER,
+ });
+ });
+
+ afterAll(async () => {
+ await prisma.$disconnect();
+ });
+
+ describe('POST /api/v1/wallet/name-enquiry', () => {
+ it('should resolve internal account', async () => {
+ const res = await request(app)
+ .post('/api/v1/wallet/name-enquiry')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ accountNumber: '2222222222',
+ bankCode: '058', // Assuming 058 or whatever logic
+ });
+
+ expect(res.status).toBe(200);
+ expect(res.body).toEqual({
+ accountName: 'Receiver User',
+ bankName: 'SwapLink (Globus)',
+ isInternal: true,
+ });
+ });
+
+ it('should resolve external account (mocked)', async () => {
+ const res = await request(app)
+ .post('/api/v1/wallet/name-enquiry')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ accountNumber: '1234567890',
+ bankCode: '057',
+ });
+
+ expect(res.status).toBe(200);
+ expect(res.body.isInternal).toBe(false);
+ expect(res.body.accountName).toBe('MOCKED EXTERNAL USER');
+ });
+ });
+
+ describe('POST /api/v1/wallet/process', () => {
+ it('should process internal transfer successfully', async () => {
+ const res = await request(app)
+ .post('/api/v1/wallet/process')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ amount: 5000,
+ accountNumber: '2222222222',
+ bankCode: '058',
+ accountName: 'Receiver User',
+ pin: '1234',
+ idempotencyKey: 'uuid-1',
+ saveBeneficiary: true,
+ });
+
+ expect(res.status).toBe(200);
+ expect(res.body.status).toBe('COMPLETED');
+ expect(res.body.message).toBe('Transfer successful');
+
+ // Verify Balances
+ const updatedSender = await prisma.wallet.findUnique({ where: { userId: senderId } });
+ const updatedReceiver = await prisma.wallet.findUnique({
+ where: { userId: receiverId },
+ });
+
+ expect(updatedSender?.balance).toBe(45000);
+ expect(updatedReceiver?.balance).toBe(5000);
+
+ // Verify Beneficiary Saved
+ const beneficiary = await prisma.beneficiary.findFirst({ where: { userId: senderId } });
+ expect(beneficiary).toBeTruthy();
+ expect(beneficiary?.accountNumber).toBe('2222222222');
+ });
+
+ it('should fail with incorrect PIN', async () => {
+ const res = await request(app)
+ .post('/api/v1/wallet/process')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ amount: 1000,
+ accountNumber: '2222222222',
+ bankCode: '058',
+ accountName: 'Receiver User',
+ pin: '0000',
+ idempotencyKey: 'uuid-2',
+ });
+
+ expect(res.status).toBe(403);
+ expect(res.body.message).toBe('Invalid Transaction PIN');
+ });
+
+ it('should fail with insufficient funds', async () => {
+ const res = await request(app)
+ .post('/api/v1/wallet/process')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ amount: 1000000,
+ accountNumber: '2222222222',
+ bankCode: '058',
+ accountName: 'Receiver User',
+ pin: '1234',
+ idempotencyKey: 'uuid-3',
+ });
+
+ expect(res.status).toBe(400);
+ expect(res.body.message).toBe('Insufficient funds');
+ });
+
+ it('should be idempotent', async () => {
+ // Re-send the first successful request
+ const res = await request(app)
+ .post('/api/v1/wallet/process')
+ .set('Authorization', `Bearer ${senderToken}`)
+ .send({
+ amount: 5000,
+ accountNumber: '2222222222',
+ bankCode: '058',
+ accountName: 'Receiver User',
+ pin: '1234',
+ idempotencyKey: 'uuid-1', // Same key
+ });
+
+ expect(res.status).toBe(200);
+ expect(res.body.message).toBe('Transaction already processed');
+
+ // Balance should NOT change again
+ const updatedSender = await prisma.wallet.findUnique({ where: { userId: senderId } });
+ expect(updatedSender?.balance).toBe(45000);
+ });
+ });
+
+ describe('GET /api/v1/wallet/beneficiaries', () => {
+ it('should return saved beneficiaries', async () => {
+ const res = await request(app)
+ .get('/api/v1/wallet/beneficiaries')
+ .set('Authorization', `Bearer ${senderToken}`);
+
+ expect(res.status).toBe(200);
+ expect(Array.isArray(res.body)).toBe(true);
+ expect(res.body.length).toBeGreaterThan(0);
+ expect(res.body[0].accountNumber).toBe('2222222222');
+ });
+ });
+});
diff --git a/src/shared/lib/services/__tests__/wallet-transaction.service.test.ts b/src/shared/lib/services/__tests__/wallet-transaction.service.test.ts
new file mode 100644
index 0000000..f4f8b10
--- /dev/null
+++ b/src/shared/lib/services/__tests__/wallet-transaction.service.test.ts
@@ -0,0 +1,240 @@
+import { walletService as transferService } from '../../../../api/modules/wallet/wallet.service';
+import { prisma } from '../../../database';
+import { nameEnquiryService } from '../../../../api/modules/wallet/name-enquiry.service';
+import { BadRequestError, ForbiddenError } from '../../utils/api-error';
+import { socketService } from '../socket.service';
+import { walletService } from '../wallet.service';
+import { redisConnection } from '../../../config/redis.config';
+
+jest.mock('../socket.service');
+jest.mock('../wallet.service');
+
+// Mock dependencies
+jest.mock('../../../database', () => ({
+ prisma: {
+ transaction: {
+ findUnique: jest.fn(),
+ create: jest.fn(),
+ },
+ wallet: {
+ findUnique: jest.fn(),
+ update: jest.fn(),
+ },
+ virtualAccount: {
+ findUnique: jest.fn(),
+ },
+ user: {
+ findUnique: jest.fn(),
+ },
+ $transaction: jest.fn(callback => callback(prisma)),
+ },
+}));
+
+jest.mock('../../../config/redis.config', () => ({
+ redisConnection: {
+ get: jest.fn(),
+ del: jest.fn(),
+ setex: jest.fn(),
+ },
+}));
+
+jest.mock('bullmq', () => ({
+ Queue: jest.fn().mockImplementation(() => ({
+ add: jest.fn(),
+ })),
+}));
+
+jest.mock('../../../../api/modules/wallet/name-enquiry.service');
+
+describe('TransferService', () => {
+ const mockUserId = 'user-123';
+ const mockReceiverId = 'user-456';
+ const mockIdempotencyKey = 'uuid-123';
+ const mockPayload = {
+ userId: mockUserId,
+ amount: 5000,
+ accountNumber: '1234567890',
+ bankCode: '058',
+ accountName: 'John Doe',
+ idempotencyKey: mockIdempotencyKey,
+ };
+
+ beforeEach(() => {
+ jest.clearAllMocks();
+ });
+
+ describe('processTransfer', () => {
+ it('should throw ForbiddenError if idempotency key is not found in Redis', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue(null);
+
+ await expect(transferService.processTransfer(mockPayload)).rejects.toThrow(
+ ForbiddenError
+ );
+ await expect(transferService.processTransfer(mockPayload)).rejects.toThrow(
+ 'Invalid or expired idempotency key. Please verify your PIN again.'
+ );
+ });
+
+ it('should throw ForbiddenError if idempotency key belongs to different user', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue('different-user-id');
+
+ await expect(transferService.processTransfer(mockPayload)).rejects.toThrow(
+ ForbiddenError
+ );
+ await expect(transferService.processTransfer(mockPayload)).rejects.toThrow(
+ 'Idempotency key does not belong to this user.'
+ );
+ });
+
+ it('should return existing transaction if idempotency key exists in database', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue(mockUserId);
+ (prisma.transaction.findUnique as jest.Mock).mockResolvedValue({
+ id: 'tx-123',
+ status: 'COMPLETED',
+ });
+
+ const result = await transferService.processTransfer(mockPayload);
+
+ expect(result).toEqual({
+ message: 'Transaction already processed',
+ transactionId: 'tx-123',
+ status: 'COMPLETED',
+ });
+ });
+
+ it('should process internal transfer successfully', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue(mockUserId);
+ (prisma.transaction.findUnique as jest.Mock).mockResolvedValue(null);
+ (nameEnquiryService.resolveAccount as jest.Mock).mockResolvedValue({
+ isInternal: true,
+ accountName: 'John Doe',
+ });
+
+ // Mock Wallets
+ (prisma.wallet.findUnique as jest.Mock).mockResolvedValue({
+ id: 'wallet-123',
+ userId: mockUserId,
+ balance: 10000,
+ });
+ (prisma.virtualAccount.findUnique as jest.Mock).mockResolvedValue({
+ wallet: {
+ id: 'wallet-456',
+ userId: mockReceiverId,
+ balance: 5000,
+ },
+ });
+ (prisma.user.findUnique as jest.Mock).mockResolvedValue({
+ firstName: 'Test',
+ lastName: 'User',
+ });
+
+ // Mock Transaction Creation
+ (prisma.transaction.create as jest.Mock).mockResolvedValue({ id: 'tx-new' });
+
+ const result = await transferService.processTransfer(mockPayload);
+
+ expect(result).toEqual({
+ message: 'Transfer successful',
+ transactionId: 'tx-new',
+ status: 'COMPLETED',
+ amount: 5000,
+ recipient: 'John Doe',
+ });
+
+ expect(prisma.wallet.update).toHaveBeenCalledWith({
+ where: { id: 'wallet-456' },
+ data: { balance: { increment: 5000 } },
+ });
+
+ // Verify idempotency key was deleted
+ expect(redisConnection.del).toHaveBeenCalledWith(`idempotency:${mockIdempotencyKey}`);
+
+ // Verify Socket Emissions
+ expect(walletService.getWalletBalance).toHaveBeenCalledWith(mockUserId);
+ expect(walletService.getWalletBalance).toHaveBeenCalledWith(mockReceiverId);
+
+ expect(socketService.emitToUser).toHaveBeenCalledWith(
+ mockUserId,
+ 'WALLET_UPDATED',
+ expect.objectContaining({
+ message: expect.stringContaining('Debit Alert'),
+ })
+ );
+ expect(socketService.emitToUser).toHaveBeenCalledWith(
+ mockReceiverId,
+ 'WALLET_UPDATED',
+ expect.objectContaining({
+ message: expect.stringContaining('Credit Alert'),
+ })
+ );
+ });
+
+ it('should throw BadRequestError for insufficient funds (Internal)', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue(mockUserId);
+ (prisma.transaction.findUnique as jest.Mock).mockResolvedValue(null);
+ (nameEnquiryService.resolveAccount as jest.Mock).mockResolvedValue({
+ isInternal: true,
+ accountName: 'John Doe',
+ });
+
+ (prisma.wallet.findUnique as jest.Mock).mockResolvedValue({
+ id: 'wallet-123',
+ userId: mockUserId,
+ balance: 1000, // Less than 5000
+ });
+ (prisma.virtualAccount.findUnique as jest.Mock).mockResolvedValue({
+ wallet: { id: 'wallet-456', userId: mockReceiverId },
+ });
+
+ await expect(transferService.processTransfer(mockPayload)).rejects.toThrow(
+ BadRequestError
+ );
+ });
+
+ it('should initiate external transfer successfully', async () => {
+ (redisConnection.get as jest.Mock).mockResolvedValue(mockUserId);
+ (prisma.transaction.findUnique as jest.Mock).mockResolvedValue(null);
+ (nameEnquiryService.resolveAccount as jest.Mock).mockResolvedValue({
+ isInternal: false,
+ accountName: 'External User',
+ });
+
+ (prisma.wallet.findUnique as jest.Mock).mockResolvedValue({
+ id: 'wallet-123',
+ userId: mockUserId,
+ balance: 10000,
+ });
+
+ (prisma.transaction.create as jest.Mock).mockResolvedValue({ id: 'tx-external' });
+
+ const result = await transferService.processTransfer(mockPayload);
+
+ expect(result).toEqual({
+ message: 'Transfer processing',
+ transactionId: 'tx-external',
+ status: 'PENDING',
+ amount: 5000,
+ recipient: 'External User',
+ });
+
+ // Verify Debit only
+ expect(prisma.wallet.update).toHaveBeenCalledWith({
+ where: { id: 'wallet-123' },
+ data: { balance: { decrement: 5000 } },
+ });
+
+ // Verify idempotency key was deleted
+ expect(redisConnection.del).toHaveBeenCalledWith(`idempotency:${mockIdempotencyKey}`);
+
+ // Verify Socket Emission (Sender only)
+ expect(walletService.getWalletBalance).toHaveBeenCalledWith(mockUserId);
+ expect(socketService.emitToUser).toHaveBeenCalledWith(
+ mockUserId,
+ 'WALLET_UPDATED',
+ expect.objectContaining({
+ message: expect.stringContaining('Debit Alert'),
+ })
+ );
+ });
+ });
+});
diff --git a/src/lib/services/__tests__/wallet.service.integration.test.ts b/src/shared/lib/services/__tests__/wallet.service.integration.test.ts
similarity index 98%
rename from src/lib/services/__tests__/wallet.service.integration.test.ts
rename to src/shared/lib/services/__tests__/wallet.service.integration.test.ts
index 41939e7..f48e769 100644
--- a/src/lib/services/__tests__/wallet.service.integration.test.ts
+++ b/src/shared/lib/services/__tests__/wallet.service.integration.test.ts
@@ -1,9 +1,9 @@
-import prisma from '../../../lib/utils/database';
+import prisma from '../../utils/database';
import { walletService } from '../wallet.service';
-import authService from '../../../modules/auth/auth.service';
-import { TestUtils } from '../../../test/utils';
+import authService from '../../../../api/modules/account/auth/auth.service';
+import { TestUtils } from '../../../../test/utils';
import { NotFoundError, BadRequestError } from '../../utils/api-error';
-import { TransactionType } from '../../../database/generated/prisma';
+import { TransactionType } from '../../../database';
describe('WalletService - Integration Tests', () => {
beforeEach(async () => {
@@ -248,7 +248,7 @@ describe('WalletService - Integration Tests', () => {
const { user } = await TestUtils.createUserWithWallets();
const metadata = { source: 'bank_transfer', reference: 'BNK-123' };
- const transaction = await walletService.creditWallet(user.id, 50000, metadata);
+ const transaction = await walletService.creditWallet(user.id, 50000, { metadata });
expect(transaction.metadata).toEqual(metadata);
});
diff --git a/src/lib/services/__tests__/wallet.service.unit.test.ts b/src/shared/lib/services/__tests__/wallet.service.unit.test.ts
similarity index 94%
rename from src/lib/services/__tests__/wallet.service.unit.test.ts
rename to src/shared/lib/services/__tests__/wallet.service.unit.test.ts
index 204e4f9..ab900e0 100644
--- a/src/lib/services/__tests__/wallet.service.unit.test.ts
+++ b/src/shared/lib/services/__tests__/wallet.service.unit.test.ts
@@ -1,7 +1,6 @@
-import { prisma, Prisma } from '../../../database';
+import { prisma, TransactionType } from '../../../database';
import { walletService } from '../wallet.service';
import { NotFoundError, BadRequestError, InternalError } from '../../utils/api-error';
-import { TransactionType } from '../../../database/generated/prisma';
// Mock dependencies
jest.mock('../../../database', () => ({
@@ -21,6 +20,14 @@ jest.mock('../../../database', () => ({
Prisma: {},
}));
+jest.mock('../../../config/redis.config', () => ({
+ redisConnection: {
+ get: jest.fn(),
+ set: jest.fn(),
+ del: jest.fn(),
+ },
+}));
+
describe('WalletService - Unit Tests', () => {
beforeEach(() => {
jest.clearAllMocks();
@@ -88,6 +95,7 @@ describe('WalletService - Unit Tests', () => {
expect(prisma.wallet.findUnique).toHaveBeenCalledWith({
where: { userId },
+ include: { virtualAccount: true },
});
expect(result).toEqual({
@@ -95,6 +103,8 @@ describe('WalletService - Unit Tests', () => {
balance: 100000,
lockedBalance: 20000,
availableBalance: 80000,
+ currency: 'NGN',
+ virtualAccount: null,
});
});
@@ -292,7 +302,13 @@ describe('WalletService - Unit Tests', () => {
return callback(tx);
});
- const result = await walletService.creditWallet(userId, amount, metadata);
+ // Mock getWalletBalance call after transaction
+ (prisma.wallet.findUnique as jest.Mock).mockResolvedValue({
+ ...mockWallet,
+ balance: 100000,
+ });
+
+ const result = await walletService.creditWallet(userId, amount, { metadata });
expect(result.type).toBe('DEPOSIT');
expect(result.amount).toBe(amount);
@@ -356,7 +372,13 @@ describe('WalletService - Unit Tests', () => {
return callback(tx);
});
- const result = await walletService.debitWallet(userId, amount, metadata);
+ // Mock getWalletBalance call after transaction
+ (prisma.wallet.findUnique as jest.Mock).mockResolvedValue({
+ ...mockWallet,
+ balance: 20000,
+ });
+
+ const result = await walletService.debitWallet(userId, amount, { metadata });
expect(result.type).toBe('WITHDRAWAL');
expect(result.amount).toBe(amount);
diff --git a/src/shared/lib/services/audit.service.ts b/src/shared/lib/services/audit.service.ts
new file mode 100644
index 0000000..42d6fbe
--- /dev/null
+++ b/src/shared/lib/services/audit.service.ts
@@ -0,0 +1,73 @@
+import { eventBus, EventType } from '../events/event-bus';
+import { prisma } from '../../database';
+import { AuditLogData } from '../events/listeners/audit.listener';
+import { Prisma } from '@prisma/client';
+
+export interface AuditLogFilter {
+ userId?: string;
+ action?: string;
+ resource?: string;
+ startDate?: Date;
+ endDate?: Date;
+ page?: number;
+ limit?: number;
+}
+
+export class AuditService {
+ /**
+ * Emit an audit log event
+ */
+ static async log(data: AuditLogData): Promise {
+ eventBus.publish(EventType.AUDIT_LOG, data);
+ }
+
+ /**
+ * Retrieve audit logs with filtering and pagination
+ */
+ static async findAll(filter: AuditLogFilter) {
+ const { userId, action, resource, startDate, endDate, page = 1, limit = 20 } = filter;
+ const skip = (page - 1) * limit;
+
+ const where: Prisma.AuditLogWhereInput = {};
+
+ if (userId) where.userId = userId;
+ if (action) where.action = { contains: action, mode: 'insensitive' };
+ if (resource) where.resource = { contains: resource, mode: 'insensitive' };
+
+ if (startDate || endDate) {
+ where.createdAt = {};
+ if (startDate) where.createdAt.gte = startDate;
+ if (endDate) where.createdAt.lte = endDate;
+ }
+
+ const [logs, total] = await Promise.all([
+ prisma.auditLog.findMany({
+ where,
+ skip,
+ take: limit,
+ orderBy: { createdAt: 'desc' },
+ include: {
+ user: {
+ select: {
+ id: true,
+ firstName: true,
+ lastName: true,
+ email: true,
+ },
+ },
+ },
+ }),
+ prisma.auditLog.count({ where }),
+ ]);
+
+ return {
+ logs,
+ meta: {
+ total,
+ page,
+ limit,
+ totalPages: Math.ceil(total / limit),
+ },
+ };
+ }
+}
diff --git a/src/shared/lib/services/banking/globus.service.test.ts b/src/shared/lib/services/banking/globus.service.test.ts
new file mode 100644
index 0000000..b25e464
--- /dev/null
+++ b/src/shared/lib/services/banking/globus.service.test.ts
@@ -0,0 +1,28 @@
+import { globusService } from './globus.service';
+
+// Mock env config to force Mock Mode
+jest.mock('../../../../config/env.config', () => ({
+ envConfig: {
+ GLOBUS_CLIENT_ID: undefined, // Force Mock Mode
+ NODE_ENV: 'test',
+ },
+}));
+
+describe('GlobusService', () => {
+ it('should return a mock account in test/mock mode', async () => {
+ const user = {
+ id: 'user-123',
+ firstName: 'John',
+ lastName: 'Doe',
+ email: 'john@example.com',
+ phone: '1234567890',
+ };
+
+ const result = await globusService.createAccount(user);
+
+ expect(result).toHaveProperty('accountNumber');
+ expect(result.accountName).toBe('SwapLink - John Doe');
+ expect(result.provider).toBe('GLOBUS');
+ expect(result.accountNumber).toMatch(/^11/); // Starts with 11
+ });
+});
diff --git a/src/shared/lib/services/banking/globus.service.ts b/src/shared/lib/services/banking/globus.service.ts
new file mode 100644
index 0000000..879197c
--- /dev/null
+++ b/src/shared/lib/services/banking/globus.service.ts
@@ -0,0 +1,176 @@
+import axios from 'axios';
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+
+export class GlobusService {
+ private baseUrl = envConfig.GLOBUS_BASE_URL;
+
+ private async getAuthToken() {
+ // TODO: Implement caching logic here
+ return 'mock_token';
+ }
+
+ async verifyAccount(accountNumber: string, bankCode: string) {
+ if (this.isMockMode()) {
+ await this.simulateLatency();
+ return {
+ accountNumber,
+ accountName: 'MOCK USER NAME',
+ bankCode,
+ bankName: 'MOCK BANK',
+ };
+ }
+
+ const token = await this.getAuthToken();
+ try {
+ const response = await axios.post(
+ `${this.baseUrl}/accounts/name-enquiry`,
+ { accountNumber, bankCode },
+ { headers: { Authorization: `Bearer ${token}` } }
+ );
+ return response.data;
+ } catch (error) {
+ logger.error('Globus Name Enquiry Failed', error);
+ throw error;
+ }
+ }
+
+ async generateNuban(user: {
+ id: string;
+ firstName: string;
+ lastName: string;
+ email: string;
+ phone: string;
+ }) {
+ try {
+ if (this.isMockMode()) {
+ logger.warn(`โ ๏ธ [GlobusService] Running in MOCK MODE for user ${user.id}`);
+ await this.simulateLatency();
+
+ return {
+ accountNumber: '11' + Math.floor(Math.random() * 100000000),
+ accountName: `SwapLink - ${user.firstName} ${user.lastName}`,
+ bankName: 'Globus Bank (Sandbox)',
+ provider: 'GLOBUS',
+ };
+ }
+
+ const token = await this.getAuthToken();
+ const response = await axios.post(
+ `${this.baseUrl}/accounts/virtual`,
+ {
+ accountName: `${user.firstName} ${user.lastName}`,
+ email: user.email,
+ phoneNumber: user.phone,
+ reference: user.id, // Idempotency Key
+ },
+ {
+ headers: { Authorization: `Bearer ${token}` },
+ }
+ );
+
+ return {
+ ...response.data,
+ provider: 'GLOBUS',
+ };
+ } catch (error) {
+ logger.error('Globus Account Creation Failed', error);
+ throw error; // Throw so the worker knows to retry
+ }
+ }
+
+ // Alias for backward compatibility if needed, or just use generateNuban
+ async createAccount(user: any) {
+ return this.generateNuban(user);
+ }
+
+ async transferFunds(payload: {
+ amount: number;
+ destinationAccount: string;
+ destinationBankCode: string;
+ destinationName: string;
+ narration: string;
+ reference: string;
+ }) {
+ if (this.isMockMode()) {
+ await this.simulateLatency();
+ // Simulate 90% success
+ if (Math.random() > 0.1) {
+ return {
+ status: 'SUCCESS',
+ reference: payload.reference,
+ sessionId: `MOCK-SESSION-${Date.now()}`,
+ };
+ } else {
+ throw new Error('Mock Transfer Failed');
+ }
+ }
+
+ const token = await this.getAuthToken();
+ try {
+ const response = await axios.post(`${this.baseUrl}/transfers`, payload, {
+ headers: { Authorization: `Bearer ${token}` },
+ });
+ return response.data;
+ } catch (error) {
+ logger.error('Globus Transfer Failed', error);
+ throw error;
+ }
+ }
+
+ async getTransactionStatus(reference: string) {
+ if (this.isMockMode()) {
+ await this.simulateLatency();
+ return {
+ status: 'COMPLETED',
+ reference,
+ amount: 1000,
+ date: new Date(),
+ };
+ }
+
+ const token = await this.getAuthToken();
+ try {
+ const response = await axios.get(`${this.baseUrl}/transactions/${reference}`, {
+ headers: { Authorization: `Bearer ${token}` },
+ });
+ return response.data;
+ } catch (error) {
+ logger.error('Globus Get Transaction Status Failed', error);
+ throw error;
+ }
+ }
+
+ async getStatement(startDate: Date, endDate: Date) {
+ if (this.isMockMode()) {
+ await this.simulateLatency();
+ return []; // Return empty list for mock
+ }
+
+ const token = await this.getAuthToken();
+ try {
+ const response = await axios.get(`${this.baseUrl}/accounts/statement`, {
+ params: { startDate, endDate },
+ headers: { Authorization: `Bearer ${token}` },
+ });
+ return response.data;
+ } catch (error) {
+ logger.error('Globus Get Statement Failed', error);
+ throw error;
+ }
+ }
+
+ private isMockMode() {
+ return (
+ !envConfig.GLOBUS_CLIENT_ID ||
+ envConfig.NODE_ENV === 'test' ||
+ envConfig.NODE_ENV === 'development'
+ );
+ }
+
+ private async simulateLatency() {
+ await new Promise(resolve => setTimeout(resolve, 1000));
+ }
+}
+
+export const globusService = new GlobusService();
diff --git a/src/lib/services/base-service.ts b/src/shared/lib/services/base-service.ts
similarity index 100%
rename from src/lib/services/base-service.ts
rename to src/shared/lib/services/base-service.ts
diff --git a/src/shared/lib/services/email-service/base-email.service.ts b/src/shared/lib/services/email-service/base-email.service.ts
new file mode 100644
index 0000000..b9229ab
--- /dev/null
+++ b/src/shared/lib/services/email-service/base-email.service.ts
@@ -0,0 +1,18 @@
+export interface EmailOptions {
+ to: string;
+ subject: string;
+ text?: string;
+ html?: string;
+}
+
+export abstract class BaseEmailService {
+ abstract sendEmail(options: EmailOptions): Promise;
+
+ abstract sendVerificationEmail(to: string, code: string): Promise;
+
+ abstract sendWelcomeEmail(to: string, name: string): Promise;
+
+ abstract sendPasswordResetLink(email: string, resetToken: string): Promise;
+
+ abstract sendVerificationSuccessEmail(to: string, name: string): Promise;
+}
diff --git a/src/shared/lib/services/email-service/email.service.ts b/src/shared/lib/services/email-service/email.service.ts
new file mode 100644
index 0000000..079a341
--- /dev/null
+++ b/src/shared/lib/services/email-service/email.service.ts
@@ -0,0 +1,57 @@
+import { BaseEmailService } from './base-email.service';
+import { ResendEmailService } from './resend-email.service';
+import { SendGridEmailService } from './sendgrid-email.service';
+import { MailtrapEmailService } from './mailtrap-email.service';
+import { LocalEmailService } from './local-email.service';
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+
+export class EmailServiceFactory {
+ static create(): BaseEmailService {
+ const isProduction = envConfig.NODE_ENV === 'production';
+ const isStaging = process.env.STAGING === 'true' || envConfig.NODE_ENV === 'staging';
+
+ // 1. Production/Staging: Use Resend if configured (Primary choice)
+ if ((isProduction || isStaging) && envConfig.RESEND_API_KEY) {
+ try {
+ const mode = isProduction && !isStaging ? 'Production' : 'Staging';
+ logger.info(`๐ ${mode} mode: Initializing Resend Email Service`);
+ return new ResendEmailService();
+ } catch (error) {
+ logger.error('Failed to initialize ResendEmailService, trying SendGrid...', error);
+ }
+ }
+
+ // 2. Fallback: Use SendGrid if Resend is not available
+ if ((isProduction || isStaging) && envConfig.SENDGRID_API_KEY) {
+ try {
+ logger.info('๐งช Fallback: Initializing SendGrid Email Service');
+ return new SendGridEmailService();
+ } catch (error) {
+ logger.error(
+ 'Failed to initialize SendGridEmailService, trying Mailtrap...',
+ error
+ );
+ }
+ }
+
+ // 3. Staging Fallback: Use Mailtrap if neither Resend nor SendGrid is configured
+ if (isStaging && envConfig.MAILTRAP_API_TOKEN) {
+ try {
+ logger.info('๐งช Staging mode: Initializing Mailtrap Email Service (API)');
+ return new MailtrapEmailService();
+ } catch (error) {
+ logger.error(
+ 'Failed to initialize MailtrapEmailService, falling back to LocalEmailService',
+ error
+ );
+ }
+ }
+
+ // 4. Development/Fallback: Use LocalEmailService (Logs to console)
+ logger.info('๐ป Development mode: Using Local Email Service (console logging)');
+ return new LocalEmailService();
+ }
+}
+
+export const emailService = EmailServiceFactory.create();
diff --git a/src/shared/lib/services/email-service/local-email.service.ts b/src/shared/lib/services/email-service/local-email.service.ts
new file mode 100644
index 0000000..e58d643
--- /dev/null
+++ b/src/shared/lib/services/email-service/local-email.service.ts
@@ -0,0 +1,54 @@
+import { BaseEmailService, EmailOptions } from './base-email.service';
+import logger from '../../utils/logger';
+
+export class LocalEmailService extends BaseEmailService {
+ constructor() {
+ super();
+ logger.info('โน๏ธ Using Local Email Service (Logging only)');
+ }
+
+ async sendEmail(options: EmailOptions): Promise {
+ const { to, subject, text, html } = options;
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] Email to ${to}`);
+ logger.info(`๐ Subject: ${subject}`);
+ if (text) logger.info(`๐ Text Body: ${text}`);
+ if (html) logger.info(`๐ HTML Body (truncated): ${html.substring(0, 100)}...`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ async sendVerificationEmail(to: string, code: string): Promise {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] VERIFICATION EMAIL for ${to}`);
+ logger.info(`๐ CODE: ${code}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ async sendWelcomeEmail(to: string, name: string): Promise {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] WELCOME EMAIL for ${to}`);
+ logger.info(`๐ Name: ${name}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ async sendPasswordResetLink(email: string, resetToken: string): Promise {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] PASSWORD RESET for ${email}`);
+ logger.info(`๐ Token: ${resetToken}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ async sendVerificationSuccessEmail(to: string, name: string): Promise {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] VERIFICATION SUCCESS for ${to}`);
+ logger.info(`๐ Name: ${name}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ static logIntent(intent: string, to: string, name?: string) {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [LocalEmailService] ${intent} for ${to}`);
+ if (name) logger.info(`๐ Name: ${name}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+}
diff --git a/src/shared/lib/services/email-service/mailtrap-email.service.ts b/src/shared/lib/services/email-service/mailtrap-email.service.ts
new file mode 100644
index 0000000..6928a8e
--- /dev/null
+++ b/src/shared/lib/services/email-service/mailtrap-email.service.ts
@@ -0,0 +1,102 @@
+import { BaseEmailService, EmailOptions } from './base-email.service';
+import { MailtrapClient } from 'mailtrap';
+import logger, { logDebug } from '../../utils/logger';
+import { envConfig } from '../../../config/env.config';
+import { BadGatewayError } from '../../utils/api-error';
+
+export class MailtrapEmailService extends BaseEmailService {
+ private client: MailtrapClient;
+ private fromEmail: string;
+
+ constructor() {
+ super();
+ // logDebug(envConfig.MAILTRAP_API_TOKEN);
+ if (!envConfig.MAILTRAP_API_TOKEN) {
+ throw new Error('MAILTRAP_API_TOKEN is required');
+ }
+
+ this.client = new MailtrapClient({
+ token: envConfig.MAILTRAP_API_TOKEN,
+ // sandbox: true,
+ });
+
+ this.fromEmail = envConfig.FROM_EMAIL;
+
+ logger.info('โ
Using Mailtrap Email Service (Staging - API)');
+ logger.info(`๐ง FROM_EMAIL configured as: ${this.fromEmail}`);
+ }
+
+ async sendEmail(options: EmailOptions): Promise {
+ const { to, subject, html, text } = options;
+ try {
+ logger.info(`[Mailtrap] Attempting to send email to ${to} from ${this.fromEmail}`);
+
+ const response = await this.client.send({
+ from: {
+ email: this.fromEmail,
+ name: 'SwapLink',
+ },
+ to: [{ email: to }],
+ subject,
+ text: text || '',
+ html: html || text || '',
+ });
+
+ logger.info(
+ `[Mailtrap] โ
Email sent successfully to ${to}. Message ID: ${
+ response.message_ids?.[0] || 'N/A'
+ }`
+ );
+ } catch (error: unknown) {
+ logger.error(`[Mailtrap] Exception sending email to ${to}:`, error);
+
+ const errorMessage =
+ error && typeof error === 'object' && 'message' in error
+ ? (error as { message?: string }).message
+ : error instanceof Error
+ ? error.message
+ : 'Unknown error';
+
+ throw new BadGatewayError(`Mailtrap Error: ${errorMessage}`);
+ }
+ }
+
+ async sendVerificationEmail(to: string, code: string): Promise {
+ const subject = 'SwapLink - Verification Code';
+ const html = `
+ Email Verification
+ Your SwapLink verification code is: ${code}
+ This code is valid for 10 minutes.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendWelcomeEmail(to: string, name: string): Promise {
+ const subject = 'Welcome to SwapLink!';
+ const html = `
+ Welcome, ${name}!
+ Thank you for joining SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendPasswordResetLink(email: string, resetToken: string): Promise {
+ const subject = 'Reset Your Password';
+ const link = `${envConfig.FRONTEND_URL}/reset-password?token=${resetToken}`;
+ const html = `
+ Password Reset
+ Click here to reset your password: ${link}
+ `;
+ return this.sendEmail({ to: email, subject, html });
+ }
+
+ async sendVerificationSuccessEmail(to: string, name: string): Promise {
+ const subject = 'Verification Complete!';
+ const html = `
+ Congratulations, ${name}!
+ Your account has been fully verified.
+ You can now enjoy the features of SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+}
diff --git a/src/shared/lib/services/email-service/resend-email.service.ts b/src/shared/lib/services/email-service/resend-email.service.ts
new file mode 100644
index 0000000..ac5a545
--- /dev/null
+++ b/src/shared/lib/services/email-service/resend-email.service.ts
@@ -0,0 +1,110 @@
+import { BaseEmailService, EmailOptions } from './base-email.service';
+import { Resend } from 'resend';
+import logger from '../../utils/logger';
+import { envConfig } from '../../../config/env.config';
+import { BadGatewayError } from '../../utils/api-error';
+
+export class ResendEmailService extends BaseEmailService {
+ private resend: Resend;
+ private fromEmail: string;
+
+ constructor() {
+ super();
+ if (!envConfig.RESEND_API_KEY) {
+ throw new Error('RESEND_API_KEY is not defined');
+ }
+ this.resend = new Resend(envConfig.RESEND_API_KEY);
+ this.fromEmail = envConfig.FROM_EMAIL;
+
+ logger.info('โ
Using Resend Email Service');
+ logger.info(`๐ง FROM_EMAIL configured as: ${this.fromEmail}`);
+
+ // Warn if using a custom domain that might not be verified
+ if (!this.fromEmail.endsWith('@resend.dev')) {
+ logger.warn(
+ 'โ ๏ธ Using custom domain email. Ensure your domain is verified in Resend dashboard: https://resend.com/domains'
+ );
+ logger.warn(
+ '๐ก For testing without domain verification, use: FROM_EMAIL=onboarding@resend.dev'
+ );
+ }
+ }
+
+ async sendEmail(options: EmailOptions): Promise {
+ const { to, subject, html, text } = options;
+ try {
+ logger.info(`[Resend] Attempting to send email to ${to} from ${this.fromEmail}`);
+
+ const { data, error } = await this.resend.emails.send({
+ from: this.fromEmail,
+ to: [to],
+ subject: subject,
+ html: html || text || '',
+ });
+
+ if (error) {
+ logger.error(`[Resend] Failed to send email to ${to}:`, error);
+
+ // Provide helpful error messages
+ if (error.message?.includes('domain')) {
+ logger.error(
+ 'โ Domain verification issue. Please verify your domain at https://resend.com/domains ' +
+ 'or use FROM_EMAIL=onboarding@resend.dev for testing'
+ );
+ }
+
+ throw new BadGatewayError(`Resend Error: ${error.message}`);
+ }
+ logger.info(`[Resend] โ
Email sent successfully to ${to}. ID: ${data?.id}`);
+
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ง [Resend Email Service] Email to ${to}`);
+ logger.info(`๐ Subject: ${subject}`);
+ if (text) logger.info(`๐ Text Body: ${text}`);
+ if (html) logger.info(`๐ HTML Body (truncated): ${html.substring(0, 100)}...`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ } catch (error) {
+ logger.error(`[Resend] Exception sending email to ${to}:`, error);
+ throw error;
+ }
+ }
+
+ async sendVerificationEmail(to: string, code: string): Promise {
+ const subject = 'SwapLink - Verification Code';
+ const html = `
+ Email Verification
+ Your SwapLink verification code is: ${code}
+ This code is valid for 10 minutes.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendWelcomeEmail(to: string, name: string): Promise {
+ const subject = 'Welcome to SwapLink!';
+ const html = `
+ Welcome, ${name}!
+ Thank you for joining SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendPasswordResetLink(email: string, resetToken: string): Promise {
+ const subject = 'Reset Your Password';
+ const link = `${envConfig.FRONTEND_URL}/reset-password?token=${resetToken}`;
+ const html = `
+ Password Reset
+ Click here to reset your password: ${link}
+ `;
+ return this.sendEmail({ to: email, subject, html });
+ }
+
+ async sendVerificationSuccessEmail(to: string, name: string): Promise {
+ const subject = 'Verification Complete!';
+ const html = `
+ Congratulations, ${name}!
+ Your account has been fully verified.
+ You can now enjoy the features of SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+}
diff --git a/src/shared/lib/services/email-service/sendgrid-email.service.ts b/src/shared/lib/services/email-service/sendgrid-email.service.ts
new file mode 100644
index 0000000..163d784
--- /dev/null
+++ b/src/shared/lib/services/email-service/sendgrid-email.service.ts
@@ -0,0 +1,95 @@
+import { BaseEmailService, EmailOptions } from './base-email.service';
+import sendgrid from '@sendgrid/mail';
+import logger from '../../utils/logger';
+import { envConfig } from '../../../config/env.config';
+import { BadGatewayError } from '../../utils/api-error';
+
+export class SendGridEmailService extends BaseEmailService {
+ private fromEmail: string;
+
+ constructor() {
+ super();
+ if (!envConfig.SENDGRID_API_KEY) {
+ throw new Error('SENDGRID_API_KEY is required');
+ }
+
+ sendgrid.setApiKey(envConfig.SENDGRID_API_KEY);
+ this.fromEmail = envConfig.FROM_EMAIL;
+
+ logger.info('โ
Using SendGrid Email Service (Staging)');
+ logger.info(`๐ง FROM_EMAIL configured as: ${this.fromEmail}`);
+ }
+
+ async sendEmail(options: EmailOptions): Promise {
+ const { to, subject, html, text } = options;
+ try {
+ logger.info(`[SendGrid] Attempting to send email to ${to} from ${this.fromEmail}`);
+
+ const msg = {
+ to,
+ from: this.fromEmail,
+ subject,
+ text: text || '',
+ html: html || text || '',
+ };
+
+ const response = await sendgrid.send(msg);
+
+ logger.info(
+ `[SendGrid] โ
Email sent successfully to ${to}. Status: ${response[0].statusCode}`
+ );
+ } catch (error: unknown) {
+ logger.error(`[SendGrid] Exception sending email to ${to}:`, error);
+
+ // SendGrid errors have a response property with details
+ const errorMessage =
+ error && typeof error === 'object' && 'response' in error
+ ? (error as { response?: { body?: { errors?: Array<{ message?: string }> } } })
+ ?.response?.body?.errors?.[0]?.message
+ : error instanceof Error
+ ? error.message
+ : 'Unknown error';
+
+ throw new BadGatewayError(`SendGrid Error: ${errorMessage}`);
+ }
+ }
+
+ async sendVerificationEmail(to: string, code: string): Promise {
+ const subject = 'SwapLink - Verification Code';
+ const html = `
+ Email Verification
+ Your SwapLink verification code is: ${code}
+ This code is valid for 10 minutes.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendWelcomeEmail(to: string, name: string): Promise {
+ const subject = 'Welcome to SwapLink!';
+ const html = `
+ Welcome, ${name}!
+ Thank you for joining SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+
+ async sendPasswordResetLink(email: string, resetToken: string): Promise {
+ const subject = 'Reset Your Password';
+ const link = `${envConfig.FRONTEND_URL}/reset-password?token=${resetToken}`;
+ const html = `
+ Password Reset
+ Click here to reset your password: ${link}
+ `;
+ return this.sendEmail({ to: email, subject, html });
+ }
+
+ async sendVerificationSuccessEmail(to: string, name: string): Promise {
+ const subject = 'Verification Complete!';
+ const html = `
+ Congratulations, ${name}!
+ Your account has been fully verified.
+ You can now enjoy the features of SwapLink.
+ `;
+ return this.sendEmail({ to, subject, html });
+ }
+}
diff --git a/src/shared/lib/services/notification/notification-utils.ts b/src/shared/lib/services/notification/notification-utils.ts
new file mode 100644
index 0000000..a13fe79
--- /dev/null
+++ b/src/shared/lib/services/notification/notification-utils.ts
@@ -0,0 +1,52 @@
+import { Notification, NotificationType, NotificationChannel } from '../../../database';
+import { prisma } from '../../../database';
+import { logError } from '../../utils/logger';
+import { socketService } from '../socket.service';
+import { getNotificationQueue } from '../../init/service-initializer';
+
+export default class NotificationUtil {
+ /**
+ * Send a notification to a specific user.
+ * Persists to DB and adds to worker queue for push notification.
+ */
+ static async sendToUser(
+ userId: string,
+ title: string,
+ body: string,
+ data: any = {},
+ type: NotificationType = NotificationType.SYSTEM,
+ channel: NotificationChannel = NotificationChannel.INAPP
+ ): Promise {
+ try {
+ // 1. Persist Notification to DB
+ const notification = await prisma.notification.create({
+ data: {
+ userId,
+ title,
+ body,
+ type,
+ channel,
+ data,
+ isRead: false,
+ },
+ });
+
+ // 2. Add to Queue for Push Notification
+ await getNotificationQueue().add('send-notification', {
+ userId,
+ title,
+ body,
+ channel,
+ data: { ...data, notificationId: notification.id },
+ });
+
+ // 3. Emit Socket Event
+ socketService.emitToUser(userId, 'NEW_NOTIFICATION', notification);
+
+ return notification;
+ } catch (error) {
+ logError(error, 'Error in sendToUser:');
+ throw error;
+ }
+ }
+}
diff --git a/src/shared/lib/services/notification/push-notification.service.ts b/src/shared/lib/services/notification/push-notification.service.ts
new file mode 100644
index 0000000..e34c612
--- /dev/null
+++ b/src/shared/lib/services/notification/push-notification.service.ts
@@ -0,0 +1,77 @@
+import { Expo, ExpoPushMessage, ExpoPushTicket } from 'expo-server-sdk';
+import logger from '../../utils/logger';
+
+export class PushNotificationService {
+ private expo: Expo | null = null;
+
+ constructor() {
+ try {
+ this.expo = new Expo();
+ logger.debug('Push Notification service enabled');
+ } catch (error) {
+ logger.error('Failed to initialize Push Notification service:', error);
+ }
+ }
+
+ private checkExpo() {
+ if (!this.expo) {
+ throw new Error('Push Notification service not initialized');
+ }
+
+ return this.expo;
+ }
+
+ /**
+ * Send push notifications to a batch of tokens
+ */
+ async sendPushNotifications(tokens: string[], title: string, body: string, data: any = {}) {
+ const messages: ExpoPushMessage[] = [];
+
+ const expo = this.checkExpo();
+
+ for (const token of tokens) {
+ if (!Expo.isExpoPushToken(token)) {
+ logger.warn(`[Push] Invalid Expo push token: ${token}`);
+ continue;
+ }
+
+ messages.push({
+ to: token,
+ sound: 'default',
+ title,
+ body,
+ data,
+ });
+ }
+
+ const chunks = expo.chunkPushNotifications(messages);
+ const tickets: ExpoPushTicket[] = [];
+
+ for (const chunk of chunks) {
+ try {
+ const ticketChunk = await expo.sendPushNotificationsAsync(chunk);
+ tickets.push(...ticketChunk);
+ } catch (error) {
+ logger.error('[Push] Error sending push notifications chunk:', error);
+ }
+ }
+
+ // Handle errors in tickets (e.g., DeviceNotRegistered)
+ // In a real app, we should process these tickets to remove invalid tokens from DB
+ this.processTickets(tickets);
+ }
+
+ private processTickets(tickets: ExpoPushTicket[]) {
+ for (const ticket of tickets) {
+ if (ticket.status === 'error') {
+ logger.error(`[Push] Error sending notification: ${ticket.message}`);
+ if (ticket.details && ticket.details.error === 'DeviceNotRegistered') {
+ // TODO: Remove the invalid token from the user's profile in DB
+ logger.warn('[Push] Device not registered. Token should be removed.');
+ }
+ }
+ }
+ }
+}
+
+export const pushNotificationService = new PushNotificationService();
diff --git a/src/shared/lib/services/otp.service.ts b/src/shared/lib/services/otp.service.ts
new file mode 100644
index 0000000..ef870b3
--- /dev/null
+++ b/src/shared/lib/services/otp.service.ts
@@ -0,0 +1,78 @@
+/* eslint-disable @typescript-eslint/no-require-imports */
+import { OtpType } from '../../database';
+import { BadRequestError } from '../utils/api-error';
+import { redisConnection } from '../../config/redis.config';
+import { eventBus, EventType } from '../events/event-bus';
+
+export class OtpService {
+ private readonly OTP_TTL = 300; // 5 minutes in seconds
+
+ /**
+ * Generate and Store OTP in Redis, then Emit Event
+ */
+ async generateOtp(
+ identifier: string,
+ type: OtpType,
+ userId?: string
+ ): Promise<{ code: string; expiresIn: number }> {
+ // 1. Generate secure 6 digit code
+ const code = Math.floor(100000 + Math.random() * 900000).toString();
+
+ // 2. Store in Redis with TTL
+ // Key format: otp:{type}:{identifier}
+ const key = this.getRedisKey(type, identifier);
+ await redisConnection.setex(key, this.OTP_TTL, code);
+
+ // 3. Emit Event for Worker to handle sending
+ eventBus.publish(EventType.OTP_REQUESTED, {
+ identifier,
+ type: this.mapOtpTypeToChannel(type),
+ code,
+ purpose: type,
+ userId,
+ });
+
+ return { code, expiresIn: this.OTP_TTL };
+ }
+
+ /**
+ * Verify OTP against Redis
+ */
+ async verifyOtp(identifier: string, code: string, type: OtpType): Promise {
+ const key = this.getRedisKey(type, identifier);
+ const storedCode = await redisConnection.get(key);
+
+ if (!storedCode) {
+ throw new BadRequestError('OTP expired or invalid');
+ }
+
+ if (storedCode !== code) {
+ throw new BadRequestError('Invalid OTP code');
+ }
+
+ // 2. Delete from Redis immediately to prevent replay attacks
+ await redisConnection.del(key);
+
+ return true;
+ }
+
+ private getRedisKey(type: OtpType, identifier: string): string {
+ return `otp:${type}:${identifier}`;
+ }
+
+ private mapOtpTypeToChannel(type: OtpType): 'email' | 'phone' {
+ switch (type) {
+ case OtpType.EMAIL_VERIFICATION:
+ case OtpType.PASSWORD_RESET:
+ return 'email';
+ case OtpType.PHONE_VERIFICATION:
+ case OtpType.TWO_FACTOR:
+ case OtpType.WITHDRAWAL_CONFIRMATION:
+ return 'phone';
+ default:
+ return 'email'; // Default fallback
+ }
+ }
+}
+
+export const otpService = new OtpService();
diff --git a/src/shared/lib/services/sms-service/sms.service.ts b/src/shared/lib/services/sms-service/sms.service.ts
new file mode 100644
index 0000000..91cd9b8
--- /dev/null
+++ b/src/shared/lib/services/sms-service/sms.service.ts
@@ -0,0 +1,87 @@
+import logger from '../../utils/logger';
+import { envConfig } from '../../../config/env.config';
+import { TwilioSmsService } from './twilio-sms.service';
+
+/**
+ * SMS Service Interface
+ */
+export interface ISmsService {
+ sendSms(phoneNumber: string, message: string): Promise;
+ sendOtp(phoneNumber: string, code: string): Promise;
+}
+
+/**
+ * Mock SMS Service for Development/Testing
+ */
+export class MockSmsService implements ISmsService {
+ /**
+ * Send a generic SMS message (mock)
+ */
+ async sendSms(phoneNumber: string, message: string): Promise {
+ try {
+ // In development/test, log the message for debugging
+ if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
+ logger.info(`[Mock SMS Service] ๐ฑ SMS to ${phoneNumber}`);
+ logger.info(`[Mock SMS Service] Message: ${message}`);
+ }
+
+ // Simulate SMS sending
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ฑ MOCK SMS for ${phoneNumber}`);
+ logger.info(`๐ MESSAGE: ${message}`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ return true;
+ } catch (error) {
+ logger.error(`[Mock SMS Service] Failed to send SMS to ${phoneNumber}:`, error);
+ throw new Error('Failed to send SMS');
+ }
+ }
+
+ /**
+ * Send OTP via SMS (mock)
+ */
+ async sendOtp(phoneNumber: string, code: string): Promise {
+ const message = `Your SwapLink verification code is: ${code}. Valid for 10 minutes. Do not share this code.`;
+
+ // Log OTP prominently in development/test for easy access
+ if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ฑ MOCK SMS OTP for ${phoneNumber}`);
+ logger.info(`๐ CODE: ${code}`);
+ logger.info(`โฐ Valid for: 10 minutes`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ return this.sendSms(phoneNumber, message);
+ }
+}
+
+/**
+ * SMS Service Factory
+ * Creates the appropriate SMS service based on environment
+ */
+export class SmsServiceFactory {
+ static create(): ISmsService {
+ const isProduction = envConfig.NODE_ENV === 'production';
+ const isStaging = process.env.STAGING === 'true' || envConfig.NODE_ENV === 'staging';
+
+ // Use Twilio in production or staging if configured
+ if ((isProduction || isStaging) && envConfig.TWILIO_ACCOUNT_SID) {
+ try {
+ logger.info('๐ Initializing Twilio SMS Service');
+ return new TwilioSmsService();
+ } catch (error) {
+ logger.error(
+ 'Failed to initialize TwilioSmsService, falling back to MockSmsService',
+ error
+ );
+ }
+ }
+
+ // Development/Fallback: Use Mock SMS Service
+ logger.info('๐ป Development mode: Using Mock SMS Service (console logging)');
+ return new MockSmsService();
+ }
+}
+
+export const smsService = SmsServiceFactory.create();
diff --git a/src/shared/lib/services/sms-service/twilio-sms.service.ts b/src/shared/lib/services/sms-service/twilio-sms.service.ts
new file mode 100644
index 0000000..227496f
--- /dev/null
+++ b/src/shared/lib/services/sms-service/twilio-sms.service.ts
@@ -0,0 +1,85 @@
+import twilio from 'twilio';
+import logger from '../../utils/logger';
+import { envConfig } from '../../../config/env.config';
+import { ISmsService } from './sms.service';
+import { BadGatewayError } from '../../utils/api-error';
+
+// const default_to_number = '+18777804236';
+// const default_to_number = '+18777804236';
+const default_to_number = '2348122137834';
+
+export class TwilioSmsService implements ISmsService {
+ private client: twilio.Twilio;
+ private fromPhoneNumber: string;
+
+ constructor() {
+ if (!envConfig.TWILIO_ACCOUNT_SID) {
+ throw new Error('TWILIO_ACCOUNT_SID is required');
+ }
+ if (!envConfig.TWILIO_AUTH_TOKEN) {
+ throw new Error('TWILIO_AUTH_TOKEN is required');
+ }
+ if (!envConfig.TWILIO_PHONE_NUMBER) {
+ throw new Error('TWILIO_PHONE_NUMBER is required');
+ }
+
+ this.client = twilio(envConfig.TWILIO_ACCOUNT_SID, envConfig.TWILIO_AUTH_TOKEN);
+ this.fromPhoneNumber = envConfig.TWILIO_PHONE_NUMBER;
+
+ logger.info('โ
Using Twilio SMS Service');
+ logger.info(`๐ฑ FROM_PHONE_NUMBER configured as: ${this.fromPhoneNumber}`);
+ }
+
+ /**
+ * Send a generic SMS message via Twilio
+ */
+ async sendSms(phoneNumber: string, message: string): Promise {
+ try {
+ // In non-production, use a default test number to avoid sending to real numbers
+ const isProduction = envConfig.NODE_ENV === 'production';
+
+ phoneNumber = !isProduction ? default_to_number : phoneNumber;
+ logger.info(`[Twilio] Attempting to send SMS to ${phoneNumber}`);
+
+ const result = await this.client.messages.create({
+ body: message,
+ // from: default_from_number,
+ messagingServiceSid: 'MGff78ef5c0ba09ce15ceade799eaf2ae1',
+ to: phoneNumber,
+ });
+
+ logger.info(
+ `[Twilio] โ
SMS sent successfully to ${phoneNumber}. SID: ${result.sid}, Status: ${result.status}`
+ );
+
+ return true;
+ } catch (error: unknown) {
+ logger.error(`[Twilio] Exception sending SMS to ${phoneNumber}:`, error);
+
+ const errorMessage =
+ error && typeof error === 'object' && 'message' in error
+ ? (error as { message: string }).message
+ : 'Unknown error';
+
+ throw new BadGatewayError(`Twilio Error: ${errorMessage}`);
+ }
+ }
+
+ /**
+ * Send OTP via SMS using Twilio
+ */
+ async sendOtp(phoneNumber: string, code: string): Promise {
+ const message = `Your SwapLink verification code is: ${code}. Valid for 10 minutes. Do not share this code.`;
+
+ // Log OTP prominently in development/test for easy access
+ if (envConfig.NODE_ENV === 'development' || envConfig.NODE_ENV === 'test') {
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ logger.info(`๐ฑ SMS OTP for ${phoneNumber}`);
+ logger.info(`๐ CODE: ${code}`);
+ logger.info(`โฐ Valid for: 10 minutes`);
+ logger.info('โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ');
+ }
+
+ return this.sendSms(phoneNumber, message);
+ }
+}
diff --git a/src/shared/lib/services/socket.service.ts b/src/shared/lib/services/socket.service.ts
new file mode 100644
index 0000000..dcc1589
--- /dev/null
+++ b/src/shared/lib/services/socket.service.ts
@@ -0,0 +1,139 @@
+import { Server, Socket } from 'socket.io';
+import { JwtUtils } from '../utils/jwt-utils';
+import logger from '../utils/logger';
+import { UnauthorizedError } from '../utils/api-error';
+import { redisConnection } from '../../config/redis.config';
+import Redis from 'ioredis';
+
+class SocketService {
+ private io: Server | null = null;
+ private userSockets: Map = new Map(); // userId -> socketIds[]
+ private subscriber: Redis | null = null;
+ private readonly CHANNEL_NAME = 'socket-events';
+
+ initialize(httpServer: any) {
+ this.io = new Server(httpServer, {
+ cors: {
+ origin: '*', // Allow all origins as requested
+ methods: ['GET', 'POST'],
+ credentials: true,
+ },
+ });
+
+ // Initialize Redis Subscriber
+ this.subscriber = redisConnection.duplicate();
+ this.subscriber.subscribe(this.CHANNEL_NAME, err => {
+ if (err) {
+ logger.error('Failed to subscribe to socket-events channel', err);
+ } else {
+ logger.info('โ
Subscribed to socket-events Redis channel');
+ }
+ });
+
+ this.subscriber.on('message', (channel, message) => {
+ if (channel === this.CHANNEL_NAME) {
+ try {
+ const { userId, event, data } = JSON.parse(message);
+ this.emitLocal(userId, event, data);
+ } catch (error) {
+ logger.error('Failed to parse socket event from Redis', error);
+ }
+ }
+ });
+
+ this.io.use(async (socket, next) => {
+ try {
+ const token =
+ socket.handshake.auth.token ||
+ socket.handshake.query.token || // Also check query params
+ socket.handshake.headers.authorization?.split(' ')[1];
+
+ if (!token) {
+ return next(new Error('Authentication error: Token missing'));
+ }
+
+ const decoded = JwtUtils.verifyAccessToken(token);
+ if (!decoded) {
+ return next(new Error('Authentication error: Invalid token'));
+ }
+
+ socket.data.userId = decoded.userId;
+ next();
+ } catch (error) {
+ // Graceful error for client
+ const err = new UnauthorizedError('Authentication error: Session invalid', {
+ code: 'INVALID_TOKEN',
+ message: 'Please log in again',
+ });
+ next(err);
+ }
+ });
+
+ this.io.on('connection', (socket: Socket) => {
+ const userId = socket.data.userId;
+ logger.info(`๐ User connected: ${userId} (${socket.id})`);
+
+ this.addUserSocket(userId, socket.id);
+
+ socket.on('disconnect', () => {
+ this.removeUserSocket(userId, socket.id);
+ logger.info(`๐ User disconnected: ${userId}`);
+ });
+ });
+
+ logger.info('โ
Socket.io initialized');
+ }
+
+ private addUserSocket(userId: string, socketId: string) {
+ if (!this.userSockets.has(userId)) {
+ this.userSockets.set(userId, []);
+ }
+ this.userSockets.get(userId)?.push(socketId);
+ }
+
+ private removeUserSocket(userId: string, socketId: string) {
+ const sockets = this.userSockets.get(userId);
+ if (sockets) {
+ const updatedSockets = sockets.filter(id => id !== socketId);
+ if (updatedSockets.length === 0) {
+ this.userSockets.delete(userId);
+ } else {
+ this.userSockets.set(userId, updatedSockets);
+ }
+ }
+ }
+
+ /**
+ * Emit event to a specific user.
+ * If running in the API server (io initialized), emits locally.
+ * If running in a worker (io null), publishes to Redis.
+ */
+ emitToUser(userId: string, event: string, data: any) {
+ if (this.io) {
+ this.emitLocal(userId, event, data);
+ } else {
+ // We are likely in a worker process, publish to Redis
+ redisConnection
+ .publish(this.CHANNEL_NAME, JSON.stringify({ userId, event, data }))
+ .catch(err => logger.error('Failed to publish socket event to Redis', err));
+ }
+ }
+
+ private emitLocal(userId: string, event: string, data: any) {
+ if (!this.io) return;
+
+ const sockets = this.userSockets.get(userId);
+ if (sockets && sockets.length > 0) {
+ sockets.forEach(socketId => {
+ this.io?.to(socketId).emit(event, data);
+ });
+ logger.debug(`๐ก Emitted '${event}' to User ${userId}`);
+ }
+ }
+
+ getIO(): Server | null {
+ return this.io;
+ }
+}
+
+export const socketService = new SocketService();
diff --git a/src/shared/lib/services/storage-service/cloudinary-storage.service.ts b/src/shared/lib/services/storage-service/cloudinary-storage.service.ts
new file mode 100644
index 0000000..ca8b989
--- /dev/null
+++ b/src/shared/lib/services/storage-service/cloudinary-storage.service.ts
@@ -0,0 +1,78 @@
+import { v2 as cloudinary, UploadApiResponse } from 'cloudinary';
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+import { slugifyFilename } from '../../utils/functions';
+
+export interface IStorageService {
+ uploadFile(file: Express.Multer.File, folder?: string): Promise;
+}
+
+export class CloudinaryStorageService implements IStorageService {
+ constructor() {
+ if (!envConfig.CLOUDINARY_CLOUD_NAME) {
+ throw new Error('CLOUDINARY_CLOUD_NAME is required');
+ }
+ if (!envConfig.CLOUDINARY_API_KEY) {
+ throw new Error('CLOUDINARY_API_KEY is required');
+ }
+ if (!envConfig.CLOUDINARY_API_SECRET) {
+ throw new Error('CLOUDINARY_API_SECRET is required');
+ }
+
+ cloudinary.config({
+ cloud_name: envConfig.CLOUDINARY_CLOUD_NAME,
+ api_key: envConfig.CLOUDINARY_API_KEY,
+ api_secret: envConfig.CLOUDINARY_API_SECRET,
+ secure: true,
+ });
+
+ logger.info('โ
Using Cloudinary Storage Service');
+ logger.info(`โ๏ธ Cloud Name: ${envConfig.CLOUDINARY_CLOUD_NAME}`);
+ }
+
+ async uploadFile(file: Express.Multer.File, folder: string = 'uploads'): Promise {
+ try {
+ const safeName = slugifyFilename(file.originalname);
+ const timestamp = Date.now();
+ const random = Math.round(Math.random() * 1e9);
+ const publicId = `${folder}/${timestamp}-${random}-${safeName.replace(
+ /\.[^/.]+$/,
+ ''
+ )}`;
+
+ logger.info(`[Cloudinary] Uploading file: ${publicId}`);
+
+ // Upload to Cloudinary
+ const result: UploadApiResponse = await new Promise((resolve, reject) => {
+ const uploadStream = cloudinary.uploader.upload_stream(
+ {
+ folder: folder,
+ public_id: publicId,
+ resource_type: 'auto', // Automatically detect file type
+ use_filename: true,
+ unique_filename: false,
+ },
+ (error, result) => {
+ if (error) reject(error);
+ else resolve(result as UploadApiResponse);
+ }
+ );
+
+ uploadStream.end(file.buffer);
+ });
+
+ logger.info(`[Cloudinary] โ
File uploaded successfully. URL: ${result.secure_url}`);
+
+ return result.secure_url;
+ } catch (error: unknown) {
+ logger.error('[Cloudinary] Upload Error:', error);
+
+ const errorMessage =
+ error && typeof error === 'object' && 'message' in error
+ ? (error as { message: string }).message
+ : 'Unknown error';
+
+ throw new Error(`Cloudinary upload failed: ${errorMessage}`);
+ }
+ }
+}
diff --git a/src/shared/lib/services/storage-service/local-storage.service.ts b/src/shared/lib/services/storage-service/local-storage.service.ts
new file mode 100644
index 0000000..dacd9cc
--- /dev/null
+++ b/src/shared/lib/services/storage-service/local-storage.service.ts
@@ -0,0 +1,34 @@
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+import fs from 'fs';
+import path from 'path';
+import { slugifyFilename } from '../../utils/functions';
+import { IStorageService } from './cloudinary-storage.service';
+
+export class LocalStorageService implements IStorageService {
+ async uploadFile(file: Express.Multer.File, folder: string = 'uploads'): Promise {
+ try {
+ const uploadDir = path.join(process.cwd(), 'uploads', folder);
+ if (!fs.existsSync(uploadDir)) {
+ fs.mkdirSync(uploadDir, { recursive: true });
+ }
+
+ const timestamp = Date.now();
+ const random = Math.round(Math.random() * 1e9);
+ const safeName = slugifyFilename(file.originalname);
+ const fileName = `${timestamp}-${random}-${safeName}`;
+
+ const filePath = path.join(uploadDir, fileName);
+ await fs.promises.writeFile(filePath, file.buffer);
+
+ const fileUrl = `${envConfig.SERVER_URL}/uploads/${folder}/${fileName}`;
+
+ logger.info(`[LocalStorage] โ
File saved locally: ${fileUrl}`);
+
+ return fileUrl;
+ } catch (error) {
+ logger.error('[LocalStorage] Upload Error:', error);
+ throw new Error('Failed to save file locally');
+ }
+ }
+}
diff --git a/src/shared/lib/services/storage-service/s3-storage.service.ts b/src/shared/lib/services/storage-service/s3-storage.service.ts
new file mode 100644
index 0000000..e16ba66
--- /dev/null
+++ b/src/shared/lib/services/storage-service/s3-storage.service.ts
@@ -0,0 +1,57 @@
+import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3';
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+import { slugifyFilename } from '../../utils/functions';
+import { IStorageService } from './cloudinary-storage.service';
+
+export class S3StorageService implements IStorageService {
+ private s3Client: S3Client;
+ private bucketName: string;
+
+ constructor() {
+ this.s3Client = new S3Client({
+ region: envConfig.AWS_REGION,
+ endpoint: envConfig.AWS_ENDPOINT,
+ credentials: {
+ accessKeyId: envConfig.AWS_ACCESS_KEY_ID,
+ secretAccessKey: envConfig.AWS_SECRET_ACCESS_KEY,
+ },
+ forcePathStyle: true,
+ });
+ this.bucketName = envConfig.AWS_BUCKET_NAME;
+
+ logger.info('โ
Using S3-Compatible Storage Service');
+ logger.info(`๐ชฃ Bucket: ${this.bucketName}`);
+ }
+
+ async uploadFile(file: Express.Multer.File, folder: string = 'uploads'): Promise {
+ try {
+ const safeName = slugifyFilename(file.originalname);
+ const fileName = `${folder}/${Date.now()}-${Math.round(
+ Math.random() * 1e9
+ )}-${safeName}`;
+
+ logger.info(`[S3] Uploading file: ${fileName}`);
+
+ const command = new PutObjectCommand({
+ Bucket: this.bucketName,
+ Key: fileName,
+ Body: file.buffer,
+ ContentType: file.mimetype,
+ ContentDisposition: 'inline',
+ ACL: 'public-read',
+ });
+
+ await this.s3Client.send(command);
+
+ const fileUrl = `${envConfig.AWS_ENDPOINT}/${this.bucketName}/${fileName}`;
+
+ logger.info(`[S3] โ
File uploaded successfully: ${fileUrl}`);
+
+ return fileUrl;
+ } catch (error) {
+ logger.error('[S3] Upload Error:', error);
+ throw new Error('Failed to upload file to S3');
+ }
+ }
+}
diff --git a/src/shared/lib/services/storage-service/storage.service.ts b/src/shared/lib/services/storage-service/storage.service.ts
new file mode 100644
index 0000000..e0ce3c9
--- /dev/null
+++ b/src/shared/lib/services/storage-service/storage.service.ts
@@ -0,0 +1,42 @@
+import { envConfig } from '../../../config/env.config';
+import logger from '../../utils/logger';
+import { IStorageService } from './cloudinary-storage.service';
+import { CloudinaryStorageService } from './cloudinary-storage.service';
+import { S3StorageService } from './s3-storage.service';
+import { LocalStorageService } from './local-storage.service';
+
+export class StorageServiceFactory {
+ static create(): IStorageService {
+ const isProduction = envConfig.NODE_ENV === 'production';
+ const isStaging = process.env.STAGING === 'true' || envConfig.NODE_ENV === 'staging';
+
+ // 1. Production/Staging: Use Cloudinary if configured (Primary)
+ if ((isProduction || isStaging) && envConfig.CLOUDINARY_CLOUD_NAME) {
+ try {
+ logger.info('๐ Initializing Cloudinary Storage Service');
+ return new CloudinaryStorageService();
+ } catch (error) {
+ logger.error('Failed to initialize CloudinaryStorageService, trying S3...', error);
+ }
+ }
+
+ // 2. Fallback: Use S3-compatible storage if Cloudinary not available
+ if ((isProduction || isStaging) && envConfig.AWS_ACCESS_KEY_ID) {
+ try {
+ logger.info('๐ Fallback: Initializing S3 Storage Service');
+ return new S3StorageService();
+ } catch (error) {
+ logger.error(
+ 'Failed to initialize S3StorageService, falling back to LocalStorage',
+ error
+ );
+ }
+ }
+
+ // 3. Development/Fallback: Use Local Storage
+ logger.info('๐ป Development mode: Using Local Storage Service');
+ return new LocalStorageService();
+ }
+}
+
+export const storageService = StorageServiceFactory.create();
diff --git a/src/shared/lib/services/storage.service.ts b/src/shared/lib/services/storage.service.ts
new file mode 100644
index 0000000..7c89f8a
--- /dev/null
+++ b/src/shared/lib/services/storage.service.ts
@@ -0,0 +1,9 @@
+import { storageService } from './storage-service/storage.service';
+import { IStorageService } from './storage-service/cloudinary-storage.service';
+
+// Re-export the new service instance
+export { storageService };
+
+// Re-export the interface as the class name for backward compatibility (if used as type)
+// This allows 'import { StorageService } ...' to still work as a type
+export type StorageService = IStorageService;
diff --git a/src/shared/lib/services/wallet.service.ts b/src/shared/lib/services/wallet.service.ts
new file mode 100644
index 0000000..01af6c9
--- /dev/null
+++ b/src/shared/lib/services/wallet.service.ts
@@ -0,0 +1,425 @@
+import { prisma, Prisma, TransactionType, Transaction, UserFlagType, Wallet } from '../../database';
+import { NotFoundError, BadRequestError, InternalError } from '../utils/api-error';
+import { UserId } from '../../types/query.types';
+import { redisConnection } from '../../config/redis.config';
+import { socketService } from './socket.service';
+import { Decimal } from '@prisma/client/runtime/library';
+
+// --- Interfaces ---
+
+interface FetchTransactionOptions {
+ userId: UserId;
+ page?: number;
+ limit?: number;
+ type?: TransactionType;
+}
+
+/**
+ * Standard options for moving money.
+ * Allows passing external references (from Banks) or custom descriptions.
+ */
+interface TransactionOptions {
+ reference?: string; // Optional: Provide bank ref. If null, we generate one.
+ description?: string; // e.g. "Transfer from John"
+ type?: TransactionType; // DEPOSIT, WITHDRAWAL, TRANSFER, etc.
+ metadata?: any; // Store webhook payload or external details
+ counterpartyId?: string; // Optional: ID of the other party
+ fee?: number; // Optional fee to deduct/record
+}
+
+interface LedgerEntry {
+ userId: string;
+ walletId?: string; // Optional if userId is provided
+ amount: Decimal | number; // Positive for Credit, Negative for Debit
+ type: TransactionType;
+ reference: string;
+ description: string;
+ metadata?: any;
+ counterpartyId?: string;
+ fee?: Decimal | number; // Fee associated with this specific entry (deducted from amount if debit, or separate record?)
+ // Actually, fee is usually a separate ledger entry.
+ // But for simplicity, let's assume this entry is the PRINCIPAL.
+}
+
+export class WalletService {
+ // --- Helpers ---
+
+ private calculateAvailableBalance(
+ balance: Decimal | number,
+ lockedBalance: Decimal | number
+ ): number {
+ return new Decimal(balance).minus(new Decimal(lockedBalance)).toNumber();
+ }
+
+ private getCacheKey(userId: string) {
+ return `wallet:${userId}`;
+ }
+
+ private async invalidateCache(userId: string) {
+ await redisConnection.del(this.getCacheKey(userId));
+ }
+
+ // --- Main Methods ---
+
+ async setUpWallet(userId: string, tx: Prisma.TransactionClient): Promise {
+ try {
+ return await tx.wallet.create({
+ data: {
+ userId,
+ balance: 0.0,
+ lockedBalance: 0.0,
+ // currency: 'NGN' // Ensure schema has this if you added it
+ },
+ });
+ } catch (error) {
+ console.error(`Error creating wallet for user ${userId}:`, error);
+ throw new InternalError('Failed to initialize user wallet system');
+ }
+ }
+
+ async getWalletBalance(userId: UserId) {
+ const cacheKey = this.getCacheKey(userId);
+
+ const cached = await redisConnection.get(cacheKey);
+ if (cached) return JSON.parse(cached);
+
+ const wallet = await prisma.wallet.findUnique({
+ where: { userId },
+ include: { virtualAccount: true },
+ });
+
+ if (!wallet) throw new NotFoundError('Wallet not found');
+
+ const result = {
+ id: wallet.id,
+ balance: Number(wallet.balance),
+ lockedBalance: Number(wallet.lockedBalance),
+ availableBalance: this.calculateAvailableBalance(wallet.balance, wallet.lockedBalance),
+ currency: 'NGN', // Hardcoded for now, or fetch from DB
+ virtualAccount: wallet.virtualAccount
+ ? {
+ accountNumber: wallet.virtualAccount.accountNumber,
+ bankName: wallet.virtualAccount.bankName,
+ accountName: wallet.virtualAccount.accountName,
+ }
+ : null,
+ };
+
+ await redisConnection.set(cacheKey, JSON.stringify(result), 'EX', 30);
+ return result;
+ }
+
+ async getWallet(userId: string): Promise {
+ const wallet = await prisma.wallet.findUnique({
+ where: { userId },
+ include: { virtualAccount: true },
+ });
+
+ if (!wallet) throw new NotFoundError('Wallet not found');
+
+ return {
+ ...wallet,
+ balance: Number(wallet.balance),
+ lockedBalance: Number(wallet.lockedBalance),
+ availableBalance: this.calculateAvailableBalance(wallet.balance, wallet.lockedBalance),
+ };
+ }
+
+ async getTransactions(params: FetchTransactionOptions): Promise {
+ const { userId, page = 1, limit = 20, type } = params;
+ const skip = (page - 1) * limit;
+
+ const where: Prisma.TransactionWhereInput = { userId };
+ if (type) where.type = type;
+
+ const [transactions, total] = await Promise.all([
+ prisma.transaction.findMany({
+ where,
+ skip,
+ take: limit,
+ orderBy: { createdAt: 'desc' },
+ select: {
+ id: true,
+ type: true,
+ amount: true,
+ status: true,
+ reference: true,
+ balanceBefore: true,
+ balanceAfter: true,
+ createdAt: true,
+ metadata: true,
+ description: true,
+ fee: true,
+ counterparty: {
+ select: {
+ id: true,
+ firstName: true,
+ lastName: true,
+ email: true,
+ avatarUrl: true,
+ },
+ },
+ },
+ }),
+ prisma.transaction.count({ where }),
+ ]);
+
+ return {
+ transactions,
+ pagination: {
+ total,
+ page,
+ limit,
+ totalPages: Math.ceil(total / limit),
+ },
+ };
+ }
+
+ async hasSufficientBalance(userId: UserId, amount: number): Promise {
+ try {
+ const wallet = await this.getWalletBalance(userId);
+ return wallet.availableBalance >= amount;
+ } catch (error) {
+ if (error instanceof NotFoundError) return false;
+ throw error;
+ }
+ }
+
+ // ==========================================
+ // CRITICAL: Money Movement Methods
+ // ==========================================
+
+ /**
+ * Process multiple ledger entries atomically.
+ * This is the core engine for all money movement.
+ */
+ async processLedgerEntry(entries: LedgerEntry[]): Promise {
+ return await prisma.$transaction(async tx => {
+ const results = [];
+
+ for (const entry of entries) {
+ const { userId, amount, type, reference, description, metadata, counterpartyId } =
+ entry;
+ const decimalAmount = new Decimal(amount);
+
+ // 1. Get Wallet
+ const wallet = await tx.wallet.findUnique({ where: { userId } });
+ if (!wallet) throw new NotFoundError(`Wallet not found for user ${userId}`);
+
+ // 2. Check Balance (if debit)
+ if (decimalAmount.isNegative()) {
+ const available = new Decimal(wallet.balance).minus(
+ new Decimal(wallet.lockedBalance)
+ );
+ if (available.plus(decimalAmount).isNegative()) {
+ // decimalAmount is negative, so + means -
+ throw new BadRequestError(`Insufficient funds for user ${userId}`);
+ }
+ }
+
+ // 3. Update Balance
+ const updatedWallet = await tx.wallet.update({
+ where: { id: wallet.id },
+ data: { balance: { increment: decimalAmount } },
+ });
+
+ // 4. Create Transaction Record
+ const transaction = await tx.transaction.create({
+ data: {
+ userId,
+ walletId: wallet.id,
+ type,
+ amount: decimalAmount,
+ balanceBefore: wallet.balance,
+ balanceAfter: updatedWallet.balance,
+ status: 'COMPLETED',
+ reference,
+ description,
+ metadata,
+ counterpartyId,
+ fee: entry.fee ? new Decimal(entry.fee) : 0,
+ },
+ });
+
+ results.push(transaction);
+
+ // 5. 30M Guard (For Credits)
+ if (decimalAmount.isPositive()) {
+ const user = await tx.user.findUnique({ where: { id: userId } });
+ if (user) {
+ const newCumulative = new Decimal(user.cumulativeInflow).plus(
+ decimalAmount
+ );
+
+ // Update Cumulative Inflow
+ await tx.user.update({
+ where: { id: userId },
+ data: { cumulativeInflow: newCumulative },
+ });
+
+ // Check Limit
+ if (
+ newCumulative.greaterThan(30000000) && // 30M
+ user.kycLevel !== 'FULL'
+ ) {
+ await tx.user.update({
+ where: { id: userId },
+ data: {
+ flagType: UserFlagType.KYC_LIMIT,
+ flagReason: 'Cumulative inflow limit exceeded (30M)',
+ flaggedAt: new Date(),
+ },
+ });
+ }
+ }
+ }
+ }
+
+ return results;
+ });
+ }
+
+ /**
+ * Credit a wallet (Deposit)
+ * Handles Webhooks (External Ref) and Internal Credits.
+ */
+ async creditWallet(
+ userId: string,
+ amount: number,
+ options: TransactionOptions = {}
+ ): Promise {
+ const { reference, description = 'Credit', type = 'DEPOSIT', metadata = {} } = options;
+
+ const txReference =
+ reference ||
+ `TX-CR-${Date.now()}-${Math.random().toString(36).substring(7).toUpperCase()}`;
+
+ // Use processLedgerEntry for consistency
+ const [transaction] = await this.processLedgerEntry([
+ {
+ userId,
+ amount,
+ type,
+ reference: txReference,
+ description,
+ metadata,
+ counterpartyId: options.counterpartyId,
+ },
+ ]);
+
+ // Post-Transaction
+ await this.invalidateCache(userId);
+
+ // Notify Frontend (Send new balance)
+ const newBalance = await this.getWalletBalance(userId);
+ socketService.emitToUser(userId, 'WALLET_UPDATED', {
+ ...newBalance,
+ message: `Credit Alert: +โฆ${amount.toLocaleString()}`,
+ });
+
+ // Emit Transaction Created Event
+ socketService.emitToUser(userId, 'TRANSACTION_CREATED', transaction);
+
+ return transaction;
+ }
+
+ /**
+ * Debit a wallet (Withdrawal/Transfer)
+ */
+ async debitWallet(
+ userId: string,
+ amount: number,
+ options: TransactionOptions = {}
+ ): Promise {
+ const { reference, description = 'Debit', type = 'WITHDRAWAL', metadata = {} } = options;
+
+ const txReference =
+ reference ||
+ `TX-DR-${Date.now()}-${Math.random().toString(36).substring(7).toUpperCase()}`;
+
+ // Use processLedgerEntry
+ const [transaction] = await this.processLedgerEntry([
+ {
+ userId,
+ amount: -amount, // Negative for debit
+ type,
+ reference: txReference,
+ description,
+ metadata,
+ counterpartyId: options.counterpartyId,
+ },
+ ]);
+
+ // Post-Transaction
+ await this.invalidateCache(userId);
+
+ const newBalance = await this.getWalletBalance(userId);
+ socketService.emitToUser(userId, 'WALLET_UPDATED', {
+ ...newBalance,
+ message: `Debit Alert: -โฆ${amount.toLocaleString()}`,
+ });
+
+ // Emit Transaction Created Event
+ socketService.emitToUser(userId, 'TRANSACTION_CREATED', transaction);
+
+ return transaction;
+ }
+ /**
+ * Lock funds (P2P Escrow)
+ * Moves funds from Available to Locked. Balance remains same.
+ */
+ async lockFunds(userId: string, amount: number): Promise {
+ const result = await prisma.$transaction(async tx => {
+ const wallet = await tx.wallet.findUnique({ where: { userId } });
+ if (!wallet) throw new NotFoundError('Wallet not found');
+
+ const balance = new Decimal(wallet.balance);
+ const locked = new Decimal(wallet.lockedBalance);
+ const available = balance.minus(locked);
+ const decimalAmount = new Decimal(amount);
+
+ if (available.lessThan(decimalAmount)) {
+ throw new BadRequestError('Insufficient funds to lock');
+ }
+
+ // Increment Locked Balance
+ return await tx.wallet.update({
+ where: { id: wallet.id },
+ data: { lockedBalance: { increment: decimalAmount } },
+ });
+ });
+
+ await this.invalidateCache(userId);
+ return result;
+ }
+
+ /**
+ * Unlock funds (P2P Cancel/Release)
+ * Moves funds from Locked back to Available.
+ */
+ async unlockFunds(userId: string, amount: number): Promise {
+ const result = await prisma.$transaction(async tx => {
+ const wallet = await tx.wallet.findUnique({ where: { userId } });
+ if (!wallet) throw new NotFoundError('Wallet not found');
+
+ const locked = new Decimal(wallet.lockedBalance);
+ const decimalAmount = new Decimal(amount);
+
+ if (locked.lessThan(decimalAmount)) {
+ // Should not happen if logic is correct, but safety first
+ throw new BadRequestError('Cannot unlock more than is locked');
+ }
+
+ return await tx.wallet.update({
+ where: { id: wallet.id },
+ data: { lockedBalance: { decrement: decimalAmount } },
+ });
+ });
+
+ await this.invalidateCache(userId);
+ return result;
+ }
+}
+
+export const walletService = new WalletService();
+export default walletService;
diff --git a/src/lib/utils/api-error.ts b/src/shared/lib/utils/api-error.ts
similarity index 77%
rename from src/lib/utils/api-error.ts
rename to src/shared/lib/utils/api-error.ts
index 40407e7..e9f9bea 100644
--- a/src/lib/utils/api-error.ts
+++ b/src/shared/lib/utils/api-error.ts
@@ -1,3 +1,4 @@
+/* eslint-disable no-case-declarations */
import {
Prisma,
PrismaClientInitializationError,
@@ -5,6 +6,7 @@ import {
PrismaClientValidationError,
} from '../../database';
import { HttpStatusCode } from './http-status-codes';
+import logger, { logError } from './logger';
// Base Error Class
export class ApiError extends Error {
@@ -37,12 +39,33 @@ export class ApiError extends Error {
export class BadRequestError extends ApiError {
constructor(message = 'Bad Request', data?: any) {
super(message, HttpStatusCode.BAD_REQUEST, data);
+ logger.warn('[BadRequestError]', {
+ message,
+ statusCode: HttpStatusCode.BAD_REQUEST,
+ data,
+ });
+ }
+}
+
+export class BadGatewayError extends ApiError {
+ constructor(message = 'Bad Gateway', data?: any) {
+ super(message, HttpStatusCode.BAD_GATEWAY, data);
+ logger.warn('[BadGatewayError]', {
+ message,
+ statusCode: HttpStatusCode.BAD_GATEWAY,
+ data,
+ });
}
}
export class UnauthorizedError extends ApiError {
constructor(message = 'Unauthorized access. Please login again.', data?: any) {
super(message, HttpStatusCode.UNAUTHORIZED, data);
+ logger.warn('[UnauthorizedError]', {
+ message,
+ statusCode: HttpStatusCode.UNAUTHORIZED,
+ data,
+ });
}
}
@@ -54,18 +77,33 @@ export class UnauthorizedError extends ApiError {
export class ForbiddenError extends ApiError {
constructor(message = 'Access denied', data?: any) {
super(message, HttpStatusCode.FORBIDDEN, data);
+ logger.warn('[ForbiddenError]', {
+ message,
+ statusCode: HttpStatusCode.FORBIDDEN,
+ data,
+ });
}
}
export class NotFoundError extends ApiError {
constructor(message = 'Resource not found', data?: any) {
super(message, HttpStatusCode.NOT_FOUND, data);
+ logger.warn('[NotFoundError]', {
+ message,
+ statusCode: HttpStatusCode.NOT_FOUND,
+ data,
+ });
}
}
export class ConflictError extends ApiError {
constructor(message = 'Resource already exists', data?: any) {
super(message, HttpStatusCode.CONFLICT, data);
+ logger.warn('[ConflictError]', {
+ message,
+ statusCode: HttpStatusCode.CONFLICT,
+ data,
+ });
}
}
@@ -77,6 +115,11 @@ export class ConflictError extends ApiError {
export class ValidationError extends ApiError {
constructor(message = 'Validation failed', errors?: Record) {
super(message, HttpStatusCode.UNPROCESSABLE_ENTITY, errors);
+ logger.warn('[ValidationError]', {
+ message,
+ statusCode: HttpStatusCode.UNPROCESSABLE_ENTITY,
+ errors,
+ });
}
}
@@ -84,12 +127,24 @@ export class InternalError extends ApiError {
constructor(message = 'Internal Server Error', originalError?: Error) {
// isOperational = false means this is a bug we need to fix
super(originalError || message, HttpStatusCode.INTERNAL_SERVER_ERROR, null, false);
+ logger.warn('[InternalError]', {
+ message,
+ statusCode: HttpStatusCode.INTERNAL_SERVER_ERROR,
+ originalError: originalError?.message,
+ stack: originalError?.stack,
+ });
}
}
export class CorsError extends ApiError {
constructor(message = 'CORS Error', originalError?: Error) {
super(originalError || message, HttpStatusCode.FORBIDDEN, null, false);
+ logger.warn('[CorsError]', {
+ message,
+ statusCode: HttpStatusCode.FORBIDDEN,
+ originalError: originalError?.message,
+ stack: originalError?.stack,
+ });
}
}
diff --git a/src/lib/utils/api-response.ts b/src/shared/lib/utils/api-response.ts
similarity index 100%
rename from src/lib/utils/api-response.ts
rename to src/shared/lib/utils/api-response.ts
diff --git a/src/shared/lib/utils/database.ts b/src/shared/lib/utils/database.ts
new file mode 100644
index 0000000..f0f36ef
--- /dev/null
+++ b/src/shared/lib/utils/database.ts
@@ -0,0 +1,4 @@
+import { prisma, checkDatabaseConnection } from '../../database';
+
+export { prisma, checkDatabaseConnection };
+export default prisma;
diff --git a/src/shared/lib/utils/functions.ts b/src/shared/lib/utils/functions.ts
new file mode 100644
index 0000000..3e72d9f
--- /dev/null
+++ b/src/shared/lib/utils/functions.ts
@@ -0,0 +1,59 @@
+import path from 'path';
+
+export function isEmpty(data: any) {
+ return !data;
+}
+
+export function formatUserInfo(user: any) {
+ const { password: _, wallet, ...userWithoutPassword } = user;
+ return {
+ ...userWithoutPassword,
+ wallet: wallet
+ ? {
+ id: wallet.id,
+ balance: Number(wallet.balance),
+ lockedBalance: Number(wallet.lockedBalance),
+ accountNumber: wallet.virtualAccount?.accountNumber,
+ bankName: wallet.virtualAccount?.bankName,
+ accountName: wallet.virtualAccount?.accountName,
+ }
+ : null,
+ };
+}
+
+/**
+ * Delays the execution of the code for the specified number of seconds.
+ * @param seconds The number of seconds to delay.
+ * @returns A promise that resolves after the specified number of seconds.
+ */
+export function delay(seconds: number) {
+ return new Promise(resolve => setTimeout(resolve, seconds * 1000));
+}
+
+/**
+ * Converts a string into a URL-friendly slug.
+ */
+export const slugify = (text: string): string => {
+ return text
+ .toString()
+ .toLowerCase()
+ .trim()
+ .normalize('NFD')
+ .replace(/[\u0300-\u036f]/g, '')
+ .replace(/\s+/g, '-')
+ .replace(/[^\w-]+/g, '') // This line removes the "." in extensions
+ .replace(/--+/g, '-')
+ .replace(/^-+/, '')
+ .replace(/-+$/, '');
+};
+
+/**
+ * Specifically for files: Slugs the name but preserves the extension.
+ * Example: "My Photo @2025.JPG" -> "my-photo-2025.jpg"
+ */
+export const slugifyFilename = (filename: string): string => {
+ const extension = path.extname(filename); // .jpg
+ const nameOnly = path.basename(filename, extension); // My Photo @2025
+
+ return `${slugify(nameOnly)}${extension.toLowerCase()}`;
+};
diff --git a/src/lib/utils/http-status-codes.ts b/src/shared/lib/utils/http-status-codes.ts
similarity index 92%
rename from src/lib/utils/http-status-codes.ts
rename to src/shared/lib/utils/http-status-codes.ts
index 4d71f20..dca85b8 100644
--- a/src/lib/utils/http-status-codes.ts
+++ b/src/shared/lib/utils/http-status-codes.ts
@@ -1,13 +1,14 @@
export enum HttpStatusCode {
OK = 200,
CREATED = 201,
+ NO_CONTENT = 204,
BAD_REQUEST = 400,
UNAUTHORIZED = 401,
FORBIDDEN = 403,
NOT_FOUND = 404,
CONFLICT = 409,
UNPROCESSABLE_ENTITY = 422,
- INTERNAL_SERVER_ERROR = 500,
SERVICE_UNAVAILABLE = 503,
- NO_CONTENT = 204,
+ INTERNAL_SERVER_ERROR = 500,
+ BAD_GATEWAY = 502,
}
diff --git a/src/lib/utils/jwt-utils.ts b/src/shared/lib/utils/jwt-utils.ts
similarity index 86%
rename from src/lib/utils/jwt-utils.ts
rename to src/shared/lib/utils/jwt-utils.ts
index 5c0eca8..de9183b 100644
--- a/src/lib/utils/jwt-utils.ts
+++ b/src/shared/lib/utils/jwt-utils.ts
@@ -2,19 +2,9 @@ import jwt, { JwtPayload } from 'jsonwebtoken';
import { UnauthorizedError, BadRequestError } from './api-error';
import { envConfig } from '../../config/env.config';
import { User } from '../../database';
+import { type Request } from 'express';
-// Standard payload interface for Access/Refresh tokens
-export interface TokenPayload extends JwtPayload {
- userId: User['id'];
- email?: User['email'];
- role?: string;
-}
-
-// Payload for Password Reset
-export interface ResetTokenPayload extends JwtPayload {
- email: User['email'];
- type: 'reset';
-}
+import { TokenPayload, ResetTokenPayload } from '../../types/auth.types';
export class JwtUtils {
/**
@@ -51,7 +41,7 @@ export class JwtUtils {
static verifyAccessToken(token: string): TokenPayload {
try {
return jwt.verify(token, envConfig.JWT_SECRET) as TokenPayload;
- } catch (error) {
+ } catch {
throw new UnauthorizedError('Invalid or expired access token');
}
}
@@ -62,7 +52,7 @@ export class JwtUtils {
static verifyRefreshToken(token: string): TokenPayload {
try {
return jwt.verify(token, envConfig.JWT_REFRESH_SECRET) as TokenPayload;
- } catch (error) {
+ } catch {
throw new UnauthorizedError('Invalid or expired refresh token');
}
}
@@ -80,7 +70,7 @@ export class JwtUtils {
}
return decoded;
- } catch (error) {
+ } catch {
throw new BadRequestError('Invalid or expired reset token');
}
}
@@ -91,4 +81,12 @@ export class JwtUtils {
static decode(token: string): JwtPayload | null {
return jwt.decode(token) as JwtPayload;
}
+
+ static ensureAuthentication(req: Request) {
+ const user = req.user;
+ if (!user) {
+ throw new UnauthorizedError('No authentication token provided');
+ }
+ return user;
+ }
}
diff --git a/src/lib/utils/logger.ts b/src/shared/lib/utils/logger.ts
similarity index 92%
rename from src/lib/utils/logger.ts
rename to src/shared/lib/utils/logger.ts
index 293b4ff..41c8ae0 100644
--- a/src/lib/utils/logger.ts
+++ b/src/shared/lib/utils/logger.ts
@@ -1,4 +1,5 @@
import winston from 'winston';
+
import DailyRotateFile from 'winston-daily-rotate-file';
import path from 'path';
import util from 'util';
@@ -39,11 +40,17 @@ winston.addColors(logLevels.colors);
* Recursively masks sensitive keys in the log object before writing.
*/
const redactor = winston.format(info => {
- const maskSensitiveData = (obj: any): any => {
+ const maskSensitiveData = (obj: any, seen = new WeakSet(), depth = 0): any => {
if (!obj || typeof obj !== 'object') return obj;
+ if (depth > 10) return '[Depth Limit Exceeded]'; // Prevent deep recursion
+ if (seen.has(obj)) return '[Circular]'; // Prevent circular references
+
+ seen.add(obj);
// Handle Arrays
- if (Array.isArray(obj)) return obj.map(maskSensitiveData);
+ if (Array.isArray(obj)) {
+ return obj.map(item => maskSensitiveData(item, seen, depth + 1));
+ }
// Handle Objects
const newObj: any = {};
@@ -52,7 +59,7 @@ const redactor = winston.format(info => {
if (SENSITIVE_KEYS.includes(key)) {
newObj[key] = '*****'; // Mask the value
} else if (typeof obj[key] === 'object') {
- newObj[key] = maskSensitiveData(obj[key]); // Recurse
+ newObj[key] = maskSensitiveData(obj[key], seen, depth + 1); // Recurse
} else {
newObj[key] = obj[key];
}
diff --git a/src/lib/utils/sensitive-data.ts b/src/shared/lib/utils/sensitive-data.ts
similarity index 93%
rename from src/lib/utils/sensitive-data.ts
rename to src/shared/lib/utils/sensitive-data.ts
index ab0a601..78b3be6 100644
--- a/src/lib/utils/sensitive-data.ts
+++ b/src/shared/lib/utils/sensitive-data.ts
@@ -9,8 +9,8 @@ export const SENSITIVE_KEYS = [
'accessToken',
'refreshToken',
'authorization',
- 'bvn',
- 'nin',
+
+ 'governmentId',
'cardNumber',
'cvv',
'secret',
diff --git a/src/shared/types/auth.types.ts b/src/shared/types/auth.types.ts
new file mode 100644
index 0000000..4ab0aa4
--- /dev/null
+++ b/src/shared/types/auth.types.ts
@@ -0,0 +1,17 @@
+import { JwtPayload } from 'jsonwebtoken';
+import { User, UserRole } from '../database';
+
+// Standard payload interface for Access/Refresh tokens
+export interface TokenPayload extends JwtPayload {
+ userId: User['id'];
+ email?: User['email'];
+ role: UserRole;
+ iat?: number;
+ exp?: number;
+}
+
+// Payload for Password Reset
+export interface ResetTokenPayload extends JwtPayload {
+ email: User['email'];
+ type: 'reset';
+}
diff --git a/src/shared/types/express/index.d.ts b/src/shared/types/express/index.d.ts
new file mode 100644
index 0000000..5ea7c7b
--- /dev/null
+++ b/src/shared/types/express/index.d.ts
@@ -0,0 +1,19 @@
+import { TokenPayload } from '../auth.types';
+
+export {};
+
+declare global {
+ namespace Express {
+ export interface Request {
+ rawBody?: Buffer;
+
+ // Custom User Property
+ user?: TokenPayload;
+
+ // Custom Headers/Metadata
+ deviceId?: string;
+ appVersion?: string;
+ requestId?: string;
+ }
+ }
+}
diff --git a/src/types/query.types.ts b/src/shared/types/query.types.ts
similarity index 100%
rename from src/types/query.types.ts
rename to src/shared/types/query.types.ts
diff --git a/src/test/demo-otp-logging.ts b/src/test/demo-otp-logging.ts
index 8e84037..bd2b94b 100644
--- a/src/test/demo-otp-logging.ts
+++ b/src/test/demo-otp-logging.ts
@@ -3,8 +3,8 @@
* Run with: ts-node src/test/demo-otp-logging.ts
*/
-import { smsService } from '../lib/services/sms.service';
-import { emailService } from '../lib/services/email.service';
+import { smsService } from '../shared/lib/services/sms-service/sms.service';
+import { emailService } from '../shared/lib/services/email-service/email.service';
async function demoOtpLogging() {
console.log('\n๐ฏ Demonstrating OTP Logging in Development/Test Mode\n');
@@ -17,7 +17,7 @@ async function demoOtpLogging() {
// Demo 2: Email OTP
console.log('2๏ธโฃ Sending Email OTP...\n');
- await emailService.sendOtp('user@example.com', '654321');
+ await emailService.sendVerificationEmail('user@example.com', '654321');
console.log('\n');
diff --git a/src/test/integration.setup.ts b/src/test/integration.setup.ts
index 3003ed4..d4121bc 100644
--- a/src/test/integration.setup.ts
+++ b/src/test/integration.setup.ts
@@ -1,5 +1,5 @@
import { execSync } from 'child_process';
-import logger from '../lib/utils/logger';
+import logger from '../shared/lib/utils/logger';
// Global setup for integration tests
export default async function globalSetup() {
diff --git a/src/test/p2p-cancel-ad.test.ts b/src/test/p2p-cancel-ad.test.ts
new file mode 100644
index 0000000..e33f9d3
--- /dev/null
+++ b/src/test/p2p-cancel-ad.test.ts
@@ -0,0 +1,218 @@
+import { P2PAdService } from '../api/modules/p2p/ad/p2p-ad.service';
+import { P2POrderService } from '../api/modules/p2p/order/p2p-order.service';
+import { walletService } from '../shared/lib/services/wallet.service';
+import { prisma, AdType, AdStatus, OrderStatus } from '../shared/database';
+import { P2PPaymentMethodService } from '../api/modules/p2p/payment-method/p2p-payment-method.service';
+import { BadRequestError } from '../shared/lib/utils/api-error';
+
+// Mock Redis before other imports that might use it
+jest.mock('../shared/config/redis.config', () => ({
+ redisConnection: {
+ get: jest.fn().mockResolvedValue(null),
+ set: jest.fn().mockResolvedValue('OK'),
+ del: jest.fn().mockResolvedValue(1),
+ publish: jest.fn().mockResolvedValue(1),
+ },
+}));
+
+// Mock Queue
+jest.mock('../shared/lib/queues/p2p-order.queue', () => ({
+ getQueue: jest.fn().mockReturnValue({
+ add: jest.fn().mockResolvedValue({ id: 'mock-job-id' }),
+ }),
+}));
+
+describe('P2P Ad Cancellation Tests', () => {
+ let maker: any;
+ let taker: any;
+ let paymentMethod: any;
+
+ beforeAll(async () => {
+ // Create Users
+ maker = await prisma.user.create({
+ data: {
+ email: 'maker_cancel@test.com',
+ firstName: 'Maker',
+ lastName: 'User',
+ password: 'hash',
+ phone: '111222',
+ },
+ });
+ taker = await prisma.user.create({
+ data: {
+ email: 'taker_cancel@test.com',
+ firstName: 'Taker',
+ lastName: 'User',
+ password: 'hash',
+ phone: '222333',
+ },
+ });
+
+ // Setup Wallets
+ await walletService.setUpWallet(maker.id, prisma);
+ await walletService.setUpWallet(taker.id, prisma);
+
+ // Fund Maker (1,000,000 NGN)
+ await walletService.creditWallet(maker.id, 1000000);
+
+ // Create Payment Method for Maker (Required for BUY_FX)
+ paymentMethod = await P2PPaymentMethodService.createPaymentMethod(maker.id, {
+ currency: 'USD',
+ bankName: 'Test Bank',
+ accountNumber: '1234567890',
+ accountName: 'Maker User',
+ details: { routingNumber: '123' },
+ });
+ });
+
+ afterAll(async () => {
+ await prisma.p2PChat.deleteMany();
+ await prisma.p2POrder.deleteMany();
+ await prisma.p2PAd.deleteMany();
+ await prisma.p2PPaymentMethod.deleteMany();
+ await prisma.transaction.deleteMany();
+ await prisma.wallet.deleteMany();
+ await prisma.user.deleteMany();
+ await prisma.$disconnect();
+ });
+
+ it('should prevent closing ad with active orders', async () => {
+ // 1. Create Ad (Buy 100 USD @ 1000 NGN). Total NGN Locked: 100,000.
+ const ad = await P2PAdService.createAd(maker.id, {
+ type: AdType.BUY_FX,
+ currency: 'USD',
+ totalAmount: 100,
+ price: 1000,
+ minLimit: 10,
+ maxLimit: 100,
+ paymentMethodId: paymentMethod.id,
+ terms: 'Test terms',
+ });
+
+ // 2. Create Order (50 USD)
+ const order = await P2POrderService.createOrder(taker.id, {
+ adId: ad.id,
+ amount: 50,
+ paymentMethodId: null,
+ });
+
+ // 3. Try to Close Ad -> Should Fail
+ await expect(P2PAdService.closeAd(maker.id, ad.id)).rejects.toThrow(
+ 'Cannot close ad with active orders'
+ );
+
+ // 4. Cancel Order
+ await P2POrderService.cancelOrder(taker.id, order.id);
+
+ // 5. Close Ad -> Should Succeed
+ const closedAd = await P2PAdService.closeAd(maker.id, ad.id);
+ expect(closedAd.status).toBe(AdStatus.CLOSED);
+
+ // 6. Verify Refund
+ // Maker started with 100,000.
+ // Ad locked 100,000.
+ // Order reserved 50,000.
+ // Cancel Order -> 50,000 returned to Ad (remainingAmount = 100).
+ // Close Ad -> 100 * 1000 = 100,000 refunded to Wallet.
+ // Wallet should be 100,000.
+ const makerWallet = await prisma.wallet.findUnique({ where: { userId: maker.id } });
+ expect(Number(makerWallet?.balance)).toBe(1000000);
+ expect(Number(makerWallet?.lockedBalance)).toBe(0);
+ });
+
+ it('should enrich ad details with orders for the owner', async () => {
+ // 1. Create Ad
+ const ad = await P2PAdService.createAd(maker.id, {
+ type: AdType.BUY_FX,
+ currency: 'USD',
+ totalAmount: 100,
+ price: 1000,
+ minLimit: 10,
+ maxLimit: 100,
+ paymentMethodId: paymentMethod.id,
+ terms: 'Test terms',
+ });
+
+ // 2. Create Order
+ const order = await P2POrderService.createOrder(taker.id, {
+ adId: ad.id,
+ amount: 50,
+ paymentMethodId: null,
+ });
+
+ // 3. Get Ads as Maker (Owner)
+ const makerAds = await P2PAdService.getAds({}, maker.id);
+ const enrichedAd = makerAds.find(a => a.id === ad.id);
+
+ expect(enrichedAd).toBeDefined();
+ expect(enrichedAd.orders).toBeDefined();
+ expect(enrichedAd.orders.length).toBe(1);
+ expect(enrichedAd.orders[0].id).toBe(order.id);
+
+ // 4. Get Ads as Taker (Not Owner)
+ const takerAds = await P2PAdService.getAds({}, taker.id);
+ const publicAd = takerAds.find(a => a.id === ad.id);
+
+ expect(publicAd).toBeDefined();
+ expect(publicAd.orders).toBeUndefined();
+
+ // Cleanup
+ await P2POrderService.cancelOrder(taker.id, order.id);
+ await P2PAdService.closeAd(maker.id, ad.id);
+ });
+
+ it('should handle refund if ad is somehow closed (safety net)', async () => {
+ // This test simulates the race condition where ad is closed but order exists.
+ // We have to manually force this state because the service prevents it.
+
+ // 1. Create Ad
+ const ad = await P2PAdService.createAd(maker.id, {
+ type: AdType.BUY_FX,
+ currency: 'USD',
+ totalAmount: 50,
+ price: 1000,
+ minLimit: 10,
+ maxLimit: 50,
+ paymentMethodId: paymentMethod.id,
+ terms: 'Test terms',
+ });
+
+ // 2. Create Order
+ const order = await P2POrderService.createOrder(taker.id, {
+ adId: ad.id,
+ amount: 20,
+ paymentMethodId: null,
+ });
+
+ // 3. Manually Close Ad (Bypass Service Check)
+ await prisma.p2PAd.update({
+ where: { id: ad.id },
+ data: { status: AdStatus.CLOSED, remainingAmount: 0 }, // Simulate refund of remaining
+ });
+ // Note: createOrder locked 50,000 total.
+ // Order took 20,000. Remaining 30,000.
+ // We manually closed ad, but we didn't refund the remaining 30,000 via service.
+ // So let's manually refund the remaining 30,000 to be realistic.
+ await walletService.unlockFunds(maker.id, 30000);
+
+ // Current State:
+ // Maker Wallet: 100,000 - 50,000 (locked) + 30,000 (refunded) = 80,000 available.
+ // Locked Balance: 50,000? No, unlockFunds decrements lockedBalance.
+ // Initial: 100k. Lock 50k. Bal 100k, Locked 50k. Avail 50k.
+ // Refund 30k: Locked 20k. Bal 100k? No.
+ // Wait, lockFunds does NOT deduct balance. It increases lockedBalance.
+ // Available = Balance - LockedBalance.
+ // So: Bal 100k. Locked 50k. Avail 50k.
+ // Refund 30k: Locked 20k. Bal 100k. Avail 80k.
+ // The 20k is locked for the Order.
+
+ // 4. Cancel Order
+ // Should detect Ad is CLOSED and refund the 20k directly to wallet (unlock).
+ await P2POrderService.cancelOrder(taker.id, order.id);
+
+ // 5. Verify
+ const makerWallet = await prisma.wallet.findUnique({ where: { userId: maker.id } });
+ expect(Number(makerWallet?.balance)).toBe(1000000);
+ expect(Number(makerWallet?.lockedBalance)).toBe(0);
+ });
+});
diff --git a/src/test/p2p-concurrency.test.ts b/src/test/p2p-concurrency.test.ts
new file mode 100644
index 0000000..544f8a3
--- /dev/null
+++ b/src/test/p2p-concurrency.test.ts
@@ -0,0 +1,120 @@
+import { P2PAdService } from '../api/modules/p2p/ad/p2p-ad.service';
+import { P2POrderService } from '../api/modules/p2p/order/p2p-order.service';
+import { walletService } from '../shared/lib/services/wallet.service';
+import { prisma, AdType } from '../shared/database';
+import { P2PPaymentMethodService } from '../api/modules/p2p/payment-method/p2p-payment-method.service';
+
+describe('P2P Concurrency Tests', () => {
+ let maker: any;
+ let taker1: any;
+ let taker2: any;
+ let paymentMethod: any;
+
+ beforeAll(async () => {
+ // Create Users
+ maker = await prisma.user.create({
+ data: {
+ email: 'maker@test.com',
+ firstName: 'Maker',
+ lastName: 'User',
+ password: 'hash',
+ phone: '111',
+ },
+ });
+ taker1 = await prisma.user.create({
+ data: {
+ email: 'taker1@test.com',
+ firstName: 'Taker1',
+ lastName: 'User',
+ password: 'hash',
+ phone: '222',
+ },
+ });
+ taker2 = await prisma.user.create({
+ data: {
+ email: 'taker2@test.com',
+ firstName: 'Taker2',
+ lastName: 'User',
+ password: 'hash',
+ phone: '333',
+ },
+ });
+
+ // Setup Wallets
+ await walletService.setUpWallet(maker.id, prisma);
+ await walletService.setUpWallet(taker1.id, prisma);
+ await walletService.setUpWallet(taker2.id, prisma);
+
+ // Fund Maker (100,000 NGN)
+ await walletService.creditWallet(maker.id, 100000);
+
+ // Create Payment Method for Maker (Required for BUY_FX)
+ paymentMethod = await P2PPaymentMethodService.createPaymentMethod(maker.id, {
+ currency: 'USD',
+ bankName: 'Test Bank',
+ accountNumber: '1234567890',
+ accountName: 'Maker User',
+ details: { routingNumber: '123' },
+ });
+ });
+
+ afterAll(async () => {
+ await prisma.p2PChat.deleteMany();
+ await prisma.p2POrder.deleteMany();
+ await prisma.p2PAd.deleteMany();
+ await prisma.p2PPaymentMethod.deleteMany();
+ await prisma.transaction.deleteMany();
+ await prisma.wallet.deleteMany();
+ await prisma.user.deleteMany();
+ await prisma.$disconnect();
+ });
+
+ it('should prevent overselling via concurrent orders', async () => {
+ // 1. Create Ad (Buy 100 USD @ 1000 NGN). Total NGN Locked: 100,000.
+ const ad = await P2PAdService.createAd(maker.id, {
+ type: AdType.BUY_FX,
+ currency: 'USD',
+ totalAmount: 100,
+ price: 1000,
+ minLimit: 10,
+ maxLimit: 100,
+ paymentMethodId: paymentMethod.id,
+ terms: 'Test terms',
+ });
+
+ expect(ad.remainingAmount).toBe(100);
+
+ // 2. Concurrent Orders: Taker1 wants 60, Taker2 wants 60. Total 120 > 100.
+ const orderPromise1 = P2POrderService.createOrder(taker1.id, {
+ adId: ad.id,
+ amount: 60,
+ paymentMethodId: null, // Taker gives FX, Maker gives NGN. Taker doesn't need PM here? Wait, logic says Taker gives FX.
+ // If BUY_FX, Maker WANTS FX. Taker GIVES FX.
+ // Taker needs Maker's details (in Ad).
+ // Taker does NOT need to provide PM in request (unless receiving NGN? No NGN to wallet).
+ // So paymentMethodId: null is fine.
+ });
+
+ const orderPromise2 = P2POrderService.createOrder(taker2.id, {
+ adId: ad.id,
+ amount: 60,
+ paymentMethodId: null,
+ });
+
+ // 3. Execute
+ const results = await Promise.allSettled([orderPromise1, orderPromise2]);
+
+ // 4. Verify
+ const successCount = results.filter(r => r.status === 'fulfilled').length;
+ const failCount = results.filter(r => r.status === 'rejected').length;
+
+ console.log('Results:', results);
+
+ expect(successCount).toBe(1);
+ expect(failCount).toBe(1);
+
+ // 5. Check Ad Remaining Amount
+ const updatedAd = await prisma.p2PAd.findUnique({ where: { id: ad.id } });
+ expect(updatedAd?.remainingAmount).toBe(40); // 100 - 60
+ });
+});
diff --git a/src/test/setup.ts b/src/test/setup.ts
index e880b12..9c79e59 100644
--- a/src/test/setup.ts
+++ b/src/test/setup.ts
@@ -1,5 +1,5 @@
-import prisma from '../lib/utils/database';
-import logger from '../lib/utils/logger';
+import prisma from '../shared/lib/utils/database';
+import logger from '../shared/lib/utils/logger';
jest.setTimeout(30000);
@@ -9,7 +9,7 @@ const isUnitTest = process.env.IS_UNIT_TEST === 'true';
beforeAll(async () => {
// SKIP DB connection for unit tests
- if (isUnitTest) return;
+ if (process.env.IS_UNIT_TEST === 'true') return;
logger.debug(`๐งช Test Environment: ${process.env.NODE_ENV}`);
try {
diff --git a/src/test/utils.ts b/src/test/utils.ts
index 1cd623b..69a2a6f 100644
--- a/src/test/utils.ts
+++ b/src/test/utils.ts
@@ -2,7 +2,7 @@
import { faker } from '@faker-js/faker';
import bcrypt from 'bcryptjs';
import jwt from 'jsonwebtoken';
-import prisma from '../lib/utils/database';
+import prisma from '../shared/lib/utils/database';
export class TestUtils {
static generateUserData(overrides = {}) {
diff --git a/src/types/express.d.ts b/src/types/express.d.ts
deleted file mode 100644
index 304870a..0000000
--- a/src/types/express.d.ts
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Express Type Declarations
- *
- * Extends Express Request interface to include custom properties
- * used throughout the application (user, device info, etc.)
- */
-
-import { TokenPayload } from '../lib/utils/jwt-utils';
-
-declare global {
- namespace Express {
- /**
- * Extended Request interface with custom properties
- */
- interface Request {
- /**
- * Authenticated user information from JWT token
- * Populated by authentication middleware after token verification
- *
- * @example
- * ```typescript
- * router.get('/profile', authenticate, (req, res) => {
- * const userId = req.user.userId;
- * const email = req.user.email;
- * });
- * ```
- */
- user?: TokenPayload;
-
- /**
- * Device ID from mobile app (sent via X-Device-ID header)
- * Used for rate limiting and device fingerprinting
- */
- deviceId?: string;
-
- /**
- * App version from mobile app (sent via X-App-Version header)
- * Used for force update checks
- */
- appVersion?: string;
-
- /**
- * Request ID for tracking and logging
- * Auto-generated or from X-Request-ID header
- */
- requestId?: string;
- }
- }
-}
-
-// This export is required to make this a module
-export {};
diff --git a/src/worker/banking.worker.ts b/src/worker/banking.worker.ts
new file mode 100644
index 0000000..79bcc60
--- /dev/null
+++ b/src/worker/banking.worker.ts
@@ -0,0 +1,88 @@
+import { Worker } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { globusService } from '../shared/lib/services/banking/globus.service';
+import { prisma } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import { socketService } from '../shared/lib/services/socket.service';
+import { BANKING_QUEUE_NAME } from '../shared/lib/queues/banking.queue';
+
+interface CreateAccountJob {
+ userId: string;
+ walletId: string;
+}
+
+export const bankingWorker = new Worker(
+ BANKING_QUEUE_NAME,
+ async job => {
+ const { userId, walletId } = job.data;
+ logger.info(`๐ฆ [BankingWorker] Processing account creation for User: ${userId}`);
+
+ try {
+ // 1. Fetch User
+ const user = await prisma.user.findUnique({ where: { id: userId } });
+ if (!user) {
+ logger.error(`โ User ${userId} not found`);
+ return;
+ }
+
+ // 2. Call Bank API (Globus)
+ if (!user.email || !user.phone) {
+ logger.error(`โ User ${userId} missing email or phone`);
+ return;
+ }
+ const bankDetails = await globusService.generateNuban({
+ ...user,
+ email: user.email,
+ phone: user.phone,
+ });
+
+ // 3. Update Database (Create VirtualAccount)
+ await prisma.virtualAccount.create({
+ data: {
+ walletId: walletId,
+ accountNumber: bankDetails.accountNumber,
+ accountName: bankDetails.accountName,
+ bankName: bankDetails.bankName,
+ provider: bankDetails.provider,
+ },
+ });
+
+ logger.info(`โ
[BankingWorker] Virtual Account Created: ${bankDetails.accountNumber}`);
+
+ // Emit Socket Event
+ socketService.emitToUser(userId, 'WALLET_UPDATED', {
+ virtualAccount: {
+ accountNumber: bankDetails.accountNumber,
+ bankName: bankDetails.bankName,
+ accountName: bankDetails.accountName,
+ },
+ });
+ } catch (error) {
+ logger.error(`โ [BankingWorker] Failed for User ${userId}`, error);
+ throw error; // Triggers retry
+ }
+ },
+ {
+ connection: redisConnection,
+ concurrency: 5, // Process 5 jobs at a time (Rate Limiting)
+ limiter: {
+ max: 10,
+ duration: 1000, // Max 10 jobs per second (Globus API limit)
+ },
+ }
+);
+
+// Handle Worker Errors
+bankingWorker.on('failed', (job, err) => {
+ logger.error(
+ `๐ฅ [BankingWorker] Job ${job?.id} failed attempt ${job?.attemptsMade}: ${err.message}`
+ );
+
+ // Check if this was the last attempt (Dead Letter Logic)
+ if (job && job.attemptsMade >= (job.opts.attempts || 3)) {
+ logger.error(
+ `๐ [DEAD LETTER] Job ${job.id} permanently failed. Manual intervention required.`
+ );
+ logger.error(`๐ Payload: ${JSON.stringify(job.data)}`);
+ }
+});
diff --git a/src/worker/index.ts b/src/worker/index.ts
new file mode 100644
index 0000000..129eb69
--- /dev/null
+++ b/src/worker/index.ts
@@ -0,0 +1,64 @@
+import { transferWorker } from './transfer.worker';
+import { bankingWorker } from './banking.worker';
+import { onboardingWorker } from './onboarding.worker';
+import { notificationWorker } from './notification.worker';
+import { p2pOrderWorker } from './p2p-order.worker';
+import { kycWorker } from './kyc.worker';
+import { p2pAdCleanupWorker } from './p2p-ad-cleanup.worker';
+import { startReconciliationJob } from './reconciliation.job';
+import { initializeQueues, closeQueues } from '../shared/lib/init/service-initializer';
+import logger from '../shared/lib/utils/logger';
+
+/**
+ * Initialize and start all background workers
+ */
+async function startWorkers() {
+ try {
+ logger.info('๐ Initializing worker services...');
+
+ // Initialize all queues first
+ await initializeQueues();
+
+ logger.info('๐ Background Workers Started');
+
+ // Start Cron Jobs
+ startReconciliationJob();
+ } catch (error) {
+ logger.error('โ Failed to start workers:', error);
+ process.exit(1);
+ }
+}
+
+// Start the workers
+startWorkers();
+
+// Keep process alive
+process.on('SIGTERM', async () => {
+ logger.info('SIGTERM received. Closing workers and queues...');
+ await Promise.all([
+ transferWorker.close(),
+ bankingWorker.close(),
+ onboardingWorker.close(),
+ notificationWorker.close(),
+ p2pOrderWorker.close(),
+ kycWorker.close(),
+ p2pAdCleanupWorker.close(),
+ closeQueues(),
+ ]);
+ process.exit(0);
+});
+
+process.on('SIGINT', async () => {
+ logger.info('SIGINT received. Closing workers and queues...');
+ await Promise.all([
+ transferWorker.close(),
+ bankingWorker.close(),
+ onboardingWorker.close(),
+ notificationWorker.close(),
+ p2pOrderWorker.close(),
+ kycWorker.close(),
+ p2pAdCleanupWorker.close(),
+ closeQueues(),
+ ]);
+ process.exit(0);
+});
diff --git a/src/worker/kyc.worker.ts b/src/worker/kyc.worker.ts
new file mode 100644
index 0000000..d1eda86
--- /dev/null
+++ b/src/worker/kyc.worker.ts
@@ -0,0 +1,106 @@
+import { Worker, Job } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import logger from '../shared/lib/utils/logger';
+import { LocalKYCService } from '../api/modules/account/kyc/local-kyc.service';
+import { eventBus, EventType } from '../shared/lib/events/event-bus';
+import { prisma, KycDocumentStatus, KycLevel, KycStatus } from '../shared/database';
+
+const kycService = new LocalKYCService();
+
+export const kycWorker = new Worker(
+ 'kyc-verification',
+ async (job: Job) => {
+ logger.info(`[KYC Worker] Processing job ${job.id} for user ${job.data.userId}`);
+ const { userId, documentType, documentUrl, kycDocumentId, frontUrl, backUrl, selfieUrl } =
+ job.data;
+
+ // Handle unified job which sends frontUrl instead of documentUrl
+ const isUnified = !!frontUrl;
+ let result;
+
+ try {
+ if (isUnified) {
+ // 1a. Call Unified Verification Service
+ result = await kycService.verifyUnified(userId, {
+ frontUrl,
+ backUrl, // Can be undefined, that's fine
+ selfieUrl,
+ documentType,
+ });
+ } else {
+ // 1b. Call Legacy/Single Document Verification
+ if (!documentUrl) {
+ throw new Error(`No document URL provided for job ${job.id}`);
+ }
+ result = await kycService.verifyDocument(userId, documentType, documentUrl);
+ }
+
+ if (result.success) {
+ logger.info(`[KYC Worker] Verification successful for user ${userId}`);
+
+ // 2. Update Database
+ await prisma.kycDocument.update({
+ where: { id: kycDocumentId },
+ data: {
+ status: KycDocumentStatus.APPROVED,
+ metadata: result.data,
+ },
+ });
+
+ // 3. Upgrade User to FULL
+ await prisma.user.update({
+ where: { id: userId },
+ data: {
+ kycLevel: KycLevel.FULL,
+ kycStatus: KycStatus.APPROVED,
+ },
+ });
+
+ // Emit socket event
+ eventBus.publish(EventType.KYC_APPROVED, {
+ userId,
+ level: KycLevel.FULL,
+ timestamp: new Date(),
+ });
+ } else {
+ logger.warn(`[KYC Worker] Verification failed for user ${userId}`);
+ await prisma.kycDocument.update({
+ where: { id: kycDocumentId },
+ data: {
+ status: KycDocumentStatus.REJECTED,
+ rejectionReason: result.error || 'Verification failed',
+ },
+ });
+
+ // Update user status to REJECTED
+ await prisma.user.update({
+ where: { id: userId },
+ data: {
+ kycStatus: KycStatus.REJECTED,
+ },
+ });
+
+ eventBus.publish(EventType.KYC_REJECTED, {
+ userId,
+ reason: result.error || 'Verification failed',
+ timestamp: new Date(),
+ });
+ }
+ } catch (error) {
+ logger.error(`[KYC Worker] Job failed:`, error);
+ throw error;
+ }
+ },
+ {
+ connection: redisConnection,
+ concurrency: 5,
+ }
+);
+
+kycWorker.on('completed', job => {
+ logger.info(`[KYC Worker] Job ${job.id} completed`);
+});
+
+kycWorker.on('failed', (job, err) => {
+ logger.error(`[KYC Worker] Job ${job?.id} failed: ${err.message}`);
+});
diff --git a/src/worker/notification.worker.ts b/src/worker/notification.worker.ts
new file mode 100644
index 0000000..0047ec4
--- /dev/null
+++ b/src/worker/notification.worker.ts
@@ -0,0 +1,97 @@
+import { Worker, Job } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { prisma } from '../shared/database';
+import logger, { logDebug, logError } from '../shared/lib/utils/logger';
+import { Expo, ExpoPushMessage } from 'expo-server-sdk';
+
+const expo = new Expo();
+
+interface NotificationJobData {
+ userId: string;
+ title: string;
+ body: string;
+ data?: any;
+}
+
+const processNotification = async (job: Job) => {
+ const { userId, title, body, data } = job.data;
+ logger.info(`Processing notification for user ${userId}`);
+
+ try {
+ // 1. Get user's push token
+ const user = await prisma.user.findUnique({
+ where: { id: userId },
+ select: { pushToken: true },
+ });
+
+ if (!user || !user.pushToken) {
+ logger.warn(`User ${userId} has no push token. Skipping push notification.`);
+ return;
+ }
+
+ const pushToken = user.pushToken;
+
+ // 2. Check if token is valid
+ if (!Expo.isExpoPushToken(pushToken)) {
+ logger.error(`Push token ${pushToken} is not a valid Expo push token`);
+ return;
+ }
+
+ // 3. Construct message
+ const messages: ExpoPushMessage[] = [
+ {
+ to: pushToken,
+ sound: 'default',
+ title: title,
+ body: body,
+ data: data,
+ },
+ ];
+
+ // 4. Send notification
+ const chunks = expo.chunkPushNotifications(messages);
+
+ for (const chunk of chunks) {
+ try {
+ const tickets = await expo.sendPushNotificationsAsync(chunk);
+ logDebug('Notification sent:', tickets);
+
+ // Process tickets to identify errors
+ tickets.forEach(async ticket => {
+ if (ticket.status === 'error') {
+ if (ticket.details && ticket.details.error === 'DeviceNotRegistered') {
+ // Delete invalid token
+ logDebug(`Token ${pushToken} is invalid, deleting...`);
+ await prisma.user.update({
+ where: { id: userId },
+ data: { pushToken: null },
+ });
+ }
+ }
+ });
+ } catch (error) {
+ logError(error, 'Error sending notification chunk:');
+ }
+ }
+ } catch (error) {
+ logError(error, `Error processing notification for user ${userId}`);
+ throw error;
+ }
+};
+
+export const notificationWorker = new Worker('notification-queue', processNotification, {
+ connection: redisConnection,
+ concurrency: 5,
+ limiter: {
+ max: 50,
+ duration: 1000,
+ },
+});
+
+notificationWorker.on('completed', job => {
+ logger.info(`Notification Job ${job.id} completed`);
+});
+
+notificationWorker.on('failed', (job, err) => {
+ logger.error(`Notification Job ${job?.id} failed`, err);
+});
diff --git a/src/worker/notification/notification.processor.ts b/src/worker/notification/notification.processor.ts
new file mode 100644
index 0000000..28c73a9
--- /dev/null
+++ b/src/worker/notification/notification.processor.ts
@@ -0,0 +1,44 @@
+import { Job } from 'bullmq';
+import { pushNotificationService } from '../../shared/lib/services/notification/push-notification.service';
+import logger from '../../shared/lib/utils/logger';
+import { prisma } from '../../shared/database';
+
+export const notificationProcessor = async (job: Job) => {
+ logger.info(`[NotificationWorker] Processing job ${job.id}: ${job.name}`);
+
+ try {
+ switch (job.name) {
+ case 'send-notification':
+ await handleSendNotification(job.data);
+ break;
+ default:
+ logger.warn(`[NotificationWorker] Unknown job name: ${job.name}`);
+ }
+ } catch (error) {
+ logger.error(`[NotificationWorker] Job ${job.id} failed:`, error);
+ throw error;
+ }
+};
+
+async function handleSendNotification(data: any) {
+ const { userId, title, body, data: notificationData } = data;
+
+ // 1. Fetch user's push token
+ const user = await prisma.user.findUnique({
+ where: { id: userId },
+ select: { pushToken: true },
+ });
+
+ if (!user || !user.pushToken) {
+ logger.warn(`[NotificationWorker] User ${userId} has no push token. Skipping push.`);
+ return;
+ }
+
+ // 2. Send Push Notification
+ await pushNotificationService.sendPushNotifications(
+ [user.pushToken],
+ title,
+ body,
+ notificationData
+ );
+}
diff --git a/src/worker/onboarding.worker.ts b/src/worker/onboarding.worker.ts
new file mode 100644
index 0000000..c718f22
--- /dev/null
+++ b/src/worker/onboarding.worker.ts
@@ -0,0 +1,59 @@
+import { Worker } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { prisma } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import walletService from '../shared/lib/services/wallet.service';
+import { getQueue as getBankingQueue } from '../shared/lib/queues/banking.queue';
+import { ONBOARDING_QUEUE_NAME, SetupWalletJob } from '../shared/lib/queues/onboarding.queue';
+
+export const onboardingWorker = new Worker(
+ ONBOARDING_QUEUE_NAME,
+ async job => {
+ const { userId } = job.data;
+ logger.info(`๐ [OnboardingWorker] Setting up wallet for User: ${userId}`);
+
+ try {
+ // 1. Create Wallet (Idempotent check inside service ideally, or here)
+ // We use a transaction to ensure consistency if we were doing more,
+ // but walletService.setUpWallet is self-contained.
+ // However, we need the walletId to trigger the next step.
+
+ // Check if wallet already exists to be safe (Idempotency)
+ let wallet = await prisma.wallet.findUnique({ where: { userId } });
+
+ if (!wallet) {
+ // We need a transaction client for setUpWallet as per its signature,
+ // but it might be better to allow it to run without one or pass prisma.
+ // Let's check walletService signature. It expects a tx.
+ // We'll wrap in a transaction.
+ wallet = await prisma.$transaction(async tx => {
+ return await walletService.setUpWallet(userId, tx);
+ });
+ logger.info(`โ
[OnboardingWorker] Wallet created for User: ${userId}`);
+ } else {
+ logger.info(`โน๏ธ [OnboardingWorker] Wallet already exists for User: ${userId}`);
+ }
+
+ // 2. Trigger Virtual Account Creation (Chain the job)
+ await getBankingQueue().add('create-virtual-account', {
+ userId: userId,
+ walletId: wallet.id,
+ });
+
+ logger.info(
+ `โก๏ธ [OnboardingWorker] Triggered Virtual Account creation for User: ${userId}`
+ );
+ } catch (error) {
+ logger.error(`โ [OnboardingWorker] Failed setup for User ${userId}`, error);
+ throw error;
+ }
+ },
+ {
+ connection: redisConnection,
+ concurrency: 10,
+ }
+);
+
+onboardingWorker.on('failed', (job, err) => {
+ logger.error(`๐ฅ [OnboardingWorker] Job ${job?.id} failed: ${err.message}`);
+});
diff --git a/src/worker/p2p-ad-cleanup.worker.ts b/src/worker/p2p-ad-cleanup.worker.ts
new file mode 100644
index 0000000..7339944
--- /dev/null
+++ b/src/worker/p2p-ad-cleanup.worker.ts
@@ -0,0 +1,91 @@
+import { Worker, Job } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { prisma, AdStatus } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import { emailService } from '../shared/lib/services/email-service/email.service';
+import { P2P_AD_CLEANUP_QUEUE_NAME } from '../shared/lib/queues/p2p-ad-cleanup.queue';
+
+export const p2pAdCleanupWorker = new Worker(
+ P2P_AD_CLEANUP_QUEUE_NAME,
+ async (job: Job) => {
+ logger.info(`๐งน Processing P2P Ad Cleanup Job: ${job.name}`);
+
+ try {
+ // 1. Close Ads with 0 Remaining Amount
+ const zeroBalanceAds = await prisma.p2PAd.updateMany({
+ where: {
+ status: AdStatus.ACTIVE,
+ remainingAmount: 0,
+ },
+ data: {
+ status: AdStatus.CLOSED,
+ },
+ });
+
+ if (zeroBalanceAds.count > 0) {
+ logger.info(`โ
Closed ${zeroBalanceAds.count} ads with 0 remaining balance.`);
+ }
+
+ // 2. Find "Dust" Ads (Remaining > 0 AND Remaining < MinLimit)
+ // We fetch all active ads with remaining > 0 and filter in memory
+ // Optimization: We could filter by updated recently if we wanted to avoid spam,
+ // but for now we process all to ensure compliance.
+ const activeAds = await prisma.p2PAd.findMany({
+ where: {
+ status: AdStatus.ACTIVE,
+ remainingAmount: {
+ gt: 0,
+ },
+ },
+ include: {
+ user: true,
+ },
+ });
+
+ const dustAds = activeAds.filter(ad => ad.remainingAmount < ad.minLimit);
+
+ if (dustAds.length > 0) {
+ logger.info(`Found ${dustAds.length} dust ads. Sending notifications...`);
+
+ for (const ad of dustAds) {
+ if (ad.user.email) {
+ try {
+ await emailService.sendEmail({
+ to: ad.user.email,
+ subject: 'Action Required: P2P Ad Low Balance',
+ html: `
+ Hello ${ad.user.firstName},
+ Your P2P Ad for ${ad.currency} has a remaining balance of ${ad.remainingAmount}, which is below your minimum limit of ${ad.minLimit}.
+ This means no new orders can be placed on this ad.
+ Please either:
+
+ - Reduce your minimum limit to match the remaining amount.
+ - Cancel/Close the ad.
+
+ Thank you,
SwapLink Team
+ `,
+ });
+ logger.info(
+ `๐ฉ Sent dust warning email to ${ad.user.email} for Ad ${ad.id}`
+ );
+ } catch (emailError) {
+ logger.error(
+ `โ Failed to send email to ${ad.user.email}:`,
+ emailError
+ );
+ }
+ }
+ }
+ }
+
+ logger.info('โ
P2P Ad Cleanup Complete');
+ } catch (error) {
+ logger.error('โ P2P Ad Cleanup Failed:', error);
+ throw error;
+ }
+ },
+ {
+ connection: redisConnection,
+ concurrency: 1,
+ }
+);
diff --git a/src/worker/p2p-order.worker.ts b/src/worker/p2p-order.worker.ts
new file mode 100644
index 0000000..2b76b13
--- /dev/null
+++ b/src/worker/p2p-order.worker.ts
@@ -0,0 +1,282 @@
+import { Worker, Job } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { prisma, OrderStatus, AdType, TransactionType, NotificationType } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import { serviceRevenueService } from '../api/modules/revenue/service-revenue.service';
+import { NotificationService } from '../api/modules/notification/notification.service';
+
+interface OrderJobData {
+ orderId: string;
+}
+
+const processOrderExpiration = async (job: Job) => {
+ const { orderId } = job.data;
+ logger.info(`Checking expiration for order ${orderId}`);
+
+ try {
+ const order = await prisma.p2POrder.findUnique({
+ where: { id: orderId },
+ include: { ad: true },
+ });
+
+ if (!order) {
+ logger.warn(`Order ${orderId} not found during expiration check`);
+ return;
+ }
+
+ if (order.status !== OrderStatus.PENDING) {
+ logger.info(`Order ${orderId} is ${order.status}. No expiration needed.`);
+ return;
+ }
+
+ // Order is PENDING and timed out. Cancel it.
+ logger.info(`Order ${orderId} expired. Cancelling...`);
+
+ await prisma.$transaction(async tx => {
+ // 1. Refund Logic (Replicated from P2POrderService.cancelOrder)
+ if (order.ad.type === AdType.SELL_FX) {
+ // Taker locked funds. Refund Taker.
+ await tx.wallet.update({
+ where: { userId: order.takerId },
+ data: { lockedBalance: { decrement: order.totalNgn } },
+ });
+ } else {
+ // Maker locked funds (in Ad). Return to Ad.
+ await tx.p2PAd.update({
+ where: { id: order.adId },
+ data: { remainingAmount: { increment: order.amount } },
+ });
+ }
+
+ // 2. Update Order Status
+ await tx.p2POrder.update({
+ where: { id: orderId },
+ data: { status: OrderStatus.CANCELLED },
+ });
+ });
+
+ logger.info(`Order ${orderId} cancelled successfully.`);
+
+ // TODO: Emit socket event to notify users?
+ } catch (error) {
+ logger.error(`Error processing expiration for order ${orderId}`, error);
+ throw error;
+ }
+};
+
+const processFundRelease = async (job: Job) => {
+ const { orderId } = job.data;
+ logger.info(`Processing fund release for order ${orderId}`);
+
+ try {
+ // Idempotency Check
+ const existingTx = await prisma.transaction.findFirst({
+ where: { reference: `P2P-DEBIT-${orderId}` },
+ });
+ if (existingTx) {
+ logger.info(`Funds already released for order ${orderId}. Skipping.`);
+ return;
+ }
+
+ await prisma.$transaction(async tx => {
+ const order = await tx.p2POrder.findUnique({
+ where: { id: orderId },
+ include: { ad: true },
+ });
+ if (!order) throw new Error('Order not found');
+
+ // Note: Order status might already be COMPLETED by the API, so we don't check for PAID here strictly.
+ // But we should ensure we are not processing a CANCELLED order.
+ if (order.status === OrderStatus.CANCELLED) {
+ throw new Error('Cannot release funds for cancelled order');
+ }
+
+ // 1. Identify NGN Payer and Receiver
+ const isBuyFx = order.ad.type === AdType.BUY_FX;
+ const payerId = isBuyFx ? order.makerId : order.takerId;
+ const receiverId = isBuyFx ? order.takerId : order.makerId;
+
+ // 2. Get Revenue Wallet
+ const revenueWallet = await serviceRevenueService.getRevenueWallet();
+
+ // 3. Debit Payer (From Locked Balance)
+ await tx.wallet.update({
+ where: { userId: payerId },
+ data: {
+ lockedBalance: { decrement: order.totalNgn },
+ },
+ });
+
+ // 4. Credit Receiver (Total - Fee)
+ await tx.wallet.update({
+ where: { userId: receiverId },
+ data: {
+ balance: { increment: Number(order.receiveAmount) },
+ },
+ });
+
+ // Update User Cumulative Inflow
+ await tx.user.update({
+ where: { id: receiverId },
+ data: {
+ cumulativeInflow: { increment: Number(order.receiveAmount) },
+ },
+ });
+
+ // 5. Credit Revenue (Fee)
+ await tx.wallet.update({
+ where: { id: revenueWallet.id },
+ data: {
+ balance: { increment: order.fee },
+ },
+ });
+
+ // 6. Create Transaction Records with Proper Balance Tracking
+
+ // Fetch wallets with current balances
+ const payerWallet = await tx.wallet.findUniqueOrThrow({
+ where: { userId: payerId },
+ });
+ const receiverWallet = await tx.wallet.findUniqueOrThrow({
+ where: { userId: receiverId },
+ });
+
+ // Calculate balances (after the updates above)
+ const payerBalanceBefore =
+ Number(payerWallet.balance) + Number(payerWallet.lockedBalance);
+ const payerBalanceAfter = Number(payerWallet.balance);
+ const receiverBalanceBefore =
+ Number(receiverWallet.balance) - Number(order.receiveAmount);
+ const receiverBalanceAfter = Number(receiverWallet.balance);
+
+ // Payer Debit Transaction
+ await tx.transaction.create({
+ data: {
+ userId: payerId,
+ walletId: payerWallet.id,
+ type: TransactionType.TRANSFER,
+ amount: -order.totalNgn,
+ balanceBefore: payerBalanceBefore,
+ balanceAfter: payerBalanceAfter,
+ status: 'COMPLETED',
+ reference: `P2P-DEBIT-${order.id}`,
+ description: `P2P ${isBuyFx ? 'Purchase' : 'Sale'}: ${order.amount} ${
+ order.ad.currency
+ } @ โฆ${order.price}/${order.ad.currency}`,
+ metadata: {
+ orderId: order.id,
+ type: isBuyFx ? 'BUY_FX' : 'SELL_FX',
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ rate: order.price,
+ fee: order.fee,
+ counterpartyId: receiverId,
+ },
+ },
+ });
+
+ // Receiver Credit Transaction
+ await tx.transaction.create({
+ data: {
+ userId: receiverId,
+ walletId: receiverWallet.id,
+ type: TransactionType.DEPOSIT,
+ amount: Number(order.receiveAmount),
+ balanceBefore: receiverBalanceBefore,
+ balanceAfter: receiverBalanceAfter,
+ status: 'COMPLETED',
+ reference: `P2P-CREDIT-${order.id}`,
+ description: `P2P ${isBuyFx ? 'Sale' : 'Purchase'}: ${order.amount} ${
+ order.ad.currency
+ } @ โฆ${order.price}/${order.ad.currency} (Fee: โฆ${order.fee})`,
+ metadata: {
+ orderId: order.id,
+ type: isBuyFx ? 'SELL_FX' : 'BUY_FX',
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ rate: order.price,
+ grossAmount: order.totalNgn,
+ fee: order.fee,
+ netAmount: Number(order.receiveAmount),
+ counterpartyId: payerId,
+ },
+ },
+ });
+
+ // Fee Credit (Revenue)
+ await tx.transaction.create({
+ data: {
+ userId: revenueWallet.userId,
+ walletId: revenueWallet.id,
+ type: TransactionType.FEE,
+ amount: order.fee,
+ balanceBefore: 0,
+ balanceAfter: 0,
+ status: 'COMPLETED',
+ reference: `P2P-FEE-${order.id}`,
+ description: `P2P Transaction Fee: Order #${order.id.slice(0, 8)}`,
+ metadata: {
+ orderId: order.id,
+ currency: order.ad.currency,
+ fxAmount: order.amount,
+ },
+ },
+ });
+
+ // 7. Update Order Status to COMPLETED
+ await tx.p2POrder.update({
+ where: { id: orderId },
+ data: {
+ status: OrderStatus.COMPLETED,
+ completedAt: new Date(),
+ },
+ });
+ });
+
+ logger.info(`Funds released successfully for order ${orderId}`);
+
+ // Notify Users
+ const order = await prisma.p2POrder.findUnique({
+ where: { id: orderId },
+ include: { ad: true },
+ });
+ if (order) {
+ const isBuyFx = order.ad.type === AdType.BUY_FX;
+ const receiverId = isBuyFx ? order.takerId : order.makerId;
+
+ await NotificationService.sendToUser(
+ receiverId,
+ 'Funds Released',
+ `You have received NGN ${order.receiveAmount} for Order #${order.id.slice(0, 8)}.`,
+ { orderId: order.id },
+ NotificationType.TRANSACTION
+ );
+ }
+ } catch (error) {
+ logger.error(`Error processing fund release for order ${orderId}`, error);
+ throw error;
+ }
+};
+
+export const p2pOrderWorker = new Worker(
+ 'p2p-order-queue',
+ async job => {
+ if (job.name === 'order-timeout') {
+ return await processOrderExpiration(job);
+ } else if (job.name === 'release-funds') {
+ return await processFundRelease(job);
+ }
+ },
+ {
+ connection: redisConnection,
+ concurrency: 5,
+ }
+);
+
+p2pOrderWorker.on('completed', job => {
+ logger.info(`P2P Order Job ${job.id} (${job.name}) completed`);
+});
+
+p2pOrderWorker.on('failed', (job, err) => {
+ logger.error(`P2P Order Job ${job?.id} (${job?.name}) failed`, err);
+});
diff --git a/src/worker/reconciliation.job.ts b/src/worker/reconciliation.job.ts
new file mode 100644
index 0000000..79b2709
--- /dev/null
+++ b/src/worker/reconciliation.job.ts
@@ -0,0 +1,151 @@
+import cron from 'node-cron';
+import { prisma, TransactionStatus } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import { globusService } from '../shared/lib/services/banking/globus.service';
+import { getQueue as getP2PAdCleanupQueue } from '../shared/lib/queues/p2p-ad-cleanup.queue';
+
+/**
+ * 1. Stuck Transaction Requery (Every 5 minutes)
+ * Checks for PENDING transactions older than 10 minutes.
+ */
+const startTransactionReconciliation = () => {
+ cron.schedule('*/5 * * * *', async () => {
+ logger.info('Running Stuck Transaction Reconciliation...');
+
+ try {
+ const tenMinutesAgo = new Date(Date.now() - 10 * 60 * 1000);
+ const pendingTransactions = await prisma.transaction.findMany({
+ where: {
+ status: TransactionStatus.PENDING,
+ createdAt: { lt: tenMinutesAgo },
+ },
+ include: { wallet: true },
+ });
+
+ if (pendingTransactions.length === 0) return;
+
+ logger.info(`Found ${pendingTransactions.length} stuck transactions.`);
+
+ for (const tx of pendingTransactions) {
+ try {
+ // Call Globus Requery
+ const statusResponse = await globusService.getTransactionStatus(tx.reference);
+
+ if (
+ statusResponse.status === 'COMPLETED' ||
+ statusResponse.status === 'SUCCESSFUL'
+ ) {
+ // Mark as Success
+ await prisma.transaction.update({
+ where: { id: tx.id },
+ data: {
+ status: TransactionStatus.COMPLETED,
+ sessionId: statusResponse.sessionId || `RECON-${Date.now()}`,
+ },
+ });
+ logger.info(`Transaction ${tx.id} reconciled: COMPLETED`);
+ } else if (statusResponse.status === 'FAILED') {
+ // Mark as Failed and Refund
+ await prisma.$transaction(async prismaTx => {
+ await prismaTx.transaction.update({
+ where: { id: tx.id },
+ data: {
+ status: TransactionStatus.FAILED,
+ metadata: {
+ ...(tx.metadata as object),
+ failureReason: 'Reconciliation: Provider Failed',
+ },
+ },
+ });
+
+ await prismaTx.wallet.update({
+ where: { id: tx.walletId },
+ data: { balance: { increment: Math.abs(Number(tx.amount)) } },
+ });
+ });
+ logger.info(`Transaction ${tx.id} reconciled: FAILED (Refunded)`);
+ } else {
+ logger.info(`Transaction ${tx.id} still PENDING at provider.`);
+ }
+ } catch (error) {
+ logger.error(`Failed to reconcile transaction ${tx.id}`, error);
+ }
+ }
+ } catch (error) {
+ logger.error('Error in Stuck Transaction Reconciliation', error);
+ }
+ });
+};
+
+/**
+ * 2. Daily Reconciliation (Every day at 00:00)
+ * Compares Globus Statement with Local Transactions.
+ */
+const startDailyReconciliation = () => {
+ cron.schedule('0 0 * * *', async () => {
+ logger.info('Running Daily Reconciliation...');
+
+ try {
+ const yesterday = new Date();
+ yesterday.setDate(yesterday.getDate() - 1);
+ yesterday.setHours(0, 0, 0, 0);
+
+ const today = new Date();
+ today.setHours(0, 0, 0, 0);
+
+ // Fetch External Statement
+ const statement = await globusService.getStatement(yesterday, today);
+
+ // Fetch Local Transactions for the same period
+ const localTransactions = await prisma.transaction.findMany({
+ where: {
+ createdAt: { gte: yesterday, lt: today },
+ status: TransactionStatus.COMPLETED,
+ },
+ });
+
+ // Compare
+ // This is a simplified logic. In reality, we match by Reference or Session ID.
+ const localTotal = localTransactions.reduce((sum, tx) => sum + Number(tx.amount), 0);
+
+ // Mock statement structure for now since getStatement returns any
+ const externalTotal = statement.reduce(
+ (sum: number, tx: any) => sum + Number(tx.amount),
+ 0
+ );
+
+ if (Math.abs(localTotal - externalTotal) > 1) {
+ // Allow small float diff
+ logger.error(
+ `๐จ DISCREPANCY DETECTED! Local: ${localTotal}, External: ${externalTotal}`
+ );
+ // TODO: Create AlertLog or Notify Admin
+ } else {
+ logger.info('Daily Reconciliation Successful: No discrepancies.');
+ }
+ } catch (error) {
+ logger.error('Error in Daily Reconciliation', error);
+ }
+ });
+};
+
+/**
+ * 3. P2P Ad Cleanup (Every Hour)
+ * Closes 0 balance ads and notifies dust ads.
+ */
+const startP2PAdCleanupJob = () => {
+ cron.schedule('0 * * * *', async () => {
+ logger.info('Running P2P Ad Cleanup Job...');
+ try {
+ await getP2PAdCleanupQueue().add('cleanup-ads', {});
+ } catch (error) {
+ logger.error('Error triggering P2P Ad Cleanup Job', error);
+ }
+ });
+};
+
+export const startReconciliationJob = () => {
+ startTransactionReconciliation();
+ startDailyReconciliation();
+ startP2PAdCleanupJob();
+};
diff --git a/src/worker/transfer.worker.ts b/src/worker/transfer.worker.ts
new file mode 100644
index 0000000..5210954
--- /dev/null
+++ b/src/worker/transfer.worker.ts
@@ -0,0 +1,259 @@
+import { Worker, Job } from 'bullmq';
+import { redisConnection } from '../shared/config/redis.config';
+import { globusService } from '../shared/lib/services/banking/globus.service';
+import { prisma, TransactionStatus, TransactionType, NotificationType } from '../shared/database';
+import logger from '../shared/lib/utils/logger';
+import { socketService } from '../shared/lib/services/socket.service';
+import { walletService } from '../shared/lib/services/wallet.service';
+import { NotificationService } from '../api/modules/notification/notification.service';
+
+interface TransferJobData {
+ transactionId: string;
+ destination: {
+ accountName: string;
+ bankName: string;
+ };
+ amount: number;
+ narration?: string;
+}
+
+const processTransfer = async (job: Job) => {
+ const { transactionId } = job.data;
+ logger.info(`Processing external transfer for transaction ${transactionId}`);
+
+ try {
+ // 1. Fetch Transaction
+ const transaction = await prisma.transaction.findUnique({
+ where: { id: transactionId },
+ include: { wallet: true },
+ });
+
+ if (!transaction) {
+ throw new Error(`Transaction ${transactionId} not found`);
+ }
+
+ if (transaction.status !== TransactionStatus.PENDING) {
+ logger.warn(`Transaction ${transactionId} is not PENDING. Skipping.`);
+ return;
+ }
+
+ // 2. Call External API (Globus)
+ // We use the globusService to initiate the transfer
+ // If it fails, it throws. We catch and decide whether to retry or reverse.
+
+ let transferResponse;
+ try {
+ transferResponse = await globusService.transferFunds({
+ amount: Math.abs(Number(transaction.amount)), // Ensure positive number
+ destinationAccount: transaction.destinationAccount!,
+ destinationBankCode: transaction.destinationBankCode!,
+ destinationName: transaction.destinationName!,
+ narration: transaction.description || 'Transfer',
+ reference: transaction.reference,
+ });
+ } catch (error: any) {
+ logger.error(`Globus Transfer Failed for ${transactionId}`, error);
+
+ // Determine if we should reverse immediately (Non-Retryable)
+ // For now, we'll let BullMQ retry a few times.
+ // If we want to fail fast on specific errors (e.g. "Insufficient Funds"), we can check error message.
+ // If (error.response?.data?.code === 'INSUFFICIENT_FUNDS') throw new UnrecoverableError(...)
+
+ throw error; // Let BullMQ handle retries
+ }
+
+ // 3. Handle Success
+ await prisma.transaction.update({
+ where: { id: transactionId },
+ data: {
+ status: TransactionStatus.COMPLETED,
+ sessionId: transferResponse.sessionId || `SESSION-${Date.now()}`,
+ },
+ });
+ logger.info(`Transfer ${transactionId} completed successfully`);
+
+ // Emit Socket Event
+ const newBalance = await walletService.getWalletBalance(transaction.userId);
+ socketService.emitToUser(transaction.userId, 'WALLET_UPDATED', {
+ ...newBalance,
+ message: `Transfer Completed`,
+ sender: { name: 'System', id: 'SYSTEM' },
+ });
+
+ // Send Push Notification
+ await NotificationService.sendToUser(
+ transaction.userId,
+ 'Transfer Successful',
+ `Your transfer of โฆ${Math.abs(
+ Number(transaction.amount)
+ ).toLocaleString()} was successful.`,
+ {
+ transactionId: transaction.id,
+ type: 'TRANSFER_SUCCESS',
+ sender: { name: 'System', id: 'SYSTEM' },
+ },
+ NotificationType.TRANSACTION
+ );
+ } catch (error) {
+ logger.error(`Error processing transfer ${transactionId}`, error);
+ throw error;
+ }
+};
+
+// Handle Failed Jobs (After Retries)
+const handleFailedJob = async (job: Job | undefined, err: Error) => {
+ if (!job) return;
+
+ logger.error(`Job ${job.id} failed: ${err.message}`);
+
+ // Check if this was the last attempt
+ if (job.attemptsMade >= (job.opts.attempts || 5)) {
+ logger.error(`๐ Job ${job.id} permanently failed. Executing Reversal.`);
+ const { transactionId } = job.data;
+
+ try {
+ const transaction = await prisma.transaction.findUnique({
+ where: { id: transactionId },
+ });
+
+ if (!transaction || transaction.status !== TransactionStatus.PENDING) {
+ logger.warn(`Transaction ${transactionId} not eligible for reversal.`);
+ return;
+ }
+
+ // Execute Reversal Logic
+ await prisma.$transaction(async tx => {
+ // 1. Mark Principal as FAILED
+ await tx.transaction.update({
+ where: { id: transactionId },
+ data: {
+ status: TransactionStatus.FAILED,
+ metadata: {
+ ...(transaction.metadata as object),
+ failureReason: err.message,
+ },
+ },
+ });
+
+ // 2. Reverse Principal (Credit User)
+ await tx.transaction.create({
+ data: {
+ userId: transaction.userId,
+ walletId: transaction.walletId,
+ type: TransactionType.REVERSAL,
+ amount: Math.abs(Number(transaction.amount)),
+ balanceBefore: 0, // Not accurate inside transaction, but acceptable for log
+ balanceAfter: 0,
+ status: TransactionStatus.COMPLETED,
+ reference: `REV-${transactionId}`,
+ description: `Reversal for ${transaction.reference}`,
+ metadata: { originalTransactionId: transactionId },
+ },
+ });
+
+ await tx.wallet.update({
+ where: { id: transaction.walletId },
+ data: { balance: { increment: Math.abs(Number(transaction.amount)) } },
+ });
+
+ // 3. Reverse Fee (if linked)
+ const metadata = transaction.metadata as any;
+ if (metadata?.feeTransactionId) {
+ const feeTx = await tx.transaction.findUnique({
+ where: { id: metadata.feeTransactionId },
+ });
+ if (feeTx) {
+ // Mark Fee as FAILED (or REVERSED?)
+ // Usually we create a REVERSAL for the fee too.
+ await tx.transaction.create({
+ data: {
+ userId: transaction.userId,
+ walletId: transaction.walletId,
+ type: TransactionType.REVERSAL, // Or FEE_REVERSAL
+ amount: Math.abs(Number(feeTx.amount)),
+ balanceBefore: 0,
+ balanceAfter: 0,
+ status: TransactionStatus.COMPLETED,
+ reference: `REV-${feeTx.reference}`,
+ description: `Fee Reversal for ${transaction.reference}`,
+ metadata: { originalTransactionId: feeTx.id },
+ },
+ });
+
+ await tx.wallet.update({
+ where: { id: transaction.walletId },
+ data: { balance: { increment: Math.abs(Number(feeTx.amount)) } },
+ });
+ }
+ }
+
+ // 4. Reverse Revenue (Debit Revenue Wallet)
+ if (metadata?.revenueTransactionId) {
+ const revenueTx = await tx.transaction.findUnique({
+ where: { id: metadata.revenueTransactionId },
+ });
+ if (revenueTx) {
+ // Create Debit for Revenue
+ await tx.transaction.create({
+ data: {
+ userId: revenueTx.userId,
+ walletId: revenueTx.walletId,
+ type: TransactionType.REVERSAL,
+ amount: -Math.abs(Number(revenueTx.amount)), // Debit
+ balanceBefore: 0,
+ balanceAfter: 0,
+ status: TransactionStatus.COMPLETED,
+ reference: `REV-${revenueTx.reference}`,
+ description: `Revenue Reversal for ${transaction.reference}`,
+ metadata: { originalTransactionId: revenueTx.id },
+ },
+ });
+
+ await tx.wallet.update({
+ where: { id: revenueTx.walletId },
+ data: { balance: { decrement: Math.abs(Number(revenueTx.amount)) } },
+ });
+ }
+ }
+ });
+
+ // Notify User
+ await NotificationService.sendToUser(
+ transaction.userId,
+ 'Transfer Failed',
+ `Your transfer of โฆ${Math.abs(
+ Number(transaction.amount)
+ ).toLocaleString()} failed and has been reversed.`,
+ {
+ transactionId: transaction.id,
+ type: 'TRANSFER_FAILED',
+ },
+ NotificationType.TRANSACTION
+ );
+
+ // Emit Socket Event
+ const newBalance = await walletService.getWalletBalance(transaction.userId);
+ socketService.emitToUser(transaction.userId, 'WALLET_UPDATED', {
+ ...newBalance,
+ message: `Transfer Failed: Reversal Processed`,
+ });
+ } catch (reversalError) {
+ logger.error(`Failed to reverse transaction ${transactionId}`, reversalError);
+ }
+ }
+};
+
+export const transferWorker = new Worker('transfer-queue', processTransfer, {
+ connection: redisConnection,
+ concurrency: 5, // Process 5 jobs concurrently
+ limiter: {
+ max: 10, // Max 10 jobs
+ duration: 1000, // per 1 second
+ },
+});
+
+transferWorker.on('completed', job => {
+ logger.info(`Job ${job.id} completed`);
+});
+
+transferWorker.on('failed', handleFailedJob);
diff --git a/tsconfig.json b/tsconfig.json
index 0c3348f..c950c53 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -12,8 +12,11 @@
"resolveJsonModule": true,
"declaration": true,
"declarationMap": true,
- "sourceMap": true
+ "sourceMap": true,
+ "typeRoots": ["./src/shared/types", "./node_modules/@types"],
+ "experimentalDecorators": true,
+ "emitDecoratorMetadata": true
},
- "include": ["src/**/*", "src/modules/.gitkeep"],
- "exclude": ["node_modules", "dist"]
+ "include": ["src/**/*"],
+ "exclude": ["node_modules", "dist", "**/*.test.ts", "**/*.spec.ts", "**/__tests__"]
}