chamomind/elearning
7
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages 3 Wiki Activity Actions

refactor: Update deactivateAccount to accept user ID directly instead of a JWT token.

Browse source
This commit is contained in:
JakkrapartXD 2026-01-16 11:20:42 +07:00
parent 8960e90dbd
commit bca2cc944e
1 changed files with 2 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Backend/src/services/usermanagement.service.ts
View file

@ -104,15 +104,11 @@ export class UserManagementService {
} }
} }
async deactivateAccount(token: string): Promise<DeactivateAccountResponse> { async deactivateAccount(id: number): Promise<DeactivateAccountResponse> {
try { try {
// Decode JWT token to get user ID const user = await prisma.user.findUnique({ where: { id } });
const decoded = jwt.verify(token, config.jwt.secret) as { id: number; username: string; email: string; roleCode: string };
const user = await prisma.user.findUnique({ where: { id: decoded.id } });
if (!user) throw new UnauthorizedError('User not found'); if (!user) throw new UnauthorizedError('User not found');
// Check if account is already deactivated
if (user.is_deactivated) { if (user.is_deactivated) {
logger.warn('Deactivate attempt with deactivated account', { userId: user.id }); logger.warn('Deactivate attempt with deactivated account', { userId: user.id });
throw new ForbiddenError('This account has already been deactivated'); throw new ForbiddenError('This account has already been deactivated');