- Added comprehensive validation for user data during registration and updates, including email format, company code existence, user type validation, and password length checks.
- Implemented JWT token invalidation for users when their status changes or when roles are updated, ensuring security and compliance with the latest policies.
- Introduced a new TokenInvalidationService to manage token versioning and invalidation processes efficiently.
- Updated the admin controller to provide detailed error messages and success responses for user status changes and validations.
- Enhanced the authentication middleware to check token versions against the database, ensuring that invalidated tokens cannot be used.
This commit improves the overall security and user management experience within the application.
- Integrated express-async-errors to automatically handle errors in async route handlers, enhancing the overall error management in the application.
- Updated app.ts to include the express-async-errors import for global error handling.
- Removed redundant logging statements in admin and user menu retrieval functions to streamline the code and improve readability.
- Adjusted logging levels from info to debug for less critical logs, ensuring that important information is logged appropriately without cluttering the logs.
kjs
DDD1542
leeheejin