@@ -90,6 +90,15 @@ describe("IdentityLinkingController", () => {
|
||||
});
|
||||
|
||||
describe("POST /identity/verify", () => {
|
||||
it("should have AuthGuard and Throttle decorators applied", () => {
|
||||
// Verify that the endpoint has proper guards and rate limiting
|
||||
const verifyMetadata = Reflect.getMetadata(
|
||||
"__guards__",
|
||||
IdentityLinkingController.prototype.verifyIdentity
|
||||
);
|
||||
expect(verifyMetadata).toBeDefined();
|
||||
});
|
||||
|
||||
it("should verify identity with valid request", async () => {
|
||||
const dto: VerifyIdentityDto = {
|
||||
localUserId: "local-user-id",
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
*/
|
||||
|
||||
import { Controller, Post, Get, Patch, Delete, Body, Param, UseGuards } from "@nestjs/common";
|
||||
import { Throttle } from "@nestjs/throttler";
|
||||
import { AuthGuard } from "../auth/guards/auth.guard";
|
||||
import { IdentityLinkingService } from "./identity-linking.service";
|
||||
import { IdentityResolutionService } from "./identity-resolution.service";
|
||||
@@ -45,8 +46,11 @@ export class IdentityLinkingController {
|
||||
*
|
||||
* Verify a user's identity from a remote instance.
|
||||
* Validates signature and OIDC token.
|
||||
* Rate limit: "strict" tier (10 req/min) - public endpoint requiring authentication
|
||||
*/
|
||||
@Post("verify")
|
||||
@UseGuards(AuthGuard)
|
||||
@Throttle({ strict: { limit: 10, ttl: 60000 } })
|
||||
async verifyIdentity(@Body() dto: VerifyIdentityDto): Promise<IdentityVerificationResponse> {
|
||||
return this.identityLinkingService.verifyIdentity(dto);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user