feat: securely handle incoming password payloads for development

[GHkrishna]

What

• Add capability to use unencrypted password, during signup and login

Summary by CodeRabbit

• New Features
  • Added an optional flag to indicate whether a password is already encrypted for registration and login.
  • The system now encrypts plain-text passwords automatically when the flag indicates they are not encrypted.
  • Authentication flows accept both pre-encrypted and unencrypted passwords based on the flag.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 06ad3f10-d3a8-48a7-8aa2-50f387e30f04

📥 Commits

Reviewing files that changed from the base of the PR and between 7629086 and 39157bc.

📒 Files selected for processing (1)

• apps/api-gateway/src/user/dto/add-user.dto.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/api-gateway/src/user/dto/add-user.dto.ts

---

📝 Walkthrough

Walkthrough

Adds an optional isPasswordEncrypted flag to user DTOs and applies conditional encryption via commonService.dataEncryption(...) in AuthzController for addUserDetails and login when passwords are supplied and not marked encrypted.

Changes

Cohort / File(s)	Summary
DTOs apps/api-gateway/src/user/dto/add-user.dto.ts, apps/api-gateway/src/user/dto/login-user.dto.ts	Added optional boolean isPasswordEncrypted?: boolean = true with @ApiPropertyOptional, @IsOptional(), and @IsBoolean() to both DTOs; formatting/indentation adjusted.
Controller apps/api-gateway/src/authz/authz.controller.ts	In addUserDetails and login, encrypts password via this.commonService.dataEncryption(...) when isPasswordEncrypted is falsy and a non-empty password is provided, before calling service methods.

Sequence Diagram

sequenceDiagram
    participant Client
    participant AuthzController
    participant CommonService
    participant AuthzService

    Client->>AuthzController: addUserDetails(userInfo) / login(loginUserDto)
    Note over AuthzController: if password exists && !isPasswordEncrypted
    AuthzController->>CommonService: dataEncryption(password)
    CommonService-->>AuthzController: encryptedPassword
    Note over AuthzController: replace password with encryptedPassword
    AuthzController->>AuthzService: addUserDetails(userInfo) / login(clientInfo, email, password)
    AuthzService-->>AuthzController: serviceResponse
    AuthzController-->>Client: serviceResponse

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰🔐 I nibble code at break of dawn,

I wrap each secret, dusk to morn.
With a twitch and little hop, I send
encrypted carrots to every friend.
Hooray — safe logins, hop and grin!

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding password encryption handling for incoming payloads in signup/login flows. It reflects the core functionality added across the controller and DTO files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/login-signup-unencrypted-password

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/api-gateway/src/authz/authz.service.ts`:
- Around line 54-62: The login method in authz.service.ts is publishing raw
plaintext passwords in the NATS payload via natsClient.sendNatsMessage to the
'user-holder-login' subject; instead, before calling sendNatsMessage in
AuthzService.login, stop forwarding the plain password when isPasswordEncrypted
is false and re-wrap it at the gateway (for example: encrypt/nonce-wrap or
exchange the plaintext for a short-lived gateway-issued token or hashed value)
and include that wrapped value in the payload instead of the raw password;
update the payload construction around payload = { email, password, ... } and
the call to this.natsClient.sendNatsMessage(this.authServiceProxy,
'user-holder-login', payload) so downstream consumers never see the plaintext
while preserving isPasswordEncrypted/isPasskey flags.

In `@apps/api-gateway/src/user/dto/add-user.dto.ts`:
- Around line 43-47: Remove the exposed plaintext-password flag from the DTO:
delete the isPasswordEncrypted property (remove `@ApiPropertyOptional`,
`@Transform`, `@IsOptional`, `@IsBoolean` and the isPasswordEncrypted?: boolean
declaration) so the API no longer accepts or documents this field; instead,
ensure the gateway/signup code that previously relied on isPasswordEncrypted
always treats incoming passwords as encrypted (or performs server-side
normalization/encryption before calling the internal add-user flow) so no
plaintext password mode is propagated to downstream code (search for usages of
isPasswordEncrypted in signup handlers and the add-user flow and remove/replace
them with a server-side normalization step).

In `@apps/user/src/user.service.ts`:
- Around line 335-337: The current conditional that sets decryptedPassword uses
a truthy check on userInfo.isPasswordEncrypted which treats an omitted field as
false and changes legacy behavior; update the logic in the signup flow where
decryptedPassword is computed to use a nullish-coalescing default (e.g.,
userInfo.isPasswordEncrypted ?? true) so an undefined value still triggers
this.commonService.decryptPassword(userInfo.password) when appropriate; locate
the assignment computing decryptedPassword in user.service (the line using
this.commonService.decryptPassword) and replace the truthiness check with the
nullish-coalescing check to match the behavior used in login().

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5f234678-59e5-49b1-88a6-fa5a9171f5b2

📥 Commits

Reviewing files that changed from the base of the PR and between ff37552 and 52ecc15.

📒 Files selected for processing (7)

• apps/api-gateway/src/authz/authz.controller.ts
• apps/api-gateway/src/authz/authz.service.ts
• apps/api-gateway/src/user/dto/add-user.dto.ts
• apps/api-gateway/src/user/dto/login-user.dto.ts
• apps/user/dtos/login-user.dto.ts
• apps/user/interfaces/user.interface.ts
• apps/user/src/user.service.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/user/src/user.service.ts`:
- Around line 335-338: Normalize userInfo.password before splitting into passkey
vs non-passkey flow: compute a single plainPassword (e.g., use the existing
isPasswordEncrypted check and call this.commonService.decryptPassword only if
needed) and then use that plainPassword in both the passkey branch and the
non-passkey branch instead of calling decrypt inside only one branch; update
references to decryptedPassword/userInfo.password in the passkey handling code
so it stores/uses the normalized plainPassword and avoid decrypting plaintext
when isPasswordEncrypted is false.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ca935849-be9b-44aa-b6f1-a8b3899e1286

📥 Commits

Reviewing files that changed from the base of the PR and between 52ecc15 and 186a36c.

📒 Files selected for processing (1)

• apps/user/src/user.service.ts

[GHkrishna]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

apps/api-gateway/src/user/dto/add-user.dto.ts (1)

43-47: ⚠️ Potential issue | 🔴 Critical

isPasswordEncrypted still exposes caller-controlled plaintext mode on signup.

Line 47 keeps this flag in the public DTO, which preserves a plaintext-password API mode at the edge. This broadens secret-handling surface and should be removed from the external contract; normalization/encryption should be enforced server-side before forwarding.

Proposed DTO-side change

-  `@ApiPropertyOptional`({ example: true, default: true, description: 'Indicates if the password is encrypted' })
-  `@IsOptional`()
-  `@Transform`(({ value }) => (value !== undefined && null !== value ? value : true))
-  `@IsBoolean`({ message: 'isPasswordEncrypted should be boolean' })
-  isPasswordEncrypted?: boolean;

#!/bin/bash
# Verify all remaining usages before removing the field end-to-end.
# Expected: usages should be limited and then eliminated from public DTO/controller contracts.
rg -n -C2 --type=ts '\bisPasswordEncrypted\b'

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/api-gateway/src/user/dto/add-user.dto.ts` around lines 43 - 47, Remove
the public isPasswordEncrypted property from the AddUserDto (delete the
isPasswordEncrypted field, its
`@ApiPropertyOptional/`@IsOptional/@Transform/@IsBoolean decorators) so callers
cannot request plaintext mode; find and update all codepaths still referencing
isPasswordEncrypted (search for symbol isPasswordEncrypted) and ensure password
normalization/encryption is performed unconditionally in your server-side user
service/handler (e.g., in the signup/createUser flow) before forwarding/storing
credentials, and update any tests and API docs that referenced the flag.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/api-gateway/src/user/dto/add-user.dto.ts`:
- Around line 33-36: The Swagger example for the DTO property isPasskey is a
string ('false') but the validator `@IsBoolean` expects a boolean; update the
`@ApiProperty` decorator on isPasskey in add-user.dto (the isPasskey field) to use
a boolean example (e.g. example: false) so the OpenAPI spec and runtime
validation match.

---

Duplicate comments:
In `@apps/api-gateway/src/user/dto/add-user.dto.ts`:
- Around line 43-47: Remove the public isPasswordEncrypted property from the
AddUserDto (delete the isPasswordEncrypted field, its
`@ApiPropertyOptional/`@IsOptional/@Transform/@IsBoolean decorators) so callers
cannot request plaintext mode; find and update all codepaths still referencing
isPasswordEncrypted (search for symbol isPasswordEncrypted) and ensure password
normalization/encryption is performed unconditionally in your server-side user
service/handler (e.g., in the signup/createUser flow) before forwarding/storing
credentials, and update any tests and API docs that referenced the flag.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 401614ef-0000-4fae-a8c3-68bc0561e97c

📥 Commits

Reviewing files that changed from the base of the PR and between 186a36c and 7629086.

📒 Files selected for processing (3)

• apps/api-gateway/src/authz/authz.controller.ts
• apps/api-gateway/src/user/dto/add-user.dto.ts
• apps/api-gateway/src/user/dto/login-user.dto.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• apps/api-gateway/src/authz/authz.controller.ts
• apps/api-gateway/src/user/dto/login-user.dto.ts

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud