From d9d9de759fecbf819144aa1079d6c2aeebf1b659 Mon Sep 17 00:00:00 2001
From: Nicolas Drolet <nicolasd@targointernet.com>
Date: Fri, 19 Dec 2025 15:39:18 -0500
Subject: [PATCH] fix(auth): fix /me route to properly send user data, now also
 includes module accesses for user.

---
 .../authentication/auth.module.ts                     |  2 ++
 .../authentication/controllers/auth.controller.ts     | 11 +++++++++--
 .../services/abstract-user.service.ts                 |  1 +
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/identity-and-account/authentication/auth.module.ts b/src/identity-and-account/authentication/auth.module.ts
index bfe92a7..ce27768 100644
--- a/src/identity-and-account/authentication/auth.module.ts
+++ b/src/identity-and-account/authentication/auth.module.ts
@@ -5,6 +5,7 @@ import { UsersModule } from '../users-management/users.module';
 import { AuthController } from './controllers/auth.controller';
 import { AuthentikStrategy } from './strategies/authentik.strategy';
 import { ExpressSessionSerializer } from './serializers/express-session.serializer';
+import { UsersService } from 'src/identity-and-account/users-management/services/users.service';
 
 
 @Module({
@@ -16,6 +17,7 @@ import { ExpressSessionSerializer } from './serializers/express-session.serializ
     AuthentikAuthService, 
     AuthentikStrategy, 
     ExpressSessionSerializer,
+    UsersService,
   ],
   exports: [ AuthentikAuthService ],
   controllers: [AuthController],
diff --git a/src/identity-and-account/authentication/controllers/auth.controller.ts b/src/identity-and-account/authentication/controllers/auth.controller.ts
index 43c9397..fa38c47 100644
--- a/src/identity-and-account/authentication/controllers/auth.controller.ts
+++ b/src/identity-and-account/authentication/controllers/auth.controller.ts
@@ -1,9 +1,14 @@
 import { Controller, Get, Req, Res, UnauthorizedException, UseGuards } from '@nestjs/common';
 import { OIDCLoginGuard } from '../guards/authentik-auth.guard';
 import { Request, Response } from 'express';
+import { UsersService } from 'src/identity-and-account/users-management/services/users.service';
+import { Access } from 'src/common/decorators/module-access.decorators';
 
 @Controller('auth')
 export class AuthController {
+    constructor(
+        private readonly usersService: UsersService,
+    ){}
 
     @UseGuards(OIDCLoginGuard)
     @Get('/v1/login')
@@ -17,11 +22,13 @@ export class AuthController {
     }
 
     @Get('/me')
-    getProfile(@Req() req: Request) {
+    async getProfile(
+        @Access('email') email: string,
+        @Req() req: Request) {
         if (!req.user) {
             throw new UnauthorizedException('Not logged in');
         }
-        return req.user;
+        return this.usersService.findOneByEmail(email);
     }
 
 }
diff --git a/src/identity-and-account/users-management/services/abstract-user.service.ts b/src/identity-and-account/users-management/services/abstract-user.service.ts
index 51404f9..872f7c2 100644
--- a/src/identity-and-account/users-management/services/abstract-user.service.ts
+++ b/src/identity-and-account/users-management/services/abstract-user.service.ts
@@ -30,6 +30,7 @@ export abstract class AbstractUserService {
 
         let module_access: Modules[] = [];
         if (user.user_module_access !== null) module_access = toKeysFromBoolean(user.user_module_access);
+        console.log('module access: ', module_access);
 		
         const clean_user = {
 			first_name: user.first_name,