code-flexing · Noble-Devbase · Jun 29, 2026
diff --git a/harvest-finance/backend/src/app.module.ts b/harvest-finance/backend/src/app.module.ts
@@ -51,6 +51,7 @@ import {
   Notification,
   Order,
   Reward,
+  Session,
   SorobanEvent,
   Transaction,
   User,
@@ -89,6 +90,7 @@ import { CreateDepositEvents1700000000016 } from './database/migrations/17000000
 import { CreateVaultReservations1700000000018 } from './database/migrations/1700000000018-CreateVaultReservations';
 import { VaultReservation } from './vaults/entities/vault-reservation.entity';
 import { CreateVaultApyHistory1700000000017 } from './database/migrations/1700000000017-CreateVaultApyHistory';
+import { CreateSessionsAndOAuthLinks1700000000022 } from './database/migrations/1700000000022-CreateSessionsAndOAuthLinks';
 import { DomainEventsModule } from './domain-events';
 import { DomainEventHandlersModule } from './common/events';
 import { WebhooksModule } from './webhooks/webhooks.module';
@@ -116,6 +118,7 @@ import { WebhooksModule } from './webhooks/webhooks.module';
         entities: [
           User,
           UserOAuthLink,
+          Session,
           Order,
           Transaction,
           Verification,
@@ -153,6 +156,7 @@ import { WebhooksModule } from './webhooks/webhooks.module';
           CreateDepositEvents1700000000016,
           CreateVaultReservations1700000000018,
           CreateVaultApyHistory1700000000017,
+          CreateSessionsAndOAuthLinks1700000000022,
         ],
         synchronize: false,
         migrationsRun: false,

diff --git a/harvest-finance/backend/src/auth/auth.controller.ts b/harvest-finance/backend/src/auth/auth.controller.ts
@@ -7,6 +7,7 @@ import {
   HttpCode,
   HttpStatus,
   Get,
+  Query,
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import type { Request } from 'express';
@@ -127,8 +128,13 @@ export class AuthController {
      status: 500,
      description: 'Internal server error',
    })
-  async login(@Body() loginDto: LoginDto): Promise<AuthResponseDto> {
-    return this.authService.login(loginDto);
+  async login(@Body() loginDto: LoginDto, @Req() req: Request): Promise<AuthResponseDto> {
+    const userAgent = req.headers['user-agent'];
+    const ipAddress =
+      (req.headers['x-forwarded-for'] as string)?.split(',')[0]?.trim() ??
+      req.socket?.remoteAddress ??
+      undefined;
+    return this.authService.login(loginDto, userAgent, ipAddress);
   }
 
   /**
@@ -375,7 +381,12 @@ export class AuthController {
     type: AuthResponseDto,
   })
   async googleAuthRedirect(@Req() req): Promise<AuthResponseDto> {
-    return this.authService.loginWithOAuth(req.user);
+    const userAgent = req.headers['user-agent'];
+    const ipAddress =
+      (req.headers['x-forwarded-for'] as string)?.split(',')[0]?.trim() ??
+      req.socket?.remoteAddress ??
+      undefined;
+    return this.authService.loginWithOAuth(req.user, userAgent, ipAddress);
   }
 
   /**
@@ -401,7 +412,12 @@ export class AuthController {
     type: AuthResponseDto,
   })
   async githubAuthRedirect(@Req() req): Promise<AuthResponseDto> {
-    return this.authService.loginWithOAuth(req.user);
+    const userAgent = req.headers['user-agent'];
+    const ipAddress =
+      (req.headers['x-forwarded-for'] as string)?.split(',')[0]?.trim() ??
+      req.socket?.remoteAddress ??
+      undefined;
+    return this.authService.loginWithOAuth(req.user, userAgent, ipAddress);
   }
 
   @Get('verify-email')

diff --git a/harvest-finance/backend/src/auth/auth.module.ts b/harvest-finance/backend/src/auth/auth.module.ts
@@ -2,30 +2,52 @@ import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';
 import { PassportModule } from '@nestjs/passport';
 import { TypeOrmModule } from '@nestjs/typeorm';
+import { ConfigModule, ConfigService } from '@nestjs/config';
 import { AuthController } from './auth.controller';
+import { SessionsController } from './sessions.controller';
 import { AuthService } from './auth.service';
 import { JwtStrategy } from './strategies/jwt.strategy';
 import { StellarStrategy } from './strategies/stellar.strategy';
 import { GoogleStrategy } from './strategies/google.strategy';
 import { GithubStrategy } from './strategies/github.strategy';
 import { User } from '../database/entities/user.entity';
 import { UserOAuthLink } from '../database/entities/user-oauth-link.entity';
+import { Session } from '../database/entities/session.entity';
 import { CommonModule } from '../common/common.module';
 
 @Module({
   imports: [
-    TypeOrmModule.forFeature([User, UserOAuthLink]),
+    TypeOrmModule.forFeature([User, UserOAuthLink, Session]),
     PassportModule.register({ defaultStrategy: 'jwt' }),
-    JwtModule.register({
-      secret: 'super_secret_jwt_key',
-      signOptions: {
-        expiresIn: '1h',
-      },
+    JwtModule.registerAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: (configService: ConfigService) => ({
+        secret:
+          configService.get<string>('JWT_SECRET') || 'super_secret_jwt_key',
+        signOptions: {
+          expiresIn:
+            configService.get<string>('JWT_EXPIRES_IN') || '1h',
+        },
+      }),
     }),
     CommonModule,
   ],
-  controllers: [AuthController],
-  providers: [AuthService, JwtStrategy, StellarStrategy, GoogleStrategy, GithubStrategy],
-  exports: [AuthService, JwtStrategy, StellarStrategy, GoogleStrategy, GithubStrategy, PassportModule],
+  controllers: [AuthController, SessionsController],
+  providers: [
+    AuthService,
+    JwtStrategy,
+    StellarStrategy,
+    GoogleStrategy,
+    GithubStrategy,
+  ],
+  exports: [
+    AuthService,
+    JwtStrategy,
+    StellarStrategy,
+    GoogleStrategy,
+    GithubStrategy,
+    PassportModule,
+  ],
 })
 export class AuthModule {}