From 8e5c6dc2d60eeaa997a67a1755f2d0e489848219 Mon Sep 17 00:00:00 2001
From: saravanakumardb1 <saravanakumardb1@users.noreply.github.com>
Date: Sun, 15 Feb 2026 14:18:59 -0800
Subject: [PATCH] =?UTF-8?q?refactor(platform-service):=20auth=20routes=20+?=
 =?UTF-8?q?=20types=20=E2=80=94=20add=20productId=20to=20login/register=20?=
 =?UTF-8?q?schemas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- LoginSchema and RegisterSchema now require productId field
- Login/Register routes use productId from request body (not env var)
- PRODUCT_ID import removed from auth/routes.ts
- Test fixtures updated with productId: 'lysnrai'
---
 .../src/modules/auth/auth.test.ts                 |  3 +++
 .../platform-service/src/modules/auth/routes.ts   | 15 +++++++--------
 .../platform-service/src/modules/auth/types.ts    |  2 ++
 3 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/services/platform-service/src/modules/auth/auth.test.ts b/services/platform-service/src/modules/auth/auth.test.ts
index 4e172d09..f098a33b 100644
--- a/services/platform-service/src/modules/auth/auth.test.ts
+++ b/services/platform-service/src/modules/auth/auth.test.ts
@@ -10,6 +10,7 @@ describe('LoginSchema', () => {
     const result = LoginSchema.safeParse({
       email: 'admin@lysnrai.com',
       password: 'secret123',
+      productId: 'lysnrai',
     });
     expect(result.success).toBe(true);
   });
@@ -37,6 +38,7 @@ describe('RegisterSchema', () => {
       email: 'new@lysnrai.com',
       password: 'password123',
       displayName: 'New User',
+      productId: 'lysnrai',
     });
     expect(result.success).toBe(true);
     if (result.success) {
@@ -50,6 +52,7 @@ describe('RegisterSchema', () => {
       password: 'password123',
       displayName: 'Admin',
       role: 'admin',
+      productId: 'lysnrai',
     });
     expect(result.success).toBe(true);
   });
diff --git a/services/platform-service/src/modules/auth/routes.ts b/services/platform-service/src/modules/auth/routes.ts
index 65d61b8b..03509bc3 100644
--- a/services/platform-service/src/modules/auth/routes.ts
+++ b/services/platform-service/src/modules/auth/routes.ts
@@ -9,7 +9,6 @@
  */
 
 import type { FastifyInstance } from 'fastify';
-import { PRODUCT_ID } from '../../lib/product-config.js';
 import { BadRequestError, UnauthorizedError } from '../../lib/errors.js';
 import * as repo from './repository.js';
 import * as jwt from './jwt.js';
@@ -22,7 +21,7 @@ export async function authRoutes(app: FastifyInstance) {
     if (!parsed.success) {
       throw new BadRequestError(parsed.error.issues.map(i => i.message).join('; '));
     }
-    const { email, password } = parsed.data;
+    const { email, password, productId } = parsed.data;
     const user = await repo.getByEmail(email);
     if (!user) throw new UnauthorizedError('Invalid email or password');
     if (user.status !== 'active') throw new UnauthorizedError('Account is disabled');
@@ -36,9 +35,9 @@ export async function authRoutes(app: FastifyInstance) {
       sub: user.id,
       email: user.email,
       role: user.role,
-      productId: PRODUCT_ID,
+      productId,
     });
-    const refreshToken = await jwt.createRefreshToken({ sub: user.id, productId: PRODUCT_ID });
+    const refreshToken = await jwt.createRefreshToken({ sub: user.id, productId });
 
     return {
       accessToken,
@@ -53,7 +52,7 @@ export async function authRoutes(app: FastifyInstance) {
     if (!parsed.success) {
       throw new BadRequestError(parsed.error.issues.map(i => i.message).join('; '));
     }
-    const { email, password, displayName, role } = parsed.data;
+    const { email, password, displayName, role, productId } = parsed.data;
 
     const existing = await repo.getByEmail(email);
     if (existing) throw new BadRequestError('Email already registered');
@@ -61,7 +60,7 @@ export async function authRoutes(app: FastifyInstance) {
     const now = new Date().toISOString();
     const user: UserDoc = {
       id: `usr_${crypto.randomUUID()}`,
-      productId: PRODUCT_ID,
+      productId,
       email: email.toLowerCase(),
       passwordHash: await repo.hashPassword(password),
       role,
@@ -77,9 +76,9 @@ export async function authRoutes(app: FastifyInstance) {
       sub: user.id,
       email: user.email,
       role: user.role,
-      productId: PRODUCT_ID,
+      productId,
     });
-    const refreshToken = await jwt.createRefreshToken({ sub: user.id, productId: PRODUCT_ID });
+    const refreshToken = await jwt.createRefreshToken({ sub: user.id, productId });
 
     reply.code(201);
     return {
diff --git a/services/platform-service/src/modules/auth/types.ts b/services/platform-service/src/modules/auth/types.ts
index c51c2f9a..213f3420 100644
--- a/services/platform-service/src/modules/auth/types.ts
+++ b/services/platform-service/src/modules/auth/types.ts
@@ -29,6 +29,7 @@ export interface TokenPayload {
 export const LoginSchema = z.object({
   email: z.string().email(),
   password: z.string().min(1),
+  productId: z.string().min(1),
 });
 
 export const RegisterSchema = z.object({
@@ -36,6 +37,7 @@ export const RegisterSchema = z.object({
   password: z.string().min(8),
   displayName: z.string().min(1),
   role: z.enum(['admin', 'viewer', 'user']).default('user'),
+  productId: z.string().min(1),
 });
 
 export const RefreshSchema = z.object({