validation when the user is not a businnes user

2026-01-22 15:55:51 -05:00
parent 6ef691881a
commit b557b5874d
1 changed files with 24 additions and 5 deletions
--- a/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart
+++ b/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart
@@ -34,12 +34,29 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
        throw Exception('Sign-in failed, no Firebase user received.');
      }

-      return _getUserProfile(
-        firebaseUserId: firebaseUser.uid,
-        fallbackEmail: firebaseUser.email ?? email,
-      );
+      final response = await _dataConnect.getUserById(
+        id: firebaseUser.uid,
+      ).execute();
+      final user = response.data?.user;
+      if (user == null) {
+        await _firebaseAuth.signOut();
+        throw Exception('Authenticated user profile not found in database.');
+      }
+      if (user.userRole != 'BUSINESS') {
+        await _firebaseAuth.signOut();
+        throw Exception('User is not authorized for this app.');
+      }

-      //TO-DO: validate that user is business role and has business account
+      final resolvedEmail = user.email ?? firebaseUser.email ?? email;
+      if (resolvedEmail.isEmpty) {
+        throw Exception('User email is missing in profile data.');
+      }
+
+      return domain.User(
+        id: user.id,
+        email: resolvedEmail,
+        role: user.role.stringValue,
+      );

    } on firebase.FirebaseAuthException catch (e) {
      if (e.code == 'invalid-credential' || e.code == 'wrong-password') {
@@ -47,6 +64,8 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
      } else {
        throw Exception('Authentication error: ${e.message}');
      }
+    } on Exception catch (e) {
+      throw e;
    } catch (e) {
      throw Exception('Failed to sign in and fetch user data: ${e.toString()}');
    }