From 8e1fb5657080ce73dae2f546ef532f82e10357de Mon Sep 17 00:00:00 2001
From: dpurbosakti <dwiatmokop@gmail.com>
Date: Mon, 6 Oct 2025 11:54:56 +0700
Subject: [PATCH] feat (auth): add user division position

---
 assets/language/en/data.json                  |  1 +
 .../main-use-case/authentication/case.go      | 50 ++++++++++++-------
 .../main-use-case/authentication/helper.go    | 48 +++++++++++++++---
 pkg/auth-helper/tycovar.go                    | 14 +++---
 4 files changed, 81 insertions(+), 32 deletions(-)

diff --git a/assets/language/en/data.json b/assets/language/en/data.json
index a5223967..d78f3424 100644
--- a/assets/language/en/data.json
+++ b/assets/language/en/data.json
@@ -14,6 +14,7 @@
 	"auth-login-unverified": "login failed, account is not verified",
 	"auth-logout-success": "logout success",
 	"auth-reject-suspend": "restricted for suspended account",
+	"auth-getData-failed": "failed to get user data",
 
 	"balance-exceeded": "must not exceeds balance",
 
diff --git a/internal/use-case/main-use-case/authentication/case.go b/internal/use-case/main-use-case/authentication/case.go
index f80cf8e8..3e10d86f 100644
--- a/internal/use-case/main-use-case/authentication/case.go
+++ b/internal/use-case/main-use-case/authentication/case.go
@@ -72,6 +72,11 @@ func GenToken(input eu.LoginDto) (*d.Data, error) {
 		return nil, d.FieldErrors{"authentication": d.FieldError{Code: "auth-login-unverified", Message: el.GenMessage("auth-login-unverified")}}
 	}
 
+	userDivisionPositions, err := getDivisionPosition(user.Id)
+	if err != nil {
+		return nil, d.FieldErrors{"authentication": d.FieldError{Code: "auth-getData-failed", Message: el.GenMessage("auth-getData-failed")}}
+	}
+
 	// Access token prep
 	id, err := uuid.NewRandom()
 	if err != nil {
@@ -89,11 +94,10 @@ func GenToken(input eu.LoginDto) (*d.Data, error) {
 	atClaims := jwt.MapClaims{}
 	atClaims["user_id"] = user.Id
 	atClaims["user_name"] = user.Name
-	// atClaims["user_email"] = user.Email
 	atClaims["user_position_code"] = user.Position_Code
-	// atClaims["user_ref_id"] = user.Ref_Id
 	atClaims["exp"] = atExpires
 	atClaims["uuid"] = aUuid
+	atClaims["user_division_positions"] = userDivisionPositions
 	at := jwt.NewWithClaims(jwt.SigningMethodHS256, atClaims)
 	ats, err := at.SignedString([]byte(atSecretKey))
 	if err != nil {
@@ -122,10 +126,11 @@ func GenToken(input eu.LoginDto) (*d.Data, error) {
 			"status":    "verified",
 		},
 		Data: d.II{
-			"user_id":            strconv.Itoa(int(user.Id)),
-			"user_name":          user.Name,
-			"user_position_code": user.Position_Code,
-			"accessToken":        ats,
+			"user_id":                 strconv.Itoa(int(user.Id)),
+			"user_name":               user.Name,
+			"user_position_code":      user.Position_Code,
+			"accessToken":             ats,
+			"user_division_positions": userDivisionPositions,
 		},
 	}, nil
 }
@@ -181,24 +186,31 @@ func ExtractToken(r *http.Request, tokenType TokenType) (data *pa.AuthInfo, err
 			return nil, d.FieldError{Code: "token-unidentified", Message: el.GenMessage("token-unidentified")}
 		}
 		user_name := fmt.Sprintf("%v", claims["user_name"])
-		// user_email := ""
-		// if v, exist := claims["user_email"]; exist && v != nil {
-		// 	user_email = v.(string)
-		// }
-		// ref_id := 0
-		// if v, exist := claims["user_ref_id"]; exist && v != nil {
-		// 	tmp := v.(float64)
-		// 	ref_id = int(tmp)
-		// }
+
+		var userDivisionPositions []pa.DivisionPosition
+		if raw, ok := claims["user_division_position"]; ok && raw != nil {
+			if list, ok := raw.([]interface{}); ok {
+				for _, item := range list {
+					if m, ok := item.(map[string]interface{}); ok {
+						dp := pa.DivisionPosition{
+							Division_Code:         fmt.Sprintf("%v", m["Division_Code"]),
+							DivisionPosition_Code: fmt.Sprintf("%v", m["DivisionPosition_Code"]),
+						}
+						userDivisionPositions = append(userDivisionPositions, dp)
+					}
+				}
+			}
+		}
 		position_code := ""
 		if v, exist := claims["user_position_code"]; exist && v != nil {
 			position_code = v.(string)
 		}
 		data = &pa.AuthInfo{
-			Uuid:               accessUuid,
-			User_Id:            uint(user_id),
-			User_Name:          user_name,
-			User_Position_Code: position_code,
+			Uuid:                   accessUuid,
+			User_Id:                uint(user_id),
+			User_Name:              user_name,
+			User_Position_Code:     position_code,
+			User_DivisionPositions: userDivisionPositions,
 		}
 		return
 	}
diff --git a/internal/use-case/main-use-case/authentication/helper.go b/internal/use-case/main-use-case/authentication/helper.go
index af4d2ccc..50b0c8fd 100644
--- a/internal/use-case/main-use-case/authentication/helper.go
+++ b/internal/use-case/main-use-case/authentication/helper.go
@@ -1,11 +1,14 @@
 package authentication
 
 import (
+	"errors"
+	edp "simrs-vx/internal/domain/main-entities/division-position"
+	ee "simrs-vx/internal/domain/main-entities/employee"
 
-	// edp "simrs-vx/internal/domain/main-entities/division-position"
+	pa "simrs-vx/pkg/auth-helper"
 
 	dg "github.com/karincake/apem/db-gorm-pg"
-	// pa "simrs-vx/pkg/auth-helper"
+	"gorm.io/gorm"
 )
 
 // just return the error code
@@ -24,7 +27,40 @@ func getDocName(id uint) string {
 	return "authentication"
 }
 
-// func getDivisionPosition(user_id uint) []pa.DivisionPosition {
-// 	var divisionPosition []pa.DivisionPosition
-// 	var divisionPositionList []edp.DivisionPosition
-// }
+func getDivisionPosition(user_id uint) ([]pa.DivisionPosition, error) {
+	var result []pa.DivisionPosition
+
+	var employee ee.Employee
+	if err := dg.I.Where("\"User_Id\" = ?", user_id).First(&employee).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return result, nil
+		}
+		return result, errors.New("no employee found")
+	}
+
+	var divisionPositions []edp.DivisionPosition
+	err := dg.I.
+		Preload("Division").
+		Where("\"Employee_Id\" = ?", employee.Id).
+		Find(&divisionPositions).Error
+	if err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return result, nil
+		}
+		return result, err
+	}
+
+	for _, dp := range divisionPositions {
+		result = append(result, pa.DivisionPosition{
+			Division_Code: func() string {
+				if dp.Division != nil {
+					return dp.Division.Code
+				}
+				return ""
+			}(),
+			DivisionPosition_Code: dp.Code,
+		})
+	}
+
+	return result, nil
+}
diff --git a/pkg/auth-helper/tycovar.go b/pkg/auth-helper/tycovar.go
index aa23e992..288c9d21 100644
--- a/pkg/auth-helper/tycovar.go
+++ b/pkg/auth-helper/tycovar.go
@@ -7,16 +7,16 @@ import (
 type AuthKey struct{}
 
 type AuthInfo struct {
-	Uuid                  string
-	User_Id               uint
-	User_Name             string
-	User_DivisionPosition []DivisionPosition
-	User_Position_Code    string
+	Uuid                   string
+	User_Id                uint
+	User_Name              string
+	User_DivisionPositions []DivisionPosition
+	User_Position_Code     string
 }
 
 type DivisionPosition struct {
-	Division_Code         string
-	DivisionPosition_Code string
+	Division_Code         string `json:"division_code"`
+	DivisionPosition_Code string `json:"divisionPosition_code"`
 }
 
 func (a AuthInfo) IsDoctor() bool {