Merge pull request 'example frontend-backend communication' (#37) from backend_complete into main

Reviewed-on: #37

SerpentRace_Backend/src/Application/DTOs/Mappers/UserMapper.ts

@@ -5,9 +5,7 @@ import { BaseMapper } from './BaseMapper';
 export class UserMapper {
   static toShortDto(user: UserAggregate): ShortUserDto {
     return {
-      id: user.id,
       username: user.username,
-      state: user.state,
       authLevel: (user.state === UserState.ADMIN ? 1 : 0) as 0 | 1,
     };
   }

SerpentRace_Backend/src/Application/DTOs/UserDto.ts

@@ -10,9 +10,7 @@ export interface UpdateUserDto {
 }
 
 export interface ShortUserDto {
-  id: string;
   username: string;
-  state: number;
   authLevel: 0 | 1;
 }
 

SerpentRace_Backend/src/Application/User/commands/LoginCommandHandler.ts

@@ -11,8 +11,8 @@ import { Response } from 'express';
 
 export interface LoginResponse {
   user: ShortUserDto;
-  token: string;
-  refreshToken: string;
+  token?: string;
+  refreshToken?: string;
   requiresOrgReauth?: boolean;
   orgLoginUrl?: string;
   organizationName?: string;
@@ -114,10 +114,12 @@ export class LoginCommandHandler {
         const responseObj = res || mockRes;
         
         // Check if client prefers Bearer token authentication
-        const prefersBearerAuth = res && (
+        const isWebClient = res?.req?.headers['origin'] || res?.req?.headers['referer'];
+        const explicitBearerRequest = res?.req?.headers['x-auth-method'] === 'bearer';
+
+        const prefersBearerAuth = res && !isWebClient && (
           res.req?.headers['authorization'] !== undefined ||
-          res.req?.headers['x-auth-method'] === 'bearer' ||
-          res.req?.headers['accept']?.includes('application/json')
+          explicitBearerRequest
         );
         
         let tokenPair: any;
@@ -168,12 +170,19 @@ export class LoginCommandHandler {
           organizationName,
           totalLoginTime: Date.now() - startTime
         });
-        
-        const response: LoginResponse = {
-          user: UserMapper.toShortDto(user),
-          token: tokenPair.accessToken,
-          refreshToken: tokenPair.refreshToken
-        };
+        let response: LoginResponse;
+        if (prefersBearerAuth){
+          response = {
+            user: UserMapper.toShortDto(user),
+            token: tokenPair.accessToken,
+            refreshToken: tokenPair.refreshToken
+          };
+        }
+        else {
+          response = {
+            user: UserMapper.toShortDto(user)
+          };
+        }
 
         if (requiresOrgReauth) {
           response.requiresOrgReauth = true;