Merge pull request #241 from mxllv/feat/define-verificationrecord

Feat/define verificationrecord

Author: mftee

backend/src/app.module.ts

@@ -4,7 +4,10 @@ import { TypeOrmModule } from '@nestjs/typeorm';
 import { AppController } from './app.controller';
 import { AppService } from './app.service';
 import { AuthModule } from './auth/auth.module';
+import { DocumentsModule } from './documents/documents.module';
+import { RiskAssessmentModule } from './risk-assessment/risk-assessment.module';
 import { UsersModule } from './users/users.module';
+import { VerificationModule } from './verification/verification.module';
 
 @Module({
   imports: [
@@ -28,6 +31,9 @@ import { UsersModule } from './users/users.module';
     }),
     UsersModule,
     AuthModule,
+    DocumentsModule,
+    RiskAssessmentModule,
+    VerificationModule,
   ],
   controllers: [AppController],
   providers: [AppService],

backend/src/documents/documents.controller.ts

@@ -0,0 +1,93 @@
+import {
+  BadRequestException,
+  Controller,
+  Post,
+  Req,
+  Res,
+  UploadedFile,
+  UseGuards,
+  UseInterceptors,
+} from '@nestjs/common';
+import { FileInterceptor } from '@nestjs/platform-express';
+import { ConfigService } from '@nestjs/config';
+import { Request, Response } from 'express';
+import { createHash } from 'crypto';
+import { promises as fs } from 'fs';
+import { extname, join } from 'path';
+import * as multer from 'multer';
+
+import { DocumentsService } from './documents.service';
+import { DocumentStatus } from './entities/document.entity';
+import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
+import { User } from '../users/entities/user.entity';
+
+const ALLOWED_MIME_TYPES = ['application/pdf', 'image/png', 'image/jpeg'];
+const MAX_FILE_SIZE_BYTES = 20 * 1024 * 1024;
+
+const multerStorage = multer.memoryStorage();
+
+const fileFilter: multer.FileFilterCallback = (_req, file, callback) => {
+  if (ALLOWED_MIME_TYPES.includes(file.mimetype)) {
+    return callback(null, true);
+  }
+
+  return callback(new BadRequestException('Only PDF, PNG, or JPEG files are allowed'), false);
+};
+
+@Controller('documents')
+export class DocumentsController {
+  constructor(
+    private readonly documentsService: DocumentsService,
+    private readonly configService: ConfigService,
+  ) {}
+
+  @Post('upload')
+  @UseGuards(JwtAuthGuard)
+  @UseInterceptors(
+    FileInterceptor('file', {
+      storage: multerStorage,
+      fileFilter,
+      limits: { fileSize: MAX_FILE_SIZE_BYTES },
+    }),
+  )
+  async uploadDocument(
+    @UploadedFile() file: Express.Multer.File,
+    @Req() req: Request & { user?: User },
+    @Res() res: Response,
+  ) {
+    if (!file) {
+      throw new BadRequestException('File is required');
+    }
+
+    const user = req.user;
+    if (!user) {
+      throw new BadRequestException('Authenticated user is required');
+    }
+
+    const fileHash = createHash('sha256').update(file.buffer).digest('hex');
+    const existing = await this.documentsService.findByFileHash(fileHash);
+    if (existing) {
+      return res.status(200).send(existing);
+    }
+
+    const uploadDir = this.configService.get<string>('UPLOAD_DIR') || './uploads';
+    await fs.mkdir(uploadDir, { recursive: true });
+
+    const extension = extname(file.originalname) || '';
+    const filename = ${fileHash};
+    const targetPath = join(uploadDir, filename);
+    await fs.writeFile(targetPath, file.buffer);
+
+    const document = await this.documentsService.create({
+      ownerId: user.id,
+      title: file.originalname,
+      filePath: targetPath,
+      fileHash,
+      fileSize: file.size,
+      mimeType: file.mimetype,
+      status: DocumentStatus.PENDING,
+    });
+
+    return res.status(201).send(document);
+  }
+}

backend/src/documents/documents.module.ts

@@ -0,0 +1,14 @@
+import { Module } from '@nestjs/common';
+import { ConfigModule } from '@nestjs/config';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { DocumentsController } from './documents.controller';
+import { DocumentsService } from './documents.service';
+import { Document } from './entities/document.entity';
+
+@Module({
+  imports: [ConfigModule, TypeOrmModule.forFeature([Document])],
+  controllers: [DocumentsController],
+  providers: [DocumentsService],
+  exports: [DocumentsService],
+})
+export class DocumentsModule {}

backend/src/documents/documents.service.ts

@@ -0,0 +1,50 @@
+import { Injectable } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { Document, DocumentStatus } from './entities/document.entity';
+
+@Injectable()
+export class DocumentsService {
+  constructor(
+    @InjectRepository(Document)
+    private readonly documentRepository: Repository<Document>,
+  ) {}
+
+  create(payload: Partial<Document>): Promise<Document> {
+    const document = this.documentRepository.create(payload);
+    return this.documentRepository.save(document);
+  }
+
+  findById(id: string): Promise<Document | null> {
+    return this.documentRepository.findOne({ where: { id } });
+  }
+
+  findByOwner(ownerId: string): Promise<Document[]> {
+    return this.documentRepository.find({ where: { ownerId } });
+  }
+
+  findByFileHash(fileHash: string): Promise<Document | null> {
+    return this.documentRepository.findOne({ where: { fileHash } });
+  }
+
+  async updateStatus(id: string, status: DocumentStatus): Promise<Document | null> {
+    await this.documentRepository.update(id, { status });
+    return this.findById(id);
+  }
+
+  async updateRisk(
+    id: string,
+    score: number,
+    flags: string[],
+  ): Promise<Document | null> {
+    await this.documentRepository.update(id, {
+      riskScore: score,
+      riskFlags: flags,
+    });
+    return this.findById(id);
+  }
+
+  async delete(id: string): Promise<void> {
+    await this.documentRepository.delete(id);
+  }
+}

backend/src/documents/entities/document.entity.ts

@@ -0,0 +1,65 @@
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  Index,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+  UpdateDateColumn,
+} from 'typeorm';
+import { User } from '../../users/entities/user.entity';
+
+export enum DocumentStatus {
+  PENDING = 'pending',
+  ANALYZING = 'analyzing',
+  VERIFIED = 'verified',
+  FLAGGED = 'flagged',
+  REJECTED = 'rejected',
+}
+
+@Entity('documents')
+@Index('IDX_DOCUMENT_FILE_HASH', ['fileHash'], { unique: true })
+export class Document {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column({ name: 'owner_id' })
+  ownerId: string;
+
+  @ManyToOne(() => User, { onDelete: 'CASCADE' })
+  owner: User;
+
+  @Column()
+  title: string;
+
+  @Column({ name: 'file_path' })
+  filePath: string;
+
+  @Column({ name: 'file_hash' })
+  fileHash: string;
+
+  @Column({ name: 'file_size', type: 'int' })
+  fileSize: number;
+
+  @Column({ name: 'mime_type' })
+  mimeType: string;
+
+  @Column({
+    type: 'enum',
+    enum: DocumentStatus,
+    default: DocumentStatus.PENDING,
+  })
+  status: DocumentStatus;
+
+  @Column({ name: 'risk_score', type: 'float', nullable: true })
+  riskScore?: number;
+
+  @Column({ name: 'risk_flags', type: 'json', nullable: true })
+  riskFlags?: string[];
+
+  @CreateDateColumn({ name: 'created_at' })
+  createdAt: Date;
+
+  @UpdateDateColumn({ name: 'updated_at' })
+  updatedAt: Date;
+}

backend/src/risk-assessment/risk-assessment.controller.ts

@@ -0,0 +1,15 @@
+import { Controller, Get, Param, UseGuards } from '@nestjs/common';
+
+import { RiskAssessmentService } from './risk-assessment.service';
+import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
+
+@Controller('documents')
+export class RiskAssessmentController {
+  constructor(private readonly riskService: RiskAssessmentService) {}
+
+  @Get(':id/risk')
+  @UseGuards(JwtAuthGuard)
+  async getRisk(@Param('id') id: string) {
+    return this.riskService.assessDocument(id);
+  }
+}

backend/src/risk-assessment/risk-assessment.module.ts

@@ -0,0 +1,12 @@
+import { Module } from '@nestjs/common';
+import { DocumentsModule } from '../documents/documents.module';
+import { RiskAssessmentController } from './risk-assessment.controller';
+import { RiskAssessmentService } from './risk-assessment.service';
+
+@Module({
+  imports: [DocumentsModule],
+  controllers: [RiskAssessmentController],
+  providers: [RiskAssessmentService],
+  exports: [RiskAssessmentService],
+})
+export class RiskAssessmentModule {}

backend/src/risk-assessment/risk-assessment.service.ts

@@ -0,0 +1,86 @@
+import { Injectable, NotFoundException } from '@nestjs/common';
+
+import { DocumentsService } from '../documents/documents.service';
+import { Document } from '../documents/entities/document.entity';
+
+export enum RiskFlag {
+  MISSING_PARCEL_ID = 'MISSING_PARCEL_ID',
+  OVERLAPPING_CLAIM = 'OVERLAPPING_CLAIM',
+  FORGED_SIGNATURE_INDICATOR = 'FORGED_SIGNATURE_INDICATOR',
+  EXPIRED_DOCUMENT = 'EXPIRED_DOCUMENT',
+  INCOMPLETE_OWNERSHIP_CHAIN = 'INCOMPLETE_OWNERSHIP_CHAIN',
+  UNKNOWN_ISSUER = 'UNKNOWN_ISSUER',
+}
+
+export interface RiskResult {
+  score: number;
+  flags: RiskFlag[];
+}
+
+const FLAG_WEIGHTS: Record<RiskFlag, number> = {
+  [RiskFlag.MISSING_PARCEL_ID]: 20,
+  [RiskFlag.OVERLAPPING_CLAIM]: 20,
+  [RiskFlag.FORGED_SIGNATURE_INDICATOR]: 25,
+  [RiskFlag.EXPIRED_DOCUMENT]: 15,
+  [RiskFlag.INCOMPLETE_OWNERSHIP_CHAIN]: 10,
+  [RiskFlag.UNKNOWN_ISSUER]: 10,
+};
+
+@Injectable()
+export class RiskAssessmentService {
+  constructor(private readonly documentsService: DocumentsService) {}
+
+  async assessDocument(documentId: string): Promise<RiskResult> {
+    const document = await this.documentsService.findById(documentId);
+    if (!document) {
+      throw new NotFoundException('Document not found');
+    }
+
+    const flags = await this.detectFlags(document);
+    const score = this.calculateScore(flags);
+
+    await this.documentsService.updateRisk(documentId, score, flags);
+
+    return { score, flags };
+  }
+
+  private async detectFlags(document: Document): Promise<RiskFlag[]> {
+    const flags: RiskFlag[] = [];
+
+    if (!document.title || !/\d/.test(document.title)) {
+      flags.push(RiskFlag.MISSING_PARCEL_ID);
+    }
+
+    const ownerDocuments = await this.documentsService.findByOwner(document.ownerId);
+    if (ownerDocuments.some((doc) => doc.id !== document.id)) {
+      flags.push(RiskFlag.OVERLAPPING_CLAIM);
+    }
+
+    if (
+      document.mimeType === 'application/pdf' &&
+      document.fileSize !== undefined &&
+      document.fileSize < 50_000
+    ) {
+      flags.push(RiskFlag.FORGED_SIGNATURE_INDICATOR);
+    }
+
+    if (document.title?.toLowerCase().includes('expired')) {
+      flags.push(RiskFlag.EXPIRED_DOCUMENT);
+    }
+
+    if (!document.title || document.title.trim().length < 12) {
+      flags.push(RiskFlag.INCOMPLETE_OWNERSHIP_CHAIN);
+    }
+
+    if (!document.title?.toLowerCase().includes('issued')) {
+      flags.push(RiskFlag.UNKNOWN_ISSUER);
+    }
+
+    return Array.from(new Set(flags));
+  }
+
+  private calculateScore(flags: RiskFlag[]): number {
+    const rawScore = flags.reduce((total, flag) => total + (FLAG_WEIGHTS[flag] ?? 0), 0);
+    return Math.min(100, Math.max(0, rawScore));
+  }
+}