fix: resolve TypeScript errors for Vercel deployment

- Add @types/express-serve-static-core for clearCookie method
- Fix passport strategy Profile types with custom interfaces
- Fix jwt.strategy.ts Request type handling

Author: PhuocHoan

backend/package.json

@@ -56,6 +56,7 @@
     "@types/bcrypt": "^6.0.0",
     "@types/cookie-parser": "^1.4.10",
     "@types/express": "^5.0.6",
+    "@types/express-serve-static-core": "^5.1.0",
     "@types/jest": "^30.0.0",
     "@types/ms": "^2.1.0",
     "@types/multer": "^2.0.0",

backend/src/auth/strategies/github.strategy.ts

@@ -2,7 +2,16 @@ import { Injectable } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { PassportStrategy } from '@nestjs/passport';
 
-import { Strategy, Profile } from 'passport-github2';
+import { Strategy } from 'passport-github2';
+
+// GitHub OAuth profile structure
+interface GitHubProfile {
+  id: string;
+  username?: string;
+  displayName?: string;
+  emails?: Array<{ value: string }>;
+  photos?: Array<{ value: string }>;
+}
 
 /**
  * GitHub App Authentication Strategy
@@ -37,17 +46,16 @@ export class GithubStrategy extends PassportStrategy(Strategy, 'github') {
   validate(
     accessToken: string,
     refreshToken: string,
-    profile: Profile,
+    profile: GitHubProfile,
     done: (error: Error | null, user?: Record<string, unknown>) => void,
   ): void {
-    const { displayName, emails, photos } = profile;
+    const { displayName, emails, photos, id, username } = profile;
     // Profile values from GitHub may be null at runtime despite type definitions
     const user = {
       email: emails?.[0]?.value ?? '',
-      // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
-      fullName: displayName ?? profile.username ?? '',
+      fullName: displayName ?? username ?? '',
       avatarUrl: photos?.[0]?.value ?? '',
-      providerId: profile.id,
+      providerId: id,
       accessToken,
       refreshToken,
     };

backend/src/auth/strategies/google.strategy.ts

@@ -2,7 +2,19 @@ import { Injectable } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { PassportStrategy } from '@nestjs/passport';
 
-import { Strategy, VerifyCallback, Profile } from 'passport-google-oauth20';
+import { Strategy, VerifyCallback } from 'passport-google-oauth20';
+
+// Google OAuth profile structure
+interface GoogleProfile {
+  id: string;
+  displayName?: string;
+  name?: {
+    givenName?: string;
+    familyName?: string;
+  };
+  emails?: Array<{ value: string; verified?: boolean }>;
+  photos?: Array<{ value: string }>;
+}
 
 @Injectable()
 export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
@@ -21,7 +33,7 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
   validate(
     accessToken: string,
     refreshToken: string,
-    profile: Profile,
+    profile: GoogleProfile,
     done: VerifyCallback,
   ): void {
     const { name, emails, photos, id } = profile;

backend/src/auth/strategies/jwt.strategy.ts

@@ -11,15 +11,12 @@ interface JwtPayload {
   role: string;
 }
 
-interface RequestWithCookies extends Request {
-  cookies: Record<string, string>;
-}
-
 // Custom extractor that tries cookie first, then falls back to Bearer token
-const cookieExtractor = (req: RequestWithCookies): string | null => {
+const cookieExtractor = (req: Request): string | null => {
   // First try to get token from HTTP-only cookie
-  if (req.cookies.access_token) {
-    return req.cookies.access_token;
+  const cookies = req.cookies as Record<string, string> | undefined;
+  if (cookies?.access_token) {
+    return cookies.access_token;
   }
   // Fallback to Authorization header (for API clients, testing, etc.)
   const authHeader = req.headers.authorization;