From 3466ec740e281a26a7a6c4d999b82d89e48c4d5b Mon Sep 17 00:00:00 2001
From: Consultoria AS <desarrollo@consultoria-as.com>
Date: Sat, 31 Jan 2026 06:48:26 +0000
Subject: [PATCH] fix: resolve TypeScript compilation errors in API

- Add explicit IRouter type to all route files
- Add explicit Express type to app.ts
- Fix env.ts by moving getCorsOrigins after parsing
- Fix token.ts SignOptions type for expiresIn
- Cast req.params.id to String() in controllers

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 apps/api/src/app.ts                              |  4 ++--
 apps/api/src/config/env.ts                       | 10 +++++-----
 apps/api/src/controllers/alertas.controller.ts   |  6 +++---
 .../api/src/controllers/calendario.controller.ts |  4 ++--
 apps/api/src/controllers/cfdi.controller.ts      |  4 ++--
 apps/api/src/controllers/tenants.controller.ts   |  6 +++---
 apps/api/src/routes/alertas.routes.ts            |  4 ++--
 apps/api/src/routes/auth.routes.ts               |  4 ++--
 apps/api/src/routes/calendario.routes.ts         |  4 ++--
 apps/api/src/routes/cfdi.routes.ts               |  4 ++--
 apps/api/src/routes/dashboard.routes.ts          |  4 ++--
 apps/api/src/routes/export.routes.ts             |  4 ++--
 apps/api/src/routes/fiel.routes.ts               |  4 ++--
 apps/api/src/routes/impuestos.routes.ts          |  4 ++--
 apps/api/src/routes/reportes.routes.ts           |  4 ++--
 apps/api/src/routes/sat.routes.ts                |  4 ++--
 apps/api/src/routes/tenants.routes.ts            |  4 ++--
 apps/api/src/routes/usuarios.routes.ts           |  4 ++--
 apps/api/src/utils/token.ts                      | 16 +++++++++-------
 19 files changed, 50 insertions(+), 48 deletions(-)

diff --git a/apps/api/src/app.ts b/apps/api/src/app.ts
index bc51eac..4633258 100644
--- a/apps/api/src/app.ts
+++ b/apps/api/src/app.ts
@@ -1,4 +1,4 @@
-import express from 'express';
+import express, { type Express } from 'express';
 import cors from 'cors';
 import helmet from 'helmet';
 import { env, getCorsOrigins } from './config/env.js';
@@ -16,7 +16,7 @@ import { tenantsRoutes } from './routes/tenants.routes.js';
 import fielRoutes from './routes/fiel.routes.js';
 import satRoutes from './routes/sat.routes.js';
 
-const app = express();
+const app: Express = express();
 
 // Security
 app.use(helmet());
diff --git a/apps/api/src/config/env.ts b/apps/api/src/config/env.ts
index 4da91cc..a4e7d09 100644
--- a/apps/api/src/config/env.ts
+++ b/apps/api/src/config/env.ts
@@ -15,11 +15,6 @@ const envSchema = z.object({
   CORS_ORIGIN: z.string().default('http://localhost:3000'),
 });
 
-// Parse CORS origins (comma-separated) into array
-export function getCorsOrigins(): string[] {
-  return parsed.data.CORS_ORIGIN.split(',').map(origin => origin.trim());
-}
-
 const parsed = envSchema.safeParse(process.env);
 
 if (!parsed.success) {
@@ -28,3 +23,8 @@ if (!parsed.success) {
 }
 
 export const env = parsed.data;
+
+// Parse CORS origins (comma-separated) into array
+export function getCorsOrigins(): string[] {
+  return env.CORS_ORIGIN.split(',').map(origin => origin.trim());
+}
diff --git a/apps/api/src/controllers/alertas.controller.ts b/apps/api/src/controllers/alertas.controller.ts
index d5c8da4..427cef1 100644
--- a/apps/api/src/controllers/alertas.controller.ts
+++ b/apps/api/src/controllers/alertas.controller.ts
@@ -17,7 +17,7 @@ export async function getAlertas(req: Request, res: Response, next: NextFunction
 
 export async function getAlerta(req: Request, res: Response, next: NextFunction) {
   try {
-    const alerta = await alertasService.getAlertaById(req.tenantSchema!, parseInt(req.params.id));
+    const alerta = await alertasService.getAlertaById(req.tenantSchema!, parseInt(String(req.params.id)));
     if (!alerta) {
       return res.status(404).json({ message: 'Alerta no encontrada' });
     }
@@ -38,7 +38,7 @@ export async function createAlerta(req: Request, res: Response, next: NextFuncti
 
 export async function updateAlerta(req: Request, res: Response, next: NextFunction) {
   try {
-    const alerta = await alertasService.updateAlerta(req.tenantSchema!, parseInt(req.params.id), req.body);
+    const alerta = await alertasService.updateAlerta(req.tenantSchema!, parseInt(String(req.params.id)), req.body);
     res.json(alerta);
   } catch (error) {
     next(error);
@@ -47,7 +47,7 @@ export async function updateAlerta(req: Request, res: Response, next: NextFuncti
 
 export async function deleteAlerta(req: Request, res: Response, next: NextFunction) {
   try {
-    await alertasService.deleteAlerta(req.tenantSchema!, parseInt(req.params.id));
+    await alertasService.deleteAlerta(req.tenantSchema!, parseInt(String(req.params.id)));
     res.status(204).send();
   } catch (error) {
     next(error);
diff --git a/apps/api/src/controllers/calendario.controller.ts b/apps/api/src/controllers/calendario.controller.ts
index 426061d..e13b051 100644
--- a/apps/api/src/controllers/calendario.controller.ts
+++ b/apps/api/src/controllers/calendario.controller.ts
@@ -35,7 +35,7 @@ export async function createEvento(req: Request, res: Response, next: NextFuncti
 
 export async function updateEvento(req: Request, res: Response, next: NextFunction) {
   try {
-    const evento = await calendarioService.updateEvento(req.tenantSchema!, parseInt(req.params.id), req.body);
+    const evento = await calendarioService.updateEvento(req.tenantSchema!, parseInt(String(req.params.id)), req.body);
     res.json(evento);
   } catch (error) {
     next(error);
@@ -44,7 +44,7 @@ export async function updateEvento(req: Request, res: Response, next: NextFuncti
 
 export async function deleteEvento(req: Request, res: Response, next: NextFunction) {
   try {
-    await calendarioService.deleteEvento(req.tenantSchema!, parseInt(req.params.id));
+    await calendarioService.deleteEvento(req.tenantSchema!, parseInt(String(req.params.id)));
     res.status(204).send();
   } catch (error) {
     next(error);
diff --git a/apps/api/src/controllers/cfdi.controller.ts b/apps/api/src/controllers/cfdi.controller.ts
index 3c54ba7..79f7cc3 100644
--- a/apps/api/src/controllers/cfdi.controller.ts
+++ b/apps/api/src/controllers/cfdi.controller.ts
@@ -33,7 +33,7 @@ export async function getCfdiById(req: Request, res: Response, next: NextFunctio
       return next(new AppError(400, 'Schema no configurado'));
     }
 
-    const cfdi = await cfdiService.getCfdiById(req.tenantSchema, req.params.id);
+    const cfdi = await cfdiService.getCfdiById(req.tenantSchema, String(req.params.id));
 
     if (!cfdi) {
       return next(new AppError(404, 'CFDI no encontrado'));
@@ -131,7 +131,7 @@ export async function deleteCfdi(req: Request, res: Response, next: NextFunction
       return next(new AppError(403, 'No tienes permisos para eliminar CFDIs'));
     }
 
-    await cfdiService.deleteCfdi(req.tenantSchema, req.params.id);
+    await cfdiService.deleteCfdi(req.tenantSchema, String(req.params.id));
     res.status(204).send();
   } catch (error) {
     next(error);
diff --git a/apps/api/src/controllers/tenants.controller.ts b/apps/api/src/controllers/tenants.controller.ts
index 7556f75..e7477ff 100644
--- a/apps/api/src/controllers/tenants.controller.ts
+++ b/apps/api/src/controllers/tenants.controller.ts
@@ -22,7 +22,7 @@ export async function getTenant(req: Request, res: Response, next: NextFunction)
       throw new AppError(403, 'Solo administradores pueden ver detalles de clientes');
     }
 
-    const tenant = await tenantsService.getTenantById(req.params.id);
+    const tenant = await tenantsService.getTenantById(String(req.params.id));
     if (!tenant) {
       throw new AppError(404, 'Cliente no encontrado');
     }
@@ -65,7 +65,7 @@ export async function updateTenant(req: Request, res: Response, next: NextFuncti
       throw new AppError(403, 'Solo administradores pueden editar clientes');
     }
 
-    const { id } = req.params;
+    const id = String(req.params.id);
     const { nombre, rfc, plan, cfdiLimit, usersLimit, active } = req.body;
 
     const tenant = await tenantsService.updateTenant(id, {
@@ -89,7 +89,7 @@ export async function deleteTenant(req: Request, res: Response, next: NextFuncti
       throw new AppError(403, 'Solo administradores pueden eliminar clientes');
     }
 
-    await tenantsService.deleteTenant(req.params.id);
+    await tenantsService.deleteTenant(String(req.params.id));
     res.status(204).send();
   } catch (error) {
     next(error);
diff --git a/apps/api/src/routes/alertas.routes.ts b/apps/api/src/routes/alertas.routes.ts
index 0acc4b5..0d1e35c 100644
--- a/apps/api/src/routes/alertas.routes.ts
+++ b/apps/api/src/routes/alertas.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as alertasController from '../controllers/alertas.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/auth.routes.ts b/apps/api/src/routes/auth.routes.ts
index c3befc6..695d830 100644
--- a/apps/api/src/routes/auth.routes.ts
+++ b/apps/api/src/routes/auth.routes.ts
@@ -1,8 +1,8 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import * as authController from '../controllers/auth.controller.js';
 import { authenticate } from '../middlewares/auth.middleware.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.post('/register', authController.register);
 router.post('/login', authController.login);
diff --git a/apps/api/src/routes/calendario.routes.ts b/apps/api/src/routes/calendario.routes.ts
index 17022c3..90ae3ee 100644
--- a/apps/api/src/routes/calendario.routes.ts
+++ b/apps/api/src/routes/calendario.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as calendarioController from '../controllers/calendario.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/cfdi.routes.ts b/apps/api/src/routes/cfdi.routes.ts
index aebf201..59722f5 100644
--- a/apps/api/src/routes/cfdi.routes.ts
+++ b/apps/api/src/routes/cfdi.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as cfdiController from '../controllers/cfdi.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/dashboard.routes.ts b/apps/api/src/routes/dashboard.routes.ts
index c9a8e7d..26d9f63 100644
--- a/apps/api/src/routes/dashboard.routes.ts
+++ b/apps/api/src/routes/dashboard.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as dashboardController from '../controllers/dashboard.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/export.routes.ts b/apps/api/src/routes/export.routes.ts
index 6745283..ed5eba8 100644
--- a/apps/api/src/routes/export.routes.ts
+++ b/apps/api/src/routes/export.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as exportController from '../controllers/export.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/fiel.routes.ts b/apps/api/src/routes/fiel.routes.ts
index c5f9ffb..0a8b1d9 100644
--- a/apps/api/src/routes/fiel.routes.ts
+++ b/apps/api/src/routes/fiel.routes.ts
@@ -1,8 +1,8 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import * as fielController from '../controllers/fiel.controller.js';
 import { authenticate } from '../middlewares/auth.middleware.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 // Todas las rutas requieren autenticación
 router.use(authenticate);
diff --git a/apps/api/src/routes/impuestos.routes.ts b/apps/api/src/routes/impuestos.routes.ts
index caa1cb1..24b31e6 100644
--- a/apps/api/src/routes/impuestos.routes.ts
+++ b/apps/api/src/routes/impuestos.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as impuestosController from '../controllers/impuestos.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/reportes.routes.ts b/apps/api/src/routes/reportes.routes.ts
index 5be1d42..455a9cb 100644
--- a/apps/api/src/routes/reportes.routes.ts
+++ b/apps/api/src/routes/reportes.routes.ts
@@ -1,9 +1,9 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import { tenantMiddleware } from '../middlewares/tenant.middleware.js';
 import * as reportesController from '../controllers/reportes.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 router.use(tenantMiddleware);
diff --git a/apps/api/src/routes/sat.routes.ts b/apps/api/src/routes/sat.routes.ts
index 06075da..d73c63e 100644
--- a/apps/api/src/routes/sat.routes.ts
+++ b/apps/api/src/routes/sat.routes.ts
@@ -1,8 +1,8 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import * as satController from '../controllers/sat.controller.js';
 import { authenticate } from '../middlewares/auth.middleware.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 // Todas las rutas requieren autenticación
 router.use(authenticate);
diff --git a/apps/api/src/routes/tenants.routes.ts b/apps/api/src/routes/tenants.routes.ts
index bf76f37..c018c69 100644
--- a/apps/api/src/routes/tenants.routes.ts
+++ b/apps/api/src/routes/tenants.routes.ts
@@ -1,8 +1,8 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import * as tenantsController from '../controllers/tenants.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 
diff --git a/apps/api/src/routes/usuarios.routes.ts b/apps/api/src/routes/usuarios.routes.ts
index 35733b9..4e0c419 100644
--- a/apps/api/src/routes/usuarios.routes.ts
+++ b/apps/api/src/routes/usuarios.routes.ts
@@ -1,8 +1,8 @@
-import { Router } from 'express';
+import { Router, type IRouter } from 'express';
 import { authenticate } from '../middlewares/auth.middleware.js';
 import * as usuariosController from '../controllers/usuarios.controller.js';
 
-const router = Router();
+const router: IRouter = Router();
 
 router.use(authenticate);
 
diff --git a/apps/api/src/utils/token.ts b/apps/api/src/utils/token.ts
index 98b951f..4b64f69 100644
--- a/apps/api/src/utils/token.ts
+++ b/apps/api/src/utils/token.ts
@@ -1,17 +1,19 @@
-import jwt from 'jsonwebtoken';
+import jwt, { type SignOptions } from 'jsonwebtoken';
 import type { JWTPayload } from '@horux/shared';
 import { env } from '../config/env.js';
 
 export function generateAccessToken(payload: Omit<JWTPayload, 'iat' | 'exp'>): string {
-  return jwt.sign(payload, env.JWT_SECRET, {
-    expiresIn: env.JWT_EXPIRES_IN,
-  });
+  const options: SignOptions = {
+    expiresIn: env.JWT_EXPIRES_IN as SignOptions['expiresIn'],
+  };
+  return jwt.sign(payload, env.JWT_SECRET, options);
 }
 
 export function generateRefreshToken(payload: Omit<JWTPayload, 'iat' | 'exp'>): string {
-  return jwt.sign(payload, env.JWT_SECRET, {
-    expiresIn: env.JWT_REFRESH_EXPIRES_IN,
-  });
+  const options: SignOptions = {
+    expiresIn: env.JWT_REFRESH_EXPIRES_IN as SignOptions['expiresIn'],
+  };
+  return jwt.sign(payload, env.JWT_SECRET, options);
 }
 
 export function verifyToken(token: string): JWTPayload {