refactor: implement auth middleware

Author: WillACosta

src/common/middlewares/index.ts

@@ -0,0 +1 @@
+export * from './is-authenticated.middleware'

src/common/middlewares/is-authenticated.middleware.ts

@@ -0,0 +1,56 @@
+import { NextFunction, Request, Response } from 'express'
+import jwt from 'jsonwebtoken'
+
+export interface AuthRequest extends Request {
+	user?: object
+	token?: string
+}
+
+export function isAuthenticated(
+	req: AuthRequest,
+	res: Response,
+	next: NextFunction,
+) {
+	const authHeader = req.headers['authorization']
+
+	if (!authHeader) {
+		return res.status(401).json({
+			success: false,
+			error: {
+				message: 'Auth headers not provided in the request.',
+			},
+		})
+	}
+
+	if (!authHeader.startsWith('Bearer')) {
+		return res.status(401).json({
+			success: false,
+			error: {
+				message: 'Invalid auth mechanism.',
+			},
+		})
+	}
+
+	const token = authHeader.split(' ')[1]
+
+	if (!token) {
+		return res.status(401).json({
+			success: false,
+			error: {
+				message: 'Bearer token missing in the authorization headers.',
+			},
+		})
+	}
+
+	return jwt.verify(token, process.env['JWT_SECRET']!, (err, user: any) => {
+		if (err) {
+			return res.status(403).json({
+				success: false,
+				error: 'Invalid access token provided, please login again.',
+			})
+		}
+
+		req.user = user
+		return next()
+	})
+}

src/modules/auth/application/controllers/auth.controller.ts

@@ -4,12 +4,12 @@ import jwt from 'jsonwebtoken'
 import { Request, Response } from 'express'
 
 import { UserDataProvider } from '@/modules/users/adapters/dataproviders/user.dataprovider'
-import { User } from '@/modules/users/core'
+import { UserParams } from '@/modules/users/core'
 
 export class AuthController {
 	constructor(private _userDataProvider: UserDataProvider) {}
 
-	register = async (req: Request<User>, res: Response) => {
+	register = async (req: Request<UserParams>, res: Response) => {
 		const { password, ...user } = req.body
 		const encryptedPassword = this._encryptPassword(password)
 
@@ -40,7 +40,7 @@ export class AuthController {
 			})
 	}
 
-	sign = async (req: Request<User>, res: Response) => {
+	sign = async (req: Request<UserParams>, res: Response) => {
 		const { password, email } = req.body
 		const encryptedPassword = this._encryptPassword(password)
 		const defaultErrorMessage = 'Provided email or password might be incorrect.'

src/modules/genai/application/routes/index.ts

@@ -1,10 +1,16 @@
 import express from 'express'
 
+import { isAuthenticated } from '@/common/middlewares'
 import { genAIController } from '@/di'
 
 const router = express.Router()
 
-router.post('/translate', genAIController.translateText)
-router.post('/search-in-document', genAIController.searchInDocument)
+router.post('/translate', isAuthenticated, genAIController.translateText)
+
+router.post(
+	'/search-in-document',
+	isAuthenticated,
+	genAIController.searchInDocument,
+)
 
 export default router

src/modules/status/routes.ts

@@ -1,6 +1,9 @@
 import express from 'express'
+
+import { isAuthenticated } from '@/common/middlewares'
+
 const router = express.Router()
 
-export default router.get('/', (_, res) => {
+export default router.get('/', isAuthenticated, (_, res) => {
 	res.status(200).send({ message: 'Systems up and running!' })
 })

src/modules/users/adapters/dataproviders/user.dataprovider.ts

@@ -1,8 +1,8 @@
 import { prismaClient } from '@/di'
-import { User } from '../../core'
+import { UserParams } from '../../core'
 
 export class UserDataProvider {
-	async insert({ name, email, password }: User) {
+	async insert({ name, email, password }: UserParams) {
 		return await prismaClient.users.create({
 			data: {
 				name,
@@ -12,7 +12,7 @@ export class UserDataProvider {
 		})
 	}
 
-	async update({ id, name, email, password }: User) {
+	async update({ id, name, email, password }: UserParams) {
 		return await prismaClient.users.update({
 			where: {
 				id,

src/modules/users/application/routes/index.ts

@@ -1,17 +1,18 @@
 import express from 'express'
 
+import { isAuthenticated } from '@/common/middlewares'
 import { usersController } from '@/di'
 
 const router = express.Router()
 
-router.get('/', usersController.getUser)
-router.patch('/', usersController.updateUser)
+router.get('/', isAuthenticated, usersController.getUser)
+router.patch('/', isAuthenticated, usersController.updateUser)
 
-router.get('/all', usersController.getAllUsers)
+router.get('/all', isAuthenticated, usersController.getAllUsers)
 
-router.delete('/:id', usersController.deleteUser)
-router.post('/:id', usersController.getUser)
+router.delete('/:id', isAuthenticated, usersController.deleteUser)
+router.post('/:id', isAuthenticated, usersController.getUser)
 
-router.put('/:id', usersController.updateUser)
+router.put('/:id', isAuthenticated, usersController.updateUser)
 
 export default router

src/modules/users/core/entities/index.ts

@@ -1,6 +1,7 @@
 export type User = {
 	id?: string
 	email: string
+	createdAt: Date
 	password: string
 	name?: string
 }

src/modules/users/core/index.ts

@@ -1 +1,2 @@
 export * from './entities'
+export * from './params'

src/modules/users/core/params/index.ts

@@ -0,0 +1,6 @@
+export type UserParams = {
+	id: string
+	email: string
+	password: string
+	name?: string
+}