chore: code refactor

2025-12-10 19:34:34 +00:00 · 2022-08-02 22:16:41 +05:00
parent 68515f95a6
commit f978814ca7
3 changed files with 42 additions and 29 deletions
--- a/api/src/middlewares/authenticateToken.ts
+++ b/api/src/middlewares/authenticateToken.ts
@@ -23,11 +23,6 @@ export const authenticateAccessToken: RequestHandler = async (
    return next()
  }

-  if (await isPublicRoute(req)) {
-    req.user = publicUser
-    return next()
-  }
-
  const nextFunction = isAuthorizingRoute(req)
    ? () => authorize(req, res, next)
    : next
@@ -48,7 +43,7 @@ export const authenticateAccessToken: RequestHandler = async (
    return res.sendStatus(401)
  }

-  authenticateToken(
+  await authenticateToken(
    req,
    res,
    nextFunction,
@@ -57,8 +52,12 @@ export const authenticateAccessToken: RequestHandler = async (
  )
 }

-export const authenticateRefreshToken: RequestHandler = (req, res, next) => {
-  authenticateToken(
+export const authenticateRefreshToken: RequestHandler = async (
+  req,
+  res,
+  next
+) => {
+  await authenticateToken(
    req,
    res,
    next,
@@ -67,7 +66,7 @@ export const authenticateRefreshToken: RequestHandler = (req, res, next) => {
  )
 }

-const authenticateToken = (
+const authenticateToken = async (
  req: Request,
  res: Response,
  next: NextFunction,
@@ -90,26 +89,37 @@ const authenticateToken = (

  const authHeader = req.headers['authorization']
  const token = authHeader?.split(' ')[1]
-  if (!token) return res.sendStatus(401)

-  jwt.verify(token, key, async (err: any, data: any) => {
-    if (err) return res.sendStatus(401)
+  try {
+    if (!token) throw 'Unauthorized'

-    // verify this valid token's entry in DB
-    const user = await verifyTokenInDB(
-      data?.userId,
-      data?.clientId,
-      token,
-      tokenType
-    )
+    jwt.verify(token, key, async (err: any, data: any) => {
+      if (err) throw 'Unauthorized'

-    if (user) {
-      if (user.isActive) {
-        req.user = user
-        if (tokenType === 'accessToken') req.accessToken = token
-        return next()
-      } else return res.sendStatus(401)
+      // verify this valid token's entry in DB
+      const user = await verifyTokenInDB(
+        data?.userId,
+        data?.clientId,
+        token,
+        tokenType
+      )
+
+      if (user) {
+        if (user.isActive) {
+          req.user = user
+          if (tokenType === 'accessToken') req.accessToken = token
+          return next()
+        } else throw 'Unauthorized'
+      }
+
+      throw 'Unauthorized'
+    })
+  } catch (error) {
+    if (await isPublicRoute(req)) {
+      req.user = publicUser
+      return next()
    }
-    return res.sendStatus(401)
-  })
+
+    res.sendStatus(401)
+  }
 }
--- a/api/src/middlewares/authorize.ts
+++ b/api/src/middlewares/authorize.ts
@@ -5,7 +5,7 @@ import {
  PermissionSettingForRoute,
  PermissionType
 } from '../controllers/permission'
-import { getPath } from '../utils'
+import { getPath, isPublicRoute } from '../utils'

 export const authorize: RequestHandler = async (req, res, next) => {
  const { user } = req
@@ -17,6 +17,9 @@ export const authorize: RequestHandler = async (req, res, next) => {
  // no need to check for permissions when user is admin
  if (user.isAdmin) return next()

+  // no need to check for permissions when route is Public
+  if (await isPublicRoute(req)) return next()
+
  const dbUser = await User.findOne({ id: user.userId })
  if (!dbUser) return res.sendStatus(401)

--- a/api/src/utils/isPublicRoute.ts
+++ b/api/src/utils/isPublicRoute.ts
@@ -22,7 +22,7 @@ export const isPublicRoute = async (req: Request): Promise<boolean> => {
 }

 export const publicUser: RequestUser = {
-  userId: 12345,
+  userId: 0,
  clientId: 'public_app',
  username: 'publicUser',
  displayName: 'Public User',