fosrl.pangolin/server/middlewares/verifySession.ts

import { NextFunction, Response } from "express";
import ErrorResponse from "@server/types/ErrorResponse";
import { db } from "@server/db";
import { users } from "@server/db/schema";
import { eq } from "drizzle-orm";
import createHttpError from "http-errors";
import HttpCode from "@server/types/HttpCode";
import { verifySession } from "@server/auth/sessions/verifySession";
import { unauthorized } from "@server/auth/unauthorizedResponse";

export const verifySessionMiddleware = async (
    req: any,
    res: Response<ErrorResponse>,
    next: NextFunction
) => {
    const { session, user } = await verifySession(req);
    if (!session || !user) {
        return next(unauthorized());
    }

    const existingUser = await db
        .select()
        .from(users)
        .where(eq(users.userId, user.userId));

    if (!existingUser || !existingUser[0]) {
        return next(
            createHttpError(HttpCode.BAD_REQUEST, "User does not exist")
        );
    }

    req.user = existingUser[0];
    req.session = session;

    next();
};
add rate limit and app name to env 2024-10-03 21:01:19 -04:00			`import { NextFunction, Response } from "express";`
added auth middleware 2024-10-02 23:54:14 -04:00			`import ErrorResponse from "@server/types/ErrorResponse";`
			`import { db } from "@server/db";`
			`import { users } from "@server/db/schema";`
			`import { eq } from "drizzle-orm";`
			`import createHttpError from "http-errors";`
			`import HttpCode from "@server/types/HttpCode";`
refactor and reorganize 2025-01-01 21:41:31 -05:00			`import { verifySession } from "@server/auth/sessions/verifySession";`
			`import { unauthorized } from "@server/auth/unauthorizedResponse";`
added auth middleware 2024-10-02 23:54:14 -04:00
			`export const verifySessionMiddleware = async (`
			`req: any,`
			`res: Response<ErrorResponse>,`
refactor and reorganize 2025-01-01 21:41:31 -05:00			`next: NextFunction`
added auth middleware 2024-10-02 23:54:14 -04:00			`) => {`
			`const { session, user } = await verifySession(req);`
			`if (!session \|\| !user) {`
			`return next(unauthorized());`
			`}`

			`const existingUser = await db`
			`.select()`
			`.from(users)`
remove lucia 2024-10-13 17:13:47 -04:00			`.where(eq(users.userId, user.userId));`
added auth middleware 2024-10-02 23:54:14 -04:00
			`if (!existingUser \|\| !existingUser[0]) {`
			`return next(`
refactor and reorganize 2025-01-01 21:41:31 -05:00			`createHttpError(HttpCode.BAD_REQUEST, "User does not exist")`
added auth middleware 2024-10-02 23:54:14 -04:00			`);`
			`}`

			`req.user = existingUser[0];`
			`req.session = session;`
verify email workflow working 2024-10-04 23:14:40 -04:00
			`next();`
added auth middleware 2024-10-02 23:54:14 -04:00			`};`