From 0a3d943ca328b568ab699ff7c6f17d878bd7386c Mon Sep 17 00:00:00 2001
From: Mathis <yidhra@tuta.io>
Date: Tue, 23 Apr 2024 12:00:14 +0200
Subject: [PATCH] feat: :sparkles: UserGuard

#10
---
 src/validators/UserGuard.ts | 40 +++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 src/validators/UserGuard.ts

diff --git a/src/validators/UserGuard.ts b/src/validators/UserGuard.ts
new file mode 100644
index 0000000..033ad6a
--- /dev/null
+++ b/src/validators/UserGuard.ts
@@ -0,0 +1,40 @@
+import JwtService from "@services/jwt.service";
+import type {NextFunction, Request, Response} from "express";
+import MySqlService from "@services/mysql.service";
+import {Logger} from "tslog";
+
+const DbHandler = new MySqlService.Handler('UserGuard')
+const logger = new Logger({name: 'UserGuard'})
+
+const UNAUTHORIZED = 401;
+const FORBIDDEN = 403;
+const UNAUTH_MESSAGE = 'Missing Authorization Header';
+const INVALID_TOKEN_MESSAGE = 'Invalid or expired token.';
+const USER_NOT_EXIST = 'You dont exist anymore'
+
+async function UserGuard(req: Request, res: Response, next: NextFunction) {
+	const authHeader = req.headers.authorization;
+	if (!authHeader) {
+		return res.status(UNAUTHORIZED).json({message: UNAUTH_MESSAGE});
+	}
+
+	const bearerToken = authHeader.split(' ')[1];
+
+	if (!bearerToken) return res.status(FORBIDDEN).json({message: INVALID_TOKEN_MESSAGE});
+
+	const token = await JwtService.verify(bearerToken);
+
+	if (token) {
+		// @ts-ignore
+		const userId = token.sub;
+    const user= await MySqlService.User.getById(DbHandler, userId);
+    if (user) {
+			logger.info(`An user do a request. (${user?.username})`)
+			next()
+		}
+		return res.status(UNAUTHORIZED).json({message: USER_NOT_EXIST});
+	}
+		return res.status(FORBIDDEN).json({message: INVALID_TOKEN_MESSAGE});
+}
+
+export default UserGuard
\ No newline at end of file