From c9e6cb6169a6bf371fbff1c733aba3818a90c77e Mon Sep 17 00:00:00 2001
From: Mathis <yidhra@tuta.io>
Date: Wed, 22 May 2024 14:20:30 +0200
Subject: [PATCH] feat: add authentication middleware

This commit adds authentication middleware for user and admin levels. The middleware retrieves the JWT from the header and verifies it. Error messages are returned for cases like no token found, user not found, unverified email, and when a user is not an admin but tries to perform an admin function.
---
 src/middlewares/authentication.middleware.ts | 67 ++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 src/middlewares/authentication.middleware.ts

diff --git a/src/middlewares/authentication.middleware.ts b/src/middlewares/authentication.middleware.ts
new file mode 100644
index 0000000..ae2cd79
--- /dev/null
+++ b/src/middlewares/authentication.middleware.ts
@@ -0,0 +1,67 @@
+import type {NextFunction, Request, Response} from "express";
+import JwtService from "@services/authentication/jwt.service";
+import {DatabasesService} from "@services/databases/databases.service";
+import {UserInDatabase} from "@interfaces/db/mariadb.interface";
+import {HttpStatusCode} from "axios";
+
+const db = new DatabasesService('OnlyDevs');
+
+async function getTokenFromHeader(req: Request) {
+	const token: string | undefined = req.headers.authorization?.split(" ")[1];
+	if (!token ||token.length <= 0) {
+		return false
+	}
+	return token;
+}
+
+
+async function UserMiddleware(req: Request, res: Response, next: NextFunction) {
+	const originToken = getTokenFromHeader(req);
+	if (!originToken) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const tokenPayload = await JwtService.verify(`${originToken}`);
+	if (!tokenPayload || !tokenPayload.sub) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const UserFound = await db.getUserById(tokenPayload.sub)
+	const User: UserInDatabase | undefined = UserFound[0] as UserInDatabase
+	if (!User) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you dont exist." });
+	}
+	if (User.email_activation) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "You should verify your email first."})
+	}
+	return next()
+}
+
+async function AdminMiddleware(req: Request, res: Response, next: NextFunction) {
+	const originToken = getTokenFromHeader(req);
+	if (!originToken) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const tokenPayload = await JwtService.verify(`${originToken}`);
+	if (!tokenPayload || !tokenPayload.sub) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const UserFound = await db.getUserById(tokenPayload.sub)
+	const User: UserInDatabase | undefined = UserFound[0] as UserInDatabase
+	if (!User) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you dont exist." });
+	}
+	if (User.email_activation) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "You should verify your email first."})
+	}
+
+	const adminState = User.admin
+
+	if (!adminState) {
+    return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you are not an admin." });
+  }
+	return next()
+}
+
+export const AuthMiddleware = {
+	user: UserMiddleware,
+	admin: AdminMiddleware,
+}
\ No newline at end of file