refactor(server): corrected the middleware to be in the correct spot to work as intended

2025-03-03 17:32:46 -06:00
parent 275502143c
commit 1af561acb1
7 changed files with 33 additions and 19 deletions
--- a/server/services/auth/routes/login.ts
+++ b/server/services/auth/routes/login.ts
@@ -1,5 +1,6 @@
 import {z, createRoute, OpenAPIHono} from "@hono/zod-openapi";
 import {login} from "../controllers/login.js";
+import {log} from "../../logger/logger.js";

 const app = new OpenAPIHono();

@@ -77,7 +78,7 @@ app.openapi(route, async (c) => {

    try {
        const {token, user} = await login(username.toLowerCase(), password);
-
+        log.info({username: username}, "logged in");
        // Set the JWT as an HTTP-only cookie
        //c.header("Set-Cookie", `auth_token=${token}; HttpOnly; Secure; Path=/; SameSite=None; Max-Age=3600`);

--- a/server/services/auth/routes/session.ts
+++ b/server/services/auth/routes/session.ts
@@ -1,9 +1,9 @@
 import {z, createRoute, OpenAPIHono} from "@hono/zod-openapi";
 import {verify} from "hono/jwt";
+import {log} from "../../logger/logger.js";
+import {authMiddleware} from "../middleware/authMiddleware.js";

 const session = new OpenAPIHono();
-const tags = ["Auth"];
-const JWT_SECRET = process.env.JWT_SECRET!;

 const UserSchema = z.object({
    username: z
@@ -21,11 +21,12 @@ const UserSchema = z.object({

 session.openapi(
    createRoute({
-        tags,
+        tags: ["Auth"],
        summary: "Checks a user session based on there token",
        description: "Can post there via Authentiaction header or cookies",
        method: "get",
        path: "/",
+        middleware: authMiddleware,
        // request: {
        //     body: {
        //         content: {
@@ -79,8 +80,10 @@ session.openapi(
        try {
            const payload = await verify(token, process.env.JWT_SECRET!);
            return c.json({data: {token: token, user: payload.user}}, 200);
-        } catch (error) {}
-        return c.json({data: {token: "tsfds"}}, 200);
+        } catch (error) {
+            log.error(error, "Failed session check, user must be logged out");
+            return c.json({message: "Unauthorized"}, 401);
+        }
    }
 );

--- a/server/services/auth/routes/userRoles/getUserRoles.ts
+++ b/server/services/auth/routes/userRoles/getUserRoles.ts
@@ -3,6 +3,7 @@ import {apiHit} from "../../../../globalUtils/apiHits.js";
 import jwt from "jsonwebtoken";
 import {roleCheck} from "../../controllers/userRoles/getUserAccess.js";
 import type {CustomJwtPayload} from "../../../../types/jwtToken.js";
+import {authMiddleware} from "../../middleware/authMiddleware.js";

 const {verify} = jwt;
 const app = new OpenAPIHono();
@@ -17,7 +18,7 @@ app.openapi(
        summary: "Returns the useraccess table",
        method: "get",
        path: "/",
-
+        middleware: authMiddleware,
        responses: {
            200: {
                content: {"application/json": {schema: responseSchema}},
--- a/server/services/auth/routes/userRoles/setUserRoles.ts
+++ b/server/services/auth/routes/userRoles/setUserRoles.ts
@@ -2,6 +2,7 @@ import {createRoute, OpenAPIHono, z} from "@hono/zod-openapi";
 import {setUserAccess} from "../../controllers/userRoles/setUserRoles.js";
 import {apiHit} from "../../../../globalUtils/apiHits.js";
 import {apiReturn} from "../../../../globalUtils/apiReturn.js";
+import {authMiddleware} from "../../middleware/authMiddleware.js";

 const app = new OpenAPIHono();

@@ -27,6 +28,7 @@ app.openapi(
        summary: "Sets Users access",
        method: "post",
        path: "/",
+        middleware: authMiddleware,
        description: "When logged in you will be able to grant new permissions",
        request: {
            body: {