From 116bafa58dddbad260182a3120d240079a3e5f0e Mon Sep 17 00:00:00 2001
From: Fabrice-Dush <dushimimanafabricerwanda@gmail.com>
Date: Tue, 28 May 2024 10:21:01 +0300
Subject: [PATCH] Added authorization middleware

---
 src/middlewares/index.ts | 48 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/src/middlewares/index.ts b/src/middlewares/index.ts
index e69de29b..5e0b3207 100644
--- a/src/middlewares/index.ts
+++ b/src/middlewares/index.ts
@@ -0,0 +1,48 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import { Request, Response, NextFunction } from "express";
+import jwt from "jsonwebtoken";
+import Users, { UsersAttributes } from "../databases/models/users";
+
+const SECRET: string = process.env.JWT_SECRET;
+
+interface ExtendedRequest extends Request {
+  user: UsersAttributes;
+}
+
+export const protect = async function (
+  req: ExtendedRequest,
+  res: Response,
+  next: NextFunction
+) {
+  try {
+    //? 1. Get token and check if it's there
+    let token: string;
+    if (req.headers.authorization?.startsWith("Bearer")) {
+      token = req.headers.authorization.split(" ").at(-1);
+    }
+
+    if (!token) throw new Error("Login to get access to this resource");
+
+    //? 2. Validate the token to see if it is valid or if it has not expired
+    const decoded: any = await jwt.verify(token, SECRET);
+
+    //? 3. Check if the user still exists
+    const user = await Users.findByPk(decoded.id);
+    if (!user) {
+      throw new Error("User belonging to this token does not exist");
+    }
+
+    //?4. Grant access to the protected route
+    req.user = user;
+    next();
+  } catch (err: any) {
+    console.log(err);
+    let message: string;
+    if (err.name === "JsonWebTokenError" || err.name === "TokenExpiredError") {
+      message = "Invalid token. Log in again to get a new one";
+    } else {
+      message = err.message;
+    }
+    res.status(401).json({ ok: false, status: "fail", message: message });
+  }
+};