feat: set currentUser with every request (foyzulkarim#35)

aninda052 · Aug 30, 2023 · a3f147d · a3f147d
1 parent de04a1e
commit a3f147d
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 14 deletions.
diff --git a/server/src/middleware/auth.js b/server/src/middleware/auth.js
@@ -0,0 +1,23 @@
+const jwt = require("jsonwebtoken");
+const { User } =  require('../modules/db/collections');
+
+const setCurrentUser = async (req, res, next) => {
+  const token = req.headers.authorization ?? '';
+  req.user = null;
+
+  if (token) {
+    await jwt.verify(token.split(' ')[1], process.env.JWT_SECRET, async function(err, payLOad){
+      if(payLOad){
+        req.user = await User.getObjectById(payLOad._id);
+      }
+    });
+
+  }
+  next(); 
+};
+
+
+module.exports = {
+    setCurrentUser
+}
+
diff --git a/server/src/modules/authentication/controller.js b/server/src/modules/authentication/controller.js
@@ -1,6 +1,6 @@
 const { loginValidate, authenticate } = require('./request');
-const { generateJwtToken } = require('./utils')
-const { setCookie } = require('../../utils/cookie')
+const { generateJwtToken } = require('./utils');
+const { setCookie } = require('../../utils/cookie');
 
 const setupRoutes = (app) => {
 
@@ -9,8 +9,8 @@ const setupRoutes = (app) => {
     const loginValidationResult = loginValidate(req.body);
 
     if (!loginValidationResult.error) {
-      const { email, password } = req.body
-      const authenticationResult =  await authenticate(email, password)
+      const { email, password } = req.body;
+      const authenticationResult =  await authenticate(email, password);
 
       if(authenticationResult.isAuthenticate){
 
@@ -19,14 +19,10 @@ const setupRoutes = (app) => {
           name: authenticationResult.user.name
         });
 
-        setCookie(res, 'Bearer', jwtToken, {
-          httpOnly: true,
-          secure: process.env.NODE_ENV !== 'development', // Use secure cookies in production
-          sameSite: 'strict', // Prevent CSRF attacks
-          maxAge: 2 * 24 * 60 * 60 * 1000, // 2 days
+        return res.status(200).json({
+          user: authenticationResult.user,
+          accessToken: jwtToken
         });
-
-        return res.status(200).json({user: authenticationResult.user });
       }
       else{
         return res.status(401).json({message: authenticationResult.message });

diff --git a/server/src/modules/models/user/controller.js b/server/src/modules/models/user/controller.js
@@ -7,7 +7,7 @@ const BASE_URL = `/api/user`;
 const setupRoutes = (app) => {
 
 
-  app.post(`${BASE_URL}/registration`, async (req, res) => {
+  app.post(`/api/registration`, async (req, res) => {
 
     const validationResult = validate(req.body);
 

diff --git a/server/src/server.js b/server/src/server.js
@@ -6,8 +6,10 @@ const eventEmitter = require('./event-manager').getInstance();
 const PORT = 4000;
 
 const setup = async () => {  
-  const { setup: setupVideoModule } =
-    await require('./modules/models/video/controller');
+  const { setCurrentUser } = await require('./middleware/auth');
+  app.use(setCurrentUser);
+
+  const { setup: setupVideoModule } = await require('./modules/models/video/controller');
   setupVideoModule(app);
 
   const { setup: setupRoleModule } = await require('./modules/models/role/controller');