Move server directory outside of frontend src

2026-05-08 21:10:12 +02:00 · 2022-10-25 16:52:45 -07:00
parent 863dce88b7
commit 0438f2d5f2
105 changed files with 16946 additions and 6901 deletions
@@ -0,0 +1,20 @@
+import { NextFunction, Request, Response } from 'express';
+
+export const authenticateAdmin = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  if (!req.authUser.isAdmin) {
+    return res.status(403).json({
+      error: {
+        message: 'This action requires an administrator account.',
+        path: req.path,
+      },
+      response: 'Error',
+      statusCode: 403,
+    });
+  }
+
+  return next();
+};
@@ -0,0 +1,71 @@
+import { ServerFolderPermission, ServerPermission, User } from '@prisma/client';
+import { NextFunction, Request, Response } from 'express';
+import passport from 'passport';
+
+export type AuthUser = User & {
+  flatServerFolderPermissions: string[];
+  flatServerPermissions: string[];
+  serverFolderPermissions: ServerFolderPermission[];
+  serverId?: string;
+  serverPermissions: ServerPermission[];
+};
+
+export const authenticate = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  passport.authenticate('jwt', { session: false }, (err, user, info) => {
+    if (err) {
+      return next(err);
+    }
+
+    if (!user) {
+      return res.status(401).json({
+        error: {
+          message: info?.message || 'Invalid authorization.',
+          path: req.path,
+        },
+        response: 'Error',
+        statusCode: 401,
+      });
+    }
+
+    if (!user.enabled) {
+      return res.status(401).json({
+        error: {
+          message: 'Your account is not enabled.',
+          path: req.path,
+        },
+        response: 'Error',
+        statusCode: 401,
+      });
+    }
+
+    const flatServerFolderPermissions = user.serverFolderPermissions.map(
+      (permission: ServerFolderPermission) => permission.serverFolderId
+    );
+
+    const flatServerPermissions = user.serverPermissions.map(
+      (permission: ServerPermission) => permission.serverId
+    );
+
+    const props = {
+      createdAt: user?.createdAt,
+      enabled: user?.enabled,
+      flatServerFolderPermissions,
+      flatServerPermissions,
+      id: user?.id,
+      isAdmin: user?.isAdmin,
+      server: req.params.serverId,
+      serverFolderPermissions: user?.serverFolderPermissions,
+      serverPermissions: user?.serverPermissions,
+      updatedAt: user?.updatedAt,
+      username: user?.username,
+    };
+
+    req.authUser = props;
+
+    return next();
+  })(req, res, next);
+};
@@ -0,0 +1,35 @@
+import { NextFunction, Request, Response } from 'express';
+import { isJsonString } from '@utils/is-json-string';
+
+export const errorHandler = (
+  err: any,
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  let message = '';
+
+  const trace = err.stack?.match(/at .* \(.*\)/g).map((e: string) => {
+    return e.replace(/\(|\)/g, '');
+  });
+
+  if (err.message) {
+    message = isJsonString(err.message)
+      ? Array.isArray(JSON.parse(err.message))
+        ? JSON.parse(err.message)[0].message // Handles errors sent from zod preprocess
+        : JSON.parse(err.message)
+      : err.message;
+  }
+
+  res.status(err.statusCode || 500).json({
+    error: {
+      message,
+      path: req.path,
+      trace,
+    },
+    response: 'Error',
+    statusCode: err.statusCode || 500,
+  });
+
+  next();
+};
@@ -0,0 +1,3 @@
+export * from './error-handler';
+export * from './authenticate';
+export * from './authenticate-admin';