OpenAuth_server/Backend/src/api/middlewares/user.ts

import { NextFunction, Request, Response } from "express";
import Logging from "@hibas123/nodelogging";
import RequestError, { HttpStatusCode } from "../../helper/request_error";
import promiseMiddleware from "../../helper/promiseMiddleware";
import { requireLoginState } from "../../helper/login";

class Invalid extends Error { }

/**
 * Returns customized Middleware function, that could also be called directly
 * by code and will return true or false depending on the token. In the false
 * case it will also send error and redirect if json is not set
 * @param json Default false. Checks if requests wants an json or html for returning errors
 * @param special_required Default false. If true, a special token is required
 * @param redirect_uri Default current uri. Sets the uri to redirect, if json is not set and user not logged in
 * @param validated Default true. If false, the token must not be validated
 */
export function GetUserMiddleware(
   json = false,
   special_required: boolean = false,
   redirect_uri?: string,
   validated = true
) {
   return promiseMiddleware(async function (
      req: Request,
      res: Response,
      next?: NextFunction
   ) {
      const invalid = (message: string) => {
         throw new Invalid(req.__(message));
      };
      try {
         if (!requireLoginState(req, validated, special_required)) {
            invalid("Not logged in");
         }

         if (next) next();
         return true;
      } catch (e) {
         Logging.getChild("UserMiddleware").warn(e);
         if (e instanceof Invalid) {
            if (req.method === "GET" && !json) {
               res.status(HttpStatusCode.UNAUTHORIZED);
               res.redirect(
                  "/login?base64=true&state=" +
                  Buffer.from(
                     redirect_uri ? redirect_uri : req.originalUrl
                  ).toString("base64")
               );
            } else {
               throw new RequestError(
                  req.__(
                     "You are not logged in or your login is expired" +
                     ` (${e.message})`
                  ),
                  HttpStatusCode.UNAUTHORIZED,
                  undefined,
                  { auth: true }
               );
            }
         } else {
            if (next) next(e);
            else throw e;
         }
         return false;
      }
   });
}

export const UserMiddleware = GetUserMiddleware();