Uecko/Uecko_ERP
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Uecko:eef6e6fa97fc9dce79bed2f73366e83b1d97dd62
Branches Tags
Uecko:main
..
compare: Uecko:54a4935cb7ad865aca1f9efa56396393782e2d43
Branches Tags
Uecko:main

No commits in common. "eef6e6fa97fc9dce79bed2f73366e83b1d97dd62" and "54a4935cb7ad865aca1f9efa56396393782e2d43" have entirely different histories.
eef6e6fa97 ... 54a4935cb7

25 changed files with 173 additions and 196 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -38,7 +38,6 @@ error-*.log
# Misc
.DS_Store
*.pem
*-audit.json
#Jetbrains
.idea

6
apps/server/src/app.ts
View File

@ -1,6 +1,6 @@
import { logger } from "@common/infrastructure/logger";
import { globalErrorHandler } from "@common/presentation";
import { createAuthProvider } from "@contexts/auth/infraestructure";
import { initializePassportAuthProvide } from "@contexts/auth/infraestructure";
import dotenv from "dotenv";
import express, { Application } from "express";
import helmet from "helmet";
@ -24,9 +24,9 @@ export function createApp(): Application {
app.use(responseTime()); // set up the response-time middleware
// Inicializar Auth Provider
// Inicializar Passport
app.use((req, res, next) => {
createAuthProvider().initialize();
initializePassportAuthProvide();
next();
});

2
apps/server/src/common/presentation/express/index.ts
View File

@ -1,4 +1,4 @@
export * from "./api-error";
export * from "./express-controller";
export * from "./middlewares";
export * from "./validate-request-dto";
export * from "./validate-request";

2
apps/server/src/common/presentation/express/validate-request-dto.ts → apps/server/src/common/presentation/express/validate-request.ts
View File

@ -3,7 +3,7 @@ import httpStatus from "http-status";
import { ZodSchema } from "zod";
import { ApiError } from "./api-error";
export const validateRequestDTO =
export const validateRequest =
(schema: ZodSchema) => (req: Request, res: Response, next: NextFunction) => {
const result = schema.safeParse(req.body);
if (!result.success) {

21
apps/server/src/contexts/auth/application/auth-service.interface.ts
View File

@ -1,17 +1,10 @@
import { Result, UniqueID } from "@common/domain";
import {
AuthenticatedUser,
EmailAddress,
HashPassword,
PlainPassword,
TabContext,
Username,
} from "../domain";
import { IJWTPayload } from "../infraestructure";
import { AuthenticatedUser, EmailAddress, HashPassword, PlainPassword, Username } from "../domain";
export interface IAuthService {
generateAccessToken(payload: IJWTPayload): string;
generateRefreshToken(payload: IJWTPayload): string;
generateAccessToken(payload: object): string;
generateRefreshToken(payload: object): string;
verifyToken(token: string): Promise<AuthenticatedUser | null>;
registerUser(params: {
username: Username;
@ -27,7 +20,6 @@ export interface IAuthService {
Result<
{
user: AuthenticatedUser;
tabContext: TabContext;
tokens: {
accessToken: string;
refreshToken: string;
@ -39,5 +31,8 @@ export interface IAuthService {
logoutUser(params: { email: EmailAddress; tabId: UniqueID }): Promise<Result<void, Error>>;
getUserByEmail(params: { email: EmailAddress }): Promise<Result<AuthenticatedUser, Error>>;
verifyUser(params: {
email: EmailAddress;
plainPassword: PlainPassword;
}): Promise<Result<AuthenticatedUser, Error>>;
}

42
apps/server/src/contexts/auth/application/auth.service.ts
View File

@ -1,18 +1,19 @@
import { Result, UniqueID } from "@common/domain";
import { ITransactionManager } from "@common/infrastructure/database";
import jwt from "jsonwebtoken";
import {
AuthenticatedUser,
EmailAddress,
HashPassword,
IAuthenticatedUserRepository,
PlainPassword,
TabContext,
Username,
} from "../domain";
import { ITabContextRepository } from "../domain/repositories/tab-context-repository.interface";
import { JwtHelper } from "../infraestructure/passport/jwt.helper";
import { IJWTPayload } from "../infraestructure/passport/passport-auth-provider";
import { IAuthService } from "./auth-service.interface";
const SECRET_KEY = process.env.JWT_SECRET || "supersecretkey";
const ACCESS_EXPIRATION = process.env.JWT_ACCESS_EXPIRATION || "1h";
const REFRESH_EXPIRATION = process.env.JWT_REFRESH_EXPIRATION || "7d";
@ -31,12 +32,16 @@ export class AuthService implements IAuthService {
this._transactionManager = transactionManager;
}
generateAccessToken(payload: IJWTPayload): string {
return JwtHelper.generateToken(payload, ACCESS_EXPIRATION);
generateAccessToken(payload: object): string {
return jwt.sign(payload, SECRET_KEY, { expiresIn: ACCESS_EXPIRATION });
}
generateRefreshToken(payload: IJWTPayload): string {
return JwtHelper.generateToken(payload, REFRESH_EXPIRATION);
generateRefreshToken(payload: object): string {
return jwt.sign(payload, SECRET_KEY, { expiresIn: REFRESH_EXPIRATION });
}
verifyToken(token: string): any {
return jwt.verify(token, SECRET_KEY);
}
/**
@ -99,7 +104,6 @@ export class AuthService implements IAuthService {
Result<
{
user: AuthenticatedUser;
tabContext: TabContext;
tokens: {
accessToken: string;
refreshToken: string;
@ -141,9 +145,7 @@ export class AuthService implements IAuthService {
return Result.fail(new Error("Error creating user context"));
}
const tabContext = contextOrError.data;
await this._tabContactRepo.registerContextByTabId(tabContext, transaction);
await this._tabContactRepo.registerContextByTabId(contextOrError.data, transaction);
// 🔹 Generar Access Token y Refresh Token
const accessToken = this.generateAccessToken({
@ -155,14 +157,10 @@ export class AuthService implements IAuthService {
const refreshToken = this.generateRefreshToken({
userId: user.id.toString(),
email: email.toString(),
tabId: tabId.toString(),
roles: ["USER"],
});
return Result.ok({
user,
tabContext,
tokens: {
accessToken,
refreshToken,
@ -215,17 +213,27 @@ export class AuthService implements IAuthService {
}
}
async getUserByEmail(params: { email: EmailAddress }): Promise<Result<AuthenticatedUser, Error>> {
async verifyUser(params: {
email: EmailAddress;
plainPassword: PlainPassword;
}): Promise<Result<AuthenticatedUser, Error>> {
try {
return await this._transactionManager.complete(async (transaction) => {
const { email } = params;
const { email, plainPassword } = params;
const userResult = await this._userRepo.getUserByEmail(email, transaction);
if (userResult.isFailure || !userResult.data) {
return Result.fail(new Error("Invalid email or password"));
}
return Result.ok(userResult.data);
const user = userResult.data;
const isValidPassword = await user.verifyPassword(plainPassword);
if (!isValidPassword) {
return Result.fail(new Error("Invalid email or password"));
}
return Result.ok(user);
});
} catch (error: unknown) {
return Result.fail(error as Error);

6
apps/server/src/contexts/auth/application/index.ts
View File

@ -10,10 +10,10 @@ export * from "./auth-service.interface";
export const createAuthService = (): IAuthService => {
const transactionManager = createSequelizeTransactionManager();
const userRepo = createAuthenticatedUserRepository();
const tabContextRepo = createTabContextRepository();
const authenticatedUserRepository = createAuthenticatedUserRepository();
const tabContextRepository = createTabContextRepository();
return new AuthService(userRepo, tabContextRepo, transactionManager);
return new AuthService(authenticatedUserRepository, tabContextRepository, transactionManager);
};
export const createTabContextService = (): ITabContextService => {

20
apps/server/src/contexts/auth/domain/aggregates/authenticated-user.ts
View File

@ -19,9 +19,9 @@ export interface IAuthenticatedUser {
isUser: boolean;
isAdmin: boolean;
contexts: ICollection<QuoteItem>;
verifyPassword(candidatePassword: PlainPassword): Promise<boolean>;
hasRole(role: string): boolean;
hasRoles(roles: string[]): boolean;
getRoles(): string[];
toPersistenceData(): any;
}
@ -43,6 +43,10 @@ export class AuthenticatedUser
return Result.ok(user);
}
private _hasRole(role: string): boolean {
return (this._props.roles || []).some((r) => r === role);
}
verifyPassword(candidatePassword: PlainPassword): Promise<boolean> {
return this._props.hashPassword.verifyPassword(candidatePassword.toString());
}
@ -51,14 +55,6 @@ export class AuthenticatedUser
return this._props.roles;
}
hasRole(role: string): boolean {
return (this._props.roles || []).some((r) => r === role);
}
hasRoles(roles: string[]): boolean {
return roles.map((rol) => this.hasRole(rol)).some((value) => value != false);
}
get username(): Username {
return this._props.username;
}
@ -68,11 +64,11 @@ export class AuthenticatedUser
}
get isUser(): boolean {
return this.hasRole("user");
return this._hasRole("user");
}
get isAdmin(): boolean {
return this.hasRole("admin");
return this._hasRole("admin");
}
/**

1
apps/server/src/contexts/auth/domain/repositories/index.ts
View File

@ -1,2 +1 @@
export * from "./authenticated-user-repository.interface";
export * from "./tab-context-repository.interface";

1
apps/server/src/contexts/auth/infraestructure/index.ts
View File

@ -1,3 +1,4 @@
export * from "./jwt.helper";
export * from "./mappers";
export * from "./passport";
export * from "./sequelize";

2
apps/server/src/contexts/auth/infraestructure/passport/jwt.helper.ts → apps/server/src/contexts/auth/infraestructure/jwt.helper.ts
View File

@ -1,8 +1,6 @@
import jwt from "jsonwebtoken";
const SECRET_KEY = process.env.JWT_SECRET || "supersecretkey";
const ACCESS_EXPIRATION = process.env.JWT_ACCESS_EXPIRATION || "1h";
const REFRESH_EXPIRATION = process.env.JWT_REFRESH_EXPIRATION || "7d";
export class JwtHelper {
static generateToken(payload: object, expiresIn = "1h"): string {

12
apps/server/src/contexts/auth/infraestructure/passport/index.ts
View File

@ -1,7 +1,9 @@
import { createAuthService, createTabContextService } from "../../application";
import { IJWTPayload, PassportAuthProvider } from "./passport-auth-provider";
import { createAuthService } from "@contexts/auth/application";
import { PassportAuthProvider } from "./passport-auth-provider";
export { IJWTPayload };
export const createPassportAuthProvider = () => {
const _authService = createAuthService();
return new PassportAuthProvider(_authService);
};
export const createAuthProvider = () =>
new PassportAuthProvider(createAuthService(), createTabContextService());
export const initializePassportAuthProvide = () => createPassportAuthProvider();

98
apps/server/src/contexts/auth/infraestructure/passport/passport-auth-provider.ts
View File

@ -1,6 +1,4 @@
import { Result, UniqueID } from "@common/domain";
import { IAuthService } from "@contexts/auth/application";
import { ITabContextService } from "@contexts/auth/application/tab-context-service.interface";
import { AuthenticatedUser, EmailAddress, PlainPassword } from "@contexts/auth/domain";
import passport from "passport";
import { ExtractJwt, Strategy as JwtStrategy } from "passport-jwt";
@ -8,100 +6,35 @@ import { Strategy as LocalStrategy } from "passport-local";
const SECRET_KEY = process.env.JWT_SECRET || "supersecretkey";
export interface IJWTPayload {
userId: string;
email: string;
tabId: string;
roles: string[];
}
export class PassportAuthProvider {
private readonly _authService: IAuthService;
private readonly _tabContextService: ITabContextService;
private async _getUserByEmailAndPassword(
email: string,
password: string
): Promise<Result<AuthenticatedUser, Error>> {
private async _verifyUser(email: string, password: string): Promise<AuthenticatedUser | null> {
const emailVO = EmailAddress.create(email);
if (emailVO.isFailure) {
return Result.fail(emailVO.error);
}
if (emailVO.isFailure) return Promise.resolve(null);
const plainPasswordVO = PlainPassword.create(password);
if (plainPasswordVO.isFailure) {
return Result.fail(plainPasswordVO.error);
}
if (plainPasswordVO.isFailure) return Promise.resolve(null);
const userResult = await this._authService.getUserByEmail({
const userResult = await this._authService.verifyUser({
email: emailVO.data,
plainPassword: plainPasswordVO.data,
});
if (userResult.isFailure || !userResult.data) {
return Result.fail(new Error("Invalid email or password"));
return Promise.resolve(null);
}
const user = userResult.data;
const isValidPassword = await user.verifyPassword(plainPasswordVO.data);
if (!isValidPassword) {
return Result.fail(new Error("Invalid email or password"));
}
return Result.ok(user);
}
private async _getUserAndContextByToken(token: IJWTPayload) {
const { userId, email, roles, tabId } = token;
const userIdVO = UniqueID.create(userId);
const tabIdVO = UniqueID.create(tabId);
const emailVO = EmailAddress.create(email!);
const okOrError = Result.combine([userIdVO, tabIdVO, emailVO]);
if (okOrError.isFailure) {
return Result.fail(okOrError.error.message);
}
const userResult = await this._authService.getUserByEmail({
email: emailVO.data,
});
if (userResult.isFailure) {
return Result.fail(new Error("Invalid token data"));
}
const user = userResult.data;
const checkUserId = user.id.equals(userIdVO.data);
const checkRoles = user.hasRoles(roles);
if (!checkUserId || !checkRoles) {
return Result.fail(new Error("Invalid token data"));
}
const tabResult = await this._tabContextService.getContextByTabId(tabIdVO.data);
if (tabResult.isFailure) {
return Result.fail(new Error("Invalid token data"));
}
const tabContext = tabResult.data;
return Result.ok({
user,
tabContext,
});
}
constructor(authService: IAuthService, tabContextService: ITabContextService) {
this._authService = authService;
this._tabContextService = tabContextService;
return !isValidPassword ? Promise.resolve(null) : Promise.resolve(user);
}
/**
* 🔹 Configura PassportJS
*/
initialize(): void {
initializePassport(): void {
const jwtOptions = {
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: SECRET_KEY,
@ -109,12 +42,10 @@ export class PassportAuthProvider {
passport.use(
"jwt",
new JwtStrategy(jwtOptions, async (tokenPayload, done) => {
new JwtStrategy(jwtOptions, (tokenPayload, done) => {
try {
const result = await this._getUserAndContextByToken(tokenPayload);
return result.isSuccess
? done(null, result)
: done(result.error, false, { message: "Invalid JWT data" });
console.log(tokenPayload);
return done(null, tokenPayload);
} catch (error) {
return done(error, false);
}
@ -127,7 +58,7 @@ export class PassportAuthProvider {
{ usernameField: "email", passwordField: "password" },
async (email, password, done) => {
try {
const user = await this._getUserByEmailAndPassword(email, password);
const user = await this._verifyUser(email, password);
return user
? done(null, user)
: done(null, false, { message: "Invalid email or password" });
@ -141,7 +72,8 @@ export class PassportAuthProvider {
passport.initialize();
}
authenticateJWT() {
return passport.authenticate("jwt", { session: false });
constructor(authService: IAuthService) {
this._authService = authService;
this.initializePassport();
}
}

28
apps/server/src/contexts/auth/infraestructure/sequelize/auth-user.model.ts
View File

@ -1,6 +1,19 @@
import { DataTypes, InferAttributes, InferCreationAttributes, Model, Sequelize } from "sequelize";
import {
DataTypes,
InferAttributes,
InferCreationAttributes,
Model,
NonAttribute,
Sequelize,
} from "sequelize";
import { TabContextCreationAttributes, TabContextModel } from "./tab-context.model";
export type AuthUserCreationAttributes = InferCreationAttributes<AuthUserModel>;
export type AuthUserCreationAttributes = InferCreationAttributes<
AuthUserModel,
{ omit: "contexts" }
> & {
contexts: TabContextCreationAttributes[];
};
export class AuthUserModel extends Model<
InferAttributes<AuthUserModel>,
@ -11,11 +24,22 @@ export class AuthUserModel extends Model<
return Promise.resolve();
}*/
static associate(connection: Sequelize) {
const { TabContextModel } = connection.models;
AuthUserModel.hasMany(TabContextModel, {
as: "contexts",
foreignKey: "user_id",
onDelete: "CASCADE",
});
}
declare id: string;
declare username: string;
declare email: string;
declare hash_password: string;
declare roles: string[];
declare contexts: NonAttribute<TabContextModel[]>;
}
export default (sequelize: Sequelize) => {

7
apps/server/src/contexts/auth/infraestructure/sequelize/authenticated-user.repository.ts
View File

@ -6,7 +6,7 @@ import {
IAuthenticatedUserRepository,
} from "@contexts/auth/domain";
import { Transaction } from "sequelize";
import { IAuthenticatedUserMapper } from "../mappers";
import { createAuthenticatedUserMapper, IAuthenticatedUserMapper } from "../mappers";
import { AuthUserModel } from "./auth-user.model";
export class AuthenticatedUserRepository
@ -85,3 +85,8 @@ export class AuthenticatedUserRepository
}
}
}
export const createAuthenticatedUserRepository = (): IAuthenticatedUserRepository => {
const authenticatedUserMapper = createAuthenticatedUserMapper();
return new AuthenticatedUserRepository(authenticatedUserMapper);
};

17
apps/server/src/contexts/auth/infraestructure/sequelize/index.ts
View File

@ -1,17 +1,4 @@
import { IAuthenticatedUserRepository, ITabContextRepository } from "../../domain";
import { createAuthenticatedUserMapper, createTabContextMapper } from "../mappers";
import { AuthenticatedUserRepository } from "./authenticated-user.repository";
import { TabContextRepository } from "./tab-context.repository";
export * from "./auth-user.model";
export * from "./authenticated-user.repository";
export * from "./tab-context.model";
export const createAuthenticatedUserRepository = (): IAuthenticatedUserRepository => {
const authenticatedUserMapper = createAuthenticatedUserMapper();
return new AuthenticatedUserRepository(authenticatedUserMapper);
};
export const createTabContextRepository = (): ITabContextRepository => {
const tabContextMapper = createTabContextMapper();
return new TabContextRepository(tabContextMapper);
};
export * from "./tab-context.repository";

37
apps/server/src/contexts/auth/infraestructure/sequelize/tab-context.model.ts
View File

@ -1,10 +1,21 @@
import { DataTypes, InferAttributes, InferCreationAttributes, Model, Sequelize } from "sequelize";
import {
DataTypes,
InferAttributes,
InferCreationAttributes,
Model,
NonAttribute,
Sequelize,
} from "sequelize";
import { AuthUserModel } from "./auth-user.model";
export type TabContextCreationAttributes = InferCreationAttributes<TabContextModel>;
export type TabContextCreationAttributes = InferCreationAttributes<
TabContextModel,
{ omit: "user" }
>;
export class TabContextModel extends Model<
InferAttributes<TabContextModel>,
InferCreationAttributes<TabContextModel>
InferAttributes<TabContextModel, { omit: "user" }>,
InferCreationAttributes<TabContextModel, { omit: "user" }>
> {
// To avoid table creation
/*static async sync(): Promise<any> {
@ -12,11 +23,21 @@ export class TabContextModel extends Model<
}*/
static associate(connection: Sequelize) {
const { AuthUserModel } = connection.models;
TabContextModel.belongsTo(AuthUserModel, {
as: "user",
foreignKey: "user_id",
onDelete: "CASCADE",
});
}
declare id: string;
declare tab_id: string;
declare user_id: string;
declare company_id: string;
declare branch_id: string;
declare user: NonAttribute<AuthUserModel>;
}
export default (sequelize: Sequelize) => {
@ -34,6 +55,14 @@ export default (sequelize: Sequelize) => {
type: DataTypes.UUID,
allowNull: false,
},
company_id: {
type: DataTypes.UUID,
allowNull: false,
},
branch_id: {
type: DataTypes.UUID,
allowNull: false,
},
},
{
sequelize,

7
apps/server/src/contexts/auth/infraestructure/sequelize/tab-context.repository.ts
View File

@ -3,7 +3,7 @@ import { SequelizeRepository } from "@common/infrastructure";
import { TabContext } from "@contexts/auth/domain/";
import { ITabContextRepository } from "@contexts/auth/domain/repositories/tab-context-repository.interface";
import { Op, Transaction } from "sequelize";
import { ITabContextMapper } from "../mappers";
import { createTabContextMapper, ITabContextMapper } from "../mappers";
import { TabContextModel } from "./tab-context.model";
export class TabContextRepository
@ -125,3 +125,8 @@ export class TabContextRepository
}
}
}
export const createTabContextRepository = (): ITabContextRepository => {
const tabContextMapper = createTabContextMapper();
return new TabContextRepository(tabContextMapper);
};

8
apps/server/src/contexts/auth/presentation/controllers/login/login.controller.ts
View File

@ -26,17 +26,17 @@ class LoginController extends ExpressController {
return this.clientError("Invalid input data", resultValidation.error);
}
const loginResultOrError = await this._authService.loginUser({
const userOrError = await this._authService.loginUser({
email: emailVO.data,
plainPassword: plainPasswordVO.data,
tabId: tabIdVO.data,
});
if (loginResultOrError.isFailure) {
return this.unauthorizedError(loginResultOrError.error.message);
if (userOrError.isFailure) {
return this.unauthorizedError(userOrError.error.message);
}
return this.created(this._presenter.map(loginResultOrError.data));
return this.created(this._presenter.map(userOrError.data));
}
}

8
apps/server/src/contexts/auth/presentation/controllers/login/login.presenter.ts
View File

@ -1,10 +1,9 @@
import { AuthenticatedUser, TabContext } from "@contexts/auth/domain";
import { AuthenticatedUser } from "@contexts/auth/domain";
import { ILoginUserResponseDTO } from "../../dto";
export interface ILoginPresenter {
map: (data: {
user: AuthenticatedUser;
tabContext: TabContext;
tokens: {
accessToken: string;
refreshToken: string;
@ -15,7 +14,6 @@ export interface ILoginPresenter {
export const LoginPresenter: ILoginPresenter = {
map: (data: {
user: AuthenticatedUser;
tabContext: TabContext;
tokens: {
accessToken: string;
refreshToken: string;
@ -23,20 +21,16 @@ export const LoginPresenter: ILoginPresenter = {
}): ILoginUserResponseDTO => {
const {
user,
tabContext,
tokens: { accessToken, refreshToken },
} = data;
const userData = user.toPersistenceData();
const tabContextData = tabContext.toPersistenceData();
return {
user: {
id: userData.id,
email: userData.email,
username: userData.username,
tab_id: tabContextData.tab_id,
},
tokens: {
access_token: accessToken,

4
apps/server/src/contexts/auth/presentation/dto/auth.request.dto.ts
View File

@ -8,3 +8,7 @@ export interface ILoginUserRequestDTO {
email: string;
password: string;
}
export interface ISelectCompanyRequestDTO {
companyId: string;
}

5
apps/server/src/contexts/auth/presentation/dto/auth.response.dto.ts
View File

@ -9,7 +9,6 @@ export interface ILoginUserResponseDTO {
id: string;
username: string;
email: string;
tab_id: string;
};
tokens: {
access_token: string;
@ -18,4 +17,6 @@ export interface ILoginUserResponseDTO {
//tab_id: string;
}
export interface ILogoutResponseDTO {}
export interface ILogoutResponseDTO {
message: string;
}

17
apps/server/src/contexts/auth/presentation/middleware/passport-auth.middleware.ts
View File

@ -2,16 +2,19 @@ import { UniqueID } from "@common/domain";
import { ApiError, ExpressController } from "@common/presentation";
import { AuthenticatedUser } from "@contexts/auth/domain";
import { NextFunction, Request, Response } from "express";
import passport from "passport";
// Extender el Request de Express para incluir el usuario autenticado optionalmente
interface AuthenticatedRequest extends Request {
user?: AuthenticatedUser;
}
// Middleware para autenticar usando passport con el local-jwt strategy
const _authenticateJwt = passport.authenticate("jwt", { session: false });
// Comprueba el rol del usuario
const _authorizeUser = (condition: (user: AuthenticatedUser) => boolean) => {
return (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
console.log(req.user);
const user = req.user as AuthenticatedUser;
if (!user || !condition(user)) {
return ExpressController.errorResponse(
@ -29,19 +32,15 @@ const _authorizeUser = (condition: (user: AuthenticatedUser) => boolean) => {
};
};
// Middleware para autenticar usando passport con el local-jwt strategy
//export const authenticateJWT = [];
//export const validateUserRegister = [_authenticateEmail];
// Verifica que el usuario esté autenticado
export const authenticateUser = [_authorizeUser((user) => user.isUser)];
export const validateUser = [_authenticateJwt, _authorizeUser((user) => user.isUser)];
// Verifica que el usuario sea administrador
export const authenticateUserIsAdmin = [_authorizeUser((user) => user.isAdmin)];
export const validateUserIsAdmin = [_authenticateJwt, _authorizeUser((user) => user.isAdmin)];
// Middleware para verificar que el usuario sea administrador o el dueño de los datos (self)
export const checkUserIsAdminOrOwner = [
export const validateUserIsAdminOrOwner = [
_authenticateJwt,
(req: AuthenticatedRequest, res: Response, next: NextFunction) => {
const user = req.user as AuthenticatedUser;
const { userId } = req.params;

5
apps/server/src/contexts/auth/presentation/middleware/tab-context.middleware.ts
View File

@ -1,5 +1,6 @@
import { UniqueID } from "@common/domain";
import { ApiError, ExpressController } from "@common/presentation";
import { createTabContextService } from "@contexts/auth/application";
import { TabContext } from "@contexts/auth/domain";
import { NextFunction, Request, Response } from "express";
import httpStatus from "http-status";
@ -39,7 +40,7 @@ export const validateTabContextHeader = async (
res
);
}
/*const contextOrError = await createTabContextService().getContextByTabId(tabIdOrError.data);
const contextOrError = await createTabContextService().getContextByTabId(tabIdOrError.data);
if (contextOrError.isFailure) {
return ExpressController.errorResponse(
new ApiError({
@ -54,6 +55,6 @@ export const validateTabContextHeader = async (
const context = contextOrError.data;
req.tabContext = context;*/
req.tabContext = context;
next();
};

12
apps/server/src/routes/auth.routes.ts
View File

@ -1,6 +1,5 @@
import { validateRequestDTO } from "@common/presentation";
import { createAuthProvider } from "@contexts/auth/infraestructure";
import { validateTabContextHeader } from "@contexts/auth/presentation";
import { validateRequest } from "@common/presentation";
import { validateTabContextHeader, validateUser } from "@contexts/auth/presentation";
import { createLoginController } from "@contexts/auth/presentation/controllers";
import { createLogoutController } from "@contexts/auth/presentation/controllers/logout/logout.controller";
import { createRegisterController } from "@contexts/auth/presentation/controllers/register/register.controller";
@ -9,7 +8,6 @@ import { NextFunction, Request, Response, Router } from "express";
export const authRouter = (appRouter: Router) => {
const authRoutes: Router = Router({ mergeParams: true });
const authProvider = createAuthProvider();
/**
* @api {post} /api/auth/register Register a new user
@ -25,7 +23,7 @@ export const authRouter = (appRouter: Router) => {
*
* @apiError (400) {String} message Error message.
*/
authRoutes.post("/register", validateRequestDTO(RegisterUserSchema), (req, res, next) => {
authRoutes.post("/register", validateRequest(RegisterUserSchema), (req, res, next) => {
createRegisterController().execute(req, res, next);
});
@ -46,7 +44,7 @@ export const authRouter = (appRouter: Router) => {
*/
authRoutes.post(
"/login",
validateRequestDTO(LoginUserSchema),
validateRequest(LoginUserSchema),
validateTabContextHeader,
(req: Request, res: Response, next: NextFunction) => {
createLoginController().execute(req, res, next);
@ -66,8 +64,8 @@ export const authRouter = (appRouter: Router) => {
*/
authRoutes.post(
"/logout",
validateUser,
validateTabContextHeader,
authProvider.authenticateJWT(),
(req: Request, res: Response, next: NextFunction) => {
createLogoutController().execute(req, res, next);
}