feat: auth refactors

src/common/interfaces/jwt-payload.interface.ts

@@ -0,0 +1,15 @@
+import { Role } from "@common/enums/role.enum";
+
+export type IJwtLoginPayload = {
+  id: string;
+  email: string;
+  name: string;
+} & (
+  | {
+      role: Role;
+      type: "admin";
+    }
+  | {
+      type: "user";
+    }
+);

src/common/services/users.base.service.ts

@@ -1,54 +0,0 @@
-import { FilterQuery } from "mongoose";
-import { HttpError } from "src/lib/error-handling/http-error";
-import { UserDocument, userModel, IUser } from "../models/user.model";
-
-export abstract class BaseUsersService {
-  async findOne(filterObject: FilterQuery<UserDocument>) {
-    return userModel.findOne(filterObject);
-  }
-
-  async findOneOrFail(
-    filterObject: FilterQuery<UserDocument>
-  ): Promise<UserDocument> {
-    try {
-      const document = await this.findOne(filterObject);
-      if (!document) throw new HttpError(404, "No Matching Result Found.");
-
-      return document;
-    } catch (err) {
-      console.error(err);
-      throw new HttpError(500, "Unexpected Error Happened.");
-    }
-  }
-
-  async userExists(filterObject: FilterQuery<UserDocument>): Promise<boolean> {
-    return (await this.findOne(filterObject)) !== null;
-  }
-
-  async create(createParams: IUser): Promise<UserDocument> {
-    if (await this.userExists({ email: createParams.email }))
-      throw new HttpError(409, "Email Already Exists.");
-
-    const newUser = new userModel(createParams) as UserDocument;
-    return newUser.save();
-  }
-
-  async get(filterObject: FilterQuery<UserDocument>): Promise<UserDocument> {
-    const user: UserDocument = await userModel
-      .findOne(filterObject)
-      .select("-password");
-    if (!user) throw new HttpError(404, "No Matching Result Found.");
-    return user;
-  }
-
-  async list(filterObject: FilterQuery<UserDocument>): Promise<{
-    docs: UserDocument[];
-    count: number;
-  }> {
-    const users = (await userModel
-      .find(filterObject)
-      .select("-password")) as UserDocument[];
-    const count = await userModel.countDocuments(filterObject);
-    return { docs: users, count };
-  }
-}

src/helpers/validation.helper.ts

@@ -1,22 +1,3 @@
-// export const validator = (schema: any) => {
-//     return (req: any, res: any, next: any) => {
-//         try {
-//             let validationResult = schema.body.validate(req.body);
-//             var validation = [];
-//             if (validationResult.error) {
-//                 validation.push(validationResult.error.details[0].message);
-//             }
-//             if (validation.length) {
-//                 return res.status(400).json({ success: false, error: validation.join(), code: 400 });
-//             }
-//             next();
-//         } catch (err) {
-//             console.log(`err`, err);
-//             return res.status(400).json({ success: false, error: "Bad Request!", code: 400 });
-//         }
-//     };
-// };
-
 import { NextFunction, Request, Response } from "express";
 import { createValidator } from "express-joi-validation";
 import Joi from "joi";
@@ -32,7 +13,7 @@ export const paramsValidator = (schemaOrParam: Joi.Schema | string) =>
 
 export const validationErrorHandler = (
   err,
-  req: Request,
+  _req: Request,
   res: Response,
   next: NextFunction
 ) => {

src/modules/console/common/guards/admins.guard.ts

@@ -0,0 +1,45 @@
+import { JwtPayload, verify } from "jsonwebtoken";
+import { Request } from "express";
+import { Role } from "@common/enums/role.enum";
+import { HttpError } from "@lib/error-handling/http-error";
+import { config } from "@configs/config";
+import { IJwtLoginPayload } from "@common/interfaces/jwt-payload.interface";
+
+type AdminGuardMiddlewareProps = {
+  roles?: Role[];
+};
+
+export const AdminGuardMiddleware =
+  (props?: AdminGuardMiddlewareProps) => (req: Request, res, next) => {
+    // get token from cookie
+    const token = req.headers.authorization?.split(" ")[1];
+    let payload: IJwtLoginPayload;
+
+    // validate token
+    if (!token) {
+      throw new HttpError(401, "Unauthorized");
+    }
+
+    try {
+      payload = verify(token, config.jwt.secret);
+    } catch (err) {
+      throw new HttpError(401, "Unauthorized");
+    }
+
+    if (payload.type !== "admin") {
+      throw new HttpError(401, "Unauthorized");
+    }
+
+    // check roles
+    if (props?.roles && props?.roles.length > 0) {
+      if (!props.roles.includes(payload.role)) {
+        throw new HttpError(401, "Unauthorized");
+      }
+    }
+
+    // inject payload in request
+    (req as unknown as { jwtPayload: JwtPayload }).jwtPayload = payload;
+
+    // go on
+    next();
+  };

src/modules/console/{admins → modules/admins}/controllers/admins.controller.ts

@@ -2,13 +2,17 @@ import { asyncHandler } from "@helpers/async-handler";
 import { paramsValidator, bodyValidator } from "@helpers/validation.helper";
 import { BaseController } from "@lib/controllers/controller.base";
 import { Prefix } from "@lib/decorators/prefix.decorator";
-import { Request, Response, Router } from "express";
+import { Request, Response } from "express";
 import { AdminsService } from "../services/admins.service";
 import { createAdminSchema } from "../validations/create-admin.validation";
 import { parsePaginationQuery } from "@helpers/pagination";
 import { JsonResponse } from "@lib/responses/json-response";
+import { ControllerMiddleware } from "@lib/decorators/controller-middleware.decorator";
+import { AdminGuardMiddleware } from "src/modules/console/common/guards/admins.guard";
+import { Role } from "@common/enums/role.enum";
 
 @Prefix("/console/admins")
+@ControllerMiddleware(AdminGuardMiddleware({ roles: [Role.SUPER_ADMIN] }))
 export class AdminsController extends BaseController {
   private adminsService = new AdminsService();
 

src/modules/console/{admins → modules/admins}/services/admins.service.ts

@@ -1,4 +1,4 @@
-import { Admin } from "../models/admin.model";
+import { Admin } from "../../../common/models/admin.model";
 import { CrudService } from "@lib/services/crud.service";
 
 export class AdminsService extends CrudService(Admin) {}

src/modules/console/{users → modules/users}/controllers/users.controller.ts

@@ -1,14 +1,11 @@
 import { userRegisterSchema } from "src/common/validations/user-register.validation";
-import { asyncHandler } from "../../../../helpers/async-handler";
-import { JwtHelper } from "../../../../helpers/jwt.helper";
-import { bodyValidator } from "../../../../helpers/validation.helper";
-import { BaseController } from "../../../../lib/controllers/controller.base";
-import { Prefix } from "../../../../lib/decorators/prefix.decorator";
 import { UsersService } from "../services/users.service";
 import { JsonResponse } from "src/lib/responses/json-response";
 import { Request, Response } from "express";
-
-const allowedRoles = ["superAdmin", "admin"];
+import { asyncHandler } from "@helpers/async-handler";
+import { bodyValidator } from "@helpers/validation.helper";
+import { BaseController } from "@lib/controllers/controller.base";
+import { Prefix } from "@lib/decorators/prefix.decorator";
 
 @Prefix("/console/users")
 export class AdminUsersController extends BaseController {
@@ -17,7 +14,6 @@ export class AdminUsersController extends BaseController {
   setRoutes() {
     this.router.post(
       "/create",
-      JwtHelper.verifyToken(allowedRoles),
       bodyValidator(userRegisterSchema),
       asyncHandler(this.create)
     );

src/modules/users/auth/controllers/auth.controller.ts

@@ -1,12 +1,12 @@
 import { UsersAuthService } from "../services/users.service";
-import { BaseController } from "../../../../lib/controllers/controller.base";
-import { bodyValidator } from "../../../../helpers/validation.helper";
-import { asyncHandler } from "../../../../helpers/async-handler";
-import { Prefix } from "../../../../lib/decorators/prefix.decorator";
 import { loginValidationSchema } from "../validation/login.validation";
 import { Request, Response } from "express";
 import { JsonResponse } from "src/lib/responses/json-response";
 import { userRegisterSchema, IUserRegister } from "src/common/validations/user-register.validation";
+import { asyncHandler } from "@helpers/async-handler";
+import { bodyValidator } from "@helpers/validation.helper";
+import { BaseController } from "@lib/controllers/controller.base";
+import { Prefix } from "@lib/decorators/prefix.decorator";
 
 @Prefix("/users/auth")
 export class UsersAuthController extends BaseController {