Files
myDrive/backend/middleware/authFullUser.ts
T
oxmc ecc340e7b1
Release Please / release-please (push) Has been cancelled
Docker Build and Push (Development) / build-and-push-dev (push) Has been cancelled
feat: add dark mode UI and SQLite as alternate database backend
Dark mode: CSS custom properties + .dark class toggled via Redux/localStorage,
with a theme toggle in the Header and Settings page. Foundation didn't exist
yet despite prior assumption, so it was built from scratch.

SQLite: new DB_ENGINE=mongo|sqlite env var selects the metadata backend at
runtime (Mongo stays default, no behavior change unless opted in). File/thumbnail
bytes continue to use the existing fs/S3 storage path. Implemented via a shared
DB interface (dbTypes.ts) with parallel mongoDB/ and sqliteDB/ implementations,
selected through dbFactory.ts, with JWT/encryption logic extracted into
userCrypto.ts so both engines share it.
2026-07-05 04:18:33 -07:00

66 lines
1.4 KiB
TypeScript

import jwt from "jsonwebtoken";
import { UserInterface } from "../models/user-model";
import env from "../enviroment/env";
import { Request, Response, NextFunction } from "express";
import { getUserDB } from "../db/dbFactory";
const userDB = getUserDB();
interface RequestType extends Request {
user?: UserInterface;
token?: string;
encryptedToken?: string;
}
type jwtType = {
iv: Buffer;
user: userAccessType;
};
type userAccessType = {
_id: string;
emailVerified: boolean;
email: string;
admin: boolean;
botChecked: boolean;
username: string;
};
const authFullUser = async (
req: RequestType,
res: Response,
next: NextFunction
) => {
try {
const accessToken = req.cookies["access-token"];
if (!accessToken) throw new Error("No Access Token");
const decoded = jwt.verify(accessToken, env.passwordAccess!) as jwtType;
const user = decoded.user;
if (!user) throw new Error("No User");
const fullUser = await userDB.getUserInfo(user._id);
if (!fullUser) throw new Error("No User");
req.user = fullUser;
next();
} catch (e) {
if (
e instanceof Error &&
e.message !== "No Access Token" &&
e.message !== "No User" &&
e.message !== "Email Not Verified"
)
console.log("\nAuthorization Full User Middleware Error:", e.message);
res.status(401).send("Error Authenticating");
}
};
export default authFullUser;