: add jwt authentication to rest

src/index.ts

@@ -3,6 +3,7 @@ import { ExtendedWebSocketServer } from "./websocket";
 import { RestWebSocket } from "./rest/restWebSocket";
 import { UserService } from "./db/services/database.service";
 import { RestUser } from "./rest/restUser";
+import { authenticateJwt } from "./rest/middleware/authenticateJwt";
 
 const app = express();
 const port = process.env.PORT || 3000;
@@ -12,10 +13,9 @@ const server = app.listen(port, () => {
 
 app.use(express.json({ limit: "15mb" }));
 
-
 const webSocketServer = new ExtendedWebSocketServer(server);
 const restWebSocket = new RestWebSocket(webSocketServer);
 const restUser = new RestUser(UserService.create);
 
-app.use("/api/websocket", restWebSocket.createRouter());
-app.use("/api/user", restUser.createRouter());
+app.use("/api/websocket", authenticateJwt, restWebSocket.createRouter());
+app.use("/api/user", authenticateJwt, restUser.createRouter());

src/rest/middleware/authenticateJwt.ts

@@ -0,0 +1,21 @@
+import { JwtAuthenticator } from "../../utils/jwtAuthenticator";
+import { Request, Response, NextFunction } from "express";
+
+export function authenticateJwt(
+  req: Request,
+  res: Response,
+  next: NextFunction,
+) {
+  const token = req.headers["authorization"];
+
+  const jwtAuthenticator = new JwtAuthenticator(
+    process.env.SECRET_KEY as string,
+  );
+  const decodedToken = jwtAuthenticator.verifyToken(token);
+  if (!decodedToken) {
+    return res.status(401).send("Unauthorized");
+  }
+
+  req.payload = decodedToken;
+  next();
+}

src/types/custom.d.ts

@@ -0,0 +1,9 @@
+import { DecodedToken } from "../interfaces/decodedToken";
+
+declare global {
+  declare namespace Express {
+    export interface Request {
+      payload: DecodedToken;
+    }
+  }
+}

src/utils/jwtAuthenticator.ts

@@ -0,0 +1,20 @@
+import jwt from "jsonwebtoken";
+import { DecodedToken } from "../interfaces/decodedToken";
+
+export class JwtAuthenticator {
+  constructor(private secret: string) {}
+
+  public verifyToken(token: string | undefined): DecodedToken | null {
+    if (!token) {
+      return null;
+    }
+
+    try {
+      return jwt.verify(token, this.secret) as DecodedToken;
+    } catch (error) {
+      console.error("Error while verifying token:", error);
+    }
+
+    return null;
+  }
+}

src/utils/verifyClient.ts

@@ -1,28 +1,23 @@
 import "dotenv/config";
 
 import { IncomingMessage } from "node:http";
-import jwt from "jsonwebtoken";
-import { DecodedToken } from "../interfaces/decodedToken";
 import { ExtendedIncomingMessage } from "../interfaces/extendedIncomingMessage";
+import { JwtAuthenticator } from "./jwtAuthenticator";
 
 export function verifyClient(
   request: IncomingMessage,
   callback: (res: boolean, code?: number, message?: string) => void,
 ) {
-  const token = request.headers["authorization"];
+  const jwtAuthenticator = new JwtAuthenticator(
+    process.env.SECRET_KEY as string,
+  );
 
+  const token = jwtAuthenticator.verifyToken(request.headers["authorization"]);
   if (!token) {
     reject(request, callback);
   } else {
-    jwt.verify(token, process.env.SECRET_KEY as string, (err, decoded) => {
-      if (err) {
-        console.log(err);
-        reject(request, callback);
-      } else {
-        (request as ExtendedIncomingMessage).payload = decoded as DecodedToken;
-        callback(true);
-      }
-    });
+    (request as ExtendedIncomingMessage).payload = token;
+    callback(true);
   }
 }
 

tsconfig.json

@@ -6,7 +6,11 @@
     "forceConsistentCasingInFileNames": true,
     "strict": true,
     "skipLibCheck": true,
-    "outDir": "./dist"
+    "outDir": "./dist",
+    "typeRoots": [
+      "./node_modules/@types",
+      "./types"
+    ]
   },
   "include": [
     "src/**/*.ts"