@duvdu-v1/duvdu 1.1.331 → 1.1.333

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -47,11 +47,17 @@ const isauthenticated = (req, res, next) => __awaiter(void 0, void 0, void 0, fu
47
47
  try {
48
48
  payload = (0, jsonwebtoken_1.verify)(req.session.access, process.env.JWT_KEY);
49
49
  req.loggedUser = payload;
50
- if (req.loggedUser.isBlocked.value)
50
+ const user = yield User_model_1.Users.findById(payload.id);
51
+ if (!user) {
52
+ return next(new unauthorized_error_1.UnauthorizedError({ en: 'user not found', ar: 'لا يوجد مستخدم' }, req.lang));
53
+ }
54
+ if (user.isBlocked.value)
51
55
  return next(new unauthorized_error_1.UnauthorizedError({
52
56
  en: `Forbidden: User is blocked ${req.loggedUser.isBlocked.reason}`,
53
57
  ar: ` ممنوع: المستخدم محظور ${req.loggedUser.isBlocked.reason}`,
54
58
  }, req.lang));
59
+ if (user.isDeleted)
60
+ return next(new unauthorized_error_1.UnauthorizedError({ en: 'user not found', ar: 'لا يوجد مستخدم' }, req.lang));
55
61
  next();
56
62
  }
57
63
  catch (error) {
@@ -11,7 +11,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.optionalAuthenticated = void 0;
13
13
  const jsonwebtoken_1 = require("jsonwebtoken");
14
+ const auth_middleware_1 = require("./auth.middleware");
14
15
  const unauthorized_error_1 = require("../errors/unauthorized-error");
16
+ const Role_model_1 = require("../models/Role.model");
17
+ const User_model_1 = require("../models/User.model");
15
18
  const optionalAuthenticated = (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
16
19
  if (!req.session.access)
17
20
  return next();
@@ -19,17 +22,56 @@ const optionalAuthenticated = (req, res, next) => __awaiter(void 0, void 0, void
19
22
  try {
20
23
  payload = (0, jsonwebtoken_1.verify)(req.session.access, process.env.JWT_KEY);
21
24
  req.loggedUser = payload;
22
- if (req.loggedUser.isBlocked.value)
25
+ const user = yield User_model_1.Users.findById(payload.id);
26
+ if (!user) {
27
+ return next(new unauthorized_error_1.UnauthorizedError({ en: 'user not found', ar: 'لا يوجد مستخدم' }, req.lang));
28
+ }
29
+ if (user.isBlocked.value)
23
30
  return next(new unauthorized_error_1.UnauthorizedError({
24
31
  en: `Forbidden: User is blocked ${req.loggedUser.isBlocked.reason}`,
25
32
  ar: ` ممنوع: المستخدم محظور ${req.loggedUser.isBlocked.reason}`,
26
33
  }, req.lang));
27
- if (req.loggedUser.isDeleted)
34
+ if (user.isDeleted)
28
35
  return next(new unauthorized_error_1.UnauthorizedError({ en: 'user not found', ar: 'لا يوجد مستخدم' }, req.lang));
36
+ next();
29
37
  }
30
38
  catch (error) {
31
- return next();
39
+ try {
40
+ const payload = (0, jsonwebtoken_1.verify)(req.session.refresh, process.env.JWT_KEY);
41
+ const user = yield User_model_1.Users.findOne({
42
+ _id: payload.id,
43
+ refreshTokens: {
44
+ $elemMatch: {
45
+ token: req.session.refresh,
46
+ },
47
+ },
48
+ });
49
+ if (!user)
50
+ return res.status(423).json({ message: 'token expired' });
51
+ if (user.isBlocked.value)
52
+ return next(new unauthorized_error_1.UnauthorizedError({
53
+ en: `Forbidden: User is blocked ${req.loggedUser.isBlocked.reason}`,
54
+ ar: ` ممنوع: المستخدم محظور ${req.loggedUser.isBlocked.reason}`,
55
+ }, req.lang));
56
+ if (user.isDeleted)
57
+ return next(new unauthorized_error_1.UnauthorizedError({ en: 'user not found', ar: 'لا يوجد مستخدم' }, req.lang));
58
+ const role = yield Role_model_1.Roles.findById(user.role);
59
+ if (!role)
60
+ return res.status(423).json({ message: 'invalid role' });
61
+ const accessToken = (0, auth_middleware_1.generateAccessToken)({
62
+ id: user.id,
63
+ isVerified: user.isVerified,
64
+ isBlocked: user.isBlocked,
65
+ role: { key: role.key, permissions: role.permissions },
66
+ });
67
+ req.session.access = accessToken;
68
+ req.session.refresh = req.session.refresh;
69
+ req.loggedUser = (0, jsonwebtoken_1.verify)(accessToken, process.env.JWT_KEY);
70
+ next();
71
+ }
72
+ catch (error) {
73
+ return res.status(423).json({ message: 'token expired' });
74
+ }
32
75
  }
33
- next();
34
76
  });
35
77
  exports.optionalAuthenticated = optionalAuthenticated;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@duvdu-v1/duvdu",
3
- "version": "1.1.331",
3
+ "version": "1.1.333",
4
4
  "main": "./build/index.js",
5
5
  "types": "./build/index.d.ts",
6
6
  "files": [