@jpbs/common 1.0.12 → 1.1.0

package/build/errors/bad-request-error.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BadRequestError = void 0;
+const http_status_codes_1 = require("http-status-codes");
+const custom_error_1 = require("./custom-error");
+class BadRequestError extends custom_error_1.CustomError {
+    constructor(message = "Bad request") {
+        super(message);
+        this.message = message;
+        this.statusCode = http_status_codes_1.StatusCodes.BAD_REQUEST;
+        Object.setPrototypeOf(this, BadRequestError.prototype);
+    }
+    serializeErrors() {
+        return [{ message: this.message }];
+    }
+}
+exports.BadRequestError = BadRequestError;

package/build/errors/custom-error.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CustomError = void 0;
+class CustomError extends Error {
+    constructor(message) {
+        super(message);
+        Object.setPrototypeOf(this, CustomError.prototype);
+    }
+}
+exports.CustomError = CustomError;

package/build/errors/email-error.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EmailError = void 0;
+const http_status_codes_1 = require("http-status-codes");
+const custom_error_1 = require("./custom-error");
+class EmailError extends custom_error_1.CustomError {
+    constructor(message) {
+        super(message);
+        this.statusCode = http_status_codes_1.StatusCodes.INTERNAL_SERVER_ERROR;
+        Object.setPrototypeOf(this, EmailError.prototype);
+    }
+    serializeErrors() {
+        return [{ message: this.message }];
+    }
+}
+exports.EmailError = EmailError;

package/build/errors/notauthorized-error.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NotAuthorizedError = void 0;
+const http_status_codes_1 = require("http-status-codes");
+const custom_error_1 = require("./custom-error");
+class NotAuthorizedError extends custom_error_1.CustomError {
+    constructor(message = "Not authorized") {
+        super(message);
+        this.message = message;
+        this.statusCode = http_status_codes_1.StatusCodes.UNAUTHORIZED;
+        Object.setPrototypeOf(this, NotAuthorizedError.prototype);
+    }
+    serializeErrors() {
+        return [{ message: this.message }];
+    }
+}
+exports.NotAuthorizedError = NotAuthorizedError;

package/build/errors/notfound-error.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NotFoundError = void 0;
+const http_status_codes_1 = require("http-status-codes");
+const custom_error_1 = require("./custom-error");
+class NotFoundError extends custom_error_1.CustomError {
+    constructor(message = "Resource not found") {
+        super(message);
+        this.message = message;
+        this.statusCode = http_status_codes_1.StatusCodes.NOT_FOUND;
+        Object.setPrototypeOf(this, NotFoundError.prototype);
+    }
+    serializeErrors() {
+        return [{ message: this.message }];
+    }
+}
+exports.NotFoundError = NotFoundError;

package/build/errors/request-validation.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestValidationError = void 0;
+const custom_error_1 = require("./custom-error");
+const http_status_codes_1 = require("http-status-codes");
+class RequestValidationError extends custom_error_1.CustomError {
+    constructor(errors) {
+        super('Invalid request parameters');
+        this.errors = errors;
+        this.statusCode = http_status_codes_1.StatusCodes.BAD_REQUEST;
+        Object.setPrototypeOf(this, RequestValidationError.prototype);
+    }
+    serializeErrors() {
+        return this.errors.map(err => {
+            if (err.type === 'field') {
+                return { message: err.msg };
+            }
+            return { message: err.msg };
+        });
+    }
+}
+exports.RequestValidationError = RequestValidationError;

package/build/index.js

@@ -0,0 +1,26 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./errors/custom-error"), exports);
+__exportStar(require("./errors/notfound-error"), exports);
+__exportStar(require("./errors/notauthorized-error"), exports);
+__exportStar(require("./errors/bad-request-error"), exports);
+__exportStar(require("./errors/request-validation"), exports);
+__exportStar(require("./middlewares/asyncHandler"), exports);
+__exportStar(require("./middlewares/authProtect"), exports);
+__exportStar(require("./middlewares/errorHandler"), exports);
+__exportStar(require("./middlewares/validateRequest"), exports);
+__exportStar(require("./middlewares/verifyGatewayToken"), exports);

package/build/middlewares/asyncHandler.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.asyncHandler = void 0;
+const asyncHandler = (fn) => (req, res, next) => {
+    Promise.resolve(fn(req, res, next)).catch(next);
+};
+exports.asyncHandler = asyncHandler;

package/build/middlewares/authProtect.js

@@ -0,0 +1,29 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authenticationGuard = exports.Role = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const http_status_codes_1 = require("http-status-codes");
+var Role;
+(function (Role) {
+    Role["ADMINISTRATOR"] = "Administrator";
+    Role["USER"] = "User";
+})(Role || (exports.Role = Role = {}));
+const authenticationGuard = (jwtSecret) => (req, res, next) => {
+    try {
+        const token = req.cookies.auth_token;
+        if (!token) {
+            res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Unauthorized" });
+            return;
+        }
+        const decoded = jsonwebtoken_1.default.verify(token, jwtSecret);
+        req.currentUser = decoded;
+        next();
+    }
+    catch (error) {
+        res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Invalid or expired token" });
+    }
+};
+exports.authenticationGuard = authenticationGuard;

package/build/middlewares/errorHandler.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.errorHandler = void 0;
+const custom_error_1 = require("../errors/custom-error");
+const http_status_codes_1 = require("http-status-codes");
+const errorHandler = (err, _req, res, _next) => {
+    if (err instanceof custom_error_1.CustomError) {
+        res.status(err.statusCode).send({ errors: err.serializeErrors() });
+        return;
+    }
+    res.status(http_status_codes_1.StatusCodes.BAD_REQUEST).send({ errors: [{ message: 'Something went wrong' }] });
+};
+exports.errorHandler = errorHandler;

package/build/middlewares/validateRequest.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateRequest = exports.validateUpdateUser = exports.validateLogin = exports.validateSignup = void 0;
+const express_validator_1 = require("express-validator");
+const request_validation_1 = require("../errors/request-validation");
+exports.validateSignup = [
+    (0, express_validator_1.body)("username").isLength({ min: 3, max: 18 }).withMessage("Username must have between 3 and 18 characters long"),
+    (0, express_validator_1.body)("email").isEmail().withMessage("Invalid email format"),
+    (0, express_validator_1.body)("password").isLength({ min: 6, max: 18 }).withMessage("Password must have between 6 and 18 characters long"),
+    (0, express_validator_1.body)("confirmPassword").custom((value, { req }) => value === req.body.password).withMessage("Passwords do not match")
+];
+exports.validateLogin = [
+    (0, express_validator_1.body)("email").isEmail().withMessage("Invalid email format"),
+    (0, express_validator_1.body)("password").notEmpty().withMessage("Password is required")
+];
+exports.validateUpdateUser = [
+    (0, express_validator_1.body)("username").isLength({ min: 3, max: 18 }).withMessage("Username must have between 3 and 18 characters long"),
+    (0, express_validator_1.body)("email").isEmail().withMessage("Invalid email format"),
+    (0, express_validator_1.body)("role").isIn(["User", "Administrator"]).withMessage("Role must be either 'User' or 'Administrator'")
+];
+const validateRequest = (req, _res, next) => {
+    const errors = (0, express_validator_1.validationResult)(req);
+    if (!errors.isEmpty()) {
+        throw new request_validation_1.RequestValidationError(errors.array());
+    }
+    next();
+};
+exports.validateRequest = validateRequest;

package/build/middlewares/verifyGatewayToken.js

@@ -0,0 +1,29 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyGatewayToken = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+const notauthorized_error_1 = require("../errors/notauthorized-error");
+const verifySignature = (data, secret, timestamp, receivedSignature) => {
+    const expectedSignature = crypto_1.default.createHmac("sha256", secret).update(`${data}.${timestamp}`).digest("hex");
+    return expectedSignature === receivedSignature;
+};
+const verifyGatewayToken = (gatewaySecret) => (req, _res, next) => {
+    const timestamp = req.headers["x-api-timestamp"];
+    const signature = req.headers["x-api-signature"];
+    if (!timestamp || !signature) {
+        throw new notauthorized_error_1.NotAuthorizedError("Unauthorized request source: Missing Headers");
+    }
+    const requestTime = parseInt(timestamp, 10);
+    const currentTime = Date.now();
+    if (Math.abs(currentTime - requestTime) > 2 * 60 * 1000) {
+        throw new notauthorized_error_1.NotAuthorizedError("Unauthorized request source: Expired Request");
+    }
+    if (!verifySignature(JSON.stringify(req.body), gatewaySecret, timestamp, signature)) {
+        throw new notauthorized_error_1.NotAuthorizedError("Unauthorized request source: Invalid Signature");
+    }
+    next();
+};
+exports.verifyGatewayToken = verifyGatewayToken;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jpbs/common",
-  "version": "1.0.12",
+  "version": "1.1.0",
   "main": "./build/index.js",
   "types": "./build/index.d.ts",
   "files": [