propro-utils 1.7.26 → 1.7.28

package/middlewares/access_token.js

@@ -42,6 +42,7 @@ const authValidation = (requiredPermissions = []) => {
         req.headers.authorization?.split(' ')[1];
 
       if (!accessToken) {
+        console.log('Access token is required');
         return res.status(403).json({ error: 'Access token is required' });
       }
 
@@ -65,15 +66,21 @@ const authValidation = (requiredPermissions = []) => {
       );
 
       if (!validPermissions) {
+        console.log('Invalid permissions');
         return res.status(403).json({ error: 'Invalid permissions' });
       }
 
       req.account = accountId;
 
-      const user = await checkIfUserExists(accountId);
-      if (!user) {
-        return res.status(403).json({ error: 'User not found' });
+      let user = null;
+      try {
+        user = await checkIfUserExists(account.accountId);
+        if (!user) throw new Error('User not found');
+      } catch (error) {
+        console.log('User not found 1');
+        return res.status(403).json({error: error?.message || 'User not found'});
       }
+     
       req.user = user.id;
       next();
     } catch (error) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "propro-utils",
-  "version": "1.7.26",
+  "version": "1.7.28",
   "description": "Auth middleware for propro-auth",
   "main": "src/index.js",
   "private": false,

package/src/server/index.js

@@ -93,9 +93,15 @@ class AuthMiddleware {
       const response = await this.proxyToAuthServer(req, `/api/v1/auth/login`);
 
       const { account, tokens } = response.data;
-      console.log('account:', account);
-      const user = await checkIfUserExists(account.accountId);
-      console.log('user:', user);
+
+      let user = null;
+      try {
+        user = await checkIfUserExists(account.accountId);
+        if (!user) throw new Error('User not found');
+      } catch (error) {
+        console.log('User not found 2');
+        return res.status(403).json({error: error?.message || 'User not found'});
+      }
 
       if (returnTokens === 'true') {
         res.status(response.status).json({ account, user, tokens });
@@ -160,10 +166,13 @@ class AuthMiddleware {
         this.options.redirectUri
       );
 
-      const user = await checkIfUserExists(account.accountId);
-
-      if (!user) {
-        throw new Error('User not found');
+      let user = null;
+      try {
+        user = await checkIfUserExists(account.accountId);
+        if (!user) throw new Error('User not found');
+      } catch (error) {
+        console.log('User not found 3');
+        return res.status(403).json({error: error?.message || 'User not found'});
       }
 
       await setAuthCookies(res, tokens, account, user, this.options.appUrl);

package/src/server/middleware/verifyToken.js

@@ -96,6 +96,7 @@ const VerifyAccount = requiredPermissions => {
     try {
       const decoded = jwt.verify(accessToken, process.env.JWT_SECRET);
       if (!isValid(decoded, requiredPermissions)) {
+        console.log('Invalid permissions 1');
         return res.status(403).json({ error: 'Invalid permissions' });
       }
       tokenCache.set(accessToken, decoded);
@@ -113,14 +114,15 @@ const VerifyAccount = requiredPermissions => {
         );
 
         if (!isValid(userResponse.data, requiredPermissions)) {
-          return res.status(403).json({ error: 'Invalid permissions' });
+        console.log('Invalid permissions 2');
+        return res.status(403).json({ error: 'Invalid permissions' });
         }
 
         tokenCache.set(accessToken, userResponse.data);
         req.user = userResponse.data;
         return next();
       } catch (networkError) {
-        return res.status(500).json({ error: 'Error validating token' });
+        return res.status(401).json({ error: 'Error validating token' });
       }
     }
   };