Backend: auth for config and queries. Refactor of middleware exports

api.js

@@ -1,6 +1,6 @@
 const { join } = require('path');
 const express = require('express');
-const errorHandler = require('./middleware/errorHandler');
+const { errorHandler } = require('./middleware');
 
 const api = express();
 

controllers/apps/createApp.js

@@ -1,16 +1,11 @@
 const asyncWrapper = require('../../middleware/asyncWrapper');
 const App = require('../../models/App');
 const loadConfig = require('../../utils/loadConfig');
-const ErrorResponse = require('../../utils/ErrorResponse');
 
 // @desc      Create new app
 // @route     POST /api/apps
 // @access    Public
 const createApp = asyncWrapper(async (req, res, next) => {
-  if (!req.isAuthenticated) {
-    return next(new ErrorResponse('Unauthorized', 401));
-  }
-
   const { pinAppsByDefault } = await loadConfig();
 
   let app;

controllers/apps/deleteApp.js

@@ -1,15 +1,10 @@
 const asyncWrapper = require('../../middleware/asyncWrapper');
 const App = require('../../models/App');
-const ErrorResponse = require('../../utils/ErrorResponse');
 
 // @desc      Delete app
 // @route     DELETE /api/apps/:id
 // @access    Public
 const deleteApp = asyncWrapper(async (req, res, next) => {
-  if (!req.isAuthenticated) {
-    return next(new ErrorResponse('Unauthorized', 401));
-  }
-
   await App.destroy({
     where: { id: req.params.id },
   });

controllers/apps/reorderApps.js

@@ -1,15 +1,10 @@
 const asyncWrapper = require('../../middleware/asyncWrapper');
 const App = require('../../models/App');
-const ErrorResponse = require('../../utils/ErrorResponse');
 
 // @desc      Reorder apps
 // @route     PUT /api/apps/0/reorder
 // @access    Public
 const reorderApps = asyncWrapper(async (req, res, next) => {
-  if (!req.isAuthenticated) {
-    return next(new ErrorResponse('Unauthorized', 401));
-  }
-
   req.body.apps.forEach(async ({ id, orderId }) => {
     await App.update(
       { orderId },

controllers/apps/updateApp.js

@@ -1,15 +1,10 @@
 const asyncWrapper = require('../../middleware/asyncWrapper');
 const App = require('../../models/App');
-const ErrorResponse = require('../../utils/ErrorResponse');
 
 // @desc      Update app
 // @route     PUT /api/apps/:id
 // @access    Public
 const updateApp = asyncWrapper(async (req, res, next) => {
-  if (!req.isAuthenticated) {
-    return next(new ErrorResponse('Unauthorized', 401));
-  }
-
   let app = await App.findOne({
     where: { id: req.params.id },
   });

middleware/index.js

@@ -0,0 +1,8 @@
+module.exports = {
+  asyncWrapper: require('./asyncWrapper'),
+  auth: require('./auth'),
+  errorHandler: require('./errorHandler'),
+  upload: require('./multer'),
+  requireAuth: require('./requireAuth'),
+  requireBody: require('./requireBody'),
+};

middleware/requireAuth.js

@@ -0,0 +1,11 @@
+const ErrorResponse = require('../utils/ErrorResponse');
+
+const requireAuth = (req, res, next) => {
+  if (!req.isAuthenticated) {
+    return next(new ErrorResponse('Unauthorized', 401));
+  }
+
+  next();
+};
+
+module.exports = requireAuth;

routes/apps.js

@@ -1,7 +1,8 @@
 const express = require('express');
 const router = express.Router();
-const upload = require('../middleware/multer');
-const auth = require('../middleware/auth');
+
+// middleware
+const { auth, requireAuth, upload } = require('../middleware');
 
 const {
   createApp,
@@ -12,14 +13,17 @@ const {
   reorderApps,
 } = require('../controllers/apps');
 
-router.route('/').post(auth, upload, createApp).get(auth, getAllApps);
+router
+  .route('/')
+  .post(auth, requireAuth, upload, createApp)
+  .get(auth, getAllApps);
 
 router
   .route('/:id')
   .get(auth, getSingleApp)
-  .put(auth, upload, updateApp)
-  .delete(auth, deleteApp);
+  .put(auth, requireAuth, upload, updateApp)
+  .delete(auth, requireAuth, deleteApp);
 
-router.route('/0/reorder').put(auth, reorderApps);
+router.route('/0/reorder').put(auth, requireAuth, reorderApps);
 
 module.exports = router;

routes/config.js

@@ -1,6 +1,9 @@
 const express = require('express');
 const router = express.Router();
 
+// middleware
+const { auth, requireAuth } = require('../middleware');
+
 const {
   getCSS,
   updateCSS,
@@ -8,8 +11,8 @@ const {
   updateConfig,
 } = require('../controllers/config');
 
-router.route('/').get(getConfig).put(updateConfig);
+router.route('/').get(getConfig).put(auth, requireAuth, updateConfig);
 
-router.route('/0/css').get(getCSS).put(updateCSS);
+router.route('/0/css').get(getCSS).put(auth, requireAuth, updateCSS);
 
 module.exports = router;

routes/queries.js

@@ -1,6 +1,9 @@
 const express = require('express');
 const router = express.Router();
 
+// middleware
+const { auth, requireAuth } = require('../middleware');
+
 const {
   getQueries,
   addQuery,
@@ -8,7 +11,10 @@ const {
   updateQuery,
 } = require('../controllers/queries/');
 
-router.route('/').post(addQuery).get(getQueries);
-router.route('/:prefix').delete(deleteQuery).put(updateQuery);
+router.route('/').post(auth, requireAuth, addQuery).get(getQueries);
+router
+  .route('/:prefix')
+  .delete(auth, requireAuth, deleteQuery)
+  .put(auth, requireAuth, updateQuery);
 
 module.exports = router;