server/src/middleware/auth.ts - jami-web - Gitiles

 /*
  * Copyright (C) 2022 Savoir-faire Linux Inc.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as
  * published by the Free Software Foundation; either version 3 of the
  * License, or (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Affero General Public License for more details.
  *
  * You should have received a copy of the GNU Affero General Public
  * License along with this program.  If not, see
  * <https://www.gnu.org/licenses/>.
  */
 import { NextFunction, Request, Response } from 'express';
 import { HttpStatusCode } from 'jami-web-common';

 import { verifyJwt } from '../utils/jwt.js';

 function createAuthenticationMiddleware(isAuthenticationRequired: boolean) {
   return async (req: Request, res: Response, next: NextFunction) => {
     const authorizationHeader = req.headers.authorization;
     if (!authorizationHeader) {
       if (isAuthenticationRequired) {
         res.status(HttpStatusCode.Unauthorized).send('Missing Authorization header');
       } else {
         // Skip authentication if it is optional, in which case the Authorization header should not have been set
         res.locals.accountId = undefined;
         next();
       }
       return;
     }

     const token = authorizationHeader.split(' ')[1];
     if (token === undefined) {
       res.status(HttpStatusCode.BadRequest).send('Missing JSON web token');
       return;
     }

     try {
       const { payload } = await verifyJwt(token);
       res.locals.accountId = payload.accountId;
       next();
     } catch (e) {
       res.status(HttpStatusCode.Unauthorized).send('Invalid access token');
     }
   };
 }

 export const authenticateToken = createAuthenticationMiddleware(true);

 export const authenticateOptionalToken = createAuthenticationMiddleware(false);
	/*
	* Copyright (C) 2022 Savoir-faire Linux Inc.
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License as
	* published by the Free Software Foundation; either version 3 of the
	* License, or (at your option) any later version.
	*
	* This program is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	* GNU Affero General Public License for more details.
	*
	* You should have received a copy of the GNU Affero General Public
	* License along with this program. If not, see
	* <https://www.gnu.org/licenses/>.
	*/
	import { NextFunction, Request, Response } from 'express';
	import { HttpStatusCode } from 'jami-web-common';

	import { verifyJwt } from '../utils/jwt.js';

	function createAuthenticationMiddleware(isAuthenticationRequired: boolean) {
	return async (req: Request, res: Response, next: NextFunction) => {
	const authorizationHeader = req.headers.authorization;
	if (!authorizationHeader) {
	if (isAuthenticationRequired) {
	res.status(HttpStatusCode.Unauthorized).send('Missing Authorization header');
	} else {
	// Skip authentication if it is optional, in which case the Authorization header should not have been set
	res.locals.accountId = undefined;
	next();
	}
	return;
	}

	const token = authorizationHeader.split(' ')[1];
	if (token === undefined) {
	res.status(HttpStatusCode.BadRequest).send('Missing JSON web token');
	return;
	}

	try {
	const { payload } = await verifyJwt(token);
	res.locals.accountId = payload.accountId;
	next();
	} catch (e) {
	res.status(HttpStatusCode.Unauthorized).send('Invalid access token');
	}
	};
	}

	export const authenticateToken = createAuthenticationMiddleware(true);

	export const authenticateOptionalToken = createAuthenticationMiddleware(false);