editia-core/dist/middleware/auth/authenticate.js

Core services and utilities for Editia applications - Authentication, Monetization, Video Generation Types, and Database Management

"use strict";
/**
 * Express Authentication Middleware
 * Based on analysis of server-analyzer patterns
 */
Object.defineProperty(exports, "__esModule", { value: true });
exports.createAuthMiddleware = exports.optionalAuth = exports.requireProAccess = exports.authenticateUser = void 0;
const clerk_auth_1 = require("../../services/auth/clerk-auth");
/**
 * Authentication middleware for Express
 * Verifies Clerk JWT and ensures user exists in database
 * @param req Express request object
 * @param res Express response object
 * @param next Express next function
 */
async function authenticateUser(req, res, next) {
    try {
        const authHeader = req.headers.authorization;
        // Use ClerkAuthService to verify user
        const { user, errorResponse } = await clerk_auth_1.ClerkAuthService.verifyUser(authHeader);
        if (errorResponse) {
            res.status(errorResponse.status).json(errorResponse);
            return;
        }
        // Add user to request object
        req.user = user;
        next();
    }
    catch (error) {
        res.status(500).json({
            success: false,
            error: 'Authentication service error',
        });
    }
}
exports.authenticateUser = authenticateUser;
/**
 * Pro subscription middleware - requires Pro/Premium tier
 * For features that require Pro subscription
 * @param req Express request object
 * @param res Express response object
 * @param next Express next function
 */
async function requireProAccess(req, res, next) {
    try {
        const authHeader = req.headers.authorization;
        // Use ClerkAuthService to verify Pro user
        const { user, errorResponse } = await clerk_auth_1.ClerkAuthService.verifyProUser(authHeader);
        if (errorResponse) {
            res.status(errorResponse.status).json(errorResponse);
            return;
        }
        // Add user to request object
        req.user = user;
        next();
    }
    catch (error) {
        res.status(500).json({
            success: false,
            error: 'Authentication service error',
        });
    }
}
exports.requireProAccess = requireProAccess;
/**
 * Optional authentication - for endpoints that work with or without auth
 * @param req Express request object
 * @param res Express response object
 * @param next Express next function
 */
async function optionalAuth(req, _res, next) {
    try {
        const authHeader = req.headers.authorization;
        // Use ClerkAuthService to verify user if header is present
        const { user, errorResponse } = await clerk_auth_1.ClerkAuthService.verifyUser(authHeader);
        if (!errorResponse && user) {
            req.user = user;
        }
        next();
    }
    catch (error) {
        // Continue without authentication for optional auth
        next();
    }
}
exports.optionalAuth = optionalAuth;
/**
 * Create authentication middleware with custom options
 * @param options Middleware options
 * @returns Authentication middleware function
 */
function createAuthMiddleware(options = {}) {
    const { requireAuth = true, requirePro = false, optional = false } = options;
    if (optional) {
        return optionalAuth;
    }
    if (requirePro) {
        return requireProAccess;
    }
    if (requireAuth) {
        return authenticateUser;
    }
    // Default to no authentication
    return (_req, _res, next) => {
        next();
    };
}
exports.createAuthMiddleware = createAuthMiddleware;
//# sourceMappingURL=authenticate.js.map