feat: create authentication middleware

Author: cgabrieu

.env.example

@@ -3,4 +3,5 @@ DB_USER=
 DB_PASS=
 DB_PORT=
 DB_HOST=
-DB_NAME=
+DB_NAME=
+JWT_SECRET=

package.json

@@ -24,12 +24,14 @@
     "cors": "^2.8.5",
     "dotenv": "^10.0.0",
     "express": "^4.17.1",
+    "jsonwebtoken": "^8.5.1",
     "pg": "^8.7.1"
   },
   "devDependencies": {
     "@types/cors": "^2.8.12",
     "@types/dotenv": "^8.2.0",
     "@types/express": "^4.17.13",
+    "@types/jsonwebtoken": "^8.5.6",
     "@types/node": "^16.11.12",
     "@types/pg": "^8.6.1",
     "@typescript-eslint/eslint-plugin": "^5.6.0",

src/app.ts

@@ -1,11 +1,13 @@
 import express from 'express';
 import cors from 'cors';
 import router from './router';
+import errorMiddleware from './middlewares/errorMiddleware';
 
 const app = express();
 
 app.use(cors());
 app.use(express.json());
 app.use(router);
+app.use(errorMiddleware);
 
 export default app;

src/controllers/usersController.ts

@@ -1,5 +1,5 @@
 import { Request, Response, NextFunction } from 'express';
 
-export async function postUser(req: Request, res: Response, next: NextFunction) {
+export async function createUser(req: Request, res: Response, next: NextFunction) {
 
 }

src/enums/httpStatusCode.ts

@@ -1,10 +1,10 @@
 export default Object.freeze({
-    OK: 200,
-    CREATED: 201,
-    NO_CONTENT: 204,
-    BAD_REQUEST: 400,
-    NOT_FOUND: 404,
-    CONFLICT: 409,
-    INTERNAL_SERVER_ERROR: 500,
-  });
-  
+  OK: 200,
+  CREATED: 201,
+  NO_CONTENT: 204,
+  BAD_REQUEST: 400,
+  UNAUTHORIZED: 401,
+  NOT_FOUND: 404,
+  CONFLICT: 409,
+  INTERNAL_SERVER_ERROR: 500,
+});

src/middlewares/authenticationMiddleware.ts

@@ -0,0 +1,15 @@
+import { Response, NextFunction } from 'express';
+import jwt from 'jsonwebtoken';
+import httpStatusCode from '../enums/httpStatusCode';
+import RequestAuthentication from '../protocols/IRequestAuthentication';
+
+export default async function authenticationMiddleware(req: RequestAuthentication, res: Response, next: NextFunction) {
+  const authorization = req.header('Authorization');
+  const token = authorization?.replace('Bearer ', '');
+
+  jwt.verify(token, process.env.JWT_SECRET, (err, decoded) => {
+    if (err) return res.sendStatus(httpStatusCode.UNAUTHORIZED);
+    req.userId = decoded.userId;
+    return next();
+  });
+}

src/protocols/IRequestAuthentication.ts

@@ -0,0 +1,5 @@
+import { Request } from 'express';
+
+export default interface RequestAuthentication extends Request {
+    userId: number,
+}

src/routers/usersRouter.ts

@@ -3,4 +3,4 @@ import * as usersController from '../controllers/usersController';
 
 const router: Router = Router();
 
-export default router.post('/', usersController.postUser);
+export default router.post('/', usersController.createUser);