From 08eb4d92ab7a42cca66410b3e2eeea7ca82d17c3 Mon Sep 17 00:00:00 2001
From: Saimon8420 <latifulkabir567@gmail.com>
Date: Wed, 29 Jan 2025 17:54:10 +0600
Subject: [PATCH] auth added & tested

---
 src/api/auth/auth.controller.ts       |  5 ++++-
 src/api/auth/auth.route.ts            | 18 +++++++++++++---
 src/api/project/project.controller.ts | 10 ++++-----
 src/api/project/project.route.ts      | 30 +++++++++++++++++++--------
 src/middlewares/auth.middlewares.ts   | 22 +++++++++++++-------
 5 files changed, 60 insertions(+), 25 deletions(-)

diff --git a/src/api/auth/auth.controller.ts b/src/api/auth/auth.controller.ts
index 32d8648..f6bffcf 100644
--- a/src/api/auth/auth.controller.ts
+++ b/src/api/auth/auth.controller.ts
@@ -47,7 +47,10 @@ export const getUserData = async (userId: string) => {
     }
 };
 
-export const updateUser = async (id: string, body) => {
+export const updateUser = async (id: string, body: {
+    paid_status: string,
+    package_expire_date: string,
+}) => {
     try {
         const updateUserData = await db.update(users).set({ paid_status: body?.paid_status, expires_in: body?.package_expire_date }).where(eq(users.id, id)).returning({ updatedId: users.id });
 
diff --git a/src/api/auth/auth.route.ts b/src/api/auth/auth.route.ts
index b782c4e..1f18e87 100644
--- a/src/api/auth/auth.route.ts
+++ b/src/api/auth/auth.route.ts
@@ -1,4 +1,4 @@
-import Elysia from "elysia";
+import Elysia, { t } from "elysia";
 import { generateToken, getUserData, updateUser, verifyToken } from "./auth.controller";
 
 export const authRoute = new Elysia({
@@ -9,9 +9,21 @@ export const authRoute = new Elysia({
     }
 })
 
-authRoute.get("/user/:userId", async ({ params: { userId } }) => await getUserData(userId));
+authRoute.get("/user/:userId", async ({ params: { userId } }) => await getUserData(userId), {
+    params: t.Object({
+        userId: t.String()
+    })
+});
 
-authRoute.post("/user/update/:userId", async ({ params: { userId }, body }) => await updateUser(userId, body));
+authRoute.post("/user/update/:userId", async ({ params: { userId }, body }) => await updateUser(userId, body), {
+    params: t.Object({
+        userId: t.String()
+    }),
+    body: t.Object({
+        paid_status: t.String(),
+        package_expire_date: t.String(),
+    })
+});
 
 authRoute.get("/generate-token/:userId", async (context) => await generateToken(context));
 
diff --git a/src/api/project/project.controller.ts b/src/api/project/project.controller.ts
index 34cdc8d..9cae8b8 100644
--- a/src/api/project/project.controller.ts
+++ b/src/api/project/project.controller.ts
@@ -2,16 +2,16 @@ export const getEachProjects = async (id: string) => {
     try {
         console.log(id);
         return { id: id }
-    } catch (error) {
+    } catch (error: any) {
         console.log(error.msg)
         return { status: 500, message: "An error occurred while fetching projects" }
     }
 }
 
-export const getAllProjects = async () => {
+export const getAllProjects = async (userId: string) => {
     try {
         // this will return all the project associated with the user
-    } catch (error) {
+    } catch (error: any) {
         console.log(error.msg);
         return { status: 500, message: "An error occurred while fetching projects" }
     }
@@ -20,7 +20,7 @@ export const getAllProjects = async () => {
 export const updateProject = async (id: string, data: any) => {
     try {
 
-    } catch (error) {
+    } catch (error: any) {
         console.log(error.msg);
         return { status: 500, message: "An error occurred while updating projects" }
     }
@@ -29,7 +29,7 @@ export const updateProject = async (id: string, data: any) => {
 export const deleteProject = async (id: string) => {
     try {
 
-    } catch (error) {
+    } catch (error: any) {
         console.log(error.msg);
         return { status: 500, message: "An error occurred while deleting projects" }
     }
diff --git a/src/api/project/project.route.ts b/src/api/project/project.route.ts
index 13744b3..1ebc54c 100644
--- a/src/api/project/project.route.ts
+++ b/src/api/project/project.route.ts
@@ -1,4 +1,4 @@
-import { Elysia } from "elysia";
+import { Elysia, t } from "elysia";
 import { deleteProject, getAllProjects, getEachProjects, updateProject } from "./project.controller";
 import { verifyAuth } from "../../middlewares/auth.middlewares";
 
@@ -10,15 +10,27 @@ export const projectRoutes = new Elysia({
     }
 }).derive(({ cookie }) => { verifyAuth(cookie) });
 
-projectRoutes.post("/add", (context) => {
-    console.log("this is from project route/add", context);
-})
+projectRoutes.get("/each/:id", ({ params }) => getEachProjects(params.id), {
+    params: t.Object({
+        id: t.String()
+    })
+});
 
-projectRoutes.get("/:id", ({ params }) => getEachProjects(params.id));
+projectRoutes.get("/:userId", ({ params }) => getAllProjects(params.userId), {
+    params: t.Object({
+        userId: t.String()
+    })
+});
 
-projectRoutes.get("/", () => getAllProjects());
+projectRoutes.put("/update/:id", ({ request, params }) => updateProject(params.id, request.body), {
+    params: t.Object({
+        id: t.String()
+    })
+});
 
-projectRoutes.put("/update/:id", ({ request, params }) => updateProject(params.id, request.body));
-
-projectRoutes.delete("/delete/:id", ({ params }) => deleteProject(params.id));
+projectRoutes.delete("/delete/:id", ({ params }) => deleteProject(params.id), {
+    params: t.Object({
+        id: t.String()
+    })
+});
 
diff --git a/src/middlewares/auth.middlewares.ts b/src/middlewares/auth.middlewares.ts
index 6b55d04..4e38ef0 100644
--- a/src/middlewares/auth.middlewares.ts
+++ b/src/middlewares/auth.middlewares.ts
@@ -8,13 +8,9 @@ import { eq } from "drizzle-orm";
 export const verifyAuth = async (cookie: any) => {
     try {
         const access_cookie = cookie?.access_token?.value;
-
         const refresh_cookie = cookie?.refresh_token?.value;
 
-        console.log("this is access cookie", access_cookie);
-        console.log("this is refresh cookie", refresh_cookie);
-
-        if (access_cookie) {
+        if (access_cookie !== undefined) {
             // Verify JWT token
             const verify_cookie = jwt.verify(access_cookie, ENV.JWT_ACCESS_TOKEN_SECRET);
             // Query the user from the database
@@ -27,7 +23,7 @@ export const verifyAuth = async (cookie: any) => {
             }
         }
 
-        else if (!access_cookie && refresh_cookie) {
+        else if (access_cookie === undefined && refresh_cookie) {
             // Verify JWT token
             const verify_cookie = jwt.verify(refresh_cookie, ENV.JWT_REFRESH_TOKEN_SECRET);
 
@@ -37,7 +33,19 @@ export const verifyAuth = async (cookie: any) => {
                 throw { status: 401, message: "Unauthorized" };
             }
             else {
-                return { status: 200, message: "Token verified successfully" };
+                // generate access token
+                const accessToken = jwt.sign({ userId: verify_cookie?.userId }, ENV.JWT_ACCESS_TOKEN_SECRET, { expiresIn: '3h' });
+
+                cookie.access_token.set({
+                    value: accessToken,
+                    httpOnly: true,
+                    secure: true, // Set to true in production
+                    sameSite: 'none', // Adjust based on your needs
+                    path: "/",
+                    maxAge: 3 * 60 * 60, // 3 hours in seconds
+                });
+
+                return { status: 200, message: "Token verified successfully", token: accessToken };
             }
         }