auth middleware
This commit is contained in:
@@ -2,7 +2,6 @@ import { Request, Response } from 'express';
|
||||
import type { AuthenticatedRequest } from '../types';
|
||||
import * as authService from '../services/auth.service';
|
||||
import { LoginInput, RefreshInput } from '../validators/auth.validator';
|
||||
import { createAuditLog, getIpAddress, getUserAgent } from '../services/audit.service';
|
||||
|
||||
/**
|
||||
* POST /auth/login
|
||||
@@ -15,19 +14,6 @@ export async function login(req: Request, res: Response): Promise<void> {
|
||||
|
||||
const result = await authService.login(email, password);
|
||||
|
||||
createAuditLog({
|
||||
userId: result.user.id,
|
||||
userEmail: result.user.email,
|
||||
userName: result.user.name,
|
||||
action: 'LOGIN',
|
||||
tableName: 'users',
|
||||
recordId: result.user.id,
|
||||
description: `User logged in successfully`,
|
||||
ipAddress: getIpAddress(req),
|
||||
userAgent: getUserAgent(req),
|
||||
success: true,
|
||||
}).catch(err => console.error('Failed to log login:', err));
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
data: {
|
||||
@@ -38,22 +24,6 @@ export async function login(req: Request, res: Response): Promise<void> {
|
||||
});
|
||||
} catch (error) {
|
||||
const message = error instanceof Error ? error.message : 'Login failed';
|
||||
const { email } = req.body as LoginInput;
|
||||
|
||||
if (email) {
|
||||
createAuditLog({
|
||||
userId: email,
|
||||
userEmail: email,
|
||||
userName: email,
|
||||
action: 'LOGIN',
|
||||
tableName: 'users',
|
||||
description: `Failed login attempt`,
|
||||
ipAddress: getIpAddress(req),
|
||||
userAgent: getUserAgent(req),
|
||||
success: false,
|
||||
errorMessage: message,
|
||||
}).catch(err => console.error('Failed to log failed login:', err));
|
||||
}
|
||||
|
||||
// Use 401 for authentication failures
|
||||
if (message === 'Invalid email or password') {
|
||||
@@ -119,21 +89,6 @@ export async function logout(req: AuthenticatedRequest, res: Response): Promise<
|
||||
await authService.logout(userId, refreshToken);
|
||||
}
|
||||
|
||||
if (req.user) {
|
||||
createAuditLog({
|
||||
userId: req.user.userId,
|
||||
userEmail: req.user.email,
|
||||
userName: req.user.roleName || req.user.email,
|
||||
action: 'LOGOUT',
|
||||
tableName: 'users',
|
||||
recordId: req.user.userId,
|
||||
description: `User logged out`,
|
||||
ipAddress: getIpAddress(req),
|
||||
userAgent: getUserAgent(req),
|
||||
success: true,
|
||||
}).catch(err => console.error('Failed to log logout:', err));
|
||||
}
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
message: 'Logout successful',
|
||||
|
||||
Reference in New Issue
Block a user