Merge pull request #52 from amhsirak/develop

feat: use requireSignIn for routes

server/src/routes/auth.ts

@@ -63,7 +63,7 @@ router.post('/login', async (req, res) => {
     }
 })
 
-router.get('/logout', async (req, res) => {
+router.get('/logout', requireSignIn, async (req, res) => {
     try {
         res.clearCookie('token')
         return res.json({ message: 'Logout successful' })

server/src/routes/integration.ts

@@ -1,10 +1,11 @@
 import { Router } from 'express';
 import logger from "../logger";
 import { loadIntegrations, saveIntegrations } from '../workflow-management/integrations/gsheet';
+import { requireSignIn } from '../middlewares/auth';
 
 export const router = Router();
 
-router.post('/upload-credentials', async (req, res) => {
+router.post('/upload-credentials', requireSignIn, async (req, res) => {
   try {
     const { fileName, credentials, spreadsheetId, range } = req.body;
     if (!fileName || !credentials || !spreadsheetId || !range) {

server/src/routes/record.ts

@@ -15,6 +15,7 @@ import { chromium } from 'playwright-extra';
 import stealthPlugin from 'puppeteer-extra-plugin-stealth';
 import logger from "../logger";
 import { getDecryptedProxyConfig } from './proxy';
+import { requireSignIn } from '../middlewares/auth';
 
 export const router = Router();
 chromium.use(stealthPlugin());
@@ -22,7 +23,7 @@ chromium.use(stealthPlugin());
 /**
  * Logs information about remote browser recording session.
  */
-router.all('/', (req, res, next) => {
+router.all('/', requireSignIn, (req, res, next) => {
     logger.log('debug', `The record API was invoked: ${req.url}`)
     next() // pass control to the next handler
 })
@@ -31,7 +32,7 @@ router.all('/', (req, res, next) => {
  * GET endpoint for starting the remote browser recording session.
  * returns session's id
  */
-router.get('/start', async (req, res) => {
+router.get('/start', requireSignIn, async (req, res) => {
     const proxyConfig = await getDecryptedProxyConfig(req.user.id);
     // Prepare the proxy options dynamically based on the user's proxy configuration
     let proxyOptions: any = {}; // Default to no proxy
@@ -61,7 +62,7 @@ router.get('/start', async (req, res) => {
  * POST endpoint for starting the remote browser recording session accepting browser launch options.
  * returns session's id
  */
-router.post('/start', (req, res) => {
+router.post('/start', requireSignIn, (req, res) => {
     const id = initializeRemoteBrowserForRecording({
         browser: chromium,
         launchOptions: req.body,
@@ -73,7 +74,7 @@ router.post('/start', (req, res) => {
  * GET endpoint for terminating the remote browser recording session.
  * returns whether the termination was successful
  */
-router.get('/stop/:browserId', async (req, res) => {
+router.get('/stop/:browserId', requireSignIn, async (req, res) => {
     const success = await destroyRemoteBrowser(req.params.browserId);
     return res.send(success);
 });
@@ -81,7 +82,7 @@ router.get('/stop/:browserId', async (req, res) => {
 /**
  * GET endpoint for getting the id of the active remote browser.
  */
-router.get('/active', (req, res) => {
+router.get('/active', requireSignIn, (req, res) => {
     const id = getActiveBrowserId();
     return res.send(id);
 });
@@ -89,7 +90,7 @@ router.get('/active', (req, res) => {
 /**
  * GET endpoint for getting the current url of the active remote browser.
  */
-router.get('/active/url', (req, res) => {
+router.get('/active/url', requireSignIn, (req, res) => {
     const id = getActiveBrowserId();
     if (id) {
         const url = getRemoteBrowserCurrentUrl(id);
@@ -101,7 +102,7 @@ router.get('/active/url', (req, res) => {
 /**
  * GET endpoint for getting the current tabs of the active remote browser.
  */
-router.get('/active/tabs', (req, res) => {
+router.get('/active/tabs', requireSignIn, (req, res) => {
     const id = getActiveBrowserId();
     if (id) {
         const hosts = getRemoteBrowserCurrentTabs(id);
@@ -113,7 +114,7 @@ router.get('/active/tabs', (req, res) => {
 /**
  * GET endpoint for starting an interpretation of the currently generated workflow.
  */
-router.get('/interpret', async (req, res) => {
+router.get('/interpret', requireSignIn, async (req, res) => {
     try {
         await interpretWholeWorkflow();
         return res.send('interpretation done');
@@ -125,7 +126,7 @@ router.get('/interpret', async (req, res) => {
 /**
  * GET endpoint for stopping an ongoing interpretation of the currently generated workflow.
  */
-router.get('/interpret/stop', async (req, res) => {
+router.get('/interpret/stop', requireSignIn, async (req, res) => {
     await stopRunningInterpretation();
     return res.send('interpretation stopped');
 });

server/src/routes/storage.ts

@@ -15,13 +15,14 @@ import moment from 'moment-timezone';
 import cron from 'node-cron';
 import { googleSheetUpdateTasks, processGoogleSheetUpdates } from '../workflow-management/integrations/gsheet';
 import { getDecryptedProxyConfig } from './proxy';
+import { requireSignIn } from '../middlewares/auth';
 
 export const router = Router();
 
 /**
  * Logs information about recordings API.
  */
-router.all('/', (req, res, next) => {
+router.all('/', requireSignIn, (req, res, next) => {
   logger.log('debug', `The recordings API was invoked: ${req.url}`)
   next() // pass control to the next handler
 })
@@ -29,7 +30,7 @@ router.all('/', (req, res, next) => {
 /**
  * GET endpoint for getting an array of all stored recordings.
  */
-router.get('/recordings', async (req, res) => {
+router.get('/recordings', requireSignIn, async (req, res) => {
   try {
     const data = await readFiles('./../storage/recordings/');
     return res.send(data);
@@ -42,7 +43,7 @@ router.get('/recordings', async (req, res) => {
 /**
  * DELETE endpoint for deleting a recording from the storage.
  */
-router.delete('/recordings/:fileName', async (req, res) => {
+router.delete('/recordings/:fileName', requireSignIn, async (req, res) => {
   try {
     await deleteFile(`./../storage/recordings/${req.params.fileName}.waw.json`);
     return res.send(true);
@@ -56,7 +57,7 @@ router.delete('/recordings/:fileName', async (req, res) => {
 /**
  * GET endpoint for getting an array of runs from the storage.
  */
-router.get('/runs', async (req, res) => {
+router.get('/runs', requireSignIn, async (req, res) => {
   try {
     const data = await readFiles('./../storage/runs/');
     return res.send(data);
@@ -69,7 +70,7 @@ router.get('/runs', async (req, res) => {
 /**
  * DELETE endpoint for deleting a run from the storage.
  */
-router.delete('/runs/:fileName', async (req, res) => {
+router.delete('/runs/:fileName', requireSignIn, async (req, res) => {
   try {
     await deleteFile(`./../storage/runs/${req.params.fileName}.json`);
     return res.send(true);
@@ -84,7 +85,7 @@ router.delete('/runs/:fileName', async (req, res) => {
  * PUT endpoint for starting a remote browser instance and saving run metadata to the storage.
  * Making it ready for interpretation and returning a runId.
  */
-router.put('/runs/:fileName', async (req, res) => {
+router.put('/runs/:fileName', requireSignIn, async (req, res) => {
   try {
     const proxyConfig = await getDecryptedProxyConfig(req.user.id);
     let proxyOptions: any = {};
@@ -144,7 +145,7 @@ router.put('/runs/:fileName', async (req, res) => {
 /**
  * GET endpoint for getting a run from the storage.
  */
-router.get('/runs/run/:fileName/:runId', async (req, res) => {
+router.get('/runs/run/:fileName/:runId', requireSignIn, async (req, res) => {
   try {
     // read the run from storage
     const run = await readFile(`./../storage/runs/${req.params.fileName}_${req.params.runId}.json`)
@@ -160,7 +161,7 @@ router.get('/runs/run/:fileName/:runId', async (req, res) => {
 /**
  * PUT endpoint for finishing a run and saving it to the storage.
  */
-router.post('/runs/run/:fileName/:runId', async (req, res) => {
+router.post('/runs/run/:fileName/:runId', requireSignIn, async (req, res) => {
   try {
     const recording = await readFile(`./../storage/recordings/${req.params.fileName}.waw.json`)
     const parsedRecording = JSON.parse(recording);
@@ -218,7 +219,7 @@ router.post('/runs/run/:fileName/:runId', async (req, res) => {
   }
 });
 
-router.put('/schedule/:fileName/', async (req, res) => {
+router.put('/schedule/:fileName/', requireSignIn, async (req, res) => {
   console.log(req.body);
   try {
     const { fileName } = req.params;
@@ -313,7 +314,7 @@ router.put('/schedule/:fileName/', async (req, res) => {
 /**
  * POST endpoint for aborting a current interpretation of the run.
  */
-router.post('/runs/abort/:fileName/:runId', async (req, res) => {
+router.post('/runs/abort/:fileName/:runId', requireSignIn, async (req, res) => {
   try {
     const run = await readFile(`./../storage/runs/${req.params.fileName}_${req.params.runId}.json`)
     const parsedRun = JSON.parse(run);

server/src/routes/workflow.ts

@@ -6,13 +6,14 @@ import { Router } from 'express';
 import logger from "../logger";
 import { browserPool } from "../server";
 import { readFile } from "../workflow-management/storage";
+import { requireSignIn } from '../middlewares/auth';
 
 export const router = Router();
 
 /**
  * Logs information about workflow API.
  */
-router.all('/', (req, res, next) => {
+router.all('/', requireSignIn, (req, res, next) => {
   logger.log('debug', `The workflow API was invoked: ${req.url}`)
   next() // pass control to the next handler
 })
@@ -21,7 +22,7 @@ router.all('/', (req, res, next) => {
  * GET endpoint for a recording linked to a remote browser instance.
  * returns session's id
  */
-router.get('/:browserId', (req, res) => {
+router.get('/:browserId', requireSignIn, (req, res) => {
   const activeBrowser = browserPool.getRemoteBrowser(req.params.browserId);
   let workflowFile = null;
   if (activeBrowser && activeBrowser.generator) {
@@ -33,7 +34,7 @@ router.get('/:browserId', (req, res) => {
 /**
  * Get endpoint returning the parameter array of the recording associated with the browserId browser instance.
  */
-router.get('/params/:browserId', (req, res) => {
+router.get('/params/:browserId', requireSignIn, (req, res) => {
   const activeBrowser = browserPool.getRemoteBrowser(req.params.browserId);
   let params = null;
   if (activeBrowser && activeBrowser.generator) {
@@ -45,7 +46,7 @@ router.get('/params/:browserId', (req, res) => {
 /**
  * DELETE endpoint for deleting a pair from the generated workflow.
  */
-router.delete('/pair/:index', (req, res) => {
+router.delete('/pair/:index', requireSignIn, (req, res) => {
   const id = browserPool.getActiveBrowserId();
   if (id) {
     const browser = browserPool.getRemoteBrowser(id);
@@ -61,7 +62,7 @@ router.delete('/pair/:index', (req, res) => {
 /**
  * POST endpoint for adding a pair to the generated workflow.
  */
-router.post('/pair/:index', (req, res) => {
+router.post('/pair/:index', requireSignIn, (req, res) => {
   const id = browserPool.getActiveBrowserId();
   if (id) {
     const browser = browserPool.getRemoteBrowser(id);
@@ -81,7 +82,7 @@ router.post('/pair/:index', (req, res) => {
 /**
  * PUT endpoint for updating a pair in the generated workflow.
  */
-router.put('/pair/:index', (req, res) => {
+router.put('/pair/:index', requireSignIn, (req, res) => {
   const id = browserPool.getActiveBrowserId();
   if (id) {
     const browser = browserPool.getRemoteBrowser(id);
@@ -101,7 +102,7 @@ router.put('/pair/:index', (req, res) => {
 /**
  * PUT endpoint for updating the currently generated workflow file from the one in the storage.
  */
-router.put('/:browserId/:fileName', async (req, res) => {
+router.put('/:browserId/:fileName', requireSignIn, async (req, res) => {
   try {
     const browser = browserPool.getRemoteBrowser(req.params.browserId);
     logger.log('debug', `Updating workflow file`);