diff --git a/server/src/routes/auth.ts b/server/src/routes/auth.ts index 49af7090..e7ee62d9 100644 --- a/server/src/routes/auth.ts +++ b/server/src/routes/auth.ts @@ -107,12 +107,13 @@ router.get("/logout", async (req, res) => { router.get( "/current-user", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: "Unauthorized" }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { attributes: { exclude: ["password"] }, }); if (!user) { @@ -135,7 +136,7 @@ router.get( router.get( "/user/:id", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { try { const { id } = req.params; if (!id) { @@ -164,12 +165,13 @@ router.get( router.post( "/generate-api-key", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: "Unauthorized" }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { attributes: { exclude: ["password"] }, }); @@ -204,13 +206,14 @@ router.post( router.get( "/api-key", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: "Unauthorized" }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { raw: true, attributes: ["api_key"], }); @@ -232,13 +235,14 @@ router.get( router.delete( "/delete-api-key", requireSignIn, - async (req: AuthenticatedRequest, res) => { - if (!req.user) { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; + if (!authenticatedReq.user) { return res.status(401).send({ error: "Unauthorized" }); } try { - const user = await User.findByPk(req.user.id, { raw: true }); + const user = await User.findByPk(authenticatedReq.user.id, { raw: true }); if (!user) { return res.status(404).json({ message: "User not found" }); @@ -248,7 +252,7 @@ router.delete( return res.status(404).json({ message: "API Key not found" }); } - await User.update({ api_key: null }, { where: { id: req.user.id } }); + await User.update({ api_key: null }, { where: { id: authenticatedReq.user.id } }); capture("maxun-oss-api-key-deleted", { user_id: user.id, @@ -294,7 +298,8 @@ router.get("/google", (req, res) => { router.get( "/google/callback", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; const { code, state } = req.query; try { if (!state) { @@ -320,12 +325,12 @@ router.get( return res.status(400).json({ message: "Email not found" }); } - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).send({ error: "Unauthorized" }); } // Get the currently authenticated user (from `requireSignIn`) - let user = await User.findOne({ where: { id: req.user.id } }); + let user = await User.findOne({ where: { id: authenticatedReq.user.id } }); if (!user) { return res.status(400).json({ message: "User not found" }); @@ -403,12 +408,13 @@ router.get( router.post( "/gsheets/data", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; const { spreadsheetId, robotId } = req.body; - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).send({ error: "Unauthorized" }); } - const user = await User.findByPk(req.user.id, { raw: true }); + const user = await User.findByPk(authenticatedReq.user.id, { raw: true }); if (!user) { return res.status(400).json({ message: "User not found" }); @@ -520,13 +526,14 @@ router.post("/gsheets/update", requireSignIn, async (req, res) => { router.post( "/gsheets/remove", requireSignIn, - async (req: AuthenticatedRequest, res) => { + async (req: Request, res) => { + const authenticatedReq = req as AuthenticatedRequest; const { robotId } = req.body; if (!robotId) { return res.status(400).json({ message: "Robot ID is required" }); } - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).send({ error: "Unauthorized" }); } @@ -548,7 +555,7 @@ router.post( }); capture("maxun-oss-google-sheet-integration-removed", { - user_id: req.user.id, + user_id: authenticatedReq.user.id, robot_id: robotId, deleted_at: new Date().toISOString(), }); diff --git a/server/src/routes/proxy.ts b/server/src/routes/proxy.ts index d68a889e..f481cc45 100644 --- a/server/src/routes/proxy.ts +++ b/server/src/routes/proxy.ts @@ -12,16 +12,17 @@ interface AuthenticatedRequest extends Request { user?: { id: string }; } -router.post('/config', requireSignIn, async (req: AuthenticatedRequest, res: Response) => { +router.post('/config', requireSignIn, async (req: Request, res: Response) => { const { server_url, username, password } = req.body; + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: 'Unauthorized' }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { attributes: { exclude: ['password'] }, }); @@ -57,13 +58,14 @@ router.post('/config', requireSignIn, async (req: AuthenticatedRequest, res: Res } }); -router.get('/test', requireSignIn, async (req: AuthenticatedRequest, res: Response) => { +router.get('/test', requireSignIn, async (req: Request, res: Response) => { + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: 'Unauthorized' }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { attributes: ['proxy_url', 'proxy_username', 'proxy_password'], raw: true }); @@ -98,13 +100,14 @@ router.get('/test', requireSignIn, async (req: AuthenticatedRequest, res: Respon } }); -router.get('/config', requireSignIn, async (req: AuthenticatedRequest, res: Response) => { +router.get('/config', requireSignIn, async (req: Request, res: Response) => { + const authenticatedReq = req as AuthenticatedRequest; try { - if (!req.user) { + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: 'Unauthorized' }); } - const user = await User.findByPk(req.user.id, { + const user = await User.findByPk(authenticatedReq.user.id, { attributes: ['proxy_url', 'proxy_username', 'proxy_password'], raw: true, }); @@ -125,12 +128,13 @@ router.get('/config', requireSignIn, async (req: AuthenticatedRequest, res: Resp } }); -router.delete('/config', requireSignIn, async (req: AuthenticatedRequest, res: Response) => { - if (!req.user) { +router.delete('/config', requireSignIn, async (req: Request, res: Response) => { + const authenticatedReq = req as AuthenticatedRequest; + if (!authenticatedReq.user) { return res.status(401).json({ ok: false, error: 'Unauthorized' }); } - const user = await User.findByPk(req.user.id); + const user = await User.findByPk(authenticatedReq.user.id); if (!user) { return res.status(404).json({ message: 'User not found' });