typescript source code of auth

Project: office-booker (GitHub Link)

office-booker-master
- .github
  - workflows
    - build.yml
    - codeql-analysis.yml
- alerts
  - src
    - lambda.ts
  - tsconfig.dist.json
  - package.json
  - tsconfig.json
- .node-version
- make-env.sh
- smoketest.sh
- .prettierrc
- client
  - src
    - index.tsx
    - lib
      - app.ts
      - api.ts
      - auth.ts
      - emailValidation.ts
    - context
      - reducers.ts
      - stores.ts
    - components
      - Layout
        Header.styles.ts
        Layout.styles.ts
        Footer.styles.ts
        Header.tsx
        Layout.tsx
        Footer.tsx
      - Root.test.tsx
      - Root.tsx
      - App
        Help.tsx
        Home.tsx
        Admin
        Bookings.styles.ts
        Layout
        Header.styles.ts
        Layout.styles.ts
        Header.tsx
        Layout.tsx
        Bookings.test.tsx
        UserBookings.tsx
        Users.tsx
        BookingStats.tsx
        User.styles.ts
        User.tsx
        Bookings.tsx
        UserBookings.styles.ts
        CreateBooking.styles.ts
        CreateBooking.tsx
        Users.styles.ts
        UpcomingBookings.tsx
        Home.test.tsx
        UpcomingBookings.styles.ts
        ViewBooking.styles.ts
        Privacy.tsx
        Help.styles.ts
        Home
        NextBooking.styles.ts
        WhichOffice.tsx
        MakeBooking.styles.ts
        WhichOffice.styles.ts
        NextBooking.tsx
        MakeBooking.tsx
        PageNotFound.tsx
        ViewBooking.tsx
        Home.styles.ts
      - Structure.tsx
      - Assets
        BookButton.styles.ts
        LoadingSpinner.styles.ts
        LoadingSpinner.tsx
        BookingStatus.tsx
        BookingStatus.styles.ts
        LoadingButton.tsx
        ErrorPage.styles.ts
        LoadingButton.styles.ts
        BookButton.tsx
      - ErrorBoundary.tsx
      - TestBanner.styles.ts
      - Routes.tsx
      - AppProvider.tsx
      - TestBanner.tsx
      - Auth
        EnterEmail.styles.ts
        EnterCode.styles.ts
        EnterCode.tsx
        Auth.test.tsx
        RequireLogin.tsx
        EnterEmail.tsx
      - Structure.styles.ts
    - constants
      - theme.ts
      - dates.ts
    - types
      - api.ts
    - styles
      - StyledGlobal.ts
      - MaterialTheme.ts
      - MaterialComponents.ts
    - react-app-env.d.ts
  - public
    - browserconfig.xml
    - index.html
    - site.webmanifest
  - .prettierrc
  - .stylelintrc
  - test
    - handlers.ts
    - data.ts
    - TestContext.tsx
    - server.mock.ts
  - .eslintrc
  - .browserslistrc
  - .babelrc
  - package.json
  - tsconfig.json
  - .vscode
    - settings.json
- .nvmrc
- test.sh
- migrate.sh
- .editorconfig
- .gitattributes
- CHANGELOG.md
- SECURITY.md
- infrastructure
  - index.ts
  - cognito
    - createAuthChallenge.ts
    - defineAuthChallenge.ts
    - verifyAuthChallengeResponse.ts
    - preSignUp.ts
    - email.ts
  - Pulumi.yaml
  - package.json
  - tsconfig.json
  - serverlessWebStack.ts
- .yarnrc
- install.sh
- README.md
- LICENCE
- start.sh
- server
  - errors.ts
  - local.ts
  - app-config.ts
  - app.ts
  - db
    - bookings.ts
    - users.ts
    - userBookings.ts
    - officeBookings.ts
  - lambda.ts
  - auth.ts
  - getOffices.ts
  - bookings
    - queryBookings.ts
    - deleteBooking.ts
    - createBooking.ts
    - model.ts
  - users
    - register.ts
    - queryUsers.ts
    - putUser.ts
    - model.ts
  - dates.ts
  - tsconfig.build.json
  - migrations
    - 4-fix-ttl.ts
    - index.ts
  - stats.ts
  - package.json
  - tests
    - api-anon.test.ts
    - admin-users.test.ts
    - test-utils.ts
    - office-admin-users.test.ts
    - booking.test.ts
    - dates.test.ts
    - migrations.test.ts
    - non-admin-users.test.ts
    - all-users.test.ts
  - scripts
    - create-dynamo-tables.ts
    - init-dynamo-local.ts
    - smoketest.ts
  - tsconfig.json
  - cognito.ts
- deploy.sh
- .gitignore
- build.sh
- .vscode
  - settings.json
  - extensions.json
- docker-compose.yml

import { Express, Response } from 'express';
import { Config } from './app-config';
import { Unauthorized } from './errors';
import { validate } from './cognito';

export const getAuthUserEmail = (res: Response): string => {
  const user = res.locals.user as unknown;
  if (user === undefined || typeof user !== 'string') {
    throw new Error(`Can't get current user`);
  }
  return user;
};

export const configureAuth = (config: Config, app: Express): Express => {
  return app.use(async (req, res, next) => {
    try {
      if (config.authConfig.type === 'test') {
        const response = config.authConfig.validate(req);
        const userEmail = response?.email;
        if (typeof userEmail !== 'string') {
          throw new Unauthorized('Email property missing on auth validate response');
        }
        res.locals.user =
          config.caseSensitiveEmail === true ? userEmail : userEmail.toLocaleLowerCase();
        next();
      } else {
        //I'm passing in the access token in header under key accessToken
        const authHeader = req.headers.authorization;

        //Fail if token not present in header.
        if (typeof authHeader !== 'string') throw new Unauthorized('Header not set');
        const bearerRegex = /^Bearer ([a-zA-Z0-9_\-\.]*)$/g;
        const parsed = bearerRegex.exec(authHeader);
        const token = parsed?.[1];
        if (typeof token !== 'string') throw new Unauthorized('Could not parse Bearer token');

        const authResult = await validate(
          {
            region: config.authConfig.region,
            userPoolId: config.authConfig.cognitoUserPoolId,
            tokenUse: 'id',
          },
          token
        );
        if (authResult.valid) {
          const userEmail = authResult.token.email as string;
          res.locals.user =
            config.caseSensitiveEmail === true ? userEmail : userEmail.toLocaleLowerCase();
          next();
        } else {
          throw new Unauthorized('Bearer token not valid');
        }
      }
    } catch (e) {
      next(e);
    }
    return undefined;
  });
};