🚩 (user) create soft delete controller boilerplate

create basic boilerplate for soft delete user including make middleware that only admin and owner can access
2025-07-06 23:40:05 +07:00
parent 2b2776307b
commit 2fe34034a5
3 changed files with 40 additions and 0 deletions
--- a/src/middleware/userRoles/isOwnerOrAdmin.middleware.ts
+++ b/src/middleware/userRoles/isOwnerOrAdmin.middleware.ts
@ -0,0 +1,26 @@
+import { Context } from "elysia";
+import { getCookie } from "../../helpers/http/userHeader/cookies/getCookies";
+import { jwtDecode } from "../../helpers/http/jwt/decode";
+import { returnErrorResponse } from "../../helpers/callback/httpResponse";
+import { mainErrorHandler } from "../../helpers/error/handler";
+
+export const isOwnerOrAdminMiddleware = (ctx: Context) => {
+  try {
+    const clientCookie = getCookie(ctx);
+    const clientToken = jwtDecode(clientCookie.auth_token!);
+    const clientUsername = clientToken.user.username;
+    //   const isClientAdmin = clientToken.user.username
+
+    const targetUsername = ctx.params.username;
+    if (targetUsername !== clientUsername)
+      return returnErrorResponse(
+        ctx.set,
+        401,
+        "You don't have access to this resource"
+      );
+
+    // Pass
+  } catch (error) {
+    return mainErrorHandler(ctx.set, error);
+  }
+};
--- a/src/modules/user/controller/softDeleteUser.controller.ts
+++ b/src/modules/user/controller/softDeleteUser.controller.ts
@ -0,0 +1,7 @@
+import { Context } from "elysia";
+import { returnWriteResponse } from "../../../helpers/callback/httpResponse";
+
+export const softDeleteUserController = async (ctx: Context) => {
+  const data = ctx.params.username;
+  return returnWriteResponse(ctx.set, 201, "Okay", data);
+};
--- a/src/modules/user/index.ts
+++ b/src/modules/user/index.ts
@ -5,6 +5,8 @@ import { editUserController } from "./controller/editUser.controller";
 import { unautenticatedMiddleware } from "../../middleware/auth/unauthenticated.middleware";
 import { authenticatedMiddleware } from "../../middleware/auth/authenticated.middleware";
 import { checkUserPasswordController } from "./controller/checkUserPassword.controller";
+import { isOwnerOrAdminMiddleware } from "../../middleware/userRoles/isOwnerOrAdmin.middleware";
+import { softDeleteUserController } from "./controller/softDeleteUser.controller";

 export const userModule = new Elysia({ prefix: "/users" })
  .get("/", getAllUserController)
@ -18,4 +20,9 @@ export const userModule = new Elysia({ prefix: "/users" })
      .onBeforeHandle(authenticatedMiddleware) // middleware to ensure the user is authenticated
      .put("/", editUserController)
      .post("/check-password", checkUserPasswordController)
+  )
+  .group("", (app) =>
+    app
+      .onBeforeHandle(isOwnerOrAdminMiddleware)
+      .delete(":username", softDeleteUserController)
  );