🚩 (user) create soft delete controller boilerplate
create basic boilerplate for soft delete user including make middleware that only admin and owner can access
This commit is contained in:
unknown
26
src/middleware/userRoles/isOwnerOrAdmin.middleware.ts
Normal file
26
src/middleware/userRoles/isOwnerOrAdmin.middleware.ts
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
import { Context } from "elysia";
|
||||||
|
import { getCookie } from "../../helpers/http/userHeader/cookies/getCookies";
|
||||||
|
import { jwtDecode } from "../../helpers/http/jwt/decode";
|
||||||
|
import { returnErrorResponse } from "../../helpers/callback/httpResponse";
|
||||||
|
import { mainErrorHandler } from "../../helpers/error/handler";
|
||||||
|
|
||||||
|
export const isOwnerOrAdminMiddleware = (ctx: Context) => {
|
||||||
|
try {
|
||||||
|
const clientCookie = getCookie(ctx);
|
||||||
|
const clientToken = jwtDecode(clientCookie.auth_token!);
|
||||||
|
const clientUsername = clientToken.user.username;
|
||||||
|
// const isClientAdmin = clientToken.user.username
|
||||||
|
|
||||||
|
const targetUsername = ctx.params.username;
|
||||||
|
if (targetUsername !== clientUsername)
|
||||||
|
return returnErrorResponse(
|
||||||
|
ctx.set,
|
||||||
|
401,
|
||||||
|
"You don't have access to this resource"
|
||||||
|
);
|
||||||
|
|
||||||
|
// Pass
|
||||||
|
} catch (error) {
|
||||||
|
return mainErrorHandler(ctx.set, error);
|
||||||
|
}
|
||||||
|
};
|
||||||
7
src/modules/user/controller/softDeleteUser.controller.ts
Normal file
7
src/modules/user/controller/softDeleteUser.controller.ts
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
import { Context } from "elysia";
|
||||||
|
import { returnWriteResponse } from "../../../helpers/callback/httpResponse";
|
||||||
|
|
||||||
|
export const softDeleteUserController = async (ctx: Context) => {
|
||||||
|
const data = ctx.params.username;
|
||||||
|
return returnWriteResponse(ctx.set, 201, "Okay", data);
|
||||||
|
};
|
||||||
@ -5,6 +5,8 @@ import { editUserController } from "./controller/editUser.controller";
|
|||||||
import { unautenticatedMiddleware } from "../../middleware/auth/unauthenticated.middleware";
|
import { unautenticatedMiddleware } from "../../middleware/auth/unauthenticated.middleware";
|
||||||
import { authenticatedMiddleware } from "../../middleware/auth/authenticated.middleware";
|
import { authenticatedMiddleware } from "../../middleware/auth/authenticated.middleware";
|
||||||
import { checkUserPasswordController } from "./controller/checkUserPassword.controller";
|
import { checkUserPasswordController } from "./controller/checkUserPassword.controller";
|
||||||
|
import { isOwnerOrAdminMiddleware } from "../../middleware/userRoles/isOwnerOrAdmin.middleware";
|
||||||
|
import { softDeleteUserController } from "./controller/softDeleteUser.controller";
|
||||||
|
|
||||||
export const userModule = new Elysia({ prefix: "/users" })
|
export const userModule = new Elysia({ prefix: "/users" })
|
||||||
.get("/", getAllUserController)
|
.get("/", getAllUserController)
|
||||||
@ -18,4 +20,9 @@ export const userModule = new Elysia({ prefix: "/users" })
|
|||||||
.onBeforeHandle(authenticatedMiddleware) // middleware to ensure the user is authenticated
|
.onBeforeHandle(authenticatedMiddleware) // middleware to ensure the user is authenticated
|
||||||
.put("/", editUserController)
|
.put("/", editUserController)
|
||||||
.post("/check-password", checkUserPasswordController)
|
.post("/check-password", checkUserPasswordController)
|
||||||
|
)
|
||||||
|
.group("", (app) =>
|
||||||
|
app
|
||||||
|
.onBeforeHandle(isOwnerOrAdminMiddleware)
|
||||||
|
.delete(":username", softDeleteUserController)
|
||||||
);
|
);
|
||||||
|
|||||||
Reference in New Issue
Block a user