From 131ddc39f03e794e6c9c3a5827f7de1b5df9133a Mon Sep 17 00:00:00 2001
From: SeanCassiere <33615041+SeanCassiere@users.noreply.github.com>
Date: Mon, 24 Jun 2024 14:38:46 +1200
Subject: [PATCH] refactor: tweak the auth middleware

---
 src/index.ts                     |  4 +++-
 src/routers/v2/logging/index.ts  |  8 ++++----
 src/routers/v2/services/index.ts | 12 ++++++------
 src/utils/server-helpers.ts      | 22 ++++++++++------------
 4 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/index.ts b/src/index.ts
index e95968d..e8a30ab 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,5 +1,6 @@
 import { Hono } from "hono";
 import { cors } from "hono/cors";
+import { compress } from "hono/compress";
 import { csrf } from "hono/csrf";
 import { etag } from "hono/etag";
 import { secureHeaders } from "hono/secure-headers";
@@ -21,6 +22,7 @@ const packageJson = getPackageInfo();
 
 const app = new Hono<ServerContext>();
 app.use(cors({ origin: "*" }));
+app.use(compress());
 app.use(csrf());
 app.use(etag());
 app.use(logger());
@@ -60,7 +62,7 @@ app.get("/", (c) => {
 });
 
 if (env.FREEZE_DB_WRITES) {
-  console.warn("  ⚠️ ⚠️ ⚠️ ⚠️\n  Database writes are currently frozen\n  ⚠️ ⚠️ ⚠️ ⚠️\n");
+  console.warn("\n🚨 Database writes are currently frozen!!!\n");
 }
 
 transformOpenapiYmlDoc("v2", [openapiYmlVersioner(packageJson.version)]);
diff --git a/src/routers/v2/logging/index.ts b/src/routers/v2/logging/index.ts
index cf6733d..0317161 100644
--- a/src/routers/v2/logging/index.ts
+++ b/src/routers/v2/logging/index.ts
@@ -4,7 +4,7 @@ import { and, eq, lt } from "drizzle-orm";
 import { db } from "@/config/db";
 import { env } from "@/config/env";
 import { logs as logsTable } from "@/config/db/schema";
-import { parseSearchParams, serviceValidation } from "@/utils/server-helpers";
+import { parseSearchParams, v2_serviceValidation } from "@/utils/server-helpers";
 import { ENDPOINT_MESSAGES } from "@/utils/messages";
 import { createDbId } from "@/utils/db";
 import type { ServerContext } from "@/types/hono";
@@ -17,7 +17,7 @@ const app = new Hono<ServerContext>();
  * @public
  * Get all log entries
  */
-app.get("/", serviceValidation, async (c) => {
+app.get("/", v2_serviceValidation, async (c) => {
   const service = c.var.service!;
   const serviceId = service.id;
 
@@ -53,7 +53,7 @@ app.get("/", serviceValidation, async (c) => {
  * @public
  * Create a log entry
  */
-app.post("/", serviceValidation, async (c) => {
+app.post("/", v2_serviceValidation, async (c) => {
   const service = c.var.service!;
   const serviceId = service.id;
 
@@ -106,7 +106,7 @@ app.post("/", serviceValidation, async (c) => {
  * @public
  * Cleans log for a service for a specific number of months
  */
-app.delete("/purge", serviceValidation, async (c) => {
+app.delete("/purge", v2_serviceValidation, async (c) => {
   if (env.FREEZE_DB_WRITES) {
     c.status(503);
     return c.json({ success: false, message: ENDPOINT_MESSAGES.DBWritesFrozen });
diff --git a/src/routers/v2/services/index.ts b/src/routers/v2/services/index.ts
index 309e449..2042c83 100644
--- a/src/routers/v2/services/index.ts
+++ b/src/routers/v2/services/index.ts
@@ -2,7 +2,7 @@ import { Hono } from "hono";
 
 import { db } from "@/config/db";
 import { createDbId } from "@/utils/db";
-import { adminServiceValidation, parseSearchParams } from "@/utils/server-helpers";
+import { v2_serviceValidation, adminServiceValidation, parseSearchParams } from "@/utils/server-helpers";
 import { services as servicesTable } from "@/config/db/schema";
 import type { ServerContext } from "@/types/hono";
 
@@ -22,7 +22,7 @@ const app = new Hono<ServerContext>();
  * @private
  * Get all services, only accessible by admins
  */
-app.get("/", adminServiceValidation, async (c) => {
+app.get("/", v2_serviceValidation, adminServiceValidation, async (c) => {
   const searchQuery = parseSearchParams(c.req.url);
   const searchResult = getServiceFiltersSchema.safeParse(searchQuery);
 
@@ -46,7 +46,7 @@ app.get("/", adminServiceValidation, async (c) => {
  * @private
  * Create a new service, only accessible by admins
  */
-app.post("/", adminServiceValidation, async (c) => {
+app.post("/", v2_serviceValidation, adminServiceValidation, async (c) => {
   const body = await c.req.json();
   const bodyResult = createServiceInputSchema.safeParse(body);
 
@@ -84,7 +84,7 @@ app.post("/", adminServiceValidation, async (c) => {
  * @private
  * Get a service by its ID, only accessible by admins
  */
-app.get("/:service_id", adminServiceValidation, async (c) => {
+app.get("/:service_id", v2_serviceValidation, adminServiceValidation, async (c) => {
   const serviceId = c.req.param("service_id");
 
   const service = await db.query.services.findFirst({
@@ -103,7 +103,7 @@ app.get("/:service_id", adminServiceValidation, async (c) => {
  * @private
  * Disable a service, only accessible by admins
  */
-app.delete("/:service_id", adminServiceValidation, async (c) => {
+app.delete("/:service_id", v2_serviceValidation, adminServiceValidation, async (c) => {
   const reqServiceId = c.var.service!.id;
   const serviceId = c.req.param("service_id");
 
@@ -122,7 +122,7 @@ app.delete("/:service_id", adminServiceValidation, async (c) => {
  * @private
  * Enable a service, only accessible by admins
  */
-app.post("/:service_id/enable", adminServiceValidation, async (c) => {
+app.post("/:service_id/enable", v2_serviceValidation, adminServiceValidation, async (c) => {
   const serviceId = c.req.param("service_id");
 
   await db.update(servicesTable).set({ isActive: true }).where(eq(servicesTable.id, serviceId)).execute();
diff --git a/src/utils/server-helpers.ts b/src/utils/server-helpers.ts
index 8a7645b..d1bd77f 100644
--- a/src/utils/server-helpers.ts
+++ b/src/utils/server-helpers.ts
@@ -2,8 +2,10 @@ import { createFactory } from "hono/factory";
 import type { Context } from "hono";
 
 import { db } from "@/config/db";
-import { ENDPOINT_MESSAGES } from "./messages";
 import { env } from "@/config/env";
+import type { ServerContext } from "@/types/hono";
+
+import { ENDPOINT_MESSAGES } from "./messages";
 
 /**
  * Takes a URL and returns an object with the query string parameters, multiple of the same key will be an array
@@ -51,7 +53,7 @@ const factory = createFactory();
 /**
  * Middleware to validate that a service ID is provided and that the service exists
  */
-export const serviceValidation = factory.createMiddleware(async (c, next) => {
+export const v2_serviceValidation = factory.createMiddleware(async (c, next) => {
   const serviceId = getServiceId(c);
 
   if (!serviceId) {
@@ -74,24 +76,20 @@ export const serviceValidation = factory.createMiddleware(async (c, next) => {
  * Middleware to validate that a service ID is provided and that the service exists and is an admin service
  */
 export const adminServiceValidation = factory.createMiddleware(async (c, next) => {
-  const serviceId = getServiceId(c);
-
-  if (!serviceId) {
-    c.status(401);
-    return c.json({ success: false, message: ENDPOINT_MESSAGES.ServiceIdHeaderNotProvided });
-  }
-
-  const service = await getService(serviceId, { mustBeAdmin: true });
+  const service = c.var.service as ServerContext["Variables"]["service"];
 
   if (!service) {
     c.status(403);
     return c.json({ success: false, message: ENDPOINT_MESSAGES.ServiceDoesNotExistOrDoesNotHaveNecessaryRights });
   }
 
-  c.set("service", service);
   await next();
 });
 
-export function getUserServerUrl() {
+/**
+ * Get the url of the server for the user
+ * @returns The URL of the server for the user
+ */
+export function getUserServerUrl(): string {
   return env.NODE_ENV === "production" ? env.SERVER_URI : `http://localhost:${env.PORT}`;
 }