critrace · chancehudson · Jun 26, 2019 · Jun 26, 2019 · Jun 26, 2019 · Jun 26, 2019
diff --git a/index.ts b/index.ts
@@ -1,6 +1,5 @@
 import express from 'express'
 import mongoose from 'mongoose'
-import asyncExpress from 'async-express'
 const app = express()
 
 // Load models into memory
@@ -28,18 +27,18 @@ if (process.env.NODE_ENV === 'test') {
   process.env.WEB_TOKEN_SECRET = 'secret'
   process.env.DB_URI = 'mongodb://127.0.0.1:27017/test'
 }
-const mongoConnect = asyncExpress(async (_1, _2, next: any) => {
+const mongoConnect: express.RequestHandler = async (_1, _2, next: any) => {
   await mongoose.connect(process.env.DB_URI, {
     connectTimeoutMS: 5000,
     useNewUrlParser: true,
   })
   next()
-})
+}
 
-const mongoDisconnect = asyncExpress(async (_1, _2, next) => {
+const mongoDisconnect: express.RequestHandler = async (_1, _2, next) => {
   await mongoose.disconnect()
   next()
-})
+}
 
 /**
  * Establish a connection to the mongo database, then continue the request

diff --git a/middleware/auth.ts b/middleware/auth.ts
@@ -2,45 +2,61 @@ import jwt from 'jsonwebtoken'
 import mongoose from 'mongoose'
 import express from 'express'
 
+export type AuthReq = express.Request & {
+  promoter: {
+    _id: mongoose.Types.ObjectId
+  }
+}
+
+export type OptionalAuthReq = express.Request & {
+  promoter?: {
+    _id: mongoose.Types.ObjectId
+  }
+}
+
+// Auth required
 export default (
-  req: express.Request,
+  req: AuthReq,
   res: express.Response,
   next: express.NextFunction
 ) => {
-  const promoter = loadPromoter(req, res)
-  if (!promoter) {
-    res.status(401)
-    res.send('No authentication token supplied in body or query.')
-    return
+  try {
+    loadPromoter(req)
+    if (!req.promoter) {
+      res.status(401)
+      res.send('No authentication token supplied in body or query.')
+      res.end()
+      return
+    }
+    if (!req.promoter._id) {
+      throw new Error('No _id present on decoded promoter')
+    }
+    next()
+  } catch (err) {
+    res.status(500)
+    res.send(err.toString())
   }
-  // Deprecated
-  req.promoter = promoter
-  next()
 }
 
 export const authNotRequired = (
-  req: express.Request,
+  req: OptionalAuthReq,
   res: express.Response,
   next: express.NextFunction
 ) => {
-  const promoter = loadPromoter(req, res)
-  // Deprecated
-  req.promoter = promoter || {}
-  next()
+  try {
+    loadPromoter(req)
+    next()
+  } catch (err) {
+    next()
+  }
 }
 
-const loadPromoter = (req: express.Request, res: express.Response) => {
+const loadPromoter = (req: AuthReq | OptionalAuthReq) => {
   const token = req.body.token || req.query.token
   if (!token) return
-  try {
-    const promoter = jwt.verify(token, process.env.WEB_TOKEN_SECRET)
-    if (promoter._id) {
-      promoter._id = mongoose.Types.ObjectId(promoter._id)
-    }
-    return promoter
-  } catch (err) {
-    // console.log('Error decoding token', err)
-    res.status(500)
-    res.send(err.toString())
+  const promoter: any = jwt.verify(token, process.env.WEB_TOKEN_SECRET)
+  if (promoter._id) {
+    promoter._id = mongoose.Types.ObjectId(promoter._id)
   }
+  req.promoter = promoter
 }
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -44,7 +44,6 @@
   },
   "homepage": "https://github.com/critrace/backend#readme",
   "dependencies": {
-    "async-express": "^0.1.6",
     "axios": "^0.19.0",
     "bcrypt": "^3.0.5",
     "csv-parse": "^4.4.3",

diff --git a/routes/bib.ts b/routes/bib.ts
@@ -1,23 +1,24 @@
-import asyncExpress from 'async-express'
-import auth from '../middleware/auth'
+import auth, { AuthReq } from '../middleware/auth'
 import { isSeriesPromoter } from './series'
+import express from 'express'
 import mongoose from 'mongoose'
+const { ObjectId } = mongoose.Types
 const Bib = mongoose.model('Bib')
 const Entry = mongoose.model('Entry')
 const SeriesPromoter = mongoose.model('SeriesPromoter')
 const Race = mongoose.model('Race')
 
-export default (app: any) => {
+export default (app: express.Application) => {
   app.get('/bibs', getBibs)
   app.post('/bibs', auth, create)
   app.delete('/bibs', auth, deleteBib)
   app.put('/bibs', auth, update)
 }
 
-const create = asyncExpress(async (req, res) => {
+const create = async (req: AuthReq, res: express.Response) => {
   const existingBib = await Bib.findOne({
-    seriesId: mongoose.Types.ObjectId(req.body.seriesId),
-    riderId: mongoose.Types.ObjectId(req.body.riderId),
+    seriesId: ObjectId(req.body.seriesId),
+    riderId: ObjectId(req.body.riderId),
   })
     .lean()
     .exec()
@@ -35,7 +36,7 @@ const create = asyncExpress(async (req, res) => {
   }
 
   const existingNumber = await Bib.findOne({
-    seriesId: mongoose.Types.ObjectId(req.body.seriesId),
+    seriesId: ObjectId(req.body.seriesId),
     bibNumber: req.body.bibNumber,
   })
     .lean()
@@ -48,12 +49,12 @@ const create = asyncExpress(async (req, res) => {
   }
   const created = await Bib.create(req.body)
   res.json(created)
-})
+}
 
-const getBibs = asyncExpress(async (req, res) => {
+const getBibs = async (req: AuthReq, res: express.Response) => {
   if (req.query.seriesId) {
     const bibs = await Bib.find({
-      seriesId: mongoose.Types.ObjectId(req.query.seriesId),
+      seriesId: ObjectId(req.query.seriesId),
     })
       .populate('rider')
       .populate('series')
@@ -63,7 +64,7 @@ const getBibs = asyncExpress(async (req, res) => {
     return
   } else if (req.query.raceId) {
     const race = await Race.findOne({
-      _id: mongoose.Types.ObjectId(req.query.raceId),
+      _id: ObjectId(req.query.raceId),
     }).exec()
     if (!race) {
       res.status(400).json({
@@ -72,15 +73,15 @@ const getBibs = asyncExpress(async (req, res) => {
       return
     }
     const bibs = await Bib.find({
-      seriesId: mongoose.Types.ObjectId(race.seriesId),
+      seriesId: ObjectId(race.seriesId),
     })
       .lean()
       .exec()
     res.json(bibs)
     return
   } else if (req.query._id) {
     const bib = await Bib.findOne({
-      _id: mongoose.Types.ObjectId(req.query._id),
+      _id: ObjectId(req.query._id),
     })
       .populate('rider')
       .populate('series')
@@ -90,11 +91,11 @@ const getBibs = asyncExpress(async (req, res) => {
     return
   }
   res.status(204).end()
-})
+}
 
-const deleteBib = asyncExpress(async (req, res) => {
+const deleteBib = async (req: AuthReq, res: express.Response) => {
   const bib = await Bib.findOne({
-    _id: mongoose.Types.ObjectId(req.body._id),
+    _id: ObjectId(req.body._id),
   })
     .lean()
     .exec()
@@ -111,15 +112,15 @@ const deleteBib = asyncExpress(async (req, res) => {
     return
   }
   await Bib.deleteOne({
-    _id: mongoose.Types.ObjectId(req.body._id),
+    _id: ObjectId(req.body._id),
   }).exec()
   await Entry.deleteMany({
-    bibId: mongoose.Types.ObjectId(req.body._id),
+    bibId: ObjectId(req.body._id),
   }).exec()
   res.status(204).end()
-})
+}
 
-const update = asyncExpress(async (req, res) => {
+const update = async (req: AuthReq, res: express.Response) => {
   if (!req.body.where) {
     res.status(400).json({
       message: 'No where clause supplied',
@@ -141,7 +142,7 @@ const update = asyncExpress(async (req, res) => {
   ) {
     const existingBib = await Bib.findOne({
       bibNumber: req.body.changes.bibNumber,
-      seriesId: mongoose.Types.ObjectId(bib.seriesId),
+      seriesId: ObjectId(bib.seriesId),
     }).exec()
     if (existingBib) {
       res.status(400).json({
@@ -151,8 +152,8 @@ const update = asyncExpress(async (req, res) => {
     }
   }
   const seriesPromoter = await SeriesPromoter.findOne({
-    seriesId: mongoose.Types.ObjectId(bib.seriesId),
-    promoterId: mongoose.Types.ObjectId(req.promoter._id),
+    seriesId: ObjectId(bib.seriesId),
+    promoterId: req.promoter._id,
   })
     .lean()
     .exec()
@@ -164,4 +165,4 @@ const update = asyncExpress(async (req, res) => {
   }
   await Bib.updateOne(req.body.where, req.body.changes).exec()
   res.status(204).end()
-})
+}
diff --git a/routes/event.ts b/routes/event.ts
@@ -1,6 +1,10 @@
 import mongoose from 'mongoose'
-import asyncExpress from 'async-express'
-import auth, { authNotRequired } from '../middleware/auth'
+import express from 'express'
+import auth, {
+  authNotRequired,
+  AuthReq,
+  OptionalAuthReq,
+} from '../middleware/auth'
 import { isSeriesPromoter } from './series'
 import _ from 'lodash'
 import csvStringify from 'csv-stringify'
@@ -13,7 +17,7 @@ const SeriesPromoter = mongoose.model('SeriesPromoter')
 const Bib = mongoose.model('Bib')
 const Rider = mongoose.model('Rider')
 
-export default (app: any) => {
+export default (app: express.Application) => {
   app.get('/events', authNotRequired, getEvent)
   app.get('/events/home', homeEvents)
   app.post('/events', auth, create)
@@ -25,7 +29,7 @@ export default (app: any) => {
 /**
  * Result csv download route
  **/
-const generateCSV = asyncExpress(async (req, res) => {
+const generateCSV = async (req: AuthReq, res: express.Response) => {
   const _event = await Event.findOne({
     _id: mongoose.Types.ObjectId(req.query.eventId),
   })
@@ -159,12 +163,12 @@ const generateCSV = asyncExpress(async (req, res) => {
     `attachment; filename="${req.query.eventId}.csv"`
   )
   res.send(csvData)
-})
+}
 
 /**
  * Create event route
  **/
-const create = asyncExpress(async (req, res) => {
+const create = async (req: AuthReq, res: express.Response) => {
   if (!(await isSeriesPromoter(req.body.seriesId, req.promoter._id))) {
     res.status(401).json({
       message: 'You must be a series promoter to create an event',
@@ -176,9 +180,9 @@ const create = asyncExpress(async (req, res) => {
     ...req.body,
   })
   res.json(created)
-})
+}
 
-const getEvent = asyncExpress(async (req, res) => {
+const getEvent = async (req: OptionalAuthReq, res: express.Response) => {
   if (req.query._id) {
     const event = await Event.findOne({
       _id: mongoose.Types.ObjectId(req.query._id),
@@ -199,7 +203,7 @@ const getEvent = asyncExpress(async (req, res) => {
     res.json(events)
     return
   }
-  if (!req.promoter._id) {
+  if (!req.promoter) {
     res.status(401).json({
       message: 'Authenticate to retrieve owned events',
     })
@@ -218,9 +222,9 @@ const getEvent = asyncExpress(async (req, res) => {
     .lean()
     .exec()
   res.json(events)
-})
+}
 
-const homeEvents = asyncExpress(async (req, res) => {
+const homeEvents = async (req: express.Request, res: express.Response) => {
   const events = await Event.find({
     seriesId: {
       $ne: mongoose.Types.ObjectId('5c9f78c12d17216b9edfbb9f'),
@@ -234,9 +238,9 @@ const homeEvents = asyncExpress(async (req, res) => {
     .lean()
     .exec()
   res.json(events)
-})
+}
 
-const deleteEvent = asyncExpress(async (req, res) => {
+const deleteEvent = async (req: AuthReq, res: express.Response) => {
   const event = await Event.findOne({
     _id: mongoose.Types.ObjectId(req.body._id),
   })
@@ -263,9 +267,9 @@ const deleteEvent = asyncExpress(async (req, res) => {
     ...races.map(({ _id }) => Entry.deleteMany({ raceId: _id }).exec()),
   ])
   res.status(204).end()
-})
+}
 
-const getEntries = asyncExpress(async (req, res) => {
+const getEntries = async (req: express.Request, res: express.Response) => {
   const entries = await Entry.find({
     eventId: mongoose.Types.ObjectId(req.query._id),
   })
@@ -275,4 +279,4 @@ const getEntries = asyncExpress(async (req, res) => {
     .lean()
     .exec()
   res.json(entries)
-})
+}