diff --git a/src/middlewares/auth.ts b/src/middlewares/auth.ts index 535ed1ec..a0215b9d 100644 --- a/src/middlewares/auth.ts +++ b/src/middlewares/auth.ts @@ -1,18 +1,17 @@ // 로그인된 상태에만 접근할 수 있는 라우터(rooms)를 위한 미들웨어입니다. -import { type Request, type Response, type NextFunction } from "express"; +import type { RequestHandler } from "express"; import { isLogin, getLoginInfo } from "@/modules/auths/login"; -const authMiddleware = (req: Request, res: Response, next: NextFunction) => { - if (!isLogin(req)) { - res.status(403).json({ +const authMiddleware: RequestHandler = (req, res, next) => { + if (!isLogin(req)) + return res.status(403).json({ error: "not logged in", }); - } else { - const { id, oid } = getLoginInfo(req); - req.userId = id; - req.userOid = oid; - next(); - } + + const { id, oid } = getLoginInfo(req); + req.userId = id; + req.userOid = oid; + next(); }; export default authMiddleware; diff --git a/src/middlewares/authAdmin.ts b/src/middlewares/authAdmin.ts index af9c7b5d..cc79ef29 100644 --- a/src/middlewares/authAdmin.ts +++ b/src/middlewares/authAdmin.ts @@ -1,34 +1,32 @@ // 관리자 유무를 확인하기 위한 미들웨어입니다. -import { type Request, type Response, type NextFunction } from "express"; +import type { RequestHandler } from "express"; import { isLogin, getLoginInfo } from "@/modules/auths/login"; import { userModel, adminIPWhitelistModel } from "@/modules/stores/mongo"; -const authAdminMiddleware = async ( - req: Request, - res: Response, - next: NextFunction -) => { +const authAdminMiddleware: RequestHandler = async (req, res, next) => { + const redirectUrl = req.origin ?? "/"; + try { // 로그인 여부를 확인 - if (!isLogin(req)) return res.redirect(req.origin ?? "/"); + if (!isLogin(req)) return res.redirect(redirectUrl); // 관리자 유무를 확인 const { id } = getLoginInfo(req); const user = await userModel.findOne({ id }); - if (!user?.isAdmin) return res.redirect(req.origin ?? "/"); + if (!user?.isAdmin) return res.redirect(redirectUrl); // 접속한 IP가 화이트리스트에 있는지 확인 const ipWhitelist = await adminIPWhitelistModel.find({}); - if (!req.clientIP) return res.redirect(req.origin ?? "/"); + if (!req.clientIP) return res.redirect(redirectUrl); if ( ipWhitelist.length > 0 && - ipWhitelist.map((x: any) => x.ip).indexOf(req.clientIP) < 0 // TODO: Remove any + ipWhitelist.map((x) => x.ip).indexOf(req.clientIP) < 0 ) - return res.redirect(req.origin ?? "/"); + return res.redirect(redirectUrl); - return next(); + next(); } catch (e) { - return res.redirect(req.origin ?? "/"); + return res.redirect(redirectUrl); } }; diff --git a/src/middlewares/errorHandler.ts b/src/middlewares/errorHandler.ts index e0a7ba72..f130caa8 100644 --- a/src/middlewares/errorHandler.ts +++ b/src/middlewares/errorHandler.ts @@ -1,4 +1,4 @@ -import { type Request, type Response, type NextFunction } from "express"; +import type { ErrorRequestHandler } from "express"; import logger from "@/modules/logger"; /** @@ -11,20 +11,17 @@ import logger from "@/modules/logger"; * @param res - 응답 객체 * @param next - 다음 미들웨어 함수. Express에서는 next 함수에 err 인자를 넘겨주면 기본 global error handler가 호출됩니다. */ -const errorHandler = ( - err: Error, - req: Request, - res: Response, - next: NextFunction -) => { +const errorHandler: ErrorRequestHandler = (err, req, res, next) => { + logger.error(err); + // 이미 클라이언트에 HTTP 응답 헤더를 전송한 경우, 응답 헤더를 다시 전송하지 않아야 합니다. // 클라이언트에게 스트리밍 형태로 응답을 전송하는 도중 오류가 발생하는 경우가 여기에 해당합니다. // 이럴 때 기본 global error handler를 호출하면 기본 global error handler가 클라이언트와의 연결을 종료시켜 줍니다. - logger.error(err); if (res.headersSent) { - return next(err); + next(err); + } else { + return res.status(500).send("internal server error"); } - return res.status(500).send("internal server error"); }; export default errorHandler; diff --git a/src/middlewares/information.ts b/src/middlewares/information.ts index 0006ea40..91b3d66f 100644 --- a/src/middlewares/information.ts +++ b/src/middlewares/information.ts @@ -1,10 +1,6 @@ -import { type Request, type Response, type NextFunction } from "express"; +import type { RequestHandler } from "express"; -const informationMiddleware = ( - req: Request, - res: Response, - next: NextFunction -) => { +const informationMiddleware: RequestHandler = (req, res, next) => { req.clientIP = (req.headers["x-forwarded-for"] as string | undefined) || req.connection.remoteAddress; diff --git a/src/middlewares/limitRate.ts b/src/middlewares/limitRate.ts index d137892b..18a3203b 100644 --- a/src/middlewares/limitRate.ts +++ b/src/middlewares/limitRate.ts @@ -1,10 +1,10 @@ import rateLimit from "express-rate-limit"; -const limiter = rateLimit({ +const limitRateMiddleware = rateLimit({ windowMs: 15 * 60 * 1000, // 15 minutes max: 1500, // Limit each IP to 1500 requests per `window` (here, per 15 minutes) standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers legacyHeaders: false, // Disable the `X-RateLimit-*` headers }); -export default limiter; +export default limitRateMiddleware; diff --git a/src/middlewares/originValidator.ts b/src/middlewares/originValidator.ts index 3927d46e..330226cc 100644 --- a/src/middlewares/originValidator.ts +++ b/src/middlewares/originValidator.ts @@ -1,21 +1,17 @@ -import { type Request, type Response, type NextFunction } from "express"; +import type { RequestHandler } from "express"; -const originValidatorMiddleware = ( - req: Request, - res: Response, - next: NextFunction -) => { +const originValidatorMiddleware: RequestHandler = (req, res, next) => { req.origin = req.headers.origin || req.headers.referer || req.session?.loginAfterState?.redirectOrigin; // sparcssso/callback 요청은 헤더에 origin이 없음 - if (!req.origin) { + if (!req.origin) return res.status(400).json({ error: "Bad Request : request must have origin in header", }); - } - return next(); + + next(); }; export default originValidatorMiddleware; diff --git a/src/middlewares/session.ts b/src/middlewares/session.ts index 8cf0dcf8..3486154e 100644 --- a/src/middlewares/session.ts +++ b/src/middlewares/session.ts @@ -1,6 +1,6 @@ import expressSession from "express-session"; import { nodeEnv, session as sessionConfig } from "@/loadenv"; -import { type LoginInfo } from "@/modules/auths/login"; +import type { LoginInfo } from "@/modules/auths/login"; import sessionStore from "@/modules/stores/sessionStore"; // 세션에 저장할 데이터 타입을 지정합니다. diff --git a/src/middlewares/validator.ts b/src/middlewares/validator.ts index b4e1b0cf..aafb165a 100644 --- a/src/middlewares/validator.ts +++ b/src/middlewares/validator.ts @@ -1,18 +1,14 @@ -import { type Request, type Response, type NextFunction } from "express"; +import type { RequestHandler } from "express"; import { validationResult } from "express-validator"; -const validatorMiddleware = ( - req: Request, - res: Response, - next: NextFunction -) => { +const validatorMiddleware: RequestHandler = (req, res, next) => { const validationErrors = validationResult(req); - if (!validationErrors.isEmpty()) { + if (!validationErrors.isEmpty()) return res.status(400).json({ error: "validation : bad request", }); - } - return next(); + + next(); }; export default validatorMiddleware;