Add AuthBearerMiddleware::getAuthInfo method

modscleo4 · May 21, 2024 · 69cbd5a · 69cbd5a
1 parent e0faee1
commit 69cbd5a
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 12 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@modscleo4/midori",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Midori is a Node.js web API framework with minimal dependencies and based on PSR ideas.",
   "type": "module",
   "keywords": [
@@ -101,7 +101,7 @@
   },
   "devDependencies": {
     "@types/mime-types": "^2.1.4",
-    "@types/node": "^20.12.7",
+    "@types/node": "^20.12.12",
     "typescript": "^5.4.5"
   },
   "dependencies": {

diff --git a/src/http/Response.ts b/src/http/Response.ts
@@ -161,6 +161,8 @@ export default class Response<T = any> {
             } else {
                 this.#headers.set('Set-Cookie', [setCookie as string, cookie]);
             }
+        } else {
+            this.#headers.set('Set-Cookie', [cookie]);
         }
 
         return this;

diff --git a/src/middlewares/AuthBearerMiddleware.ts b/src/middlewares/AuthBearerMiddleware.ts
@@ -43,12 +43,13 @@ export default class AuthBearerMiddleware extends Middleware {
     }
 
     override async process(req: Request, next: (req: Request) => Promise<Response>): Promise<Response> {
-        if (!req.headers['authorization']) {
-            return Response.problem('Invalid Authorization header.', 'No Authorization header provided.', EStatusCode.UNAUTHORIZED)
+        const authInfo = this.getAuthInfo(req);
+        if (!authInfo) {
+            return Response.problem('Invalid Authorization header.', 'No Authorization info provided.', EStatusCode.UNAUTHORIZED)
                 .withHeader('WWW-Authenticate', 'Bearer');
         }
 
-        const [scheme, credentials] = req.headers['authorization'].split(' ', 2);
+        const { scheme, credentials } = authInfo;
 
         if (scheme !== 'Bearer') {
             return Response.problem('Invalid Authorization header.', 'Only Bearer scheme is supported.', EStatusCode.UNAUTHORIZED)
@@ -74,6 +75,29 @@ export default class AuthBearerMiddleware extends Middleware {
         return await next(req);
     }
 
+    /**
+     * Extracts the Authorization header from the Request.
+     *
+     * @param req Request object.
+     * @returns An object with the scheme and credentials or null if the header is not present.
+     */
+    getAuthInfo(req: Request): { scheme: string, credentials: string } | null {
+        if (!req.headers['authorization']) {
+            return null;
+        }
+
+        const [scheme, credentials] = req.headers['authorization'].split(' ', 2);
+
+        return { scheme, credentials };
+    }
+
+    /**
+     * Validates the token payload.
+     *
+     * @param req Request object.
+     * @param payload Token payload.
+     * @returns True if the token is valid, false otherwise.
+     */
     async validateToken(req: Request, payload: Payload): Promise<boolean> {
         if (
             typeof payload !== 'object'

diff --git a/src/router/Router.ts b/src/router/Router.ts
@@ -16,6 +16,7 @@
 
 import { HandlerConstructor, HandlerFunction } from "../http/Handler.js";
 import { MiddlewareConstructor, MiddlewareFunction } from "../http/Middleware.js";
+import { split } from "../util/strings.js";
 import { validateUUID } from "../util/uuid.js";
 import Route from "./Route.js";
 
@@ -137,7 +138,7 @@ export default class Router {
                 if (parts[i] !== routeParts[i]) {
                     if (paramRegex.test(routeParts[i])) {
                         const [, before, param, after] = routeParts[i].match(paramRegex)!;
-                        const [paramName, paramType] = param.split(':');
+                        const [paramName, paramType] = split(param, ':', 2);
 
                         if (!parts[i].startsWith(before) || !parts[i].endsWith(after)) {
                             return false;