From 183d975310310dcef64518e65568f7b844d5a081 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?T=C3=A1ssyla=20Lissa=20Lima?= <tassyla.tll@gmail.com>
Date: Tue, 13 Aug 2024 12:59:34 -0300
Subject: [PATCH] feat: update, read and delete user authenticated

---
 .../infra/http/controller/UsersController.ts  | 41 ++++++++++---------
 .../users/infra/http/routes/users.routes.ts   | 10 ++---
 .../http/middlewares/EnsureAuthenticated.ts   | 31 ++++++++++++++
 3 files changed, 58 insertions(+), 24 deletions(-)
 create mode 100644 src/shared/infra/http/middlewares/EnsureAuthenticated.ts

diff --git a/src/modules/users/infra/http/controller/UsersController.ts b/src/modules/users/infra/http/controller/UsersController.ts
index ba30ab1..0b1901b 100644
--- a/src/modules/users/infra/http/controller/UsersController.ts
+++ b/src/modules/users/infra/http/controller/UsersController.ts
@@ -37,9 +37,10 @@ export default class UsersController {
       state,
     });
 
-    user.password = '###';
-
-    return res.status(201).json(user);
+    return res.status(201).json({
+      ...user,
+      password: undefined,
+    });
   }
 
   public async readAll(req: Request, res: Response): Promise<Response> {
@@ -47,17 +48,17 @@ export default class UsersController {
     const readUsers = container.resolve(ReadAllUsersService);
 
     const users = await readUsers.execute();
-
-    if(users) {
-        users.forEach(user => {
-        user.password = '###';
-      });
-    }
-    return res.status(201).json(users);
+    
+    return res.status(201).json(users?.map(user => {
+      return {
+        ...user,
+        password: undefined,
+      };
+    }));
   }
 
   public async readById(req: Request, res: Response): Promise<Response> {
-    const { id } = req.params;
+    const { id } = req.token;
 
     const readUser = container.resolve(ReadUserByIdService);
 
@@ -73,7 +74,7 @@ export default class UsersController {
   }
 
   public async update(req: Request, res: Response): Promise<Response> {
-    const { id } = req.params;
+    const { id } = req.token;
 
     const {
       name,
@@ -102,13 +103,14 @@ export default class UsersController {
       state,
     });
 
-    user.password = '###';
-
-    return res.status(201).json(user);
+    return res.status(201).json({
+      ...user,
+      password: undefined,
+    });
   }
 
   public async delete(req: Request, res: Response): Promise<Response> {
-    const { id } = req.params;
+    const { id } = req.token;
 
     const deleteUser = container.resolve(DeleteUserService);
 
@@ -116,8 +118,9 @@ export default class UsersController {
       id,
     });
 
-    user.password = '###';
-
-    return res.status(201).json(user);
+    return res.status(201).json({
+      ...user,
+      password: undefined,
+    });
   }
 }
diff --git a/src/modules/users/infra/http/routes/users.routes.ts b/src/modules/users/infra/http/routes/users.routes.ts
index 0fadbf4..7c27eb9 100644
--- a/src/modules/users/infra/http/routes/users.routes.ts
+++ b/src/modules/users/infra/http/routes/users.routes.ts
@@ -1,5 +1,5 @@
 import { Router } from 'express';
-
+import ensureAuthenticated from '@shared/infra/http/middlewares/EnsureAuthenticated';
 import UsersController from '../controller/UsersController';
 
 const usersRoutes = Router();
@@ -7,9 +7,9 @@ const usersRoutes = Router();
 const usersController = new UsersController();
 
 usersRoutes.post('/register', usersController.create);
-usersRoutes.get('/read', usersController.readAll);
-usersRoutes.get('/read/:id', usersController.readById);
-usersRoutes.patch('/update/:id', usersController.update);
-usersRoutes.delete('/delete/:id', usersController.delete);
+usersRoutes.get('/readAll', usersController.readAll);
+usersRoutes.get('/read', ensureAuthenticated, usersController.readById);
+usersRoutes.patch('/update', ensureAuthenticated, usersController.update);
+usersRoutes.delete('/delete', ensureAuthenticated, usersController.delete);
 
 export default usersRoutes;
diff --git a/src/shared/infra/http/middlewares/EnsureAuthenticated.ts b/src/shared/infra/http/middlewares/EnsureAuthenticated.ts
new file mode 100644
index 0000000..a612f86
--- /dev/null
+++ b/src/shared/infra/http/middlewares/EnsureAuthenticated.ts
@@ -0,0 +1,31 @@
+import auth from '@config/auth';
+import { NextFunction, Request, Response } from 'express';
+import { Secret, verify } from 'jsonwebtoken';
+
+import AppError from '@shared/errors/AppError';
+
+interface ITokenPayload {
+  iss: string;
+  sub: string;
+  exp: number;
+  iat: number;
+}
+
+export default function ensureAuthenticated(request: Request, _response: Response, next: NextFunction): void {
+  const authHeader = request.headers.authorization;
+
+  if (!authHeader) { throw new AppError('Token não enviado'); }
+
+  const token = authHeader.split(' ')[1];
+
+  try {
+    const decoded = verify(token, auth.jwt.secret as Secret);
+
+    const { sub: id } = decoded as ITokenPayload;
+    request.token = { id };
+
+    return next();
+  } catch (error) {
+    throw new AppError('Token inválido');
+  }
+}