diff --git a/backend/src/routes/global-preferences.routes.ts b/backend/src/routes/global-preferences.routes.ts index 9fd666d..2113b55 100644 --- a/backend/src/routes/global-preferences.routes.ts +++ b/backend/src/routes/global-preferences.routes.ts @@ -4,12 +4,21 @@ import { getAppearancePreferences, updateAppearancePreferences } from '../controllers/global-preferences/appearance-preferences.controller.js'; -import { withAdminValidToken } from '../middlewares/auth.middleware.js'; +import { withAuth, tokenAndRoleValidator, apiKeyValidator } from '../middlewares/auth.middleware.js'; +import { Role } from '@typings-ce'; export const preferencesRouter = Router(); preferencesRouter.use(bodyParser.urlencoded({ extended: true })); preferencesRouter.use(bodyParser.json()); -preferencesRouter.put('/appearance', withAdminValidToken, updateAppearancePreferences); -preferencesRouter.get('/appearance', withAdminValidToken, getAppearancePreferences); +preferencesRouter.put( + '/appearance', + withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), + updateAppearancePreferences +); +preferencesRouter.get( + '/appearance', + withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), + getAppearancePreferences +); diff --git a/backend/src/routes/participants.routes.ts b/backend/src/routes/participants.routes.ts index 2a80306..05b79d6 100644 --- a/backend/src/routes/participants.routes.ts +++ b/backend/src/routes/participants.routes.ts @@ -11,7 +11,11 @@ participantsInternalRouter.use(bodyParser.urlencoded({ extended: true })); participantsInternalRouter.use(bodyParser.json()); participantsInternalRouter.post('/token', validateParticipantTokenRequest, participantCtrl.generateParticipantToken); -participantsInternalRouter.post('/token/refresh', validateParticipantTokenRequest, participantCtrl.refreshParticipantToken); +participantsInternalRouter.post( + '/token/refresh', + validateParticipantTokenRequest, + participantCtrl.refreshParticipantToken +); export const participantsRouter = Router(); participantsRouter.use(bodyParser.urlencoded({ extended: true })); diff --git a/backend/src/routes/recording.routes.ts b/backend/src/routes/recording.routes.ts index 11d7d8c..f34baf5 100644 --- a/backend/src/routes/recording.routes.ts +++ b/backend/src/routes/recording.routes.ts @@ -1,8 +1,9 @@ import { Router } from 'express'; import bodyParser from 'body-parser'; import * as recordingCtrl from '../controllers/recording.controller.js'; -import { withParticipantValidToken, withUserBasicAuth } from '../middlewares/auth.middleware.js'; +import { withAuth, participantTokenValidator, tokenAndRoleValidator } from '../middlewares/auth.middleware.js'; import { withRecordingEnabledAndCorrectPermissions } from '../middlewares/recording.middleware.js'; +import { Role } from '@typings-ce'; export const recordingRouter = Router(); @@ -12,15 +13,23 @@ recordingRouter.use(bodyParser.json()); // Recording Routes recordingRouter.post( '/', - withParticipantValidToken, + withAuth(participantTokenValidator), withRecordingEnabledAndCorrectPermissions, recordingCtrl.startRecording ); -recordingRouter.put('/:recordingId', withUserBasicAuth, /* withRecordingEnabled,*/ recordingCtrl.stopRecording); -recordingRouter.get('/:recordingId/stream', /*withRecordingEnabled,*/ recordingCtrl.streamRecording); +recordingRouter.put( + '/:recordingId', + withAuth(participantTokenValidator), + /* withRecordingEnabledAndCorrectPermissions,*/ recordingCtrl.stopRecording +); +recordingRouter.get( + '/:recordingId/stream', + withAuth(participantTokenValidator), + /*withRecordingEnabledAndCorrectPermissions,*/ recordingCtrl.streamRecording +); recordingRouter.delete( '/:recordingId', - withUserBasicAuth, - /*withRecordingEnabled,*/ + withAuth(tokenAndRoleValidator(Role.ADMIN), participantTokenValidator), + /*withRecordingEnabledAndCorrectPermissions,*/ recordingCtrl.deleteRecording ); diff --git a/backend/src/routes/room.routes.ts b/backend/src/routes/room.routes.ts index d05e9b4..1a32140 100644 --- a/backend/src/routes/room.routes.ts +++ b/backend/src/routes/room.routes.ts @@ -1,8 +1,12 @@ import { Router } from 'express'; import bodyParser from 'body-parser'; import * as roomCtrl from '../controllers/room.controller.js'; -import { withUserBasicAuth, withValidApiKey } from '../middlewares/auth.middleware.js'; -import { validateGetRoomQueryParams, validateRoomRequest } from '../middlewares/request-validators/room-validator.middleware.js'; +import { withAuth, tokenAndRoleValidator, apiKeyValidator } from '../middlewares/auth.middleware.js'; +import { + validateGetRoomQueryParams, + validateRoomRequest +} from '../middlewares/request-validators/room-validator.middleware.js'; +import { Role } from '@typings-ce'; export const roomRouter = Router(); @@ -10,10 +14,25 @@ roomRouter.use(bodyParser.urlencoded({ extended: true })); roomRouter.use(bodyParser.json()); // Room Routes -roomRouter.post('/', /*withValidApiKey,*/ validateRoomRequest, roomCtrl.createRoom); -roomRouter.get('/', withUserBasicAuth, validateGetRoomQueryParams, roomCtrl.getRooms); -roomRouter.get('/:roomName', withUserBasicAuth, validateGetRoomQueryParams, roomCtrl.getRoom); -roomRouter.delete('/:roomName', withUserBasicAuth, roomCtrl.deleteRooms); +roomRouter.post( + '/', + withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN), tokenAndRoleValidator(Role.USER)), + validateRoomRequest, + roomCtrl.createRoom +); +roomRouter.get( + '/', + withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), + validateGetRoomQueryParams, + roomCtrl.getRooms +); +roomRouter.get( + '/:roomName', + withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN), tokenAndRoleValidator(Role.USER)), + validateGetRoomQueryParams, + roomCtrl.getRoom +); +roomRouter.delete('/:roomName', withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), roomCtrl.deleteRooms); // Room preferences -roomRouter.put('/', /*withAdminBasicAuth,*/ roomCtrl.updateRoomPreferences); +roomRouter.put('/', withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), roomCtrl.updateRoomPreferences);