Error Catching and Logging In Routes (#423)

* Error catching and logging

* touchup

* small tweak from testing and reviewing

* Stop this unhandled 500

* Stop this 500

* 500s from other routes

* Error handler as a middleware util

* stop this 500

* Stop that 500

* returns

* returns

* use respondWithError in app.js too

* touchup

* touchup

* touchup

* touchup from copilot review

* touchup from copilot review

* touchup from copilot review

* oof too much of a logic change, this is what we actually wanted.

Author: thehabes

app.js

@@ -21,6 +21,8 @@ import userProfileRouter from './userProfile/index.js'
 import privateProfileRouter from './userProfile/privateProfile.js'
 import proxyRouter from './utilities/proxy.js'
 import feedbackRouter from './feedback/feedbackRoutes.js'
+import routeErrorHandler from './utilities/routeErrorHandler.js'
+import { respondWithError } from './utilities/shared.js'
 
 let app = express()
 
@@ -65,10 +67,11 @@ app.use(express.static(path.join(__dirname, 'public')))
  */
 app.all('*_', (req, res, next) => {
   if (process.env.DOWN === 'true') {
-    return res.status(503).json({
-      message:
-        'TPEN3 services are down for updates or maintenance at this time.  We apologize for the inconvenience.  Try again later.'
-    })
+    return respondWithError(
+      res,
+      503,
+      'TPEN3 services are down for updates or maintenance at this time.  We apologize for the inconvenience.  Try again later.'
+    )
   }
   next()
 })
@@ -82,9 +85,12 @@ app.use('/my', privateProfileRouter)
 app.use('/proxy', proxyRouter)
 app.use('/beta', feedbackRouter)
 
+// Centralized error handling middleware
+app.use(routeErrorHandler)
+
 //catch 404 because of an invalid site path
 app.use('*_', (req, res) => {
-  res.status(404).json({ message: res.statusMessage ?? 'This page does not exist' })
+  return respondWithError(res, 404, res.statusMessage ?? 'This page does not exist')
 })
 
 export { app as default }

auth/index.js

@@ -30,70 +30,67 @@ function auth0Middleware() {
     try {
       const uid = agent.split("id/")[1]
       const user = new User(uid)
-      user.getSelf().then(async (u) => {
-        if(!u || !u?.profile) {
-          const email = payload.name
+      const u = await user.getSelf()
+      if(!u || !u?.profile) {
+        const email = payload.name
 
-          // Check if a temporary user exists with this email
-          let existingUser = null
-          try {
-            existingUser = await user.getByEmail(email)
-          } catch (err) {
-            // No user found - that's fine, continue
-          }
+        // Check if a temporary user exists with this email
+        let existingUser = null
+        try {
+          existingUser = await user.getByEmail(email)
+        } catch (err) {
+          // No user found - that's fine, continue
+        }
 
-          if (existingUser && existingUser.inviteCode) {
-            // Found a temporary user - merge their memberships into this new user
-            user.data = {
-              _id: uid,
-              agent,
-              _sub: payload.sub,
-              email: email,
-              profile: { displayName: payload.nickname },
-            }
-            await user.mergeFromTemporaryUser(existingUser)
-            await user.save()
-            req.user = user
-            next()
-            return
-          } else if (existingUser) {
-            // Non-temporary user with same email - this is a conflict
-            const err = new Error(`User with email ${email} already exists. Please contact TPEN3 administrators for assistance.`)
-            err.status = 409
-            next(err)
-            return
-          } else {
-            // No existing user - create new
-            user.data = {
-              _id: uid,
-              agent,
-              _sub: payload.sub,
-              email: email,
-              profile: { displayName: payload.nickname },
-            }
-            await user.save()
-            req.user = user
-            next()
-            return
+        if (existingUser && existingUser.inviteCode) {
+          // Found a temporary user - merge their memberships into this new user
+          user.data = {
+            _id: uid,
+            agent,
+            _sub: payload.sub,
+            email: email,
+            profile: { displayName: payload.nickname },
+          }
+          await user.mergeFromTemporaryUser(existingUser)
+          await user.save()
+          req.user = user
+          next()
+          return
+        } else if (existingUser) {
+          // Non-temporary user with same email - this is a conflict
+          const err = new Error(`User with email ${email} already exists. Please contact TPEN3 administrators for assistance.`)
+          err.status = 409
+          next(err)
+          return
+        } else {
+          // No existing user - create new
+          user.data = {
+            _id: uid,
+            agent,
+            _sub: payload.sub,
+            email: email,
+            profile: { displayName: payload.nickname },
           }
+          await user.save()
+          req.user = user
+          next()
+          return
         }
+      }
+       // Ensure no inviteCode on authenticated user
+      delete u.inviteCode
 
-        // If user exists but has wrong _sub (e.g., from temp user), update it
-        if (u._sub !== payload.sub) {
-          u._sub = payload.sub
-          // Remove inviteCode if present - this user is now fully authenticated
-          delete u.inviteCode
-          const userObj = new User(uid)
-          userObj.data = u
-          await userObj.update()
-        }
+      // If user exists but has wrong _sub (e.g., from temp user), update it
+      if (u._sub !== payload.sub) {
+        u._sub = payload.sub
+        const userObj = new User(uid)
+        userObj.data = u
+        await userObj.update()
+      }
 
-        // Ensure no inviteCode on authenticated user (belt and suspenders)
-        delete u.inviteCode
-        req.user = u
-        next()
-        return
-      })
+      req.user = u
+      next()
+      return
     } catch (error) {
       next(error)
     }

feedback/feedbackController.js

@@ -10,6 +10,9 @@ import { isSuspiciousValueString } from "../utilities/checkIfSuspicious.js"
  * @returns 200 if feedback is submitted successfully, 204 if no feedback is provided, or an error response if the submission fails.
  */
 export async function submitFeedback(req, res) {
+  if (!req.body || typeof req.body !== 'object') {
+    return respondWithError(res, 400, "Request body is required")
+  }
   const user = req.user ? `${req.user.profile.displayName} (${req.user._id})` : 'Anonymous'
   const { page, feedback } = req.body
   if (!feedback) return res.status(204).send()
@@ -18,7 +21,7 @@ export async function submitFeedback(req, res) {
     await createGitHubIssue('Feedback', `Feedback from ${user}`, `Page: ${page}\n\nFeedback: ${sanitizeUserInput(feedback)}`)
     res.status(200).json({ message: 'Feedback submitted successfully' })
   } catch (error) {
-    respondWithError(res, error.status ?? 500, error.message ?? 'Failed to submit feedback')
+    return respondWithError(res, error.status ?? 500, error.message ?? 'Failed to submit feedback')
   }
 }
 
@@ -30,6 +33,9 @@ export async function submitFeedback(req, res) {
  * @returns 200 if the bug report is submitted successfully, 204 if no bug description is provided, or an error response if the submission fails.
  */
 export async function submitBug(req, res) {
+  if (!req.body || typeof req.body !== 'object') {
+    return respondWithError(res, 400, "Request body is required")
+  }
   const user = req.user ? `${req.user.profile.displayName} (${req.user._id})` : 'Anonymous'
   const { page, bugDescription } = req.body
   if (!bugDescription) return res.status(204).send()
@@ -38,7 +44,7 @@ export async function submitBug(req, res) {
     await createGitHubIssue('Bug Report', `Bug reported by ${user}`, `Page: ${page}\n\nBug: ${sanitizeUserInput(bugDescription)}`)
     res.status(200).json({ message: 'Bug report submitted successfully' })
   } catch (error) {
-    respondWithError(res, error.status ?? 500, error.message ??'Failed to submit bug report')
+    return respondWithError(res, error.status ?? 500, error.message ??'Failed to submit bug report')
   }
 }
 

index.js

@@ -34,8 +34,7 @@ router
   .get(function (_req,res) {
     fs.readFile('API.md', 'utf8', (err, data) => {
       if (err) {
-        respondWithError(res, 500, 'Failed to read API.md')
-        return
+        return respondWithError(res, 500, 'Failed to read API.md')
       }
       res.format({
         html: () => res.send(makeCleanFileFromMarkdown(data))
@@ -49,7 +48,7 @@ router
     respondWithHTML(res)
   })
   .all((_req, res, next) => {
-    respondWithError(res, 404, 'There is nothing for you here.')
+    return respondWithError(res, 404, 'There is nothing for you here.')
   })
 
 export { router as default }

layer/index.js

@@ -20,8 +20,7 @@ router.route('/:layerId')
         try {
             const layer = await findLayerById(layerId, projectId, true)
             if (!layer) {
-                respondWithError(res, 404, 'No layer found with that ID.')
-                return
+                return respondWithError(res, 404, 'No layer found with that ID.')
             }
             if (layer.id?.startsWith(process.env.RERUMIDPREFIX)) {
                 // If the page is a RERUM document, we need to fetch it from the server
@@ -70,9 +69,8 @@ router.route('/:layerId')
                   else layer[key] = null
                 }
             })
-            if (providedPages?.length === 0) providedPages = undefined
             let pages = []
-            if (providedPages && providedPages.length) {
+            if (providedPages && Array.isArray(providedPages) && providedPages.length > 0) {
                 pages = await Promise.all(providedPages.map(p => findPageById(p.split("/").pop(), projectId) ))
                 layer.pages = pages
             }
@@ -84,12 +82,15 @@ router.route('/:layerId')
         }
     })
     .all((req, res) => {
-        respondWithError(res, 405, 'Improper request method. Use GET instead.')
+        return respondWithError(res, 405, 'Improper request method. Use GET instead.')
     })
 
 // Route to create a new layer within a project
 router.route('/').post(auth0Middleware(), screenContentMiddleware(), async (req, res) => {
     const { projectId } = req.params
+    if (!req.body || typeof req.body !== 'object') {
+        return respondWithError(res, 400, 'Request body is required')
+    }
     const { label, canvases } = req.body
     if (!projectId) return respondWithError(res, 400, 'Project ID is required')
     if (!label || !Array.isArray(canvases) || canvases.length === 0) {