Merge pull request #1816 from rocket-admin/backend_typescript_improvements

typescript strict null checks

Author: Artuomka

backend/src/authorization/auth-with-api.middleware.ts

@@ -9,7 +9,7 @@ import {
 } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import Sentry from '@sentry/minimal';
-import { NextFunction, Request, Response } from 'express';
+import { NextFunction, Response } from 'express';
 import jwt from 'jsonwebtoken';
 import { Repository } from 'typeorm';
 import { JwtScopesEnum } from '../entities/user/enums/jwt-scopes.enum.js';
@@ -48,7 +48,7 @@ export class AuthWithApiMiddleware implements NestMiddleware {
 		}
 	}
 
-	private getTokenFromCookie(req: Request): string | undefined {
+	private getTokenFromCookie(req: IRequestWithCognitoInfo): string | undefined {
 		return req.cookies?.[Constants.JWT_COOKIE_KEY_NAME];
 	}
 
@@ -62,6 +62,9 @@ export class AuthWithApiMiddleware implements NestMiddleware {
 	private async authenticateWithToken(tokenFromCookie: string, req: IRequestWithCognitoInfo): Promise<void> {
 		try {
 			const jwtSecret = appConfig.auth.jwtSecret;
+			if (!jwtSecret) {
+				throw new UnauthorizedException('JWT verification failed');
+			}
 			const data = jwt.verify(tokenFromCookie, jwtSecret) as jwt.JwtPayload;
 			const userId = data.id;
 

backend/src/authorization/auth.middleware.ts

@@ -30,7 +30,7 @@ export class AuthMiddleware implements NestMiddleware {
 		private readonly logOutRepository: Repository<LogOutEntity>,
 	) {}
 	async use(req: IRequestWithCognitoInfo, _res: Response, next: NextFunction): Promise<void> {
-		let token: string;
+		let token: string | undefined;
 		try {
 			token = req.cookies[Constants.JWT_COOKIE_KEY_NAME];
 		} catch (_e) {
@@ -50,6 +50,9 @@ export class AuthMiddleware implements NestMiddleware {
 
 		try {
 			const jwtSecret = appConfig.auth.jwtSecret;
+			if (!jwtSecret) {
+				throw new UnauthorizedException('JWT verification failed');
+			}
 			const data = jwt.verify(token, jwtSecret) as jwt.JwtPayload;
 			const userId = data.id;
 

backend/src/authorization/non-scoped-auth.middleware.ts

@@ -26,7 +26,7 @@ export class NonScopedAuthMiddleware implements NestMiddleware {
 	) {}
 	async use(req: IRequestWithCognitoInfo, _res: Response, next: NextFunction): Promise<void> {
 		console.log(`auth middleware triggered ->: ${new Date().toISOString()}`);
-		let token: string;
+		let token: string | undefined;
 		try {
 			token = req.cookies[Constants.JWT_COOKIE_KEY_NAME];
 		} catch (_e) {
@@ -46,6 +46,9 @@ export class NonScopedAuthMiddleware implements NestMiddleware {
 
 		try {
 			const jwtSecret = appConfig.auth.jwtSecret;
+			if (!jwtSecret) {
+				throw new UnauthorizedException('JWT verification failed');
+			}
 			const data = jwt.verify(token, jwtSecret) as jwt.JwtPayload;
 			const userId = data.id;
 			if (!userId) {

backend/src/authorization/saas-auth.middleware.ts

@@ -16,6 +16,9 @@ export class SaaSAuthMiddleware implements NestMiddleware {
 		}
 		try {
 			const jwtSecret = appConfig.auth.microserviceJwtSecret;
+			if (!jwtSecret) {
+				throw new UnauthorizedException(Messages.AUTHORIZATION_REJECTED);
+			}
 			const data = jwt.verify(token, jwtSecret) as jwt.JwtPayload;
 			const requestId = data.request_id;
 

backend/src/authorization/temporary-auth.middleware.ts

@@ -28,7 +28,7 @@ export class TemporaryAuthMiddleware implements NestMiddleware {
 	) {}
 	async use(req: IRequestWithCognitoInfo, _res: Response, next: NextFunction): Promise<void> {
 		console.log(`temporary auth middleware triggered ->: ${new Date().toISOString()}`);
-		let token: string;
+		let token: string | undefined;
 		try {
 			token = req.cookies[Constants.JWT_COOKIE_KEY_NAME];
 		} catch (_e) {
@@ -48,6 +48,9 @@ export class TemporaryAuthMiddleware implements NestMiddleware {
 
 		try {
 			const jwtSecret = appConfig.auth.temporaryJwtSecret;
+			if (!jwtSecret) {
+				throw new UnauthorizedException('JWT verification failed');
+			}
 			const data = jwt.verify(token, jwtSecret) as jwt.JwtPayload;
 			const userId = data.id;
 			if (!userId) {

backend/src/authorization/utils/extract-token-from-header.ts

@@ -1,5 +1,5 @@
 import { Request } from 'express';
-export const extractTokenFromHeader = (request: Request): string | null => {
+export const extractTokenFromHeader = (request: Pick<Request, 'headers'>): string | null => {
 	const [type, token] = request.headers.authorization?.split(' ') ?? [];
 	return type === 'Bearer' ? token : null;
 };

backend/src/common/abstract-use.case.ts

@@ -30,20 +30,27 @@ abstract class AbstractUseCase<TInputData = void, TOutputData = void> {
 
 	protected abstract implementation(inputData: TInputData): Promise<TOutputData> | TOutputData;
 
+	private getDbContext(): IDatabaseContext {
+		if (!this._dbContext) {
+			throw new Error('Database context is not initialized for this use case.');
+		}
+		return this._dbContext;
+	}
+
 	private async startTransaction(): Promise<void> {
-		await this._dbContext.startTransaction();
+		await this.getDbContext().startTransaction();
 	}
 
 	private async commitTransaction(): Promise<void> {
-		await this._dbContext.commitTransaction();
+		await this.getDbContext().commitTransaction();
 	}
 
 	private async rollbackTransaction(): Promise<void> {
-		await this._dbContext.rollbackTransaction();
+		await this.getDbContext().rollbackTransaction();
 	}
 
 	private async releaseQueryRunner(): Promise<void> {
-		await this._dbContext.releaseQueryRunner();
+		await this.getDbContext().releaseQueryRunner();
 	}
 }
 

backend/src/common/application/global-database-context.ts

@@ -452,10 +452,9 @@ export class GlobalDatabaseContext implements IGlobalDatabaseContext {
 		return this._schemaChangeChatMessageRepository;
 	}
 
-	public startTransaction(): Promise<void> {
+	public async startTransaction(): Promise<void> {
 		this._queryRunner = this.appDataSource.createQueryRunner();
-		this._queryRunner.startTransaction();
-		return;
+		await this._queryRunner.startTransaction();
 	}
 
 	public async commitTransaction(): Promise<void> {

backend/src/decorators/gclid-decorator.ts

@@ -1,7 +1,7 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common';
 import { IRequestWithCognitoInfo } from '../authorization/cognito-decoded.interface.js';
 
-export const GCLlId = createParamDecorator((_data: unknown, ctx: ExecutionContext): string => {
+export const GCLlId = createParamDecorator((_data: unknown, ctx: ExecutionContext): string | null => {
 	const request: IRequestWithCognitoInfo = ctx.switchToHttp().getRequest();
 	if (request.headers) {
 		return (request.headers.gclid as string | undefined) ?? null;

backend/src/decorators/master-password.decorator.ts

@@ -1,7 +1,7 @@
 import { createParamDecorator, ExecutionContext } from '@nestjs/common';
 import { IRequestWithCognitoInfo } from '../authorization/cognito-decoded.interface.js';
 
-export const MasterPassword = createParamDecorator((_data: unknown, ctx: ExecutionContext): string => {
+export const MasterPassword = createParamDecorator((_data: unknown, ctx: ExecutionContext): string | null => {
 	const request: IRequestWithCognitoInfo = ctx.switchToHttp().getRequest();
 	const masterPwd = request.headers.masterpwd as string | undefined;
 	return masterPwd ? masterPwd : null;