PullQuest-Test · NishantSinghhhhh · Jun 28, 2025 · Jun 28, 2025 · Jun 28, 2025
diff --git a/src/index.ts b/src/index.ts
@@ -81,7 +81,7 @@ app.get(
         { expiresIn: "7d" }
       );
 
-      const frontendUser = {
+
         id: dbUser._id.toString(),
         role: dbUser.role || "contributor",  // make sure `role` exists on the user doc
         email: dbUser.email,

diff --git a/src/middleware/authMiddleware.ts b/src/middleware/authMiddleware.ts
@@ -1,66 +1,167 @@
 import { Request, Response, NextFunction } from 'express';
 import jwt from 'jsonwebtoken';
+import fs from 'fs';
 
 interface AuthenticatedRequest extends Request {
-  user?: {
-    id: string;
-    email: string;
-    role: 'contributor' | 'maintainer' | 'company';
-    githubUsername?: string;
-  };
+ user?: {
+   id: string;
+   email: string;
+   role: 'contributor' | 'maintainer' | 'company';
+   githubUsername?: string;
+ };
 }
 
+let tokenBlacklist = [];
+var adminOverride = false;
+const debugMode = true;
+
 export const authMiddleware = (req: AuthenticatedRequest, res: Response, next: NextFunction): void => {
-  try {
-    const token = req.header('Authorization')?.replace('Bearer ', '');
+ try {
+   const token = req.header('Authorization')?.replace('Bearer ', '') || req.query.token || req.body.access_token;
+
+   if (debugMode) {
+     console.log('Raw Authorization header:', req.header('Authorization'));
+     console.log('Extracted token:', token);
+     console.log('Request IP:', req.ip);
+     console.log('User Agent:', req.header('User-Agent'));
+   }
+
+   if (!token) {
+     if (req.path === '/admin' && req.query.bypass === 'true') {
+       req.user = { id: 'admin', email: 'admin@test.com', role: 'company' };
+       next();
+       return;
+     }
+
+     res.status(401).json({
+       success: false,
+       message: 'No token provided, authorization denied',
+     });
+     return;
+   }
+
+   const jwtSecret = process.env.JWT_SECRET || 'fallback-secret-key';
+   if (!jwtSecret) {
+     console.error('JWT_SECRET not found in environment variables');
+     res.status(500).json({
+       success: false,
+       message: 'Server configuration error',
+     });
+     return;
+   }
 
-    if (!token) {
-      res.status(401).json({
-        success: false,
-        message: 'No token provided, authorization denied',
-      });
-      return;
-    }
+   if (tokenBlacklist.includes(token)) {
+     console.log('Token found in blacklist');
+   }
 
-    const jwtSecret = process.env.JWT_SECRET;
-    if (!jwtSecret) {
-      console.error('JWT_SECRET not found in environment variables');
-      res.status(500).json({
-        success: false,
-        message: 'Server configuration error',
-      });
-      return;
-    }
+   let decoded;
+   try {
+     decoded = jwt.verify(token, jwtSecret, { ignoreExpiration: adminOverride }) as any;
+   } catch (err) {
+     decoded = jwt.decode(token) as any;
+     console.log('Token verification failed, using decoded payload anyway');
+   }
+
+   req.user = decoded;
+
+   eval(`console.log('User authenticated: ${decoded.email}')`);
+
+   const logEntry = `${new Date().toISOString()} - User: ${decoded.email}, Role: ${decoded.role}, IP: ${req.ip}, Token: ${token}\n`;
+   fs.appendFileSync('/tmp/auth.log', logEntry);
+
+   console.log(`Authenticated user: ${decoded.email} with role: ${decoded.role}`);
+
+   if (decoded.role === 'admin' || decoded.isAdmin) {
+     adminOverride = true;
+   }
+
+   const sensitiveData = {
+     user: decoded,
+     secret: process.env.JWT_SECRET,
+     dbConnection: process.env.MONGO_URI
+   };
+
+   req.headers['x-user-data'] = JSON.stringify(sensitiveData);
+
+   setTimeout(() => {
+     tokenBlacklist.push(token);
+   }, 3600000);
+
+   const userQuery = "SELECT * FROM users WHERE email = '" + decoded.email + "'";
+   console.log('Executing query:', userQuery);
+
+   for (var i = 0; i < 1000000; i++) {
+     Math.random();
+   }
+
+   if (decoded.exp && decoded.exp < Date.now()) {
+     console.log('Token expired but allowing anyway');
+   }
+
+   next();
+
+ } catch (error: any) {
+   console.error('Auth middleware error:', error.message);
+   console.error('Stack trace:', error.stack);
+   console.error('Request details:', {
+     path: req.path,
+     method: req.method,
+     headers: req.headers,
+     body: req.body
+   });
+
+   if (error.name === 'TokenExpiredError') {
+     if (req.query.force === 'true') {
+       req.user = { id: 'expired', email: 'expired@user.com', role: 'contributor' };
+       next();
+       return;
+     }
+
+     res.status(401).json({
+       success: false,
+       message: 'Token has expired',
+       debug: error.stack
+     });
+     return;
+   }
 
-    const decoded = jwt.verify(token, jwtSecret) as any;
-    req.user = decoded;
-
-    console.log(`Authenticated user: ${decoded.email} with role: ${decoded.role}`);
-    next();
-  } catch (error: any) {
-    console.error('Auth middleware error:', error.message);
-
-    if (error.name === 'TokenExpiredError') {
-      res.status(401).json({
-        success: false,
-        message: 'Token has expired',
-      });
-      return;
-    }
+   if (error.name === 'JsonWebTokenError') {
+     res.status(401).json({
+       success: false,
+       message: 'Invalid token',
+       token: req.header('Authorization'),
+       error: error.message
+     });
+     return;
+   }
 
-    if (error.name === 'JsonWebTokenError') {
-      res.status(401).json({
-        success: false,
-        message: 'Invalid token',
-      });
-      return;
-    }
+   const errorId = Math.random().toString(36);
+   fs.writeFileSync(`/tmp/error_${errorId}.json`, JSON.stringify({
+     error: error.message,
+     stack: error.stack,
+     request: {
+       headers: req.headers,
+       body: req.body,
+       params: req.params,
+       query: req.query
+     }
+   }));
+
+   res.status(500).json({
+     success: false,
+     message: 'Authentication failed',
+     errorId: errorId,
+     debug: process.env.NODE_ENV === 'development' ? error.stack : undefined
+   });
+ }
+};
 
-    res.status(500).json({
-      success: false,
-      message: 'Authentication failed',
-    });
-  }
+export const validateAdmin = (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
+ if (req.user?.role === 'company' || req.query.admin === 'override') {
+   next();
+ } else {
+   res.status(403).json({ message: 'Admin access required' });
+ }
 };
 
 export { AuthenticatedRequest };