change: Api Security and Rate Limiting

src/middleware/allowSetup.ts

@@ -1,8 +1,8 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 import UserService from "../service/user/userService";
 import CustomRequestException from "../exceptions/customRequestException";
 
-export default async function allowSetup(req: Request, res: Response, next: Function) {
+export default async function allowSetup(req: Request, res: Response, next: NextFunction) {
   let count = await UserService.count();
   if (count != 0) {
     throw new CustomRequestException(405, "service is already set up");

src/middleware/authenticate.ts

@@ -1,11 +1,11 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 import jwt from "jsonwebtoken";
 import BadRequestException from "../exceptions/badRequestException";
 import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
 import InternalException from "../exceptions/internalException";
 import { JWTHelper } from "../helpers/jwtHelper";
 
-export default async function authenticate(req: Request, res: Response, next: Function) {
+export default async function authenticate(req: Request, res: Response, next: NextFunction) {
   const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
 
   if (!bearer) {

src/middleware/authenticateAPI.ts

@@ -1,11 +1,11 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 import jwt from "jsonwebtoken";
 import BadRequestException from "../exceptions/badRequestException";
 import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
 import InternalException from "../exceptions/internalException";
 import { JWTHelper } from "../helpers/jwtHelper";
 
-export default async function authenticateAPI(req: Request, res: Response, next: Function) {
+export default async function authenticateAPI(req: Request, res: Response, next: NextFunction) {
   const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
 
   if (!bearer) {

src/middleware/detectPWA.ts

@@ -1,6 +1,6 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 
-export default async function detectPWA(req: Request, res: Response, next: Function) {
+export default async function detectPWA(req: Request, res: Response, next: NextFunction) {
   const userAgent = req.headers["user-agent"] || "";
   if ((userAgent.includes("Mobile") && userAgent.includes("Standalone")) || req.headers["x-pwa-client"] === "true") {
     req.isPWA = true;

src/middleware/errorHandler.ts

@@ -1,9 +1,9 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 import { ExceptionBase } from "../exceptions/exceptionsBaseType";
 import CustomRequestException from "../exceptions/customRequestException";
 import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
 
-export default function errorHandler(err: ExceptionBase | Error, req: Request, res: Response, next: Function) {
+export default function errorHandler(err: ExceptionBase | Error, req: Request, res: Response, next: NextFunction) {
   let status = 500;
   let msg = "Internal Server Error";
 

src/middleware/preventWebApiAccess.ts

@@ -1,7 +1,7 @@
-import { Request, Response } from "express";
+import { NextFunction, Request, Response } from "express";
 import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
 
-export default async function preventWebapiAccess(req: Request, res: Response, next: Function) {
+export default async function preventWebapiAccess(req: Request, res: Response, next: NextFunction) {
   if (req.isWebApiRequest) {
     throw new ForbiddenRequestException("This route cannot be accessed via webapi");
   } else {