Documentation: utils / authCheck
Purpose:
Verifies authentication using external service and caching.
Lifecycle Role:
Early middleware before protected routes.
Dependencies:
Upstream:
- node-fetch
- ../constants/authConstants
Downstream:
- all auth-required routes
Data Flow:
Inputs:
Request headers, IP.
Outputs:
req.isAuthenticated flag.
Side Effects:
Logs and in-memory cache update.
Performance and Scalability:
Bottlenecks:
- External service timeout
- Cache staleness
Concurrency:
None
Security and Stability:
Validation:
Token check via external service.
Vulnerabilities:
- IP spoofing
- Cache poisoning
Architecture Assessment:
Coupling:
Tied to auth service.
Abstraction:
Caching middleware.
Recommendations:
- Harden cache keys
- Remove IP bypass
- Consider JWT-based approach