Members

Wraps an async function to catch any rejections and forward them to the next middleware. This allows you to use async/await in route handlers without manually wrapping them in try-catch blocks.

View Source utils/asyncHandler.js, line 28

Example

```typescript
// Instead of:
app.get('/users', async (req, res, next) => {
  try {
    const users = await userService.getUsers();
    res.json(users);
  } catch (error) {
    next(error);
  }
});

// You can do:
app.get('/users', asyncHandler(async (req, res) => {
  const users = await userService.getUsers();
  res.json(users);
}));
```

# constant authInterceptor

gRPC Server Interceptor for Authentication

This interceptor is called for all RPC methods and handles authentication by extracting JWT tokens from metadata and attaching user info to the call.

Based on gRPC proposal L112: Node.js Server Interceptors

See:

https://github.com/grpc/proposal/blob/master/L112-node-server-interceptors.md

View Source grpc/interceptors/auth.interceptor.js, line 27

# constant env

Parsed and validated environment variables.

View Source config/env.js, line 95

# constant envSchema

Environment variables schema and validation for K12 Auth Service. Defines the expected shape of environment variables. Uses zod for schema definition and runtime validation. All variables are required unless a default value is provided. Use env instead of accessing process.env directly.

See:

https://github.com/colinhacks/zod

View Source config/env.js, line 13

# constant redisUtils

Convenience wrappers around common Redis commands.

View Source config/redis.js, line 97

# constant requireAdmin

Middleware ensuring the requester is authenticated as an admin.

View Source middlewares/auth.js, line 77

# constant requireAuth

Middleware ensuring the requester is authenticated.

View Source middlewares/auth.js, line 102

Methods

# authenticateToken(req, res, next) → {Promise.<void>}

Middleware verifying bearer tokens and populating req.user.

Parameters:

Name	Type	Description
`req`	`IAuthRequest`	Express request containing auth headers.
`res`	`Response`	Express response instance.
`next`	`NextFunction`	Express next handler.

View Source middlewares/auth.js, line 13

Returns:

Resolves when the request is forwarded.

Type: Promise.<void>

# closeRedisConnection() → {Promise.<void>}

Gracefully close the Redis connection if it exists.

View Source config/redis.js, line 64

Returns:

Resolves when the client quits.

Type: Promise.<void>

# closeVault() → {void}

Gracefully close Vault connections.

View Source vault/index.js, line 32

Returns:

Type: void

# connectToRedis()

Establish connection to Redis for caching and pub/sub use cases.

View Source config/redis.js, line 10

# createServiceError()

Create a ServiceError with required metadata field

View Source grpc/interceptors/auth.interceptor.js, line 11

# getAuthenticatedUser()

Get authenticated user from call Returns user if authenticated, throws ServiceError if not Use this at the beginning of any protected RPC handler

View Source grpc/interceptors/auth.interceptor.js, line 155

Example

const user = getAuthenticatedUser(call);
// user is guaranteed to exist or error is thrown

# getRedisStatus() → {object}

Snapshot of the current Redis client status.

View Source config/redis.js, line 87

Returns:

Connection metadata.

Type: object

# initializeVault() → {Promise.<void>}

Initialize Vault connectivity and load secrets into memory.

View Source vault/index.js, line 9

Returns:

Resolves when secrets are loaded.

Type: Promise.<void>

# optionalAuthenticateToken(req, _res, next) → {Promise.<void>}

Optional authentication middleware

Attempts to authenticate the user if an access token is provided in the Authorization header, but never fails the request. This is useful for endpoints that should work both with and without authentication (e.g., logout endpoint that should clear cache even with expired tokens).

Parameters:

Name	Type	Description
`req`	`IAuthRequest`	Express request containing auth headers.
`_res`	`Response`	Express response instance.
`next`	`NextFunction`	Express next handler.

View Source middlewares/auth.js, line 124

Returns:

Resolves when the request is forwarded.

Type: Promise.<void>

# requireAdmin()

Admin-only checker Convenience function to check if user is admin

View Source grpc/interceptors/auth.interceptor.js, line 143

# requireRole()

Role-based authorization checker Use this in your RPC handlers to check if user has required role

View Source grpc/interceptors/auth.interceptor.js, line 133

# async seedAdminUser()

Seed script to create a root admin user

View Source scripts/seed-admin.js, line 13

# setupRedisEventListeners(client)

Wire Redis connection lifecycle event logging.

Parameters:

Name	Type	Description
`client`	`Redis`	Active Redis client instance.

View Source config/redis.js, line 36

# validateRequest(schema) → {function}

Middleware factory for request validation using Zod schemas.

Parameters:

Name	Type	Attributes	Description
`schema`	`object`		Schema map to validate against.
`body`	`ZodSchema.<TBody>`	<optional>	Optional body schema.
`query`	`ZodSchema.<TQuery>`	<optional>	Optional query schema.
`params`	`ZodSchema.<TParams>`	<optional>	Optional params schema.

View Source middlewares/validateRequest.js, line 19

Returns:

Express middleware.

Type: function