From 149e6154777413eb4f0f81b790d635acc153f122 Mon Sep 17 00:00:00 2001
From: ash1shkumar <rashishkumar2006@gmail.com>
Date: Sat, 6 Jun 2026 01:06:48 +0530
Subject: [PATCH] refactor: centralize authentication session resolution

---
 backend/middleware/auth.middleware.js | 35 ++++++++++++++++++++++++---
 1 file changed, 31 insertions(+), 4 deletions(-)

diff --git a/backend/middleware/auth.middleware.js b/backend/middleware/auth.middleware.js
index 594a4a0..c37cbf5 100644
--- a/backend/middleware/auth.middleware.js
+++ b/backend/middleware/auth.middleware.js
@@ -12,6 +12,25 @@ function extractBearerToken(authHeader) {
   return authHeader.split(" ")[1];
 }
 
+async function resolveUserSession(token) {
+  const {
+    data: { user },
+    error,
+  } = await supabase.auth.getUser(token);
+
+  return {
+    user,
+    error,
+  };
+}
+
+function isAuthenticatedUser(
+  user,
+  error
+) {
+  return !error && !!user;
+}
+
 export const authenticateUser = async (req, res, next) => {
   try {
     const authHeader = req.headers.authorization;
@@ -25,11 +44,16 @@ export const authenticateUser = async (req, res, next) => {
     }
 
     const {
-      data: { user },
+      user,
       error,
-    } = await supabase.auth.getUser(token);
+    } = await resolveUserSession(token);
 
-    if (error || !user) {
+    if (
+      !isAuthenticatedUser(
+        user,
+        error
+      )
+    ) {
       return res.status(401).json({
         error: "Invalid token",
       });
@@ -39,7 +63,10 @@ export const authenticateUser = async (req, res, next) => {
 
     next();
   } catch (error) {
-    console.error("Authentication middleware error:", error);
+    console.error(
+      "Authentication middleware error:",
+      error
+    );
 
     return res.status(500).json({
       error: "Internal server error",