From 8c241636bf21cb340730086471b93b67bf576183 Mon Sep 17 00:00:00 2001
From: lila <beiweitemderbeste@protonmail.com>
Date: Thu, 16 Apr 2026 19:51:10 +0200
Subject: [PATCH] feat(api): attach session to request in requireAuth

- Add Express Request type augmentation for req.session
- requireAuth now sets req.session after session validation,
  so protected handlers can read the user without calling
  getSession again
- Add ConflictError (409) alongside existing AppError subclasses
---
 apps/api/src/errors/AppError.ts           |  6 ++++++
 apps/api/src/middleware/authMiddleware.ts |  2 ++
 apps/api/src/types/express.d.ts           | 11 +++++++++++
 3 files changed, 19 insertions(+)
 create mode 100644 apps/api/src/types/express.d.ts

diff --git a/apps/api/src/errors/AppError.ts b/apps/api/src/errors/AppError.ts
index 6611b9b..4677d9f 100644
--- a/apps/api/src/errors/AppError.ts
+++ b/apps/api/src/errors/AppError.ts
@@ -19,3 +19,9 @@ export class NotFoundError extends AppError {
     super(message, 404);
   }
 }
+
+export class ConflictError extends AppError {
+  constructor(message: string) {
+    super(message, 409);
+  }
+}
diff --git a/apps/api/src/middleware/authMiddleware.ts b/apps/api/src/middleware/authMiddleware.ts
index da18d01..744c5e4 100644
--- a/apps/api/src/middleware/authMiddleware.ts
+++ b/apps/api/src/middleware/authMiddleware.ts
@@ -16,5 +16,7 @@ export const requireAuth = async (
     return;
   }
 
+  req.session = session;
+
   next();
 };
diff --git a/apps/api/src/types/express.d.ts b/apps/api/src/types/express.d.ts
new file mode 100644
index 0000000..914a2fd
--- /dev/null
+++ b/apps/api/src/types/express.d.ts
@@ -0,0 +1,11 @@
+import type { Session, User } from "better-auth";
+
+declare global {
+  namespace Express {
+    interface Request {
+      session?: { session: Session; user: User };
+    }
+  }
+}
+
+export {};