typescriptize loginRequired and adminRequired middlewares

apps/app/src/features/external-user-group/server/routes/apiv3/external-user-group-relation.ts

@@ -6,6 +6,8 @@ import type { IExternalUserGroupRelationHasId } from '~/features/external-user-g
 import ExternalUserGroupRelation from '~/features/external-user-group/server/models/external-user-group-relation';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { serializeUserGroupRelationSecurely } from '~/server/models/serializers/user-group-relation-serializer';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
@@ -14,14 +16,11 @@ const logger = loggerFactory('growi:routes:apiv3:user-group-relation');
 
 const express = require('express');
 const { query } = require('express-validator');
-
 const router = express.Router();
 
 module.exports = (crowi: Crowi): Router => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   const validators = {
     list: [

apps/app/src/features/external-user-group/server/routes/apiv3/external-user-group.ts

@@ -12,7 +12,9 @@ import type { PageActionOnGroupDelete } from '~/interfaces/user-group';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { serializeUserGroupRelationSecurely } from '~/server/models/serializers/user-group-relation-serializer';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import { configManager } from '~/server/service/config-manager';
@@ -43,10 +45,8 @@ interface AuthorizedRequest extends Request {
  *            type: number
  */
 module.exports = (crowi: Crowi): Router => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   const activityEvent = crowi.events.activity;

apps/app/src/features/growi-plugin/server/routes/apiv3/admin/index.ts

@@ -6,6 +6,8 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 
 import { GrowiPlugin } from '../../../models';
@@ -28,10 +30,8 @@ const validator = {
 };
 
 module.exports = (crowi: Crowi): Router => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   const router = express.Router();
 

apps/app/src/features/openai/server/routes/ai-assistant.ts

@@ -6,6 +6,7 @@ import type { Request, RequestHandler } from 'express';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -25,9 +26,7 @@ type Req = Request<undefined, Response, ReqBody> & {
 };
 
 export const createAiAssistantFactory: CreateAssistantFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   return [
     accessTokenParser([SCOPE.WRITE.FEATURES.AI_ASSISTANT], {

apps/app/src/features/openai/server/routes/ai-assistants.ts

@@ -5,6 +5,7 @@ import type { Request, RequestHandler } from 'express';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -20,9 +21,7 @@ type Req = Request<undefined, Response, undefined> & {
 };
 
 export const getAiAssistantsFactory: GetAiAssistantsFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   return [
     accessTokenParser([SCOPE.READ.FEATURES.AI_ASSISTANT], {

apps/app/src/features/openai/server/routes/delete-ai-assistant.ts

@@ -8,6 +8,7 @@ import { isHttpError } from 'http-errors';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -27,9 +28,7 @@ type Req = Request<ReqParams, Response, undefined> & {
 };
 
 export const deleteAiAssistantsFactory: DeleteAiAssistantsFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('id').isMongoId().withMessage('aiAssistant id is required'),

apps/app/src/features/openai/server/routes/delete-thread.ts

@@ -8,6 +8,7 @@ import { isHttpError } from 'http-errors';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -26,9 +27,7 @@ type Req = Request<ReqParams, Response, undefined> & {
 };
 
 export const deleteThreadFactory: DeleteThreadFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('aiAssistantId').isMongoId().withMessage('threadId is required'),

apps/app/src/features/openai/server/routes/edit/index.ts

@@ -13,6 +13,7 @@ import { z } from 'zod';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -176,9 +177,7 @@ ${
 export const postMessageToEditHandlersFactory: PostMessageHandlersFactory = (
   crowi,
 ) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // Validator setup
   const validator: ValidationChain[] = [

apps/app/src/features/openai/server/routes/get-recent-threads.ts

@@ -7,6 +7,7 @@ import type { PaginateResult } from 'mongoose';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -30,9 +31,7 @@ type Req = Request<undefined, Response, undefined, ReqQuery> & {
 };
 
 export const getRecentThreadsFactory: GetRecentThreadsFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     query('page')

apps/app/src/features/openai/server/routes/get-threads.ts

@@ -7,6 +7,7 @@ import { param, type ValidationChain } from 'express-validator';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -26,9 +27,7 @@ type Req = Request<ReqParams, Response, undefined> & {
 };
 
 export const getThreadsFactory: GetThreadsFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('aiAssistantId')

apps/app/src/features/openai/server/routes/message/get-messages.ts

@@ -7,6 +7,7 @@ import { param, type ValidationChain } from 'express-validator';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -30,9 +31,7 @@ type Req = Request<ReqParam, Response, undefined> & {
 };
 
 export const getMessagesFactory: GetMessagesFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('threadId').isString().withMessage('threadId must be string'),

apps/app/src/features/openai/server/routes/message/post-message.ts

@@ -12,6 +12,7 @@ import { getOrCreateChatAssistant } from '~/features/openai/server/services/assi
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -64,9 +65,7 @@ type PostMessageHandlersFactory = (crowi: Crowi) => RequestHandler[];
 export const postMessageHandlersFactory: PostMessageHandlersFactory = (
   crowi,
 ) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     body('userMessage')

apps/app/src/features/openai/server/routes/set-default-ai-assistant.ts

@@ -6,7 +6,9 @@ import { isHttpError } from 'http-errors';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -33,10 +35,8 @@ type Req = Request<ReqParams, Response, ReqBody>;
 export const setDefaultAiAssistantFactory: setDefaultAiAssistantFactory = (
   crowi,
 ) => {
-  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const adminRequired = adminRequiredFactory(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('id').isMongoId().withMessage('aiAssistant id is required'),

apps/app/src/features/openai/server/routes/thread.ts

@@ -8,6 +8,7 @@ import { body } from 'express-validator';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -30,9 +31,7 @@ type CreateThreadReq = Request<undefined, ApiV3Response, ReqBody> & {
 type CreateThreadFactory = (crowi: Crowi) => RequestHandler[];
 
 export const createThreadHandlersFactory: CreateThreadFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     body('type')

apps/app/src/features/openai/server/routes/update-ai-assistant.ts

@@ -8,6 +8,7 @@ import { isHttpError } from 'http-errors';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -31,9 +32,7 @@ type Req = Request<ReqParams, Response, ReqBody> & {
 };
 
 export const updateAiAssistantsFactory: UpdateAiAssistantsFactory = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validator: ValidationChain[] = [
     param('id').isMongoId().withMessage('aiAssistant id is required'),

apps/app/src/features/page-bulk-export/server/routes/apiv3/page-bulk-export.ts

@@ -5,6 +5,7 @@ import { Router } from 'express';
 import { body, validationResult } from 'express-validator';
 
 import type Crowi from '~/server/crowi';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import loggerFactory from '~/utils/logger';
 
@@ -23,9 +24,7 @@ interface AuthorizedRequest extends Request {
 
 module.exports = (crowi: Crowi): Router => {
   const accessTokenParser = crowi.accessTokenParser;
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const validators = {
     pageBulkExport: [

apps/app/src/features/templates/server/routes/apiv3/index.ts

@@ -14,6 +14,7 @@ import { GrowiPlugin } from '~/features/growi-plugin/server/models';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ApiV3Response } from '~/server/routes/apiv3/interfaces/apiv3-response';
 import { resolveFromRoot } from '~/server/util/project-dir-utils';
 import loggerFactory from '~/utils/logger';
@@ -31,9 +32,7 @@ const validator = {
 let presetTemplateSummaries: TemplateSummary[];
 
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   /**
    * @swagger

apps/app/src/server/crowi/index.ts

@@ -28,6 +28,7 @@ import UserEvent from '../events/user';
 import type { AccessTokenParser } from '../middlewares/access-token-parser';
 import { accessTokenParser } from '../middlewares/access-token-parser';
 import httpErrorHandler from '../middlewares/http-error-handler';
+import loginRequiredFactory from '../middlewares/login-required';
 import type { AclService } from '../service/acl';
 import { aclService as aclServiceSingletonInstance } from '../service/acl';
 import AppService from '../service/app';
@@ -107,6 +108,8 @@ class Crowi {
    */
   accessTokenParser: AccessTokenParser;
 
+  loginRequiredFactory: typeof loginRequiredFactory;
+
   nextApp!: ReturnType<typeof next>;
 
   configManager!: ConfigManager;
@@ -222,6 +225,7 @@ class Crowi {
     this.cacheDir = path.join(this.tmpDir, 'cache');
 
     this.accessTokenParser = accessTokenParser;
+    this.loginRequiredFactory = loginRequiredFactory;
 
     this.config = {};
     this.s2sMessagingService = null;
@@ -588,7 +592,7 @@ class Crowi {
 
     // setup Express Routes
     this.setupRoutesForPlugins();
-    this.setupRoutesAtLast();
+    await this.setupRoutesAtLast();
 
     // setup Global Error Handlers
     this.setupGlobalErrorHandlers();
@@ -649,8 +653,9 @@ class Crowi {
    * setup Express Routes
    * !! this must be at last because it includes '/*' route !!
    */
-  setupRoutesAtLast(): void {
-    require('../routes')(this, this.express);
+  async setupRoutesAtLast(): Promise<void> {
+    const routes = await import('../routes');
+    routes.default(this, this.express);
   }
 
   /**
@@ -661,16 +666,6 @@ class Crowi {
     this.express.use(httpErrorHandler);
   }
 
-  /**
-   * require API for plugins
-   *
-   * @param modulePath relative path from /lib/crowi/index.js
-   * @return module
-   */
-  require(modulePath: string): unknown {
-    return require(modulePath);
-  }
-
   /**
    * setup GlobalNotificationService
    */

apps/app/src/server/middlewares/admin-required.js → apps/app/src/server/middlewares/admin-required.ts

@@ -1,10 +1,25 @@
+import type { IUserHasId } from '@growi/core';
+import type { NextFunction, Request, Response } from 'express';
+
 import loggerFactory from '~/utils/logger';
 
+import type Crowi from '../crowi';
+
 const logger = loggerFactory('growi:middleware:admin-required');
 
-/** @param {import('~/server/crowi').default} crowi Crowi instance */
-module.exports = (crowi, fallback = null) => {
-  return (req, res, next) => {
+type RequestWithUser = Request & { user?: IUserHasId };
+
+type FallbackFunction = (
+  req: RequestWithUser,
+  res: Response,
+  next: NextFunction,
+) => void;
+
+const adminRequiredFactory = (
+  _crowi: Crowi,
+  fallback: FallbackFunction | null = null,
+) => {
+  return (req: RequestWithUser, res: Response, next: NextFunction) => {
     if (req.user != null && req.user instanceof Object && '_id' in req.user) {
       if (req.user.admin) {
         return next();
@@ -26,3 +41,5 @@ module.exports = (crowi, fallback = null) => {
     return res.redirect('/login');
   };
 };
+
+export default adminRequiredFactory;

apps/app/src/server/middlewares/login-required.spec.ts

@@ -1,3 +1,4 @@
+import type Crowi from '../crowi';
 import { UserStatus } from '../models/user/conts';
 
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -11,11 +12,12 @@ describe('loginRequired', () => {
   let loginRequiredWithFallback: LoginRequiredMiddleware;
 
   // Mock Crowi with only the required aclService
-  const crowiMock = {
-    aclService: {
-      isGuestAllowedToRead: vi.fn(),
-    },
+  const aclServiceMock = {
+    isGuestAllowedToRead: vi.fn(),
   };
+  const crowiMock = {
+    aclService: aclServiceMock,
+  } as unknown as Crowi;
 
   beforeEach(async () => {
     vi.resetAllMocks();
@@ -53,7 +55,7 @@ describe('loginRequired', () => {
         };
         next = vi.fn().mockReturnValue('next');
         // prepare mock for AclService.isGuestAllowedToRead
-        crowiMock.aclService.isGuestAllowedToRead.mockReturnValue(false);
+        aclServiceMock.isGuestAllowedToRead.mockReturnValue(false);
       });
 
       test.each`
@@ -132,7 +134,7 @@ describe('loginRequired', () => {
         };
         next = vi.fn().mockReturnValue('next');
         // prepare mock for AclService.isGuestAllowedToRead
-        crowiMock.aclService.isGuestAllowedToRead.mockReturnValue(true);
+        aclServiceMock.isGuestAllowedToRead.mockReturnValue(true);
       });
 
       test.each`

apps/app/src/server/middlewares/login-required.js → apps/app/src/server/middlewares/login-required.ts

@@ -1,18 +1,39 @@
+import type { IUserHasId } from '@growi/core';
+import type { NextFunction, Request, Response } from 'express';
+
 import { createRedirectToForUnauthenticated } from '~/server/util/createRedirectToForUnauthenticated';
 import loggerFactory from '~/utils/logger';
 
+import type Crowi from '../crowi';
 import { UserStatus } from '../models/user/conts';
 
 const logger = loggerFactory('growi:middleware:login-required');
 
+type RequestWithUser = Request & {
+  user?: IUserHasId;
+  isSharedPage?: boolean;
+  isBrandLogo?: boolean;
+  session?: { redirectTo?: string };
+};
+
+type FallbackFunction = (
+  req: RequestWithUser,
+  res: Response,
+  next: NextFunction,
+) => void;
+
 /**
  * require login handler
- * @param {import('~/server/crowi').default} crowi Crowi instance
- * @param {boolean} isGuestAllowed whether guest user is allowed (default false)
- * @param {function} fallback fallback function which will be triggered when the check cannot be passed
+ * @param crowi Crowi instance
+ * @param isGuestAllowed whether guest user is allowed (default false)
+ * @param fallback fallback function which will be triggered when the check cannot be passed
  */
-module.exports = (crowi, isGuestAllowed = false, fallback = null) => {
-  return (req, res, next) => {
+const loginRequiredFactory = (
+  crowi: Crowi,
+  isGuestAllowed = false,
+  fallback: FallbackFunction | null = null,
+) => {
+  return (req: RequestWithUser, res: Response, next: NextFunction) => {
     // check the user logged in
     if (req.user != null && req.user instanceof Object && '_id' in req.user) {
       if (req.user.status === UserStatus.STATUS_ACTIVE) {
@@ -55,7 +76,11 @@ module.exports = (crowi, isGuestAllowed = false, fallback = null) => {
     if (fallback != null) {
       return fallback(req, res, next);
     }
-    req.session.redirectTo = req.originalUrl;
+    if (req.session != null) {
+      req.session.redirectTo = req.originalUrl;
+    }
     return res.redirect('/login');
   };
 };
+
+export default loginRequiredFactory;

apps/app/src/server/routes/apiv3/activity.ts

@@ -7,6 +7,8 @@ import { query } from 'express-validator';
 
 import type { IActivity, ISearchFilter } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import Activity from '~/server/models/activity';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
@@ -173,10 +175,8 @@ const validator = {
  */
 
 module.exports = (crowi: Crowi): Router => {
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const adminRequired = adminRequiredFactory(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const router = express.Router();
 

apps/app/src/server/routes/apiv3/admin-home.ts

@@ -3,6 +3,8 @@ import { SCOPE } from '@growi/core/dist/interfaces';
 import type { IResAdminHome } from '~/interfaces/res/admin/admin-home';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import { getGrowiVersion } from '~/utils/growi-version';
 
@@ -62,10 +64,8 @@ const router = express.Router();
  *            description: installed plugins
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   /**
    * @swagger

apps/app/src/server/routes/apiv3/app-settings/file-upload-setting.ts

@@ -10,6 +10,8 @@ import { body } from 'express-validator';
 import { SupportedAction } from '~/interfaces/activity';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import { getTranslation } from '~/server/service/i18next';
 import loggerFactory from '~/utils/logger';
@@ -135,10 +137,8 @@ const validator = {
  *                      $ref: '#/components/schemas/FileUploadSettingParams'
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/app-settings/index.ts

@@ -10,6 +10,8 @@ import { SupportedAction } from '~/interfaces/activity';
 import type { CrowiRequest } from '~/interfaces/crowi-request';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import { getTranslation } from '~/server/service/i18next';
 import loggerFactory from '~/utils/logger';
@@ -316,10 +318,8 @@ const router = express.Router();
  *            description: is enable internal stream system for azure file request
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/attachment.js

@@ -8,6 +8,7 @@ import autoReap from 'multer-autoreap';
 import { SupportedAction } from '~/interfaces/activity';
 import { AttachmentType } from '~/server/interfaces/attachment';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { Attachment } from '~/server/models/attachment';
 import {
   serializePageSecurely,
@@ -134,13 +135,8 @@ const { query, param, body } = require('express-validator');
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
   const { Page, User } = crowi.models;
   const { attachmentService } = crowi;
   const uploads = multer({ dest: `${crowi.tmpDir}uploads` });

apps/app/src/server/routes/apiv3/bookmark-folder.ts

@@ -7,6 +7,7 @@ import type { BookmarkFolderItems } from '~/interfaces/bookmark-info';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { InvalidParentBookmarkFolderError } from '~/server/models/errors';
 import { serializeBookmarkSecurely } from '~/server/models/serializers/bookmark-serializer';
 import loggerFactory from '~/utils/logger';
@@ -134,9 +135,7 @@ const validator = {
 };
 
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   /**
    * @swagger

apps/app/src/server/routes/apiv3/bookmarks.ts

@@ -8,6 +8,7 @@ import type { IBookmarkInfo } from '~/interfaces/bookmark-info';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { BookmarkDocument, BookmarkModel } from '~/server/models/bookmark';
 import type { PageDocument, PageModel } from '~/server/models/page';
 import { serializeBookmarkSecurely } from '~/server/models/serializers/bookmark-serializer';
@@ -89,13 +90,8 @@ const router = express.Router();
  *              $ref: '#/components/schemas/User'
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const loginRequired = loginRequiredFactory(crowi, true);
   const addActivity = generateAddActivityMiddleware();
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/customize-setting.js

@@ -9,6 +9,8 @@ import { GrowiPlugin } from '~/features/growi-plugin/server/models';
 import { SupportedAction } from '~/interfaces/activity';
 import { AttachmentType } from '~/server/interfaces/attachment';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { Attachment } from '~/server/models/attachment';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
@@ -188,10 +190,8 @@ const router = express.Router();
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/export.js

@@ -1,12 +1,14 @@
+import fs from 'node:fs';
 import { SCOPE } from '@growi/core/dist/interfaces';
 import express from 'express';
 import { body, param } from 'express-validator';
-import fs from 'fs';
 import mongoose from 'mongoose';
 import sanitize from 'sanitize-filename';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { exportService } from '~/server/service/export';
 import loggerFactory from '~/utils/logger';
 
@@ -122,8 +124,8 @@ const router = express.Router();
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../middlewares/login-required')(crowi);
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const { socketIoService } = crowi;

apps/app/src/server/routes/apiv3/g2g-transfer.ts

@@ -9,6 +9,8 @@ import path from 'pathe';
 
 import type { GrowiArchiveImportOption } from '~/models/admin/growi-archive-import-option';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { isG2GTransferError } from '~/server/models/vo/g2g-transfer-error';
 import { configManager } from '~/server/service/config-manager';
 import { exportService } from '~/server/service/export';
@@ -131,10 +133,8 @@ module.exports = (crowi: Crowi): Router => {
 
   const isInstalled = configManager.getConfig('app:installed');
 
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const adminRequired = adminRequiredFactory(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // Middleware
   const adminRequiredIfInstalled = (

apps/app/src/server/routes/apiv3/import.ts

@@ -6,6 +6,8 @@ import { SupportedAction } from '~/interfaces/activity';
 import type { GrowiArchiveImportOption } from '~/models/admin/growi-archive-import-option';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { ImportSettings } from '~/server/service/import';
 import { getImportService } from '~/server/service/import';
 import { generateOverwriteParams } from '~/server/service/import/overwrite-params';
@@ -130,8 +132,8 @@ export default function route(crowi: Crowi): Router {
   const { growiBridgeService, socketIoService } = crowi;
   const importService = getImportService();
 
-  const loginRequired = require('../../middlewares/login-required')(crowi);
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   const adminEvent = crowi.events.admin;

apps/app/src/server/routes/apiv3/in-app-notification.ts

@@ -7,6 +7,7 @@ import type { CrowiRequest } from '~/interfaces/crowi-request';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 
 import type { IInAppNotification } from '../../../interfaces/in-app-notification';
 import type { ApiV3Response } from './interfaces/apiv3-response';
@@ -86,9 +87,7 @@ const router = express.Router();
  *             $ref: '#/components/schemas/User'
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   const inAppNotificationService = crowi.inAppNotificationService;

apps/app/src/server/routes/apiv3/markdown-setting.js

@@ -3,6 +3,8 @@ import { ErrorV3 } from '@growi/core/dist/models';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
 
@@ -122,10 +124,8 @@ const validator = {
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/mongo.js

@@ -1,6 +1,8 @@
 import { SCOPE } from '@growi/core/dist/interfaces';
 
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 const _logger = loggerFactory('growi:routes:apiv3:mongo');
@@ -12,10 +14,8 @@ const router = express.Router();
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   /**
    * @swagger

apps/app/src/server/routes/apiv3/notification-setting.js

@@ -4,6 +4,8 @@ import express from 'express';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { GlobalNotificationSettingType } from '~/server/models/GlobalNotificationSetting';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
@@ -182,8 +184,8 @@ const validator = {
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const Strictly = require('../../middlewares/login-required')(crowi);
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;
@@ -219,7 +221,7 @@ module.exports = (crowi) => {
   router.get(
     '/',
     accessTokenParser([SCOPE.READ.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     async (req, res) => {
       const notificationParams = {
@@ -283,7 +285,7 @@ module.exports = (crowi) => {
   router.post(
     '/user-notification',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     validator.userNotification,
@@ -343,7 +345,7 @@ module.exports = (crowi) => {
   router.delete(
     '/user-notification/:id',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     async (req, res) => {
@@ -400,7 +402,7 @@ module.exports = (crowi) => {
   router.get(
     '/global-notification/:id',
     accessTokenParser([SCOPE.READ.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     validator.globalNotification,
     async (req, res) => {
@@ -453,7 +455,7 @@ module.exports = (crowi) => {
   router.post(
     '/global-notification',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     validator.globalNotification,
@@ -528,7 +530,7 @@ module.exports = (crowi) => {
   router.put(
     '/global-notification/:id',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     validator.globalNotification,
@@ -613,7 +615,7 @@ module.exports = (crowi) => {
   router.put(
     '/notify-for-page-grant',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     validator.notifyForPageGrant,
@@ -697,7 +699,7 @@ module.exports = (crowi) => {
   router.put(
     '/global-notification/:id/enabled',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     async (req, res) => {
@@ -757,7 +759,7 @@ module.exports = (crowi) => {
   router.delete(
     '/global-notification/:id',
     accessTokenParser([SCOPE.WRITE.ADMIN.EXTERNAL_NOTIFICATION]),
-    Strictly,
+    loginRequiredStrictly,
     adminRequired,
     addActivity,
     async (req, res) => {

apps/app/src/server/routes/apiv3/page-listing.ts

@@ -10,6 +10,7 @@ import mongoose from 'mongoose';
 
 import type { IPageForTreeItem } from '~/interfaces/page';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import type { IPageGrantService } from '~/server/service/page-grant';
 import { pageListingService } from '~/server/service/page-listing';
@@ -60,10 +61,7 @@ const validator = {
  * Routes
  */
 const routerFactory = (crowi: Crowi): Router => {
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   const router = express.Router();
 

apps/app/src/server/routes/apiv3/page/check-page-existence.ts

@@ -10,6 +10,7 @@ import mongoose from 'mongoose';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import loggerFactory from '~/utils/logger';
 
@@ -32,10 +33,7 @@ export const checkPageExistenceHandlersFactory: CreatePageHandlersFactory = (
 ) => {
   const Page = mongoose.model<IPage, PageModel>('Page');
 
-  const loginRequired = require('../../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   // define validators for req.body
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/create-page.ts

@@ -25,6 +25,7 @@ import type { IOptionsForCreate } from '~/interfaces/page';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { GlobalNotificationSettingEvent } from '~/server/models/GlobalNotificationSetting';
 import type { PageDocument, PageModel } from '~/server/models/page';
 import PageTagRelation from '~/server/models/page-tag-relation';
@@ -120,9 +121,7 @@ export const createPageHandlersFactory: CreatePageHandlersFactory = (crowi) => {
     'User',
   );
 
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // define validators for req.body
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/get-page-paths-with-descendant-count.ts

@@ -7,6 +7,7 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import loggerFactory from '~/utils/logger';
 
@@ -32,8 +33,7 @@ interface Req extends Request<undefined, ApiV3Response, undefined, ReqQuery> {
 export const getPagePathsWithDescendantCountFactory: GetPagePathsWithDescendantCountFactory =
   (crowi) => {
     const Page = mongoose.model<IPage, PageModel>('Page');
-    const loginRequiredStrictly =
-      require('../../../middlewares/login-required')(crowi);
+    const loginRequiredStrictly = loginRequiredFactory(crowi);
 
     const validator: ValidationChain[] = [
       query('paths').isArray().withMessage('paths must be an array of strings'),

apps/app/src/server/routes/apiv3/page/get-yjs-data.ts

@@ -8,6 +8,7 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import loggerFactory from '~/utils/logger';
 
@@ -26,9 +27,7 @@ interface Req extends Request<ReqParams, ApiV3Response> {
 }
 export const getYjsDataHandlerFactory: GetYjsDataHandlerFactory = (crowi) => {
   const Page = mongoose.model<IPage, PageModel>('Page');
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // define validators for req.params
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/index.ts

@@ -32,6 +32,7 @@ import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { GlobalNotificationSettingEvent } from '~/server/models/GlobalNotificationSetting';
 import type { PageDocument, PageModel } from '~/server/models/page';
 import { Revision } from '~/server/models/revision';
@@ -81,13 +82,8 @@ const router = express.Router();
  *
  */
 module.exports = (crowi: Crowi) => {
-  const loginRequired = require('../../../middlewares/login-required')(
-    crowi,
-    true,
-  );
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
   const certifySharedPage = require('../../../middlewares/certify-shared-page')(
     crowi,
   );

apps/app/src/server/routes/apiv3/page/publish-page.ts

@@ -8,6 +8,7 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import loggerFactory from '~/utils/logger';
 
@@ -31,9 +32,7 @@ export const publishPageHandlersFactory: PublishPageHandlersFactory = (
 ) => {
   const Page = mongoose.model<IPage, PageModel>('Page');
 
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // define validators for req.body
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/sync-latest-revision-body-to-yjs-draft.ts

@@ -8,6 +8,7 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import { getYjsService } from '~/server/service/yjs';
 import loggerFactory from '~/utils/logger';
@@ -35,8 +36,7 @@ interface Req extends Request<ReqParams, ApiV3Response, ReqBody> {
 export const syncLatestRevisionBodyToYjsDraftHandlerFactory: SyncLatestRevisionBodyToYjsDraftHandlerFactory =
   (crowi) => {
     const Page = mongoose.model<IPage, PageModel>('Page');
-    const loginRequiredStrictly =
-      require('../../../middlewares/login-required')(crowi);
+    const loginRequiredStrictly = loginRequiredFactory(crowi);
 
     // define validators for req.params
     const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/unpublish-page.ts

@@ -8,6 +8,7 @@ import mongoose from 'mongoose';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import type { PageModel } from '~/server/models/page';
 import loggerFactory from '~/utils/logger';
 
@@ -31,9 +32,7 @@ export const unpublishPageHandlersFactory: UnpublishPageHandlersFactory = (
 ) => {
   const Page = mongoose.model<IPage, PageModel>('Page');
 
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // define validators for req.body
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/page/update-page.ts

@@ -23,6 +23,7 @@ import type { IOptionsForUpdate } from '~/interfaces/page';
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { GlobalNotificationSettingEvent } from '~/server/models/GlobalNotificationSetting';
 import type { PageDocument, PageModel } from '~/server/models/page';
 import {
@@ -53,9 +54,7 @@ export const updatePageHandlersFactory: UpdatePageHandlersFactory = (crowi) => {
   const Page = mongoose.model<IPage, PageModel>('Page');
   const Revision = mongoose.model<IRevisionHasId>('Revision');
 
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   // define validators for req.body
   const validator: ValidationChain[] = [

apps/app/src/server/routes/apiv3/pages/index.js

@@ -17,6 +17,8 @@ import { body, query } from 'express-validator';
 import { SupportedAction, SupportedTargetModel } from '~/interfaces/activity';
 import { subscribeRuleNames } from '~/interfaces/in-app-notification';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { GlobalNotificationSettingEvent } from '~/server/models/GlobalNotificationSetting';
 import PageTagRelation from '~/server/models/page-tag-relation';
 import { configManager } from '~/server/service/config-manager';
@@ -37,14 +39,9 @@ const LIMIT_FOR_MULTIPLE_PAGE_OP = 20;
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../../middlewares/login-required')(
-    crowi,
-    true,
-  );
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi, true);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   const { Page, User } = crowi.models;
 

apps/app/src/server/routes/apiv3/personal-setting/delete-access-token.ts

@@ -9,6 +9,7 @@ import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { AccessToken } from '~/server/models/access-token';
 import loggerFactory from '~/utils/logger';
 
@@ -41,8 +42,7 @@ const validator = [
 
 export const deleteAccessTokenHandlersFactory: DeleteAccessTokenHandlersFactory =
   (crowi) => {
-    const loginRequiredStrictly =
-      require('../../../middlewares/login-required')(crowi);
+    const loginRequiredStrictly = loginRequiredFactory(crowi);
     const addActivity = generateAddActivityMiddleware();
     const activityEvent = crowi.events.activity;
 

apps/app/src/server/routes/apiv3/personal-setting/delete-all-access-tokens.ts

@@ -8,6 +8,7 @@ import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { AccessToken } from '~/server/models/access-token';
 import loggerFactory from '~/utils/logger';
 
@@ -26,8 +27,7 @@ type DeleteAllAccessTokensHandlersFactory = (crowi: Crowi) => RequestHandler[];
 
 export const deleteAllAccessTokensHandlersFactory: DeleteAllAccessTokensHandlersFactory =
   (crowi) => {
-    const loginRequiredStrictly =
-      require('../../../middlewares/login-required')(crowi);
+    const loginRequiredStrictly = loginRequiredFactory(crowi);
     const addActivity = generateAddActivityMiddleware();
     const activityEvent = crowi.events.activity;
 

apps/app/src/server/routes/apiv3/personal-setting/generate-access-token.ts

@@ -7,6 +7,7 @@ import { SupportedAction } from '~/interfaces/activity';
 import type Crowi from '~/server/crowi';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { AccessToken } from '~/server/models/access-token';
 import { isValidScope } from '~/server/util/scope-utils';
 import loggerFactory from '~/utils/logger';
@@ -76,8 +77,7 @@ const validator = [
 
 export const generateAccessTokenHandlerFactory: GenerateAccessTokenHandlerFactory =
   (crowi) => {
-    const loginRequiredStrictly =
-      require('../../../middlewares/login-required')(crowi);
+    const loginRequiredStrictly = loginRequiredFactory(crowi);
     const activityEvent = crowi.events.activity;
     const addActivity = generateAddActivityMiddleware();
 

apps/app/src/server/routes/apiv3/personal-setting/get-access-tokens.ts

@@ -7,6 +7,7 @@ import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { AccessToken } from '~/server/models/access-token';
 import loggerFactory from '~/utils/logger';
 
@@ -26,9 +27,7 @@ type GetAccessTokenHandlerFactory = (crowi: Crowi) => RequestHandler[];
 export const getAccessTokenHandlerFactory: GetAccessTokenHandlerFactory = (
   crowi,
 ) => {
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware();
 
   return [

apps/app/src/server/routes/apiv3/personal-setting/index.js

@@ -6,6 +6,7 @@ import { i18n } from '^/config/next-i18next.config';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 import { generateAddActivityMiddleware } from '../../../middlewares/add-activity';
@@ -73,9 +74,7 @@ const router = express.Router();
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const { User } = crowi.models;

apps/app/src/server/routes/apiv3/revisions.js

@@ -4,6 +4,7 @@ import { serializeUserSecurely } from '@growi/core/dist/models/serializers';
 import express from 'express';
 
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { Revision } from '~/server/models/revision';
 import {
   getAppliedAtForRevisionFilter,
@@ -59,10 +60,7 @@ module.exports = (crowi) => {
   const certifySharedPage = require('../../middlewares/certify-shared-page')(
     crowi,
   );
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   const { Page, User } = crowi.models;
 

apps/app/src/server/routes/apiv3/search.js

@@ -3,6 +3,8 @@ import { ErrorV3 } from '@growi/core/dist/models';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 import { generateAddActivityMiddleware } from '../../middlewares/add-activity';
@@ -100,8 +102,8 @@ const noCache = require('nocache');
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../middlewares/login-required')(crowi);
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/security-settings/index.js

@@ -10,7 +10,9 @@ import { SupportedAction } from '~/interfaces/activity';
 import { PageDeleteConfigValue } from '~/interfaces/page-delete-config';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import ShareLink from '~/server/models/share-link';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
@@ -412,10 +414,8 @@ const validator = {
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/share-links.js

@@ -6,8 +6,10 @@ import express from 'express';
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
 import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
 import { excludeReadOnlyUser } from '~/server/middlewares/exclude-read-only-user';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import ShareLink from '~/server/models/share-link';
 import loggerFactory from '~/utils/logger';
 
@@ -82,8 +84,8 @@ const today = new Date();
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../middlewares/login-required')(crowi);
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const { Page } = crowi.models;

apps/app/src/server/routes/apiv3/slack-integration-legacy-settings.js

@@ -5,6 +5,8 @@ import { body } from 'express-validator';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
 
@@ -51,10 +53,8 @@ const validator = {
  */
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/slack-integration-settings.js

@@ -15,6 +15,8 @@ import {
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import axios from '~/utils/axios';
 import loggerFactory from '~/utils/logger';
 
@@ -49,10 +51,8 @@ const router = express.Router();
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const { SlackAppIntegration } = crowi.models;

apps/app/src/server/routes/apiv3/user-activities.ts

@@ -8,6 +8,7 @@ import { Types } from 'mongoose';
 
 import type { IActivity } from '~/interfaces/activity';
 import { ActivityLogActions } from '~/interfaces/activity';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import Activity from '~/server/models/activity';
 import { configManager } from '~/server/service/config-manager';
 import loggerFactory from '~/utils/logger';
@@ -143,9 +144,7 @@ type ActivityPaginationResult = PaginateResult<IActivity>;
  */
 
 module.exports = (crowi: Crowi): Router => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   const router = express.Router();
 

apps/app/src/server/routes/apiv3/user-group-relation.js

@@ -3,6 +3,8 @@ import { ErrorV3 } from '@growi/core/dist/models';
 import express from 'express';
 
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { serializeUserGroupRelationSecurely } from '~/server/models/serializers';
 import UserGroupRelation from '~/server/models/user-group-relation';
 import loggerFactory from '~/utils/logger';
@@ -17,10 +19,8 @@ const validator = {};
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
 
   validator.list = [
     query('groupIds', 'groupIds is required and must be an array').isArray(),

apps/app/src/server/routes/apiv3/user-group.js

@@ -7,6 +7,8 @@ import { body, param, query, sanitizeQuery } from 'express-validator';
 
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import { serializeUserGroupRelationSecurely } from '~/server/models/serializers/user-group-relation-serializer';
 import UserGroup from '~/server/models/user-group';
 import UserGroupRelation from '~/server/models/user-group-relation';
@@ -27,10 +29,8 @@ const router = express.Router();
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/apiv3/user/get-related-groups.ts

@@ -5,6 +5,7 @@ import type { Request, RequestHandler } from 'express';
 
 import type Crowi from '~/server/crowi';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 import type { ApiV3Response } from '../interfaces/apiv3-response';
@@ -20,9 +21,7 @@ interface Req extends Request {
 export const getRelatedGroupsHandlerFactory: GetRelatedGroupsHandlerFactory = (
   crowi,
 ) => {
-  const loginRequiredStrictly = require('~/server/middlewares/login-required')(
-    crowi,
-  );
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
 
   return [
     accessTokenParser([SCOPE.READ.USER_SETTINGS.INFO], { acceptLegacy: true }),

apps/app/src/server/routes/apiv3/users.js

@@ -5,13 +5,15 @@ import { userHomepagePath } from '@growi/core/dist/utils/page-path-utils';
 import escapeStringRegexp from 'escape-string-regexp';
 import express from 'express';
 import { body, query } from 'express-validator';
-import path from 'path';
+import path from 'pathe';
 import { isEmail } from 'validator';
 
 import ExternalUserGroupRelation from '~/features/external-user-group/server/models/external-user-group-relation';
 import { deleteUserAiAssistant } from '~/features/openai/server/services/delete-ai-assistant';
 import { SupportedAction } from '~/interfaces/activity';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import adminRequiredFactory from '~/server/middlewares/admin-required';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import Activity from '~/server/models/activity';
 import ExternalAccount from '~/server/models/external-account';
 import { serializePageSecurely } from '~/server/models/serializers';
@@ -110,14 +112,9 @@ const validator = {};
 
 /** @param {import('~/server/crowi').default} crowi Crowi instance */
 module.exports = (crowi) => {
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
-  const loginRequiredStrictly = require('../../middlewares/login-required')(
-    crowi,
-  );
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
+  const loginRequired = loginRequiredFactory(crowi, true);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const activityEvent = crowi.events.activity;

apps/app/src/server/routes/attachment/download.ts

@@ -3,6 +3,7 @@ import express from 'express';
 
 import { SupportedAction } from '~/interfaces/activity';
 import type { CrowiRequest } from '~/interfaces/crowi-request';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 import type Crowi from '../../crowi';
@@ -25,10 +26,7 @@ const generateActivityParameters = (req: CrowiRequest) => {
 };
 
 export const downloadRouterFactory = (crowi: Crowi): Router => {
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   const router = express.Router();
 

apps/app/src/server/routes/attachment/get-brand-logo.ts

@@ -4,6 +4,7 @@ import express from 'express';
 
 import type { CrowiRequest } from '~/interfaces/crowi-request';
 import { accessTokenParser } from '~/server/middlewares/access-token-parser';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import loggerFactory from '~/utils/logger';
 
 import type Crowi from '../../crowi';
@@ -17,10 +18,7 @@ const logger = loggerFactory('growi:routes:attachment:get-brand-logo');
 
 export const getBrandLogoRouterFactory = (crowi: Crowi): Router => {
   const certifyBrandLogo = generateCertifyBrandLogoMiddleware(crowi);
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   const router = express.Router();
 

apps/app/src/server/routes/attachment/get.ts

@@ -9,6 +9,7 @@ import {
   type RespondOptions,
   ResponseMode,
 } from '~/server/interfaces/attachment';
+import loginRequiredFactory from '~/server/middlewares/login-required';
 import {
   applyHeaders,
   createContentHeaders,
@@ -190,10 +191,7 @@ export type GetRequest = CrowiProperties &
 export type GetResponse = Response<any, LocalsAfterDataInjection>;
 
 export const getRouterFactory = (crowi: Crowi): Router => {
-  const loginRequired = require('../../middlewares/login-required')(
-    crowi,
-    true,
-  );
+  const loginRequired = loginRequiredFactory(crowi, true);
 
   const router = express.Router();
 

apps/app/src/server/routes/index.js

@@ -5,6 +5,7 @@ import { middlewareFactory as rateLimiterFactory } from '~/features/rate-limiter
 
 import { accessTokenParser } from '../middlewares/access-token-parser';
 import { generateAddActivityMiddleware } from '../middlewares/add-activity';
+import adminRequiredFactory from '../middlewares/admin-required';
 import apiV1FormValidator from '../middlewares/apiv1-form-validator';
 import * as applicationNotInstalled from '../middlewares/application-not-installed';
 import {
@@ -14,6 +15,7 @@ import {
 import injectResetOrderByTokenMiddleware from '../middlewares/inject-reset-order-by-token-middleware';
 import injectUserRegistrationOrderByTokenMiddleware from '../middlewares/inject-user-registration-order-by-token-middleware';
 import * as loginFormValidator from '../middlewares/login-form-validator';
+import loginRequiredFactory from '../middlewares/login-required';
 import {
   generateUnavailableWhenMaintenanceModeMiddleware,
   generateUnavailableWhenMaintenanceModeMiddlewareForApi,
@@ -36,9 +38,9 @@ module.exports = (crowi, app) => {
   const applicationInstalled = require('../middlewares/application-installed')(
     crowi,
   );
-  const loginRequiredStrictly = require('../middlewares/login-required')(crowi);
-  const loginRequired = require('../middlewares/login-required')(crowi, true);
-  const adminRequired = require('../middlewares/admin-required')(crowi);
+  const loginRequiredStrictly = loginRequiredFactory(crowi);
+  const loginRequired = loginRequiredFactory(crowi, true);
+  const adminRequired = adminRequiredFactory(crowi);
   const addActivity = generateAddActivityMiddleware(crowi);
 
   const uploads = multer({ dest: `${crowi.tmpDir}uploads` });

apps/app/src/server/service/socket-io/socket-io.ts

@@ -1,6 +1,6 @@
+import type { IncomingMessage } from 'node:http';
 import type { IUserHasId } from '@growi/core/dist/interfaces';
 import expressSession from 'express-session';
-import type { IncomingMessage } from 'http';
 import passport from 'passport';
 import type { Namespace } from 'socket.io';
 import { Server } from 'socket.io';
@@ -9,6 +9,8 @@ import { SocketEventName } from '~/interfaces/websocket';
 import loggerFactory from '~/utils/logger';
 
 import type Crowi from '../../crowi';
+import adminRequiredFactory from '../../middlewares/admin-required';
+import loginRequiredFactory from '../../middlewares/login-required';
 import { configManager } from '../config-manager';
 import { getRoomNameWithId, RoomPrefix } from './helper';
 
@@ -89,7 +91,7 @@ export class SocketIoService {
    * use loginRequired middleware
    */
   setupLoginRequiredMiddleware() {
-    const loginRequired = require('../../middlewares/login-required')(
+    const loginRequired = loginRequiredFactory(
       this.crowi,
       true,
       (req, res, next) => {
@@ -99,7 +101,7 @@ export class SocketIoService {
 
     // convert Connect/Express middleware to Socket.io middleware
     this.io.use((socket, next) => {
-      loginRequired(socket.request, {}, next);
+      loginRequired(socket.request as any, {} as any, next as any);
     });
   }
 
@@ -107,16 +109,13 @@ export class SocketIoService {
    * use adminRequired middleware
    */
   setupAdminRequiredMiddleware() {
-    const adminRequired = require('../../middlewares/admin-required')(
-      this.crowi,
-      (req, res, next) => {
-        next(new Error('Admin priviledge is required to connect.'));
-      },
-    );
+    const adminRequired = adminRequiredFactory(this.crowi, (req, res, next) => {
+      next(new Error('Admin priviledge is required to connect.'));
+    });
 
     // convert Connect/Express middleware to Socket.io middleware
     this.getAdminSocket().use((socket, next) => {
-      adminRequired(socket.request, {}, next);
+      adminRequired(socket.request as any, {} as any, next as any);
     });
   }
 

packages/remark-attachment-refs/src/server/routes/refs.ts

@@ -67,13 +67,13 @@ const loginRequiredFallback = (_req, res) => {
   return res.status(403).send('login required');
 };
 
-// biome-ignore lint/suspicious/noExplicitAny: ignore
-export const routesFactory = (crowi): any => {
-  const loginRequired = crowi.require('../middlewares/login-required')(
+export const routesFactory = (crowi): Promise<Router> => {
+  const loginRequired = crowi.loginRequiredFactory(
     crowi,
     true,
     loginRequiredFallback,
   );
+
   const accessTokenParser: AccessTokenParser = crowi.accessTokenParser;
 
   const router = Router();
@@ -96,7 +96,7 @@ export const routesFactory = (crowi): any => {
     // biome-ignore lint/suspicious/noTsIgnore: Suppress auto fix by lefthook
     // @ts-ignore - Scope type causes "Type instantiation is excessively deep" with tsgo
     accessTokenParser([SCOPE.READ.FEATURES.PAGE], { acceptLegacy: true }),
-    loginRequired,
+    // loginRequired,
     async (req: RequestWithUser, res) => {
       const user = req.user;
       const { pagePath, fileNameOrId } = req.query;

packages/remark-lsx/src/server/index.ts

@@ -50,9 +50,8 @@ const paramValidator = (req: Request, res: Response, next: NextFunction) => {
   res.status(400).json({ errors: errs.map((err) => err.message) });
 };
 
-// biome-ignore lint/suspicious/noExplicitAny: ignore
 const middleware = (crowi: any, app: any): void => {
-  const loginRequired = crowi.require('../middlewares/login-required')(
+  const loginRequired = crowi.loginRequiredFactory(
     crowi,
     true,
     loginRequiredFallback,