refactor: auth service (#11811)

server/src/middleware/auth.guard.ts

@@ -89,20 +89,14 @@ export class AuthGuard implements CanActivate {
       return true;
     }
 
+    const { admin: adminRoute, sharedLink: sharedLinkRoute } = { sharedLink: false, admin: false, ...options };
     const request = context.switchToHttp().getRequest<AuthRequest>();
 
-    const authDto = await this.authService.validate(request.headers, request.query as Record<string, string>);
-    if (authDto.sharedLink && !(options as SharedLinkRoute).sharedLink) {
-      this.logger.warn(`Denied access to non-shared route: ${request.path}`);
-      return false;
-    }
-
-    if (!authDto.user.isAdmin && (options as AdminRoute).admin) {
-      this.logger.warn(`Denied access to admin only route: ${request.path}`);
-      return false;
-    }
-
-    request.user = authDto;
+    request.user = await this.authService.authenticate({
+      headers: request.headers,
+      queryParams: request.query as Record<string, string>,
+      metadata: { adminRoute, sharedLinkRoute, uri: request.path },
+    });
 
     return true;
   }