Unify auth middleware to a single implementation (JWT verify + DB session)

[robertocarlous]

Problem

There are two authentication middlewares with overlapping responsibility (src/middleware/auth.ts and src/middleware/authenticate.ts). Some routes use one, others use the other, increasing the risk of inconsistent enforcement (JWT verification, session expiry, user isActive checks, etc.).

Acceptance criteria

• Choose one canonical middleware
• Ensure it ALWAYS validates JWT signature + checks DB session existence + expiry + user.isActive
• Migrate all routes to the canonical middleware
• Delete or deprecate the duplicate implementation
• Update tests to match the single path

export async function requireAuth(

export class AuthMiddleware {
static validateJwt = async (

Priority

P0 / Critical

[Fatimasanusi]

I would like to work on this as a professional full stack developer and i'm an expect in solving complex smart contract problem