feat: Secure Endpoints using Middleware, validate bearer token

[NwinNwin]

To do

• Investigate how to implement middleware with firebase-admin correctly with SST
• Secure all API routes
• Help us secure these endpoints pls!!!

Description

We attempted to add middleware to secure our backend routes while setting up SST. Specifically, we tried implementing a middleware function like:

itemsRouter.post("/", middleware.decodeToken, async (req, res) => {
  // Route handler logic
});

This middleware is meant to decode the token and authenticate requests. However, we ran into some issues, and it wasn’t working as expected.

Expected Behavior

• The middleware should correctly extract and validate the token from the request.
• Requests should be blocked if authentication fails.

Actual Behavior

• Got some error in SST when setting it up
• Doesn't allow backend to run

Steps to Reproduce

1. Added middleware.decodeToken to itemsRouter.post("/").
2. Set up SST with the backend.
3. Encountered issues where the middleware was not working as expected.

Relevant Information

The frontend is sending the Bearer token in requests like this:
[Frontend code sending Bearer token](

ZotNFound/packages/web/src/components/Map/Map.jsx

Lines 242 to 246 in 8408271

	{
	headers: {
	Authorization: `Bearer ${token}`,
	},
	}

)

We need to ensure that our middleware properly handles and validates this token.