import { NextFunction, Request, Response } from 'express';
export type UserSession = {
    username: string;
    isAdmin: boolean;
    allowedWriteOrganizations: string[];
};
export type UserSessionResult = {
    user?: UserSession;
    errorCode?: number;
    errorMessage?: string;
};
export type AuthConfig = {
    enabled: boolean;
    protectedMethods?: Array<'GET' | 'POST' | 'PUT' | 'DELETE'>;
    customAuthHandler?: (req: Request) => UserSessionResult;
};
declare module 'express-serve-static-core' {
    interface Request {
        user?: UserSession;
    }
}
/**
 * Determines whether the incoming request should bypass authentication,
 * based on the application's authentication configuration.
 * @param req
 * @param authConfig
 * @returns
 */
export declare const shouldBypassAuth: (req: Request, authConfig: AuthConfig) => boolean;
/**
 * Middleware to handle authentication based on the provided auth configuration.
 * It verifies the user's authentication implemented by the custom authentication handler
 * If authentication is valid, it attaches the user information to the request object;
 * Otherwise, it returns the appropriate error codes.
 * @param authConfig
 * @returns
 */
export declare const authMiddleware: (authConfig: AuthConfig) => (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;