Files
betterhuman/backend/dist/middleware/auth.js
T

32 lines
1014 B
JavaScript

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.requireAuth = requireAuth;
exports.requireRole = requireRole;
const jwt_1 = require("../lib/jwt");
function requireAuth(req, res, next) {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith('Bearer ')) {
return res.status(401).json({ error: 'Unauthorized' });
}
const token = authHeader.split(' ')[1];
try {
const payload = (0, jwt_1.verifyAccessToken)(token);
req.user = payload;
next();
}
catch (err) {
return res.status(401).json({ error: 'Invalid or expired token' });
}
}
function requireRole(roles) {
return (req, res, next) => {
if (!req.user) {
return res.status(401).json({ error: 'Unauthorized' });
}
if (!roles.includes(req.user.role)) {
return res.status(403).json({ error: 'Forbidden' });
}
next();
};
}
//# sourceMappingURL=auth.js.map