File size: 1,485 Bytes
11f4e50 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | import { Request, Response, NextFunction } from 'express';
import jwt from 'jsonwebtoken';
import { config } from '../config';
import { User } from '../models';
export interface AuthRequest extends Request {
userId?: string;
userRole?: string;
}
export const authMiddleware = async (
req: AuthRequest,
res: Response,
next: NextFunction
): Promise<void> => {
try {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith('Bearer ')) {
res.status(401).json({ error: 'Access denied. No token provided.' });
return;
}
const token = authHeader.split(' ')[1];
const decoded = jwt.verify(token, config.jwt.secret) as {
userId: string;
role: string;
};
const user = await User.findById(decoded.userId);
if (!user) {
res.status(401).json({ error: 'Invalid token. User not found.' });
return;
}
req.userId = decoded.userId;
req.userRole = decoded.role;
next();
} catch (error) {
res.status(401).json({ error: 'Invalid or expired token.' });
}
};
export const adminMiddleware = (
req: AuthRequest,
res: Response,
next: NextFunction
): void => {
if (req.userRole !== 'admin') {
res.status(403).json({ error: 'Admin access required.' });
return;
}
next();
};
|