| import type { Scope } from "@api/utils/scopes"; | |
| import type { MiddlewareHandler } from "hono"; | |
| export const withRequiredScope = ( | |
| ...requiredScopes: Scope[] | |
| ): MiddlewareHandler => { | |
| return async (c, next) => { | |
| const scopes = c.get("scopes") as Scope[] | undefined; | |
| if (!scopes) { | |
| return c.json( | |
| { | |
| error: "Unauthorized", | |
| description: | |
| "No scopes found for the current user. Authentication is required.", | |
| }, | |
| 401, | |
| ); | |
| } | |
| // Check if user has at least one of the required scopes | |
| const hasRequiredScope = requiredScopes.some((requiredScope) => | |
| scopes.includes(requiredScope), | |
| ); | |
| if (!hasRequiredScope) { | |
| return c.json( | |
| { | |
| error: "Forbidden", | |
| description: `Insufficient permissions. Required scopes: ${requiredScopes.join( | |
| ", ", | |
| )}. Your scopes: ${scopes.join(", ")}`, | |
| }, | |
| 403, | |
| ); | |
| } | |
| await next(); | |
| }; | |
| }; | |