Spaces:
Sleeping
Sleeping
| const jwt = require('jsonwebtoken'); | |
| const JWT_SECRET = process.env.JWT_SECRET || 'gilded-secret-key-change-in-production'; | |
| function generateToken(user) { | |
| return jwt.sign({ id: user.id }, JWT_SECRET, { expiresIn: '7d' }); | |
| } | |
| function authMiddleware(req, res, next) { | |
| try { | |
| let token = null; | |
| const authHeader = req.headers.authorization; | |
| if (authHeader && authHeader.startsWith('Bearer ')) { | |
| token = authHeader.slice(7); | |
| } | |
| if (!token && req.cookies && req.cookies.token) { | |
| token = req.cookies.token; | |
| } | |
| if (!token) { | |
| return res.status(401).json({ error: 'Authentication required' }); | |
| } | |
| const decoded = jwt.verify(token, JWT_SECRET); | |
| req.user = { id: decoded.id }; | |
| next(); | |
| } catch (err) { | |
| return res.status(401).json({ error: 'Invalid or expired token' }); | |
| } | |
| } | |
| module.exports = { generateToken, authMiddleware, JWT_SECRET }; | |