Spaces:
Running
Running
| /** | |
| * src/middleware/authMiddleware.ts | |
| * | |
| * Firebase Auth middleware โ ูุชุญูู ู ู ุงูู ID Token ูู ูู request. | |
| * ุงููุงุฌูุฉ ุจุชุจุนุช: Authorization: Bearer <firebase-id-token> | |
| */ | |
| import { Request, Response, NextFunction } from 'express'; | |
| import admin from 'firebase-admin'; | |
| import { logger } from '../utils/logger'; | |
| export async function requireFirebaseAuth( | |
| req: Request, | |
| res: Response, | |
| next: NextFunction | |
| ): Promise<void> { | |
| const authHeader = req.headers['authorization']; | |
| if (!authHeader || !authHeader.startsWith('Bearer ')) { | |
| res.status(401).json({ error: 'Missing Authorization header' }); | |
| return; | |
| } | |
| const idToken = authHeader.slice(7); | |
| try { | |
| const decoded = await admin.auth().verifyIdToken(idToken); | |
| // ูุถูู ุงูู uid ุนูู ุงูู request ุนุดุงู ูุณุชุฎุฏู ู ูู ู ุญุชุงุฌูู | |
| (req as Request & { uid: string }).uid = decoded.uid; | |
| next(); | |
| } catch (err) { | |
| logger.warn(`AuthMiddleware: invalid token โ ${String(err)}`); | |
| res.status(401).json({ error: 'Invalid or expired token' }); | |
| } | |
| } | |