titan-server / src /middleware /authMiddleware.ts
M-hv1's picture
Upload authMiddleware.ts
6c92900 verified
Raw
History Blame Contribute Delete
1.09 kB
/**
* src/middleware/authMiddleware.ts
*
* Firebase Auth middleware โ€” ูŠุชุญู‚ู‚ ู…ู† ุงู„ู€ ID Token ููŠ ูƒู„ request.
* ุงู„ูˆุงุฌู‡ุฉ ุจุชุจุนุช: Authorization: Bearer <firebase-id-token>
*/
import { Request, Response, NextFunction } from 'express';
import admin from 'firebase-admin';
import { logger } from '../utils/logger';
export async function requireFirebaseAuth(
req: Request,
res: Response,
next: NextFunction
): Promise<void> {
const authHeader = req.headers['authorization'];
if (!authHeader || !authHeader.startsWith('Bearer ')) {
res.status(401).json({ error: 'Missing Authorization header' });
return;
}
const idToken = authHeader.slice(7);
try {
const decoded = await admin.auth().verifyIdToken(idToken);
// ู†ุถูŠู ุงู„ู€ uid ุนู„ู‰ ุงู„ู€ request ุนุดุงู† ู†ุณุชุฎุฏู…ู‡ ู„ูˆ ู…ุญุชุงุฌูŠู†
(req as Request & { uid: string }).uid = decoded.uid;
next();
} catch (err) {
logger.warn(`AuthMiddleware: invalid token โ€” ${String(err)}`);
res.status(401).json({ error: 'Invalid or expired token' });
}
}