/** * src/middleware/authMiddleware.ts * * Firebase Auth middleware — يتحقق من الـ ID Token في كل request. * الواجهة بتبعت: Authorization: Bearer */ import { Request, Response, NextFunction } from 'express'; import admin from 'firebase-admin'; import { logger } from '../utils/logger'; export async function requireFirebaseAuth( req: Request, res: Response, next: NextFunction ): Promise { const authHeader = req.headers['authorization']; if (!authHeader || !authHeader.startsWith('Bearer ')) { res.status(401).json({ error: 'Missing Authorization header' }); return; } const idToken = authHeader.slice(7); try { const decoded = await admin.auth().verifyIdToken(idToken); // نضيف الـ uid على الـ request عشان نستخدمه لو محتاجين (req as Request & { uid: string }).uid = decoded.uid; next(); } catch (err) { logger.warn(`AuthMiddleware: invalid token — ${String(err)}`); res.status(401).json({ error: 'Invalid or expired token' }); } }