Spaces:
Running
Running
| // backend/src/auth/middleware.ts | |
| import { Request, Response, NextFunction } from "express"; | |
| import jwt from "jsonwebtoken"; | |
| const ACCESS_SECRET = process.env.JWT_SECRET!; | |
| export function adminAuth(req: Request, res: Response, next: NextFunction) { | |
| const authHeader = req.headers.authorization; | |
| if (!authHeader?.startsWith("Bearer ")) { | |
| return res.status(401).json({ error: "Missing or invalid token" }); | |
| } | |
| const token = authHeader.split(" ")[1]; | |
| try { | |
| const decoded = jwt.verify(token, ACCESS_SECRET); | |
| req.user = decoded; | |
| next(); | |
| } catch (err: any) { | |
| return res.status(401).json({ error: "Token verification failed", details: err.message }); | |
| } | |
| } | |