42 lines
1.5 KiB
JavaScript
42 lines
1.5 KiB
JavaScript
"use strict";
|
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
};
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.authenticate = authenticate;
|
|
exports.optionalAuth = optionalAuth;
|
|
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
|
const env_1 = require("../config/env");
|
|
const error_handler_1 = require("./error-handler");
|
|
function authenticate(req, _res, next) {
|
|
const header = req.headers.authorization;
|
|
if (!header?.startsWith('Bearer ')) {
|
|
throw new error_handler_1.AppError(401, 'Authentication required', 'AUTH_REQUIRED');
|
|
}
|
|
const token = header.slice(7);
|
|
try {
|
|
const payload = jsonwebtoken_1.default.verify(token, env_1.env.JWT_ACCESS_SECRET);
|
|
req.user = { id: payload.id, email: payload.email, role: payload.role };
|
|
next();
|
|
}
|
|
catch {
|
|
throw new error_handler_1.AppError(401, 'Invalid or expired token', 'INVALID_TOKEN');
|
|
}
|
|
}
|
|
function optionalAuth(req, _res, next) {
|
|
const header = req.headers.authorization;
|
|
if (!header?.startsWith('Bearer ')) {
|
|
next();
|
|
return;
|
|
}
|
|
const token = header.slice(7);
|
|
try {
|
|
const payload = jsonwebtoken_1.default.verify(token, env_1.env.JWT_ACCESS_SECRET);
|
|
req.user = { id: payload.id, email: payload.email, role: payload.role };
|
|
}
|
|
catch {
|
|
// Token invalid — continue without user
|
|
}
|
|
next();
|
|
}
|
|
//# sourceMappingURL=auth.middleware.js.map
|