18 lines
535 B
JavaScript
Executable file
18 lines
535 B
JavaScript
Executable file
'use strict';
|
|
const { verifyAccessToken } = require('../services/jwtService');
|
|
|
|
function requireAuth(req, res, next) {
|
|
const header = req.headers['authorization'];
|
|
if (!header || !header.startsWith('Bearer ')) {
|
|
return res.status(401).json({ error: 'Missing or invalid Authorization header.' });
|
|
}
|
|
const token = header.slice(7);
|
|
try {
|
|
req.user = verifyAccessToken(token);
|
|
next();
|
|
} catch {
|
|
return res.status(401).json({ error: 'Access token expired or invalid.' });
|
|
}
|
|
}
|
|
|
|
module.exports = { requireAuth };
|