Create src/middleware/auth.js
Browse files- src/middleware/auth.js +18 -0
src/middleware/auth.js
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
import jwt from "jsonwebtoken";
|
| 2 |
+
import { User } from "../models/User.js";
|
| 3 |
+
import { JWT_CONFIG } from "../config/security.js";
|
| 4 |
+
|
| 5 |
+
export async function auth(req, res, next) {
|
| 6 |
+
const token = req.headers.authorization?.split(" ")[1];
|
| 7 |
+
if (!token) return res.sendStatus(401);
|
| 8 |
+
|
| 9 |
+
try {
|
| 10 |
+
const payload = jwt.verify(token, process.env.JWT_SECRET, JWT_CONFIG);
|
| 11 |
+
const user = await User.findById(payload.id);
|
| 12 |
+
if (!user || user.deletedAt) return res.sendStatus(401);
|
| 13 |
+
req.user = user;
|
| 14 |
+
next();
|
| 15 |
+
} catch {
|
| 16 |
+
res.sendStatus(401);
|
| 17 |
+
}
|
| 18 |
+
}
|