23 lines
615 B
TypeScript
23 lines
615 B
TypeScript
import type { NextFunction, Request, Response } from 'express';
|
|
|
|
import { verifyAccessToken } from '../utils/jwt';
|
|
|
|
export function requireAuth(req: Request, res: Response, next: NextFunction): void {
|
|
const authorization = req.headers.authorization;
|
|
|
|
if (!authorization?.startsWith('Bearer ')) {
|
|
res.status(401).json({ message: 'Missing or invalid authorization header' });
|
|
return;
|
|
}
|
|
|
|
const token = authorization.slice(7);
|
|
|
|
try {
|
|
const payload = verifyAccessToken(token);
|
|
req.user = payload;
|
|
next();
|
|
} catch {
|
|
res.status(401).json({ message: 'Invalid or expired token' });
|
|
}
|
|
}
|