34 lines
1 KiB
JavaScript
34 lines
1 KiB
JavaScript
// const jwt = require('jsonwebtoken');
|
|
// const ACCESS_SECRET = process.env.ACCESS_SECRET;
|
|
|
|
// module.exports = function (req, res, next) {
|
|
// const authHeader = req.headers.authorization;
|
|
// const token = authHeader && authHeader.split(' ')[1];
|
|
// if (!token) return res.status(401).json({ error: 'Access denied' });
|
|
|
|
// jwt.verify(token, ACCESS_SECRET, (err, user) => {
|
|
// if (err) return res.status(403).json({ error: 'Invalid token' });
|
|
// req.user = user;
|
|
// next();
|
|
// });
|
|
// };
|
|
|
|
|
|
const jwt = require('jsonwebtoken');
|
|
|
|
module.exports = function (req, res, next) {
|
|
const authHeader = req.headers['authorization'];
|
|
const token = authHeader && authHeader.split(' ')[1];
|
|
|
|
if (!token) return res.status(401).json({ error: 'Access denied, no token provided' });
|
|
|
|
try {
|
|
const decoded = jwt.verify(token, process.env.ACCESS_SECRET);
|
|
req.user = decoded;
|
|
next();
|
|
} catch (err) {
|
|
console.error('JWT Verification Error:', err.message);
|
|
res.status(403).json({ error: 'Invalid token' });
|
|
}
|
|
};
|