yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update: verifyRole

Browse Source
This commit is contained in:
Antony Kurniawan
2025-10-01 10:18:32 +07:00
parent 0590773d64
commit 1cadf8c69d
2 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
middleware/verifyAdmin.js
View File

@@ -1,14 +0,0 @@
const { ErrorHandler } = require("../helpers/error");
module.exports = (req, res, next) => {
const { roles } = req.user;
if (roles && roles.includes("admin")) {
req.user = {
...req.user,
roles,
};
return next();
} else {
throw new ErrorHandler(401, "require admin role");
}
};

28
middleware/verifyRole.js Normal file
View File

@@ -0,0 +1,28 @@
const { ErrorHandler } = require("../helpers/error");
const verifyRole = (allowedRoles) => {
return (req, res, next) => {
try {
const user = req.user;
if (!user) {
throw new ErrorHandler(401, "Unauthorized: User not found");
}
// Super Admin bypass semua role
if (user.is_sa) {
return next();
}
if (!allowedRoles.includes(user.role_id)) {
throw new ErrorHandler(403, "Forbidden: Access denied");
}
next();
} catch (err) {
next(err);
}
};
};
module.exports = verifyRole;