From d41c0421c4f3e52572ac3587cb7555ccc95d5877 Mon Sep 17 00:00:00 2001 From: Antony Kurniawan Date: Fri, 26 Sep 2025 11:05:19 +0700 Subject: [PATCH] fix: verify token --- middleware/verifyToken.js | 88 ++++++++++++++++++++++----------------- 1 file changed, 49 insertions(+), 39 deletions(-) diff --git a/middleware/verifyToken.js b/middleware/verifyToken.js index 58d4352..33e8dde 100644 --- a/middleware/verifyToken.js +++ b/middleware/verifyToken.js @@ -1,47 +1,57 @@ -const jwt = require("jsonwebtoken"); -const { ErrorHandler } = require("../helpers/error"); +const JWTService = require('../utils/jwt'); +const { ErrorHandler } = require('../helpers/error'); -const verifyToken = (req, res, next) => { - const authHeader = req.header("Authorization"); - // console.log("authHeader", authHeader) - - // Pastikan header Authorization ada dan berisi token - if (!authHeader || !authHeader.startsWith("Bearer ")) { - throw new ErrorHandler(401, "Token missing or invalid"); - } - - // Ambil token dari header Authorization - const token = authHeader.split(" ")[1]; +function setUser(req, decoded) { + req.user = { + userId: decoded.user_id, + fullname: decoded.user_fullname, + username: decoded.user_name, + email: decoded.user_email, + roleId: decoded.role_id, + roleName: decoded.role_name + }; +} +function verifyAccessToken(req, res, next) { try { - // const decoded = jwt.decode(token, { complete: true }); - // console.log("decoded", decoded) - // console.log("==============================") - // console.log("token", token) - // console.log("process.env.SECRET", process.env.SECRET) - // // console.log("==============================> ", jwt.verify(token, process.env.SECRET)) - // jwt.verify(token, process.env.SECRET, (err, decoded) => { - // if (err) { - // console.error('Error verifying token: ==============================>', err.message); - // } else { - // console.log('Decoded payload: ==============================>', decoded); - // } - // }); + let token = req.cookies?.accessToken; - const verified = jwt.verify(token, process.env.SECRET); - req.tokenExtract = verified; - // console.log(req.tokenExtract); - - req.userID = req.tokenExtract.user_id - req.tenantID = req.tokenExtract.tenant_id - req.roleID = req.tokenExtract.role_id - req.body.userID = req.tokenExtract.user_id - req.body.tenantID = req.tokenExtract.tenant_id - req.query.tenantID = req.tokenExtract.tenant_id + if (!token) { + const authHeader = req.headers.authorization; + if (!authHeader || !authHeader.startsWith('Bearer')) { + throw new ErrorHandler(401, 'Access Token is required'); + } + token = authHeader.split(' ')[1]; + } + + const decoded = JWTService.verifyToken(token); + setUser(req, decoded); next(); } catch (error) { - throw new ErrorHandler(401, error.message || "Invalid Token"); + if (error.name === 'TokenExpiredError' || error.name === 'JsonWebTokenError') { + return next(new ErrorHandler(401, error.message)); + } + next(new ErrorHandler(500, 'Authenticate verification failed')); } -}; +} -module.exports = verifyToken; +function verifyRefreshToken(req, res, next) { + try { + const refreshToken = req.cookies?.refreshToken; + + if (!refreshToken) { + throw new ErrorHandler(401, 'Refresh Token is required'); + } + + const decoded = JWTService.verifyRefreshToken(refreshToken); + setUser(req, decoded); + next(); + } catch (error) { + next(new ErrorHandler(500, 'Refresh token verification failed')); + } +} + +module.exports = { + verifyAccessToken, + verifyRefreshToken, +}; \ No newline at end of file