48 lines
1.2 KiB
JavaScript
48 lines
1.2 KiB
JavaScript
const JWTService = require('../utils/jwt');
|
|
const { ErrorHandler } = require('../helpers/error');
|
|
|
|
function setUser(req, decoded) {
|
|
req.user = {
|
|
userId: decoded.user_id,
|
|
fullname: decoded.user_fullname,
|
|
username: decoded.user_name,
|
|
email: decoded.user_email,
|
|
roleId: decoded.role_id,
|
|
roleName: decoded.role_name,
|
|
is_sa: decoded.is_sa
|
|
};
|
|
}
|
|
|
|
function verifyAccessToken(req, res, next) {
|
|
try {
|
|
let token = req.cookies?.accessToken;
|
|
|
|
if (!token) {
|
|
const authHeader = req.headers.authorization;
|
|
if (!authHeader || !authHeader.startsWith('Bearer')) {
|
|
throw new ErrorHandler(401, 'Access Token is required');
|
|
}
|
|
token = authHeader.split(' ')[1];
|
|
}
|
|
|
|
const decoded = JWTService.verifyToken(token);
|
|
|
|
req.user = decoded;
|
|
|
|
next();
|
|
} catch (error) {
|
|
if (error.name === 'TokenExpiredError') {
|
|
return next(new ErrorHandler(401, 'Access token expired'));
|
|
}
|
|
|
|
if (error.name === 'JsonWebTokenError') {
|
|
return next(new ErrorHandler(401, 'Invalid access token'));
|
|
}
|
|
|
|
return next(new ErrorHandler(500, 'Internal authentication error'));
|
|
}
|
|
}
|
|
|
|
module.exports = {
|
|
verifyAccessToken
|
|
}; |