root
34 lines
901 B
JavaScript
34 lines
901 B
JavaScript
import { env } from '../config/env.js';
|
|
import { verifyAccessToken } from '../services/token.service.js';
|
|
|
|
export async function authRequired(req, res, next) {
|
|
try {
|
|
let token = req.cookies?.[env.COOKIE_ACCESS_NAME];
|
|
|
|
// Если нет cookie — пробуем Authorization: Bearer <token>
|
|
if (!token) {
|
|
const auth = req.headers['authorization'];
|
|
if (auth && auth.startsWith('Bearer ')) {
|
|
token = auth.slice(7);
|
|
}
|
|
}
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'UNAUTHORIZED', message: 'Access token is missing' });
|
|
}
|
|
|
|
const payload = await verifyAccessToken(token);
|
|
|
|
req.user = {
|
|
id: payload.sub,
|
|
role: payload.role,
|
|
email: payload.email,
|
|
sessionId: payload.sid,
|
|
};
|
|
|
|
next();
|
|
} catch (err) {
|
|
return res.status(401).json({ error: 'UNAUTHORIZED', message: 'Invalid access token' });
|
|
}
|
|
}
|