jason
231de3d005
Complete project scaffold with working auth, REST API, Prisma/SQLite schema, Docker config, and React frontend for both Rack Planner and Service Mapper modules. Both server and client pass TypeScript strict mode with zero errors. Initial migration applied. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
27 lines
822 B
TypeScript
27 lines
822 B
TypeScript
import { Request, Response, NextFunction } from 'express';
|
|
import jwt from 'jsonwebtoken';
|
|
import { AppError, AuthenticatedRequest } from '../types/index';
|
|
|
|
export function authMiddleware(req: Request, res: Response, next: NextFunction): void {
|
|
const token = (req.cookies as Record<string, string | undefined>)?.token;
|
|
|
|
if (!token) {
|
|
next(new AppError('Unauthorized', 401, 'NO_TOKEN'));
|
|
return;
|
|
}
|
|
|
|
const secret = process.env.JWT_SECRET;
|
|
if (!secret) {
|
|
next(new AppError('Server misconfiguration: JWT_SECRET not set', 500, 'CONFIG_ERROR'));
|
|
return;
|
|
}
|
|
|
|
try {
|
|
const payload = jwt.verify(token, secret) as { sub: string };
|
|
(req as AuthenticatedRequest).user = { sub: payload.sub };
|
|
next();
|
|
} catch {
|
|
next(new AppError('Invalid or expired session', 401, 'INVALID_TOKEN'));
|
|
}
|
|
}
|