Files
pfandsystem-demo/backend/middleware/auth.js

33 lines
832 B
JavaScript
Raw Normal View History

import jwt from 'jsonwebtoken';
export const authenticateToken = (req, res, next) => {
const authHeader = req.headers['authorization'];
const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN
if (!token) {
return res.status(401).json({ error: 'Kein Token bereitgestellt' });
}
jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
if (err) {
return res.status(403).json({ error: 'Ungültiger oder abgelaufener Token' });
}
req.user = user;
next();
});
};
export const requireRole = (roles) => {
return (req, res, next) => {
if (!req.user) {
return res.status(401).json({ error: 'Nicht authentifiziert' });
}
if (!roles.includes(req.user.rolle)) {
return res.status(403).json({ error: 'Keine Berechtigung' });
}
next();
};
};