Crowmate/Nest
Archived
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-05-01. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
cc175b6ce67ebdc2e7fdace0abe3a7be81e981c4
Nest/nest-backend/src/middleware/auth.ts
Thibault Pouch f700d7fd86 feat : Init Project
2026-02-28 14:20:09 +01:00

58 lines
1.4 KiB
TypeScript
Raw Blame History

import { Request, Response, NextFunction } from 'express';
import jwt from 'jsonwebtoken';
export interface JwtPayload {
userId: string;
role: string;
isAdmin: boolean;
}
declare global {
namespace Express {
interface Request {
user?: JwtPayload;
}
}
}
export function authenticate(req: Request, res: Response, next: NextFunction): void {
const header = req.headers.authorization;
if (!header?.startsWith('Bearer ')) {
res.status(401).json({ error: 'Missing or invalid Authorization header' });
return;
}
const token = header.slice(7);
try {
const payload = jwt.verify(token, process.env.JWT_SECRET!) as JwtPayload;
req.user = payload;
next();
} catch {
res.status(401).json({ error: 'Token expired or invalid' });
}
}
export function requireStaff(req: Request, res: Response, next: NextFunction): void {
if (!req.user) {
res.status(401).json({ error: 'Unauthorized' });
return;
}
if (req.user.role !== 'dev' && req.user.role !== 'com') {
res.status(403).json({ error: 'Staff access required' });
return;
}
next();
}
export function requireAdmin(req: Request, res: Response, next: NextFunction): void {
if (!req.user) {
res.status(401).json({ error: 'Unauthorized' });
return;
}
if (!req.user.isAdmin) {
res.status(403).json({ error: 'Admin access required' });
return;
}
next();
}
Reference in New Issue View Git Blame Copy Permalink