@mini2/core/dist/middlewares/authenticated.middleware.js

Mini Express Framework - Lightweight and modular Express.js framework with TypeScript support

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.authenticatedMiddleware = void 0;
const http_expection_1 = require("../expections/http.expection");
/** Header tabanlı auth kontrolü (throw’lu):
 *  - x-authenticated: "true" | "1" | "yes" → zorunlu
 *  - x-user-id: (opsiyonel)
 *  - x-user-permissions: "admin,editor" (opsiyonel, virgülle ayrılmış)
 */
const authenticatedMiddleware = (req, _res, next) => {
    const isAuthHeader = String(req.headers['x-authenticated'] ?? '').trim().toLowerCase();
    const isAuthenticated = isAuthHeader === 'true' || isAuthHeader === '1' || isAuthHeader === 'yes' || isAuthHeader === 'y';
    if (!isAuthenticated) {
        // 401 → throw (global error handler bunu 401’e map etmeli)
        throw new http_expection_1.UnauthorizedException({ message: 'Unauthorized' });
    }
    const userId = req.headers['x-user-id'] || undefined;
    const permsHeader = req.headers['x-user-permissions'] || '';
    const permissions = permsHeader
        .split(',')
        .map((s) => s.trim())
        .filter(Boolean);
    // isteğe bağlı: request'e enjekte et
    req.authenticated = true;
    req.user = { id: userId, permissions };
    next();
};
exports.authenticatedMiddleware = authenticatedMiddleware;
//# sourceMappingURL=authenticated.middleware.js.map