UNPKG

get-express-starter

Version:

Get production ready express boilerplate with a single command

47 lines (36 loc) 1.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
const jwt = require('jsonwebtoken'); const httpStatus = require('http-status'); const ApiError = require('../utils/ApiError'); const env = require('../config/env'); const catchAsync = require('../utils/catchAsync'); const { tokenTypes } = require('../config/tokens'); const { userService } = require('../services'); /** * Middleware to authenticate a JWT token and attach the user to the request object. */ const authenticateToken = async (req) => { const authHeader = req.headers.authorization; const token = authHeader?.split(' ')[1]; if (!token) { throw new ApiError(httpStatus.UNAUTHORIZED, 'No token provided'); } const payload = jwt.verify(token, env.jwt.secret); if (payload.type !== tokenTypes.ACCESS) { throw new ApiError(httpStatus.UNAUTHORIZED, 'Invalid token type'); } const user = await userService.getUserById(payload.sub); req.user = user; }; /** * Authorization middleware that checks if the authenticated user has the required role. */ const auth = (requiredRoles = []) => catchAsync(async (req, res, next) => { await authenticateToken(req, res); const { role } = req.user; if (requiredRoles.lenght && !requiredRoles.includes(role)) { throw new ApiError(httpStatus.FORBIDDEN, 'Access denied, Role not allowed'); } next(); }); module.exports = auth;