UNPKG

http-response-handler

Version:

A comprehensive utility for standardizing HTTP responses in Node.js applications

github.com/Jenish-Ghadiya/http-response-handler

Jenish-Ghadiya/http-response-handler

39 lines (33 loc) • 1.49 kB

JavaScript

import jwt from 'jsonwebtoken'; import User from '../Models/User.js'; // Adjust the import path as needed // Middleware to authenticate JWT token export const authenticateToken = async (req, res, next) => { const authHeader = req.headers['authorization']; const token = authHeader && authHeader.split(' ')[1]; if (token == null) return res.status(401).json({ message: 'Access denied' }); try { const decoded = jwt.verify(token, process.env.JWT_SECRET); // console.log(decoded,"decoded") // Fetch the user from the database to ensure it exists and is valid const user = await User.findById(decoded.userId).select('-password'); console.log(user.role , "=>tolen api role"); // Check if the role is being returned if (!user) { return res.status(401).json({ message: 'Invalid Token: User not found' }); } req.user = user; next(); } catch (err) { return res.status(403).json({ message: 'Invalid Token' }); } }; // Middleware to check user role export const checkUserRole = (roles) => { return (req, res, next) => { // console.log('role==>', req.user.role); // console.log(roles.includes(req.user.role),"<==roles.includes(req.user.role)"); if (!roles.includes(req.user.role)) { return res.status(403).json({ message: 'Unauthorized access' }); } next(); }; };