js-mvc-app/dist/templates/middlewares/auth.js

A CLI tool to scaffold complete Node.js MVC projects with TypeScript, just like Laravel

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getAuthMiddleware = getAuthMiddleware;
function getAuthMiddleware() {
    return `import { Request, Response, NextFunction } from 'express';
import jwt from 'jsonwebtoken';
import { User } from '../models/User';
import { logger } from '../utils/logger';

interface AuthRequest extends Request {
  user?: any;
}

export async function authenticate(req: AuthRequest, res: Response, next: NextFunction): Promise<void> {
  try {
    const token = req.header('Authorization')?.replace('Bearer ', '');

    if (!token) {
      res.status(401).json({ error: 'Access denied. No token provided.' });
      return;
    }

    const decoded = jwt.verify(token, process.env.JWT_SECRET || 'your-secret-key') as any;
    
    // Verify user still exists - handle both MongoDB and SQL
    let user;
    try {
      // Try MongoDB first (mongoose)
      if (typeof (User as any).findById === 'function') {
        user = await (User as any).findById(decoded.userId);
      } 
      // Try SQL (sequelize)
      else if (typeof (User as any).findByPk === 'function') {
        user = await (User as any).findByPk(decoded.userId);
      }
      else {
        throw new Error('User model method not found');
      }
    } catch (dbError) {
      logger.error('Database error during authentication:', dbError);
      res.status(500).json({ error: 'Internal server error' });
      return;
    }

    if (!user) {
      res.status(401).json({ error: 'Invalid token. User not found.' });
      return;
    }

    req.user = decoded;
    next();
  } catch (error) {
    logger.error('Authentication error:', error);
    res.status(401).json({ error: 'Invalid token.' });
  }
}

export function authorize(roles: string[] = []) {
  return (req: AuthRequest, res: Response, next: NextFunction): void => {
    if (!req.user) {
      res.status(401).json({ error: 'Access denied. Not authenticated.' });
      return;
    }

    if (roles.length && !roles.includes(req.user.role)) {
      res.status(403).json({ error: 'Access denied. Insufficient permissions.' });
      return;
    }

    next();
  };
}
`;
}
//# sourceMappingURL=auth.js.map