powr-sdk-api/dist/middleware/jwtToken.js

Shared API core library for PowrStack projects. Zero dependencies - works with Express, Next.js API routes, and other frameworks. All features are optional and install only what you need.

"use strict";

const jwt = require('jsonwebtoken');
const {
  config
} = require('../config');
const generateJWTToken = (user, profile = null) => {
  return jwt.sign({
    userId: user._id,
    fullName: user.fullName,
    access: profile === null || profile === void 0 ? void 0 : profile.access
  }, config.jwtToken, {
    expiresIn: '24h'
  });
};

// Verify JWT token middleware for APIs
const verifyToken = async (req, res, next) => {
  try {
    // Get token from Authorization header
    const authHeader = req.headers.authorization;
    if (!authHeader) {
      return res.status(401).json({
        success: false,
        message: "No authorization token provided."
      });
    }

    // Extract token (remove 'Bearer ' if present)
    const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : authHeader;
    if (!token) {
      return res.status(401).json({
        success: false,
        message: 'No token provided'
      });
    }

    // Verify JWT token
    const decoded = jwt.verify(token, config.jwtToken);
    console.log("JWT Decoded user data:", JSON.stringify(decoded, null, 2));
    req.user = {
      powrId: decoded.userId,
      fullName: decoded.fullName,
      access: decoded.access
    };
    next();
  } catch (error) {
    console.error("Error in auth middleware:", error);
    return res.status(401).json({
      success: false,
      message: error.message
    });
  }
};
module.exports = {
  generateJWTToken,
  verifyToken
};