Files
adastra_api/middlewares/auth.js
T
2025-08-13 19:02:35 +02:00

31 lines
850 B
JavaScript

const { verify } = require("../util/jwt");
const User = require("../models/User");
const ErrorResponse = require("../util/errorResponse");
exports.protect = async (req, res, next) => {
try {
const { headers } = req;
if (!headers.authorization) return next();
const token = headers.authorization.split(" ")[1];
if (!token) throw new SyntaxError("Token missing or malformed");
const userVerified = await verify(token);
if (!userVerified) throw new Error("Invalid Token");
req.loggedUser = await User.findOne({
attributes: { exclude: ["email", "password"] },
where: { email: userVerified.email },
});
if (!req.loggedUser) next(new NotFoundError("User"));
headers.email = userVerified.email;
req.loggedUser.dataValues.token = token;
next();
} catch (error) {
next(error);
}
};