/**
 * Auth Middleware - Middleware de Autenticación
 *
 * Middleware para Express que valida JWT y extrae información del usuario.
 * Configura el tenant_id para RLS en PostgreSQL.
 *
 * @module Auth
 */
import { Request, Response, NextFunction } from 'express';
import { DataSource } from 'typeorm';
import { AuthService } from '../services/auth.service';
import { TokenPayload } from '../dto/auth.dto';
declare global {
    namespace Express {
        interface Request {
            user?: TokenPayload;
            tenantId?: string;
        }
    }
}
export declare class AuthMiddleware {
    private readonly authService;
    private readonly dataSource;
    constructor(authService: AuthService, dataSource: DataSource);
    /**
     * Middleware de autenticación requerida
     */
    authenticate: (req: Request, res: Response, next: NextFunction) => Promise<void>;
    /**
     * Middleware de autenticación opcional
     */
    optionalAuthenticate: (req: Request, _res: Response, next: NextFunction) => Promise<void>;
    /**
     * Middleware de autorización por roles
     */
    authorize: (...allowedRoles: string[]) => (req: Request, res: Response, next: NextFunction) => void;
    /**
     * Middleware que requiere rol de admin
     */
    requireAdmin: (req: Request, res: Response, next: NextFunction) => void;
    /**
     * Middleware que requiere ser supervisor
     */
    requireSupervisor: (req: Request, res: Response, next: NextFunction) => void;
    /**
     * Extraer token del header Authorization
     */
    private extractToken;
    /**
     * Configurar contexto de tenant para RLS
     */
    private setTenantContext;
}
/**
 * Factory para crear middleware de autenticación
 */
export declare function createAuthMiddleware(authService: AuthService, dataSource: DataSource): AuthMiddleware;
//# sourceMappingURL=auth.middleware.d.ts.map