58 lines
1.3 KiB
TypeScript
58 lines
1.3 KiB
TypeScript
/**
|
|
* Authentication Middleware
|
|
* Mecánicas Diesel - ERP Suite
|
|
*/
|
|
|
|
import { Response, NextFunction } from 'express';
|
|
import { AuthRequest } from '../types';
|
|
import { verifyToken } from '../utils/jwt.utils';
|
|
|
|
/**
|
|
* Authentication middleware - verifies JWT token
|
|
*/
|
|
export function authMiddleware(
|
|
req: AuthRequest,
|
|
res: Response,
|
|
next: NextFunction
|
|
): void {
|
|
try {
|
|
const authHeader = req.headers.authorization;
|
|
|
|
if (!authHeader) {
|
|
res.status(401).json({
|
|
success: false,
|
|
error: { message: 'No authorization token provided', code: 'NO_TOKEN' },
|
|
});
|
|
return;
|
|
}
|
|
|
|
const parts = authHeader.split(' ');
|
|
if (parts.length !== 2 || parts[0] !== 'Bearer') {
|
|
res.status(401).json({
|
|
success: false,
|
|
error: { message: 'Invalid authorization format', code: 'INVALID_TOKEN_FORMAT' },
|
|
});
|
|
return;
|
|
}
|
|
|
|
const payload = verifyToken(parts[1]);
|
|
|
|
if (!payload) {
|
|
res.status(401).json({
|
|
success: false,
|
|
error: { message: 'Invalid or expired token', code: 'INVALID_TOKEN' },
|
|
});
|
|
return;
|
|
}
|
|
|
|
req.user = payload;
|
|
req.tenantId = payload.tenantId;
|
|
next();
|
|
} catch (error) {
|
|
res.status(401).json({
|
|
success: false,
|
|
error: { message: 'Authentication failed', code: 'AUTH_ERROR' },
|
|
});
|
|
}
|
|
}
|