Dicken Dock v1.0.0
This commit is contained in:
16
backend/src/middleware/auth.js
Normal file
16
backend/src/middleware/auth.js
Normal file
@@ -0,0 +1,16 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
const SECRET = process.env.JWT_SECRET || 'dev-secret';
|
||||
|
||||
function authenticate(req, res, next) {
|
||||
const h = req.headers.authorization;
|
||||
if (!h?.startsWith('Bearer ')) return res.status(401).json({ error: 'Nicht eingeloggt' });
|
||||
try { req.user = jwt.verify(h.slice(7), SECRET); next(); }
|
||||
catch { res.status(401).json({ error: 'Token ungültig' }); }
|
||||
}
|
||||
|
||||
function requireAdmin(req, res, next) {
|
||||
if (req.user?.role !== 'admin') return res.status(403).json({ error: 'Kein Zugriff' });
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = { authenticate, requireAdmin };
|
||||
Reference in New Issue
Block a user