notyclaw
/
e-scooter-rental-system
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e-scooter-rental-system/server/middleware/auth.js

35 lines
901 B
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

const jwt = require('jsonwebtoken');
/**
* JWT 鉴权中间件
* 验证请求头中的 Bearer token写入 req.user
*/
const authMiddleware = (req, res, next) => {
const token = req.headers.authorization?.replace('Bearer ', '');
if (!token) {
return res.status(401).json({ success: false, message: '未登录' });
}
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
req.user = decoded;
next();
} catch (err) {
return res.status(401).json({ success: false, message: 'token无效或已过期' });
}
};
/**
* 角色鉴权中间件工厂
* 用法: requireRole('admin', 'store')
*/
const requireRole = (...roles) => {
return (req, res, next) => {
if (!roles.includes(req.user?.role)) {
return res.status(403).json({ success: false, message: '权限不足' });
}
next();
};
};
module.exports = { authMiddleware, requireRole };
Reference in New Issue View Git Blame Copy Permalink