18 lines
468 B
JavaScript
18 lines
468 B
JavaScript
const jwt = require('jsonwebtoken');
|
|
|
|
module.exports = function authMiddleware(req, res, next) {
|
|
const header = req.headers['authorization'] || '';
|
|
const token = header.startsWith('Bearer ') ? header.slice(7) : null;
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'Token manquant' });
|
|
}
|
|
|
|
try {
|
|
req.user = jwt.verify(token, process.env.JWT_SECRET);
|
|
next();
|
|
} catch {
|
|
res.status(401).json({ error: 'Token invalide ou expiré' });
|
|
}
|
|
};
|