Peter/buchhaltung
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2ad447bc60ce0a0e281db03ee45dcca55bf2a74
buchhaltung/backend/middleware/auth.js
T
OpenClaw b29c467187 Initial commit - Stand 26.04.2026
2026-04-26 07:51:39 +02:00

48 lines
1.3 KiB
JavaScript
Raw Blame History

const jwt = require('jsonwebtoken');
const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-change-in-production';
// Middleware: Prüft ob User eingeloggt ist
function authRequired(req, res, next) {
try {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith('Bearer ')) {
return res.status(401).json({ error: 'Kein Token vorhanden' });
}
const token = authHeader.split(' ')[1];
const decoded = jwt.verify(token, JWT_SECRET);
req.user = decoded;
next();
} catch (error) {
if (error.name === 'JsonWebTokenError') {
return res.status(401).json({ error: 'Token ungültig' });
}
if (error.name === 'TokenExpiredError') {
return res.status(401).json({ error: 'Token abgelaufen' });
}
console.error('Auth Middleware Error:', error);
return res.status(500).json({ error: 'Server-Fehler' });
}
}
// Middleware: Prüft ob User Admin ist
function adminRequired(req, res, next) {
if (!req.user) {
return res.status(401).json({ error: 'Nicht eingeloggt' });
}
if (req.user.role !== 'admin') {
return res.status(403).json({ error: 'Zugriff verweigert. Admin-Rechte erforderlich.' });
}
next();
}
module.exports = {
authRequired,
adminRequired
};
Reference in New Issue View Git Blame Copy Permalink