16 lines
412 B
JavaScript
16 lines
412 B
JavaScript
// src/middleware/roleCheck.middleware.js
|
|
const roleCheck = (roles = []) => {
|
|
return (req, res, next) => {
|
|
if (!req.user) {
|
|
return res.status(401).json({ message: 'Unauthorized' });
|
|
}
|
|
|
|
if (!roles.includes(req.user.role)) {
|
|
return res.status(403).json({ message: 'Forbidden: Insufficient privileges' });
|
|
}
|
|
|
|
next();
|
|
};
|
|
};
|
|
|
|
module.exports = roleCheck; |