72 lines
1.8 KiB
TypeScript
72 lines
1.8 KiB
TypeScript
// src/lib/jwt.ts
|
|
import * as jose from "jose";
|
|
import { UserRole, Permissions } from "@/types/auth";
|
|
|
|
interface JwtPayload {
|
|
id: string;
|
|
role: UserRole;
|
|
companyId: string;
|
|
companyName?: string;
|
|
businessNumber?: string;
|
|
contractEndDate?: string;
|
|
branchId?: string;
|
|
permissions: Permissions; // 권한 정보 추가
|
|
}
|
|
|
|
export function decodeToken(token: string): JwtPayload | null {
|
|
try {
|
|
const decoded = jose.decodeJwt(token);
|
|
const payload = decoded as unknown as JwtPayload;
|
|
|
|
// 필수 필드 검증
|
|
if (
|
|
!payload.id ||
|
|
!payload.role ||
|
|
!payload.companyId ||
|
|
!payload.permissions
|
|
) {
|
|
console.warn("Invalid token payload:", payload);
|
|
return null;
|
|
}
|
|
|
|
return {
|
|
id: payload.id,
|
|
role: payload.role,
|
|
companyId: payload.companyId,
|
|
companyName: payload.companyName,
|
|
businessNumber: payload.businessNumber,
|
|
contractEndDate: payload.contractEndDate,
|
|
branchId: payload.branchId,
|
|
permissions: payload.permissions,
|
|
};
|
|
} catch (error) {
|
|
console.error("Token decode error:", error);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
// 권한 체크 유틸리티 함수들 추가
|
|
export function hasPermission(
|
|
payload: JwtPayload | null,
|
|
permission: string
|
|
): boolean {
|
|
if (!payload?.permissions) return false;
|
|
return !!payload.permissions[permission];
|
|
}
|
|
|
|
export function hasAnyPermission(
|
|
payload: JwtPayload | null,
|
|
permissions: string[]
|
|
): boolean {
|
|
if (!payload?.permissions) return false;
|
|
return permissions.some((permission) => hasPermission(payload, permission));
|
|
}
|
|
|
|
export function hasAllPermissions(
|
|
payload: JwtPayload | null,
|
|
permissions: string[]
|
|
): boolean {
|
|
if (!payload?.permissions) return false;
|
|
return permissions.every((permission) => hasPermission(payload, permission));
|
|
}
|