65 lines
1.6 KiB
JavaScript
65 lines
1.6 KiB
JavaScript
// src/middleware/auth.middleware.js
|
|
const jwt = require("jsonwebtoken");
|
|
const config = require("../config/config");
|
|
const { User, Role } = require("../models");
|
|
|
|
const authMiddleware = async (req, res, next) => {
|
|
try {
|
|
const authHeader = req.headers.authorization;
|
|
if (!authHeader || !authHeader.startsWith("Bearer ")) {
|
|
return res
|
|
.status(401)
|
|
.json({ message: "Authentication token is required" });
|
|
}
|
|
|
|
const token = authHeader.split(" ")[1];
|
|
const decoded = jwt.verify(token, config.jwt.secret);
|
|
|
|
const user = await User.findOne({
|
|
where: { id: decoded.id },
|
|
include: [
|
|
{
|
|
model: Role,
|
|
through: { attributes: [] },
|
|
attributes: ["id", "name", "permissions"],
|
|
required: false,
|
|
},
|
|
],
|
|
attributes: {
|
|
exclude: ["password"],
|
|
},
|
|
});
|
|
|
|
if (!user || !user.isActive) {
|
|
return res.status(401).json({ message: "User not found or inactive" });
|
|
}
|
|
|
|
// 권한 정보 처리
|
|
const permissions = {
|
|
"basic:view": true, // 기본 권한
|
|
};
|
|
|
|
if (user.Roles) {
|
|
user.Roles.forEach((role) => {
|
|
if (role.permissions) {
|
|
Object.entries(role.permissions).forEach(([key, value]) => {
|
|
permissions[key] = permissions[key] || value;
|
|
});
|
|
}
|
|
});
|
|
}
|
|
|
|
// user 객체에서 Roles 제거하고 permissions 추가
|
|
const userData = user.toJSON();
|
|
delete userData.Roles;
|
|
userData.permissions = permissions;
|
|
|
|
req.user = userData;
|
|
next();
|
|
} catch (error) {
|
|
return res.status(401).json({ message: "Invalid token" });
|
|
}
|
|
};
|
|
|
|
module.exports = authMiddleware;
|