69 lines
1.6 KiB
JavaScript
69 lines
1.6 KiB
JavaScript
import { verifyToken, isUserToken, isAdminToken } from '../utils/jwt.js';
|
||
|
||
/**
|
||
* 用户认证中间件
|
||
*/
|
||
export function requireUserAuth(req, res, next) {
|
||
const authHeader = req.headers.authorization;
|
||
|
||
if (!authHeader || !authHeader.startsWith('Bearer ')) {
|
||
return res.status(401).json({ error: '未提供认证令牌' });
|
||
}
|
||
|
||
const token = authHeader.substring(7);
|
||
const payload = verifyToken(token);
|
||
|
||
if (!payload) {
|
||
return res.status(401).json({ error: '令牌无效或已过期' });
|
||
}
|
||
|
||
if (!isUserToken(payload)) {
|
||
return res.status(403).json({ error: '需要用户令牌' });
|
||
}
|
||
|
||
req.user = payload;
|
||
next();
|
||
}
|
||
|
||
/**
|
||
* 管理员认证中间件
|
||
*/
|
||
export function requireAdminAuth(req, res, next) {
|
||
const authHeader = req.headers.authorization;
|
||
|
||
if (!authHeader || !authHeader.startsWith('Bearer ')) {
|
||
return res.status(401).json({ error: '未提供认证令牌' });
|
||
}
|
||
|
||
const token = authHeader.substring(7);
|
||
const payload = verifyToken(token);
|
||
|
||
if (!payload) {
|
||
return res.status(401).json({ error: '令牌无效或已过期' });
|
||
}
|
||
|
||
if (!isAdminToken(payload)) {
|
||
return res.status(403).json({ error: '需要管理员权限' });
|
||
}
|
||
|
||
req.admin = payload;
|
||
next();
|
||
}
|
||
|
||
/**
|
||
* 可选认证中间件(不强制要求 token)
|
||
*/
|
||
export function optionalAuth(req, res, next) {
|
||
const authHeader = req.headers.authorization;
|
||
|
||
if (authHeader && authHeader.startsWith('Bearer ')) {
|
||
const token = authHeader.substring(7);
|
||
const payload = verifyToken(token);
|
||
if (payload) {
|
||
req.user = payload;
|
||
}
|
||
}
|
||
|
||
next();
|
||
}
|