40 lines
925 B
JavaScript
40 lines
925 B
JavaScript
import { verifyToken } from './jwt.js';
|
|
|
|
function createResponse(success, message, data = null) {
|
|
return { success, message, data };
|
|
}
|
|
|
|
async function authMiddleware(req, res, next) {
|
|
try {
|
|
const authHeader = req.headers.authorization;
|
|
|
|
if (!authHeader || !authHeader.startsWith('Bearer ')) {
|
|
return res.status(401).json(createResponse(false, '未提供身份验证令牌'));
|
|
}
|
|
|
|
const token = authHeader.substring(7);
|
|
const payload = await verifyToken(token);
|
|
|
|
if (!payload) {
|
|
return res.status(401).json(createResponse(false, '无效或已过期的令牌'));
|
|
}
|
|
|
|
req.user = payload;
|
|
req.token = token;
|
|
next();
|
|
} catch (error) {
|
|
console.error('身份验证中间件错误:', error);
|
|
res.status(500).json(createResponse(false, '身份验证失败'));
|
|
}
|
|
}
|
|
|
|
export {
|
|
authMiddleware,
|
|
createResponse
|
|
};
|
|
|
|
export default {
|
|
authMiddleware,
|
|
createResponse
|
|
};
|