new procurement

server/routers/procurement/middleware/auth.js

@@ -1,27 +1,32 @@
-const jwt = require('jsonwebtoken')
+const jwt = require('jsonwebtoken');
 
 const verifyToken = (req, res, next) => {
-  const token = req.headers.authorization?.replace('Bearer ', '')
+  const token = req.headers.authorization?.replace('Bearer ', '');
   
   if (!token) {
-    return res.status(401).json({ error: 'No token provided' })
+    return res.status(401).json({ error: 'No token provided' });
   }
   
   try {
-    const decoded = jwt.verify(token, process.env.JWT_SECRET || 'your-secret-key')
-    req.user = decoded
-    next()
+    const decoded = jwt.verify(token, process.env.JWT_SECRET || 'your-secret-key');
+    req.userId = decoded.userId;
+    req.companyId = decoded.companyId;
+    req.user = decoded;
+    console.log('[Auth] Token verified - userId:', decoded.userId, 'companyId:', decoded.companyId);
+    next();
   } catch (error) {
-    return res.status(401).json({ error: 'Invalid token' })
+    console.error('[Auth] Token verification failed:', error.message);
+    return res.status(401).json({ error: 'Invalid token' });
   }
-}
+};
 
-const generateToken = (userId, email) => {
+const generateToken = (userId, companyId) => {
+  console.log('[Auth] Generating token for userId:', userId, 'companyId:', companyId);
   return jwt.sign(
-    { userId, email },
+    { userId, companyId },
     process.env.JWT_SECRET || 'your-secret-key',
     { expiresIn: '7d' }
-  )
-}
+  );
+};
 
-module.exports = { verifyToken, generateToken }
+module.exports = { verifyToken, generateToken };