28 lines
660 B
JavaScript
28 lines
660 B
JavaScript
const jwt = require('jsonwebtoken')
|
|
|
|
const verifyToken = (req, res, next) => {
|
|
const token = req.headers.authorization?.replace('Bearer ', '')
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'No token provided' })
|
|
}
|
|
|
|
try {
|
|
const decoded = jwt.verify(token, process.env.JWT_SECRET || 'your-secret-key')
|
|
req.user = decoded
|
|
next()
|
|
} catch (error) {
|
|
return res.status(401).json({ error: 'Invalid token' })
|
|
}
|
|
}
|
|
|
|
const generateToken = (userId, email) => {
|
|
return jwt.sign(
|
|
{ userId, email },
|
|
process.env.JWT_SECRET || 'your-secret-key',
|
|
{ expiresIn: '7d' }
|
|
)
|
|
}
|
|
|
|
module.exports = { verifyToken, generateToken }
|