From c5f2c84af969e8f6ce4da4a24f50d1ef05ae922d Mon Sep 17 00:00:00 2001
From: Ricardo <ricardofaria170@gmail.com>
Date: Wed, 19 Mar 2025 11:41:45 -0300
Subject: [PATCH] Issue#12 ADD middleware authenticator

---
 src/middleware/auth.ts | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/src/middleware/auth.ts b/src/middleware/auth.ts
index e69de29..2c002e3 100644
--- a/src/middleware/auth.ts
+++ b/src/middleware/auth.ts
@@ -0,0 +1,31 @@
+import { type Request, type Response, type NextFunction } from "express";
+import jwt, { type JwtPayload } from "jsonwebtoken";
+
+interface AuthenticatedRequest extends Request {
+    user?: JwtPayload | string;
+}
+
+export const tokenAuthenticator = async ( req: Request, res: Response, next: NextFunction): Promise<void> => {
+    if (!req.headers.authorization)
+    {
+        res.status(401).json({ message: "Unauthorized"});
+        return;
+    }
+
+    const token = req.headers.authorization?.split(" ")[1]; //pega o token do cabecalho da requisicao, undefined se nao achar
+
+    if (!token)
+    {
+        res.status(401).json({ message: "Token Not Found"});
+        return;
+    }
+
+    try{
+        const decoded = jwt.verify(token, process.env["APP_SECRET"] as string) as JwtPayload;   //valida o token com app_secret, e atribui como jwtpayload
+        const reqAuth = req as AuthenticatedRequest;
+        reqAuth.user = decoded; //req recebe o jwtpayload da validacao
+        next();
+    } catch (error) {
+        res.status(403).json({ message: "Invalid Token"});
+    }
+};
\ No newline at end of file
-- 
GitLab