898d021ae8
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
- server/auth.js: JWT middleware and auth routes - src/stores/auth.js + useAuthFetch.js: client-side auth state - src/views/LoginView.vue + UsersView.vue: login and user management UI - router, sidebar, App.vue: guard routes behind auth - COOLIFY.md: add real deployment IDs
23 lines
644 B
JavaScript
23 lines
644 B
JavaScript
import jwt from "jsonwebtoken";
|
|
|
|
const JWT_SECRET =
|
|
process.env.JWT_SECRET || "sbsports-dev-secret-change-in-prod";
|
|
const JWT_EXPIRES = "8h";
|
|
|
|
export function signToken(payload) {
|
|
return jwt.sign(payload, JWT_SECRET, { expiresIn: JWT_EXPIRES });
|
|
}
|
|
|
|
export function requireAuth(req, res, next) {
|
|
const header = req.headers.authorization || "";
|
|
const token = header.startsWith("Bearer ") ? header.slice(7) : null;
|
|
if (!token) return res.status(401).json({ error: "No autenticado" });
|
|
|
|
try {
|
|
req.user = jwt.verify(token, JWT_SECRET);
|
|
next();
|
|
} catch {
|
|
res.status(401).json({ error: "Token inválido o expirado" });
|
|
}
|
|
}
|