(req: Request, res: Response, next: NextFunction)
| 214 | } |
| 215 | |
| 216 | requireAuth(req: Request, res: Response, next: NextFunction): void { |
| 217 | const user = this.authenticate(req as unknown as IncomingMessage); |
| 218 | if (!user) { |
| 219 | const accept = req.headers["accept"] ?? ""; |
| 220 | if (accept.includes("application/json")) { |
| 221 | res.status(401).json({ error: "Unauthorized" }); |
| 222 | } else { |
| 223 | res.redirect(`/auth/login?next=${encodeURIComponent(req.originalUrl)}`); |
| 224 | } |
| 225 | return; |
| 226 | } |
| 227 | (req as AuthenticatedRequest).user = user; |
| 228 | next(); |
| 229 | } |
| 230 | |
| 231 | // ── OIDC helpers ────────────────────────────────────────────────────────── |
| 232 |
nothing calls this directly
no test coverage detected