| 7 | import { INIT_ADMIN_USER_ID } from '../utils/const.js'; |
| 8 | |
| 9 | export function auth(): Handler { |
| 10 | return async (req, res, next) => { |
| 11 | try { |
| 12 | const authorization = (req.headers['authorization'] as string) ?? ''; |
| 13 | const token = authorization.replace('Bearer ', ''); |
| 14 | |
| 15 | if (token) { |
| 16 | if (token.startsWith('sk_')) { |
| 17 | const user = await verifyUserApiKey(token); |
| 18 | req.user = { |
| 19 | id: user.id, |
| 20 | username: user.username, |
| 21 | role: user.role, |
| 22 | }; |
| 23 | return next(); |
| 24 | } |
| 25 | |
| 26 | try { |
| 27 | const payload = jwtVerify(token); |
| 28 | req.user = payload; |
| 29 | return next(); |
| 30 | } catch (err) { |
| 31 | return res.status(401).json({ message: 'TokenInvalid' }); |
| 32 | } |
| 33 | } |
| 34 | |
| 35 | const session = await getSession(req, authConfig); |
| 36 | if (session) { |
| 37 | const userId = session.user.id; |
| 38 | req.user = { |
| 39 | id: userId, |
| 40 | username: session.user.name, |
| 41 | role: |
| 42 | userId === INIT_ADMIN_USER_ID |
| 43 | ? SYSTEM_ROLES.admin |
| 44 | : SYSTEM_ROLES.user, |
| 45 | }; |
| 46 | return next(); |
| 47 | } |
| 48 | |
| 49 | return res.status(401).json({ message: 'No Token or Session' }); |
| 50 | } catch (err: any) { |
| 51 | return res.status(500).json({ message: err?.message ?? 'Auth Failed' }); |
| 52 | } |
| 53 | }; |
| 54 | } |