diff options
Diffstat (limited to 'backend/index.js')
| -rw-r--r-- | backend/index.js | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/backend/index.js b/backend/index.js index 090296e..54c0b4a 100644 --- a/backend/index.js +++ b/backend/index.js @@ -22,6 +22,22 @@ const users = [ }, ]; +const authenticateJWT = (req, res, next) => { + const token = req.header('Authorization').split(' ')[1]; + if (!token) { + return res.status(403).json({ message: 'Forbidden' }); + } + + jwt.verify(token, SECRET_KEY, (err, user) => { + if (err) { + return res.status(403).json({ message: 'Forbidden' }); + } + + req.user = user; + next(); + }); +}; + // Login route app.post('/login', async (req, res) => { const { username, password } = req.body; @@ -45,6 +61,11 @@ app.post('/login', async (req, res) => { res.json({ token }); }); +// Protected route example +app.get('/admin', authenticateJWT, (req, res) => { + res.json({ message: 'Welcome to the admin panel' }); +}); + app.listen(PORT, () => { console.log(`Server running on http://localhost:${PORT}`); }); |