From e0ab73361a8bb3598ced59270e6824aa80b80b48 Mon Sep 17 00:00:00 2001
From: Biswakalyan Bhuyan <biswa@surgot.in>
Date: Thu, 25 Jul 2024 13:13:05 +0530
Subject: added admin page

---
 backend/index.js | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'backend')

diff --git a/backend/index.js b/backend/index.js
index 090296e..54c0b4a 100644
--- a/backend/index.js
+++ b/backend/index.js
@@ -22,6 +22,22 @@ const users = [
   },
 ];
 
+const authenticateJWT = (req, res, next) => {
+  const token = req.header('Authorization').split(' ')[1];
+  if (!token) {
+    return res.status(403).json({ message: 'Forbidden' });
+  }
+
+  jwt.verify(token, SECRET_KEY, (err, user) => {
+    if (err) {
+      return res.status(403).json({ message: 'Forbidden' });
+    }
+
+    req.user = user;
+    next();
+  });
+};
+
 // Login route
 app.post('/login', async (req, res) => {
   const { username, password } = req.body;
@@ -45,6 +61,11 @@ app.post('/login', async (req, res) => {
   res.json({ token });
 });
 
+// Protected route example
+app.get('/admin', authenticateJWT, (req, res) => {
+  res.json({ message: 'Welcome to the admin panel' });
+});
+
 app.listen(PORT, () => {
   console.log(`Server running on http://localhost:${PORT}`);
 });
-- 
cgit v1.2.3-59-g8ed1b