From e0ab73361a8bb3598ced59270e6824aa80b80b48 Mon Sep 17 00:00:00 2001 From: Biswakalyan Bhuyan Date: Thu, 25 Jul 2024 13:13:05 +0530 Subject: added admin page --- backend/index.js | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'backend') diff --git a/backend/index.js b/backend/index.js index 090296e..54c0b4a 100644 --- a/backend/index.js +++ b/backend/index.js @@ -22,6 +22,22 @@ const users = [ }, ]; +const authenticateJWT = (req, res, next) => { + const token = req.header('Authorization').split(' ')[1]; + if (!token) { + return res.status(403).json({ message: 'Forbidden' }); + } + + jwt.verify(token, SECRET_KEY, (err, user) => { + if (err) { + return res.status(403).json({ message: 'Forbidden' }); + } + + req.user = user; + next(); + }); +}; + // Login route app.post('/login', async (req, res) => { const { username, password } = req.body; @@ -45,6 +61,11 @@ app.post('/login', async (req, res) => { res.json({ token }); }); +// Protected route example +app.get('/admin', authenticateJWT, (req, res) => { + res.json({ message: 'Welcome to the admin panel' }); +}); + app.listen(PORT, () => { console.log(`Server running on http://localhost:${PORT}`); }); -- cgit v1.2.3-59-g8ed1b