Files for Todo_admin added

2025-12-30 19:44:14 +05:30
parent fd223884cd
commit eef41c105c
34 changed files with 7687 additions and 0 deletions
--- a/Backend/middleware/auth.js
+++ b/Backend/middleware/auth.js
@@ -0,0 +1,32 @@
+import jwt from 'jsonwebtoken';
+import User from '../models/User.js';
+
+export const authenticateToken = async (req, res, next) => {
+  const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+
+  if (!token) {
+    return res.status(401).json({ message: 'Access token required' });
+  }
+
+  try {
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    const user = await User.findById(decoded.userId).select('-password');
+    
+    if (!user) {
+      return res.status(401).json({ message: 'Invalid token' });
+    }
+
+    req.user = user;
+    next();
+  } catch (error) {
+    return res.status(403).json({ message: 'Invalid or expired token' });
+  }
+};
+
+export const requireAdmin = async (req, res, next) => {
+  if (req.user.role !== 'admin') {
+    return res.status(403).json({ message: 'Admin access required' });
+  }
+  next();
+};