| import jwt from 'jsonwebtoken'; | |
| import { JWT_SECRET } from '../config/users.js'; | |
| export const authenticateToken = (req, res, next) => { | |
| console.log(`Authenticating request: ${req.method} ${req.path}`); | |
| console.log('Authorization header:', req.headers['authorization'] ? 'Present' : 'Missing'); | |
| const authHeader = req.headers['authorization']; | |
| const token = authHeader && authHeader.split(' ')[1]; | |
| if (!token) { | |
| console.log('No token provided'); | |
| return res.status(401).json({ error: 'Access token required' }); | |
| } | |
| jwt.verify(token, JWT_SECRET, (err, user) => { | |
| if (err) { | |
| console.log('Token verification failed:', err.message); | |
| return res.status(403).json({ error: 'Invalid or expired token' }); | |
| } | |
| console.log('Token verified for user:', user.userId); | |
| req.user = user; | |
| next(); | |
| }); | |
| }; |