From 811458427593a4172a2cd535cc768db375350dca Mon Sep 17 00:00:00 2001 From: nsfisis Date: Sat, 6 Dec 2025 17:05:21 +0900 Subject: feat(dev): change architecture and directory structure --- pkgs/server/src/middleware/auth.ts | 65 -------------------------------------- 1 file changed, 65 deletions(-) delete mode 100644 pkgs/server/src/middleware/auth.ts (limited to 'pkgs/server/src/middleware/auth.ts') diff --git a/pkgs/server/src/middleware/auth.ts b/pkgs/server/src/middleware/auth.ts deleted file mode 100644 index c295834..0000000 --- a/pkgs/server/src/middleware/auth.ts +++ /dev/null @@ -1,65 +0,0 @@ -import type { Context, Next } from "hono"; -import { verify } from "hono/jwt"; -import { Errors } from "./error-handler"; - -const JWT_SECRET = process.env.JWT_SECRET; -if (!JWT_SECRET) { - throw new Error("JWT_SECRET environment variable is required"); -} - -export interface AuthUser { - id: string; -} - -interface JWTPayload { - sub: string; - iat: number; - exp: number; -} - -/** - * Auth middleware that validates JWT tokens from Authorization header - * Sets the authenticated user in context variables - */ -export async function authMiddleware(c: Context, next: Next) { - const authHeader = c.req.header("Authorization"); - - if (!authHeader) { - throw Errors.unauthorized("Missing Authorization header", "MISSING_AUTH"); - } - - if (!authHeader.startsWith("Bearer ")) { - throw Errors.unauthorized( - "Invalid Authorization header format", - "INVALID_AUTH_FORMAT", - ); - } - - const token = authHeader.slice(7); - - try { - const payload = (await verify(token, JWT_SECRET)) as unknown as JWTPayload; - - const user: AuthUser = { - id: payload.sub, - }; - - c.set("user", user); - - await next(); - } catch { - throw Errors.unauthorized("Invalid or expired token", "INVALID_TOKEN"); - } -} - -/** - * Helper function to get the authenticated user from context - * Throws if user is not authenticated - */ -export function getAuthUser(c: Context): AuthUser { - const user = c.get("user") as AuthUser | undefined; - if (!user) { - throw Errors.unauthorized("Not authenticated", "NOT_AUTHENTICATED"); - } - return user; -} -- cgit v1.2.3-70-g09d2