Files
Justin 0500ac171c feat: initial zROC project recreation (stubs for large files pending)
- 61 files across zroc-ui/ and zroc-ova/ directories
- Full content written for: config, auth, API layers, CSS, build files,
  OVA scripts, backend routes, charts, hooks, constants
- Stubs in place for: page components, Sidebar, TopBar, docker-compose,
  authentik client, blueprint YAML, packer HCL, workflows, setup wizard

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-12 16:20:05 -04:00

29 lines
737 B
JavaScript

// backend/middleware/authenticate.js
'use strict';
/**
* Middleware: require an authenticated session.
* If the request has no valid session → 401.
* Attaches req.user = { id, username, name, email, role } for downstream use.
*/
function authenticate(req, res, next) {
if (!req.session?.user) {
return res.status(401).json({ error: 'Unauthorized', code: 'NO_SESSION' });
}
req.user = req.session.user;
next();
}
/**
* Middleware: require admin role.
* Must be used AFTER authenticate().
*/
function requireAdmin(req, res, next) {
if (req.user?.role !== 'admin') {
return res.status(403).json({ error: 'Forbidden', code: 'REQUIRES_ADMIN' });
}
next();
}
module.exports = { authenticate, requireAdmin };