0500ac171c
- 61 files across zroc-ui/ and zroc-ova/ directories - Full content written for: config, auth, API layers, CSS, build files, OVA scripts, backend routes, charts, hooks, constants - Stubs in place for: page components, Sidebar, TopBar, docker-compose, authentik client, blueprint YAML, packer HCL, workflows, setup wizard Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
29 lines
737 B
JavaScript
29 lines
737 B
JavaScript
// backend/middleware/authenticate.js
|
|
'use strict';
|
|
|
|
/**
|
|
* Middleware: require an authenticated session.
|
|
* If the request has no valid session → 401.
|
|
* Attaches req.user = { id, username, name, email, role } for downstream use.
|
|
*/
|
|
function authenticate(req, res, next) {
|
|
if (!req.session?.user) {
|
|
return res.status(401).json({ error: 'Unauthorized', code: 'NO_SESSION' });
|
|
}
|
|
req.user = req.session.user;
|
|
next();
|
|
}
|
|
|
|
/**
|
|
* Middleware: require admin role.
|
|
* Must be used AFTER authenticate().
|
|
*/
|
|
function requireAdmin(req, res, next) {
|
|
if (req.user?.role !== 'admin') {
|
|
return res.status(403).json({ error: 'Forbidden', code: 'REQUIRES_ADMIN' });
|
|
}
|
|
next();
|
|
}
|
|
|
|
module.exports = { authenticate, requireAdmin };
|