a3308a26e2
- Complete Express.js API server - MongoDB integration with Mongoose - Admin authentication and authorization - Room management (CRUD operations) - Booking management system - Guest management - Payment processing (Stripe integration) - Content management (pages, blog, gallery) - Media upload and management - Integration services (Booking.com, Expedia, Opera PMS, Trip.com) - Email notifications - Comprehensive logging and error handling
56 lines
1.3 KiB
JavaScript
56 lines
1.3 KiB
JavaScript
const jwt = require('jsonwebtoken');
|
|
const Guest = require('../models/Guest');
|
|
|
|
const auth = async (req, res, next) => {
|
|
try {
|
|
// Get token from header
|
|
const token = req.header('Authorization')?.replace('Bearer ', '');
|
|
|
|
if (!token) {
|
|
return res.status(401).json({
|
|
success: false,
|
|
message: 'Access denied. No token provided.'
|
|
});
|
|
}
|
|
|
|
// Verify token
|
|
const decoded = jwt.verify(token, process.env.JWT_SECRET);
|
|
|
|
// Get guest from database
|
|
const guest = await Guest.findById(decoded.id).select('-password');
|
|
|
|
if (!guest || !guest.isActive) {
|
|
return res.status(401).json({
|
|
success: false,
|
|
message: 'Token is not valid or account is inactive'
|
|
});
|
|
}
|
|
|
|
// Add guest to request object
|
|
req.guest = guest;
|
|
next();
|
|
} catch (error) {
|
|
console.error('Authentication error:', error.message);
|
|
|
|
if (error.name === 'JsonWebTokenError') {
|
|
return res.status(401).json({
|
|
success: false,
|
|
message: 'Invalid token'
|
|
});
|
|
}
|
|
|
|
if (error.name === 'TokenExpiredError') {
|
|
return res.status(401).json({
|
|
success: false,
|
|
message: 'Token expired'
|
|
});
|
|
}
|
|
|
|
res.status(500).json({
|
|
success: false,
|
|
message: 'Server error during authentication'
|
|
});
|
|
}
|
|
};
|
|
|
|
module.exports = auth; |