implemented a simple backend for mobile banking

src/middlewares/auth.middleware.js

@@ -0,0 +1,25 @@
+const { verifyToken } = require('../util/jwt');
+const { logger } = require('../util/logger');
+
+function auth(req, res, next) {
+  const authHeader = req.headers.authorization;
+
+  if (!authHeader || !authHeader.startsWith('Bearer ')) {
+    return res
+      .status(401)
+      .json({ error: 'missing or malformed authorization header' });
+  }
+
+  const token = authHeader.split(' ')[1];
+
+  try {
+    const payload = verifyToken(token);
+    req.user = payload;
+    next();
+  } catch (err) {
+    logger.error(err, 'error verifying token');
+    return res.status(401).json({ error: 'invalid or expired token' });
+  }
+}
+
+module.exports = auth;