feat : admin feature

2025-08-08 13:06:08 +05:30
parent b88e00f758
commit cd1193c746
9 changed files with 148 additions and 7 deletions
--- a/src/middlewares/admin.middleware.js
+++ b/src/middlewares/admin.middleware.js
@@ -0,0 +1,28 @@
+const { verifyToken } = require('../util/jwt');
+const { logger } = require('../util/logger');
+
+function checkAdmin (req,res,next){
+  const authHeader = req.headers.authorization;
+
+  if (!authHeader || !authHeader.startsWith('Bearer ')) {
+    return res
+      .status(401)
+      .json({ error: 'missing or malformed authorization header' });
+  }
+
+  const token = authHeader.split(' ')[1];
+  try {
+    const payload = verifyToken(token);
+    // console.log("hi",payload);
+    if(payload.customerNo && payload.role === 'admin'){
+      req.admin = payload.customerNo;
+      next();
+    }
+    else
+      return res.status(403).json({error :'Only admin can access'})
+  } catch (err) {
+    logger.error(err, 'error verifying token');
+    return res.status(401).json({ error: 'invalid or expired token' });
+  }
+}
+module.exports = checkAdmin;