day9/middleware/RoleCheckMiddleware.js

module.exports = function (req, res, next) {
  const match = req.path.match(/^\/api\/v1\/(\w+)\//);
  if (match) {
    const portal = match[1];
    const userRole = req.tokenPayload && req.tokenPayload.role;
    if (userRole !== portal) {
      return res.status(403).json({
        success: false,
        error: `Access denied. Role '${userRole}' does not match portal '${portal}'.`,
      });
    }
  }
  next();
};
feat: complete day 9 2025-07-15 19:04:00 +01:00			`module.exports = function (req, res, next) {`
			`const match = req.path.match(/^\/api\/v1\/(\w+)\//);`
			`if (match) {`
			`const portal = match[1];`
			`const userRole = req.tokenPayload && req.tokenPayload.role;`
			`if (userRole !== portal) {`
			`return res.status(403).json({`
			`success: false,`
			error: `Access denied. Role '${userRole}' does not match portal '${portal}'.`,
			`});`
			`}`
			`}`
			`next();`
			`};`