feat: complete day 9

day9/middleware/AuthMiddleware.js

@@ -0,0 +1,23 @@
+const JwtService = require("../services/JwtService");
+
+module.exports = function (req, res, next) {
+  const token = JwtService.getToken(req);
+  if (!token) {
+    return res.status(401).json({
+      success: false,
+      error: "Access denied. No token provided.",
+    });
+  }
+  const payload = JwtService.verifyAccessToken(token);
+  if (!payload) {
+    return res.status(401).json({
+      success: false,
+      error: "Invalid or expired token.",
+    });
+  }
+  req.tokenPayload = payload;
+  if (payload && payload.user_id) {
+    req.user_id = payload.user_id;
+  }
+  next();
+};

day9/middleware/Maintenance.js

@@ -0,0 +1,11 @@
+const config = require("../config");
+
+module.exports = function (req, res, next) {
+  if (config.maintenance) {
+    return res.status(503).json({
+      success: false,
+      error: "Service is under maintenance. Please try again later.",
+    });
+  }
+  next();
+};

day9/middleware/RoleCheckMiddleware.js

@@ -0,0 +1,14 @@
+module.exports = function (req, res, next) {
+  const match = req.path.match(/^\/api\/v1\/(\w+)\//);
+  if (match) {
+    const portal = match[1];
+    const userRole = req.tokenPayload && req.tokenPayload.role;
+    if (userRole !== portal) {
+      return res.status(403).json({
+        success: false,
+        error: `Access denied. Role '${userRole}' does not match portal '${portal}'.`,
+      });
+    }
+  }
+  next();
+};