35 lines
833 B
JavaScript
35 lines
833 B
JavaScript
require('dotenv').config();
|
|
const jwt = require('jsonwebtoken');
|
|
const db = require('../../models/migration');
|
|
const User = db.User;
|
|
|
|
const optionalAuth = async (req, res, next) => {
|
|
try {
|
|
const header = req.header('Authorization');
|
|
|
|
// kalau tidak ada token, user dianggap belum login → lanjut aja
|
|
if (!header) {
|
|
req.user = null;
|
|
return next();
|
|
}
|
|
|
|
const idToken = header.replace('Bearer ', '');
|
|
const decoded = jwt.verify(idToken, process.env.JWT_SECRET_KEY);
|
|
|
|
const user = await User.findByPk(decoded.id);
|
|
if (!user || user.is_suspended) {
|
|
req.user = null;
|
|
return next();
|
|
}
|
|
|
|
req.user = user;
|
|
return next();
|
|
} catch (e) {
|
|
// kalau token invalid, tetap lanjut tapi tanpa user
|
|
req.user = null;
|
|
return next();
|
|
}
|
|
};
|
|
|
|
module.exports = optionalAuth;
|