seperate routes and middleware into seperate files

author: Pinapelz <yukais@pinapelz.com> 2025-06-29 19:55:51 -0700
committer: Pinapelz <yukais@pinapelz.com> 2025-06-29 22:06:39 -0700
commit: eda5691cfcb3be0bb6ccf1b2ad4fa92801ad86c4 (patch)
tree: ee83300ec2d7fc2763ba6b7887d61c2af0208c7a /backend/src/middleware
parent: 1b66788e84c1d2eef875534cd02685b56d08547f (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/backend/src/middleware/requireAuth.ts b/backend/src/middleware/requireAuth.ts
new file mode 100644
index 0000000..915d52b
--- /dev/null
+++ b/backend/src/middleware/requireAuth.ts
@@ -0,0 +1,28 @@
+import express from 'express';
+import { prisma } from '../config/db';
+
+export const requireAuth = async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+  if (!req.session.userId) {
+    return res.status(401).json({ error: 'Authentication required' });
+  }
+
+  try {
+    const user = await prisma.user.findUnique({
+      where: { id: req.session.userId },
+      select: { id: true, username: true, email: true }
+    });
+
+    if (!user) {
+      req.session.destroy((err) => {
+        if (err) console.error('Session destroy error:', err);
+      });
+      return res.status(401).json({ error: 'Invalid session' });
+    }
+
+    (req as any).user = user;
+    next();
+  } catch (error) {
+    console.error('Auth middleware error:', error);
+    res.status(500).json({ error: 'Internal server error' });
+  }
+};
author	Pinapelz <yukais@pinapelz.com>	2025-06-29 19:55:51 -0700
committer	Pinapelz <yukais@pinapelz.com>	2025-06-29 22:06:39 -0700
commit	eda5691cfcb3be0bb6ccf1b2ad4fa92801ad86c4 (patch)
tree	ee83300ec2d7fc2763ba6b7887d61c2af0208c7a /backend/src/middleware
parent	1b66788e84c1d2eef875534cd02685b56d08547f (diff)