Step 4: Create authentication middleware
Let’s create a middleware for authentication:
// middleware/auth.js
const jwt = require('jsonwebtoken');
const { User } = require('../models');
const verifyToken = async (req, res, next) => {
const token = req.headers['x-access-token'];
if (!token) {
return res.status(403).send({ message: "No token provided!" });
}
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
const user = await User.findByPk(decoded.id);
if (!user) {
return res.status(401).send({ message: "Unauthorized!" });
}
req.user = user;
next();
} catch (err) {
return res.status(401).send({ message: "Unauthorized!" });
}
};
module.exports = verifyToken;