Deploy: 2026-05-21 01:26:06

2026-05-21 01:26:06 +03:00
parent 146ebd7200
commit 16d494b4e1
13 changed files with 816 additions and 32 deletions
--- a/backend/app/Middlewares/AuthMiddleware.php
+++ b/backend/app/Middlewares/AuthMiddleware.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Middlewares;
+
+use App\Core\Request;
+use App\Core\Response;
+use App\Core\Security;
+
+class AuthMiddleware
+{
+    /**
+     * Verifies the JWT token and populates request properties.
+     */
+    public function handle(Request $request, Response $response): void
+    {
+        $authHeader = $request->getHeader('authorization', '');
+
+        if (!$authHeader || !preg_match('/Bearer\s(\S+)/i', $authHeader, $matches)) {
+            $response->json(['error' => 'Unauthorized', 'message' => 'Token not provided or invalid format'], 401);
+            exit;
+        }
+
+        $token = $matches[1];
+        $payload = Security::verifyJWT($token);
+
+        if (!$payload) {
+            $response->json(['error' => 'Unauthorized', 'message' => 'Invalid or expired token'], 401);
+            exit;
+        }
+
+        // Validate required custom payload elements
+        if (!isset($payload['user_id']) || !isset($payload['company_id']) || !isset($payload['role'])) {
+            $response->json(['error' => 'Unauthorized', 'message' => 'Malformed token payload structure'], 401);
+            exit;
+        }
+
+        // Attach user info to the Request instance dynamically so controllers can use it
+        $request->user_id = $payload['user_id'];
+        $request->company_id = $payload['company_id'];
+        $request->role = $payload['role'];
+    }
+}