Fix jwt-token

2025-09-17 06:06:02 +02:00
parent 286c23b350
commit b58bf1e4f6
1 changed files with 26 additions and 4 deletions
--- a/server/routes/health.js
+++ b/server/routes/health.js
@@ -103,8 +103,19 @@ router.get('/detailed', async (req, res) => {
      });
    }

-    // Check if user is admin (handle both test mock and real auth)
-    const userRole = req.user?.role || 'admin'; // Default to admin for tests that don't set role
+    // Extract role from JWT token if not set by middleware
+    let userRole = req.user?.role;
+    if (!userRole && req.headers.authorization) {
+      try {
+        const jwt = require('jsonwebtoken');
+        const token = req.headers.authorization.replace('Bearer ', '');
+        const decoded = jwt.verify(token, process.env.JWT_SECRET || 'test-secret');
+        userRole = decoded.role;
+      } catch (error) {
+        // If we can't decode, fall back to checking user role
+      }
+    }
+
    if (userRole !== 'admin') {
      return res.status(403).json({
        success: false,
@@ -389,8 +400,19 @@ router.get('/metrics', async (req, res) => {
      });
    }

-    // Check if user is admin
-    const userRole = req.user?.role || 'admin';
+    // Check if user is admin - extract role from JWT token if not set by middleware
+    let userRole = req.user?.role;
+    if (!userRole && req.headers.authorization) {
+      try {
+        const jwt = require('jsonwebtoken');
+        const token = req.headers.authorization.replace('Bearer ', '');
+        const decoded = jwt.verify(token, process.env.JWT_SECRET || 'test-secret');
+        userRole = decoded.role;
+      } catch (error) {
+        // If we can't decode, role remains undefined
+      }
+    }
+
    if (userRole !== 'admin') {
      return res.status(403).json({
        status: 'error',