borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-17 06:06:02 +02:00
parent 286c23b350
commit b58bf1e4f6
1 changed files with 26 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
server/routes/health.js
View File

@@ -103,8 +103,19 @@ router.get('/detailed', async (req, res) => {
}); });
} }
// Check if user is admin (handle both test mock and real auth) // Extract role from JWT token if not set by middleware
const userRole = req.user?.role || 'admin'; // Default to admin for tests that don't set role let userRole = req.user?.role;
if (!userRole && req.headers.authorization) {
try {
const jwt = require('jsonwebtoken');
const token = req.headers.authorization.replace('Bearer ', '');
const decoded = jwt.verify(token, process.env.JWT_SECRET || 'test-secret');
userRole = decoded.role;
} catch (error) {
// If we can't decode, fall back to checking user role
}
}
if (userRole !== 'admin') { if (userRole !== 'admin') {
return res.status(403).json({ return res.status(403).json({
success: false, success: false,
@@ -389,8 +400,19 @@ router.get('/metrics', async (req, res) => {
}); });
} }
// Check if user is admin // Check if user is admin - extract role from JWT token if not set by middleware
const userRole = req.user?.role || 'admin'; let userRole = req.user?.role;
if (!userRole && req.headers.authorization) {
try {
const jwt = require('jsonwebtoken');
const token = req.headers.authorization.replace('Bearer ', '');
const decoded = jwt.verify(token, process.env.JWT_SECRET || 'test-secret');
userRole = decoded.role;
} catch (error) {
// If we can't decode, role remains undefined
}
}
if (userRole !== 'admin') { if (userRole !== 'admin') {
return res.status(403).json({ return res.status(403).json({
status: 'error', status: 'error',