14 lines
503 B
TypeScript
14 lines
503 B
TypeScript
import { Response, NextFunction } from "express";
|
|
import { AuthenticatedRequest } from "../../shared/utils/token";
|
|
type Role = "Admin" | "Viewer" | "Editor";
|
|
const authorizedRoles = (...allowedRoles: Role[]) => {
|
|
return (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
|
|
if (!req.user || !allowedRoles.includes(req.user.role as Role)) {
|
|
res.status(403).json({ message: "Access Denied" });
|
|
return;
|
|
}
|
|
next();
|
|
};
|
|
};
|
|
export default authorizedRoles;
|