feat(platform-service): add Fastify onRequest hook to parse JWT → req.jwtPayload
- Best-effort JWT parsing on every request (non-blocking for unauthenticated routes) - Attaches parsed payload to req.jwtPayload for downstream use by getRequestProductId() - Invalid/expired tokens silently ignored — auth-required routes handle their own validation
This commit is contained in:
saravanakumardb1
parent
365061566a
commit
465d429e09
@ -64,6 +64,22 @@ const app = await createServiceApp({
|
||||
metrics: true,
|
||||
});
|
||||
|
||||
// Parse JWT on every request (best-effort — doesn't block unauthenticated routes)
|
||||
import { verifyToken } from './modules/auth/jwt.js';
|
||||
import type { JwtPayload } from './lib/request-context.js';
|
||||
|
||||
app.addHook('onRequest', async req => {
|
||||
const auth = req.headers.authorization;
|
||||
if (!auth?.startsWith('Bearer ')) return;
|
||||
try {
|
||||
const payload = await verifyToken(auth.slice(7));
|
||||
req.jwtPayload = payload as JwtPayload;
|
||||
} catch {
|
||||
// Token invalid/expired — leave jwtPayload undefined.
|
||||
// Auth-required routes will handle this in their own validation.
|
||||
}
|
||||
});
|
||||
|
||||
// Register route modules
|
||||
await app.register(productRoutes, { prefix: '/api' });
|
||||
await app.register(authRoutes, { prefix: '/api' });
|
||||
|
||||
Loading…
Reference in New Issue
Block a user