53 lines
1.3 KiB
TypeScript
53 lines
1.3 KiB
TypeScript
import jwt from "jsonwebtoken";
|
|
import { User } from "../../models/User";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const config = useRuntimeConfig();
|
|
const token = getCookie(event, "auth-token");
|
|
|
|
if (!token) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: "Unauthorized - No token provided",
|
|
});
|
|
}
|
|
|
|
try {
|
|
// Verify and decode the token
|
|
const decoded = jwt.verify(token, config.jwtSecret as string) as any;
|
|
|
|
// Get fresh user data from database
|
|
const user = await User.findById(decoded.userId).select("-__v");
|
|
|
|
if (!user) {
|
|
throw createError({
|
|
statusCode: 404,
|
|
statusMessage: "User not found",
|
|
});
|
|
}
|
|
|
|
// Return user data (without sensitive fields)
|
|
return {
|
|
id: user._id,
|
|
username: user.username,
|
|
displayName: user.displayName,
|
|
email: user.email,
|
|
avatar: user.avatar,
|
|
roles: user.roles,
|
|
permissions: user.permissions,
|
|
contributions: user.contributions,
|
|
};
|
|
} catch (error: any) {
|
|
if (
|
|
error.name === "JsonWebTokenError" ||
|
|
error.name === "TokenExpiredError"
|
|
) {
|
|
deleteCookie(event, "auth-token");
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: "Invalid or expired token",
|
|
});
|
|
}
|
|
throw error;
|
|
}
|
|
});
|