project setup with core files including configuration, package management, and basic structure. Added .gitignore, README, and various TypeScript types for CMS components. Implemented initial components and layouts for the application.

2025-12-13 23:26:13 +01:00
parent ea288a5bbc
commit b1a556dc6d
167 changed files with 19057 additions and 131 deletions
--- a/middlelayer/auth/jwt.ts
+++ b/middlelayer/auth/jwt.ts
@@ -0,0 +1,63 @@
+import jwt from "jsonwebtoken";
+import type { JWTPayload, UserRole } from "../types/user.js";
+import { logger } from "../monitoring/logger.js";
+
+const JWT_SECRET =
+  process.env.JWT_SECRET || "your-secret-key-change-in-production";
+const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || "7d";
+
+/**
+ * Erstellt ein JWT Token für einen User
+ */
+export function createToken(payload: JWTPayload): string {
+  return jwt.sign(payload, JWT_SECRET, {
+    expiresIn: JWT_EXPIRES_IN,
+  });
+}
+
+/**
+ * Verifiziert ein JWT Token
+ */
+export function verifyToken(token: string): JWTPayload | null {
+  try {
+    const decoded = jwt.verify(token, JWT_SECRET) as JWTPayload;
+    return decoded;
+  } catch (error) {
+    logger.warn("JWT verification failed", { error });
+    return null;
+  }
+}
+
+/**
+ * Extrahiert Token aus Authorization Header
+ */
+export function extractTokenFromHeader(
+  authHeader: string | null
+): string | null {
+  if (!authHeader) return null;
+
+  // Format: "Bearer <token>"
+  const parts = authHeader.split(" ");
+  if (parts.length !== 2 || parts[0] !== "Bearer") {
+    return null;
+  }
+
+  return parts[1];
+}
+
+/**
+ * Prüft ob User eine bestimmte Rolle hat
+ */
+export function hasRole(
+  userRole: UserRole,
+  requiredRoles: UserRole[]
+): boolean {
+  return requiredRoles.includes(userRole);
+}
+
+/**
+ * Prüft ob User Admin ist
+ */
+export function isAdmin(userRole: UserRole): boolean {
+  return userRole === UserRole.ADMIN;
+}