tambahan

2025-10-28 16:18:13 +08:00
parent 9c96031574
commit 5dc83dbd35
1 changed files with 14 additions and 6 deletions
--- a/src/server/middlewares/apiAuth.ts
+++ b/src/server/middlewares/apiAuth.ts
@@ -1,7 +1,7 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import jwt, { type JWTPayloadSpec } from '@elysiajs/jwt'
 import Elysia from 'elysia'
-import { prisma } from '../lib/prisma'
+import { prisma } from '../lib/prisma' // pastikan nama file sama persis!

 const secret = process.env.JWT_SECRET

@@ -9,6 +9,7 @@ export default function apiAuth(app: Elysia) {
  if (!secret) {
    throw new Error('JWT_SECRET is not defined')
  }
+
  return app
    .use(
      jwt({
@@ -19,17 +20,24 @@ export default function apiAuth(app: Elysia) {
    .derive(async ({ cookie, headers, jwt }) => {
      let token: string | undefined

+      // Cek token dari cookie
      if (cookie?.token?.value) {
        token = cookie.token.value as any
      }
-      if (headers['x-token']?.startsWith('Bearer ')) {
-        token = (headers['x-token'] as string).slice(7)
-      }
-      if (headers['authorization']?.startsWith('Bearer ')) {
-        token = (headers['authorization'] as string).slice(7)
+
+      // Normalisasi header key
+      const headerToken =
+        headers['x-token'] ||
+        headers['X-Token'] ||
+        headers['authorization'] ||
+        headers['Authorization']
+
+      if (headerToken?.startsWith('Bearer ')) {
+        token = headerToken.slice(7)
      }

      let user: null | Awaited<ReturnType<typeof prisma.user.findUnique>> = null
+
      if (token) {
        try {
          const decoded = (await jwt.verify(token)) as JWTPayloadSpec