Initial T06 security template

2026-05-12 06:49:39 +00:00
commit af0ff49f87
20 changed files with 529 additions and 0 deletions
--- a/services/orders-api/server.js
+++ b/services/orders-api/server.js
@@ -0,0 +1,33 @@
+const express = require('express');
+const jwt = require('jsonwebtoken');
+
+const app = express();
+const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-ne-koristiti-u-produkciji';
+
+function authenticate(req, res, next) {
+  const authHeader = req.headers.authorization || '';
+  const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : null;
+
+  if (!token) {
+    return res.status(401).json({ error: 'Missing bearer token' });
+  }
+
+  try {
+    req.user = jwt.verify(token, JWT_SECRET);
+    return next();
+  } catch (error) {
+    return res.status(401).json({ error: 'Invalid token' });
+  }
+}
+
+app.get('/api/orders', authenticate, (req, res) => {
+  res.setHeader('X-Served-By', 'orders-api');
+  return res.json([
+    { id: 1, item: 'Knjiga: Mikroservisi', amount: 25 },
+    { id: 2, item: 'Knjiga: API Security', amount: 30 }
+  ]);
+});
+
+app.listen(3002, () => {
+  console.log('orders-api na portu 3002');
+});