34 lines
922 B
JavaScript
34 lines
922 B
JavaScript
const express = require('express');
|
|
const jwt = require('jsonwebtoken');
|
|
|
|
const app = express();
|
|
const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-ne-koristiti-u-produkciji';
|
|
|
|
function authenticate(req, res, next) {
|
|
const authHeader = req.headers.authorization || '';
|
|
const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : null;
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'Missing bearer token' });
|
|
}
|
|
|
|
try {
|
|
req.user = jwt.verify(token, JWT_SECRET);
|
|
return next();
|
|
} catch (error) {
|
|
return res.status(401).json({ error: 'Invalid token' });
|
|
}
|
|
}
|
|
|
|
app.get('/api/orders', authenticate, (req, res) => {
|
|
res.setHeader('X-Served-By', 'orders-api');
|
|
return res.json([
|
|
{ id: 1, item: 'Knjiga: Mikroservisi', amount: 25 },
|
|
{ id: 2, item: 'Knjiga: API Security', amount: 30 }
|
|
]);
|
|
});
|
|
|
|
app.listen(3002, () => {
|
|
console.log('orders-api na portu 3002');
|
|
});
|