Authentication middleware — Layer 1 of 2.
Extracts the Bearer token from the Authorization header, verifies it, and fetches the corresponding user from the database. Attaches the full User record to req.user for downstream handlers.
Authorization
User
req.user
Calls next(Unauthorized(...)) if:
next(Unauthorized(...))
router.get('/profile', requireAuth, (req: AuthRequest, res) => { Ok(res, { name: req.user!.name })}) Copy
router.get('/profile', requireAuth, (req: AuthRequest, res) => { Ok(res, { name: req.user!.name })})
Authentication middleware — Layer 1 of 2.
Extracts the Bearer token from the
Authorizationheader, verifies it, and fetches the corresponding user from the database. Attaches the fullUserrecord toreq.userfor downstream handlers.Calls
next(Unauthorized(...))if:Authorizationheader is missing or malformed